JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.248.207.139

197.248.207.139 was found in our database!

This IP was reported 6,491 times. Confidence of Abuse is 100%: ?

100%

ISP	Safaricom Limited
Usage Type	Fixed Line ISP
ASN	AS37061
Hostname(s)	197-248-207-139.safaricombusiness.co.ke
Domain Name	safaricom.co.ke
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.248.207.139

Whois 197.248.207.139

IP Abuse Reports for 197.248.207.139:

This IP address has been reported a total of 6,491 times from 1,301 distinct sources. 197.248.207.139 was first reported on March 12th 2024, and the most recent report was 9 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 sid3windr	2026-06-03 04:57:19 (20 hours ago)	2026-06-03T06:53:14.759938+02:00 magic sshd-session[3458948]: pam_unix(sshd:auth): authentication fa ... show more 2026-06-03T06:53:14.759938+02:00 magic sshd-session[3458948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 2026-06-03T06:53:17.530126+02:00 magic sshd-session[3458948]: Failed password for invalid user apollo from 197.248.207.139 port 4661 ssh2 2026-06-03T06:57:17.933064+02:00 magic sshd-session[3460098]: Invalid user test_user from 197.248.207.139 port 33656 show less	Brute-Force SSH
🇭🇺 kranem	2026-06-03 03:48:08 (21 hours ago)	2026-06-03T05:46:02.688469+02:00 CORE-0 sshd[1384749]: pam_unix(sshd:auth): authentication failure; ... show more 2026-06-03T05:46:02.688469+02:00 CORE-0 sshd[1384749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 user=root 2026-06-03T05:46:04.798656+02:00 CORE-0 sshd[1384749]: Failed password for root from 197.248.207.139 port 54174 ssh2 2026-06-03T05:46:05.021865+02:00 CORE-0 sshd[1384749]: Disconnected from authenticating user root 197.248.207.139 port 54174 [preauth] 2026-06-03T05:48:05.440055+02:00 CORE-0 sshd[1455256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 user=root 2026-06-03T05:48:07.103687+02:00 CORE-0 sshd[1455256]: Failed password for root from 197.248.207.139 port 30986 ssh2 ... show less	Brute-Force SSH
🇮🇹 mediarama.com	2026-06-03 03:47:16 (21 hours ago)	Banned by Fail2Ban	Brute-Force SSH
🇺🇸 paradoxnetworks	2026-06-03 02:53:23 (22 hours ago)	Jun 3 02:43:47 elasticsearch sshd[1692911]: Invalid user pmo from 197.248.207.139 port 60248 Jun 3 ... show more Jun 3 02:43:47 elasticsearch sshd[1692911]: Invalid user pmo from 197.248.207.139 port 60248 Jun 3 02:51:19 elasticsearch sshd[1692920]: Invalid user jxpt from 197.248.207.139 port 65092 Jun 3 02:53:23 elasticsearch sshd[1692924]: Invalid user dts from 197.248.207.139 port 57639 ... show less	Brute-Force SSH
🇩🇪 LRob.fr	2026-06-03 02:15:04 (22 hours ago)	SSH abuse or brute-force attack detected by Fail2Ban in ssh jail	Brute-Force SSH
🇺🇸 COMPLEX	2026-06-03 02:00:03 (23 hours ago)	Banned by Multi Agent · node …ce3f · attempts=5 · SSH brute-force / scan	Brute-Force SSH
🇯🇵 kipfel★	2026-06-03 01:59:26 (23 hours ago)	2026-06-03T10:48:45.904485+09:00 lw-vm-v1-nrt sshd[3669494]: pam_unix(sshd:auth): authentication fai ... show more 2026-06-03T10:48:45.904485+09:00 lw-vm-v1-nrt sshd[3669494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 2026-06-03T10:48:47.624793+09:00 lw-vm-v1-nrt sshd[3669494]: Failed password for invalid user sunil from 197.248.207.139 port 19401 ssh2 2026-06-03T10:59:26.322638+09:00 lw-vm-v1-nrt sshd[3673261]: Invalid user rr from 197.248.207.139 port 11067 ... show less	Brute-Force SSH
🇺🇸 oralunal	2026-06-03 01:54:40 (23 hours ago)	IP banned by Fail2Ban in jail sshd auth.log ah-app-1 ...	SSH
🇩🇪 www.fransveldman.world	2026-06-03 01:27:21 (23 hours ago)	2026-06-03T01:21:09.498359+00:00 ubuntu sshd[2521023]: Invalid user salman from 197.248.207.139 port ... show more 2026-06-03T01:21:09.498359+00:00 ubuntu sshd[2521023]: Invalid user salman from 197.248.207.139 port 61732 2026-06-03T01:27:21.109117+00:00 ubuntu sshd[2521141]: Invalid user monitoring from 197.248.207.139 port 4057 ... show less	Brute-Force SSH
🇸🇬 sh97	2026-06-03 01:23:50 (23 hours ago)	rooted: SSH Brute Force from 197.248.207.139 at 2026-06-03 06:53:50 IST	Brute-Force SSH
🇩🇪 NxtGenIT	2026-06-03 01:21:20 (23 hours ago)	Cowrie Honeypot hit, Event Type: cowrie.command.input, Command: CMD: cd ~; chattr -ia .ssh; lockr -i ... show more Cowrie Honeypot hit, Event Type: cowrie.command.input, Command: CMD: cd ~; chattr -ia .ssh; lockr -ia .ssh show less	Brute-Force
🇩🇪 ipcop.net	2026-06-03 00:58:28 (1 day ago)	Malicious activity detected from 197.248.207.139.	Brute-Force
🇩🇪 markawes	2026-06-03 00:50:36 (1 day ago)	[CDN] Auto banned by Fail2Ban. Reason: SSH brute force / repeated failed login attempts. Evidence: ... show more [CDN] Auto banned by Fail2Ban. Reason: SSH brute force / repeated failed login attempts. Evidence: Jun 3 01:48:22 cdn sshd[490951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 Jun 3 01:48:25 cdn sshd[490951]: Failed password for invalid user tym from 197.248.207.139 port 23712 ssh2 Jun 3 01:50:25 cdn sshd[491066]: Invalid user rishabh from 197.248.207.139 port 9585 Jun 3 01:50:25 cdn sshd[491066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 Jun 3 01:50:27 cdn sshd[491066]: Failed password for invalid user rishabh from 197.248.207.139 port 9585 ssh2 show less	Brute-Force SSH
🇺🇸 Tect.host	2026-06-03 00:50:24 (1 day ago)	Brute-force SSH server detected by Fail2ban	Brute-Force SSH
🇩🇪 www.fransveldman.world	2026-06-03 00:49:23 (1 day ago)	2026-06-03T00:47:16.320606+00:00 ubuntu sshd[2520742]: Invalid user tym from 197.248.207.139 port 35 ... show more 2026-06-03T00:47:16.320606+00:00 ubuntu sshd[2520742]: Invalid user tym from 197.248.207.139 port 35507 2026-06-03T00:49:22.909079+00:00 ubuntu sshd[2520771]: Invalid user rishabh from 197.248.207.139 port 12230 ... show less	Brute-Force SSH

Showing 46 to 60 of 6491 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 84.46.247.185

🇩🇴 45.172.152.74

🇹🇼 221.120.77.34

🇹🇭 117.121.214.50

🇨🇳 111.228.36.44

🇨🇳 61.136.246.87

🇺🇸 38.148.249.2

🇺🇸 24.197.29.113

🇺🇸 18.217.187.82

🇳🇱 212.8.251.106

🇻🇪 201.249.192.30

🇳🇮 190.212.210.126

🇺🇸 172.234.195.116

🇺🇸 162.216.150.16

🇰🇷 118.37.214.187

🇧🇼 41.223.73.183

🇬🇧 35.203.211.233

🇸🇪 213.66.145.107

🇮🇩 202.138.252.58

🇵🇰 182.190.220.126