JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.92.141.2

109.92.141.2 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 17%: ?

17%

ISP	TELEKOM SRBIJA
Usage Type	Fixed Line ISP
ASN	AS8400
Hostname(s)	109-92-141-2.dynamic.isp.telekom.rs
Domain Name	mts.rs
Country	🇷🇸 Serbia
City	Novi Beograd, Central Serbia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.92.141.2

Whois 109.92.141.2

IP Abuse Reports for 109.92.141.2:

This IP address has been reported a total of 26 times from 17 distinct sources. 109.92.141.2 was first reported on August 14th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 Fn4ticHz	2026-05-09 14:12:56 (3 weeks ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇺🇸 cheatmaster.store	2026-05-08 11:34:51 (3 weeks ago)	Proxy parsed from 109.92.141.2:999	Brute-Force SSH
🇮🇹 VHosting	2026-04-26 08:29:52 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇮🇹 VHosting	2026-04-10 05:17:21 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇩🇪 NoaQT	2026-04-05 22:09:56 (1 month ago)	109.92.141.2 - - [05/Apr/2026:17:33:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.news-news ... show more 109.92.141.2 - - [05/Apr/2026:17:33:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.news-news.org/search" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 109.92.141.2 - - [05/Apr/2026:17:35:17 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 109.92.141.2 - - [05/Apr/2026:17:40:59 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 109.92.141.2 - - [05/Apr/2026:17:42:39 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.google.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 109.92.141.2 - - [05/Apr/2026:17:49:09 +0200] "GET /web/login HTTP/1.1" 499 0 "https://blog.elite84.info/home" "Mozilla/5.0 (Win ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 15:42:40 (1 month ago)	109.92.141.2 - - [05/Apr/2026:17:33:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.news-news ... show more 109.92.141.2 - - [05/Apr/2026:17:33:26 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.news-news.org/search" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 109.92.141.2 - - [05/Apr/2026:17:35:17 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 109.92.141.2 - - [05/Apr/2026:17:35:17 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.twitter.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 109.92.141.2 - - [05/Apr/2026:17:40:59 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 109.92.141.2 - - [05/Apr/2026:17:40:59 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 1 ... show less	DDoS Attack
🇫🇷 dynamix	2025-10-30 11:29:53 (7 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 SuperEvilLuke	2025-10-07 23:55:31 (7 months ago)	Malicious activity detected from 8400 TELEKOM-AS towards host dash.embotic.xyz (GET HTTP/1.1) @ 2025 ... show more Malicious activity detected from 8400 TELEKOM-AS towards host dash.embotic.xyz (GET HTTP/1.1) @ 2025-10-07T23:55:31Z (4 occurrences) show less	DDoS Attack Exploited Host
🇺🇸 Audir8 \| RRHosting	2025-10-05 20:50:15 (7 months ago)	2025-10-05T20:47:55.544777rrhostingusa wings[2058776]: 2025/10/05 20:47:54 http: TLS handshake error ... show more 2025-10-05T20:47:55.544777rrhostingusa wings[2058776]: 2025/10/05 20:47:54 http: TLS handshake error from 109.92.141.2:60959: EOF 2025-10-05T20:48:10.751099rrhostingusa wings[2058776]: 2025/10/05 20:48:10 http: TLS handshake error from 109.92.141.2:32823: EOF 2025-10-05T20:48:21.053871rrhostingusa wings[2058776]: 2025/10/05 20:48:20 http: TLS handshake error from 109.92.141.2:32943: EOF ... show less	Web App Attack
🇺🇸 skycodee	2025-10-05 12:49:10 (7 months ago)	Repeated TLS handshake abuse against Pterodactyl Wings (port 8080)	DDoS Attack
🇬🇧 Silly Development	2025-09-29 20:52:20 (8 months ago)	Malicious activity detected from 8400 TELEKOM-AS towards host sillydev.co.uk (GET HTTP/2) @ 2025-09- ... show more Malicious activity detected from 8400 TELEKOM-AS towards host sillydev.co.uk (GET HTTP/2) @ 2025-09-29T20:52:20Z (2 occurrences) show less	DDoS Attack Exploited Host
🇩🇪 1gz	2025-09-24 15:00:36 (8 months ago)	Triggered Cloudflare WAF (firewallManaged) from RS. Action taken: BLOCK Protocol: HTTP/2 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from RS. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 shabi	2025-09-15 12:31:59 (8 months ago)	IP: 109.92.141.2 [Country: RS] triggered WAF (l7ddos). Action: managed_challenge ASN: 8400 (TELEKOM- ... show more IP: 109.92.141.2 [Country: RS] triggered WAF (l7ddos). Action: managed_challenge ASN: 8400 (TELEKOM-AS) Protocol: HTTP/2 (method GET) Endpoint: / Time: 2025-09-15T10:18:22Z User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 --- Report generated by CFWAF2AbuseIPDB. show less	DDoS Attack Web Spam Web App Attack
🇪🇸 cuscusero (FlexBacks, FlexChar, FlexAve, FlexCDNM, FlexTudy, ColdHosting SL)	2025-09-10 12:47:09 (8 months ago)	[CPD ESP-BCN02-FW11-394] Suspicious connection detected on port 8080. DDoS detected	DDoS Attack Port Scan Brute-Force
🇰🇷 PROJECT ELIV	2025-09-09 16:28:38 (8 months ago)	ELIV CDN - DDoS attack detected for mirror.eliv.digital	DDoS Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.217

🇺🇸 198.199.106.159

🇸🇬 140.245.121.52

🇹🇭 117.121.214.50

🇮🇹 93.92.77.133

🇵🇰 72.255.8.93

🇸🇬 103.187.146.90

🇻🇪 82.86.119.77

🇨🇦 38.49.217.60

🇬🇧 35.203.210.236

🇹🇼 34.80.84.68

🇺🇸 20.62.204.16

🇰🇷 14.38.177.105

🇧🇷 186.239.41.74

🇯🇵 133.175.162.102

🇷🇴 2.57.121.112

🇮🇳 182.78.107.6

🇷🇴 80.94.92.168

🇳🇱 45.148.10.183

🇳🇱 45.148.10.152