JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.248.207.139

197.248.207.139 was found in our database!

This IP was reported 6,506 times. Confidence of Abuse is 100%: ?

100%

ISP	Safaricom Limited
Usage Type	Fixed Line ISP
ASN	AS37061
Hostname(s)	197-248-207-139.safaricombusiness.co.ke
Domain Name	safaricom.co.ke
Country	🇰🇪 Kenya
City	Nairobi, Nairobi County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.248.207.139

Whois 197.248.207.139

IP Abuse Reports for 197.248.207.139:

This IP address has been reported a total of 6,506 times from 1,302 distinct sources. 197.248.207.139 was first reported on March 12th 2024, and the most recent report was 9 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 Parth Maniar	2026-06-02 11:24:49 (1 day ago)	This IP address carried out 88 port scanning attempts on 01-06-2026. For more information or to repo ... show more This IP address carried out 88 port scanning attempts on 01-06-2026. For more information or to report interesting / incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Port Scan SSH
Anonymous	2026-06-02 11:15:21 (1 day ago)	Jun 2 19:13:07 vm50 sshd[3901]: Connection from 197.248.207.139 port 35480 on 103.3.61.195 port 22 ... show more Jun 2 19:13:07 vm50 sshd[3901]: Connection from 197.248.207.139 port 35480 on 103.3.61.195 port 22 rdomain "" Jun 2 19:13:08 vm50 sshd[3901]: Invalid user martina from 197.248.207.139 port 35480 Jun 2 19:13:08 vm50 sshd[3901]: Disconnected from invalid user martina 197.248.207.139 port 35480 [preauth] Jun 2 19:15:19 vm50 sshd[3909]: Connection from 197.248.207.139 port 19037 on 103.3.61.195 port 22 rdomain "" Jun 2 19:15:20 vm50 sshd[3909]: Invalid user mt from 197.248.207.139 port 19037 ... show less	Brute-Force SSH
Anonymous	2026-06-02 10:57:34 (1 day ago)	Jun 2 18:55:22 vm50 sshd[3778]: Invalid user victor from 197.248.207.139 port 18843 Jun 2 18:55:22 ... show more Jun 2 18:55:22 vm50 sshd[3778]: Invalid user victor from 197.248.207.139 port 18843 Jun 2 18:55:22 vm50 sshd[3778]: Disconnected from invalid user victor 197.248.207.139 port 18843 [preauth] Jun 2 18:57:32 vm50 sshd[3800]: Connection from 197.248.207.139 port 53385 on 103.3.61.195 port 22 rdomain "" Jun 2 18:57:33 vm50 sshd[3800]: Invalid user zhou from 197.248.207.139 port 53385 Jun 2 18:57:33 vm50 sshd[3800]: Disconnected from invalid user zhou 197.248.207.139 port 53385 [preauth] ... show less	Brute-Force SSH
Anonymous	2026-06-02 10:41:50 (1 day ago)	Jun 2 18:39:46 vm50 sshd[3631]: Connection from 197.248.207.139 port 45408 on 103.3.61.195 port 22 ... show more Jun 2 18:39:46 vm50 sshd[3631]: Connection from 197.248.207.139 port 45408 on 103.3.61.195 port 22 rdomain "" Jun 2 18:39:47 vm50 sshd[3631]: Invalid user test from 197.248.207.139 port 45408 Jun 2 18:39:47 vm50 sshd[3631]: Disconnected from invalid user test 197.248.207.139 port 45408 [preauth] Jun 2 18:41:48 vm50 sshd[3668]: Connection from 197.248.207.139 port 54103 on 103.3.61.195 port 22 rdomain "" Jun 2 18:41:49 vm50 sshd[3668]: Invalid user john from 197.248.207.139 port 54103 ... show less	Brute-Force SSH
🇵🇱 Wepted	2026-06-02 10:40:45 (1 day ago)	2026-06-02T12:31:14.226943+02:00 axisverse sshd-session[319301]: Invalid user enigma from 197.248.20 ... show more 2026-06-02T12:31:14.226943+02:00 axisverse sshd-session[319301]: Invalid user enigma from 197.248.207.139 port 28561 2026-06-02T12:38:44.056881+02:00 axisverse sshd-session[332483]: Invalid user test from 197.248.207.139 port 9904 2026-06-02T12:40:44.472186+02:00 axisverse sshd-session[336133]: Invalid user john from 197.248.207.139 port 34906 ... show less	Brute-Force SSH
🇺🇸 ShadowWhisperer	2026-06-02 10:39:43 (1 day ago)	botnet node - cryptominer (outlaw/mdrfckr) [worm, crypto, infected, backdoor]	Brute-Force SSH Hacking Exploited Host
🇫🇷 kl1q54	2026-06-02 10:37:19 (1 day ago)	Invalid user enigma from 197.248.207.139 port 44891	Brute-Force SSH
🇫🇷 kl1q54	2026-06-02 10:37:19 (1 day ago)	Invalid user enigma from 197.248.207.139 port 44891	Brute-Force SSH
🇵🇱 Yachiyo Runami	2026-06-02 10:29:59 (1 day ago)	Port Scan on Honeypot \| Ports: 22/SSH \| Proto: TCP(1) \| Flags: all SYN \| TTL: 42 \| Len: 60B \| Win: 6 ... show more Port Scan on Honeypot \| Ports: 22/SSH \| Proto: TCP(1) \| Flags: all SYN \| TTL: 42 \| Len: 60B \| Win: 64240(1) \| rDNS: 197-248-207-139.safaricombusiness.co.ke \| F2B/ufw-honeypot@2026-06-02T10:29:59Z show less	Port Scan Hacking
🇳🇱 applemooz	2026-06-02 10:08:05 (1 day ago)	Jun 2 12:08:05 ns41 sshd[496991]: Invalid user sammy from 197.248.207.139 port 3449 Jun 2 12:08:05 ... show more Jun 2 12:08:05 ns41 sshd[496991]: Invalid user sammy from 197.248.207.139 port 3449 Jun 2 12:08:05 ns41 sshd[496991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 Jun 2 12:08:05 ns41 sshd[496991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 ... show less	Brute-Force SSH
🇯🇵 updown.io	2026-06-02 09:40:15 (1 day ago)	2026-06-02T09:38:28.509170+00:00 tok.updn.io sshd[2111738]: Invalid user username from 197.248.207.1 ... show more 2026-06-02T09:38:28.509170+00:00 tok.updn.io sshd[2111738]: Invalid user username from 197.248.207.139 port 12665 2026-06-02T09:38:28.513312+00:00 tok.updn.io sshd[2111738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 2026-06-02T09:38:30.717471+00:00 tok.updn.io sshd[2111738]: Failed password for invalid user username from 197.248.207.139 port 12665 ssh2 2026-06-02T09:40:12.643703+00:00 tok.updn.io sshd[2116502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 user=root 2026-06-02T09:40:14.460455+00:00 tok.updn.io sshd[2116502]: Failed password for root from 197.248.207.139 port 19723 ssh2 ... show less	Brute-Force SSH
🇳🇱 applemooz	2026-06-02 09:37:14 (1 day ago)	Jun 2 11:26:46 ns41 sshd[494058]: Invalid user mohammad from 197.248.207.139 port 32438 Jun 2 11:2 ... show more Jun 2 11:26:46 ns41 sshd[494058]: Invalid user mohammad from 197.248.207.139 port 32438 Jun 2 11:26:46 ns41 sshd[494058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 Jun 2 11:26:49 ns41 sshd[494058]: Failed password for invalid user mohammad from 197.248.207.139 port 32438 ssh2 Jun 2 11:37:12 ns41 sshd[494672]: Invalid user username from 197.248.207.139 port 49600 Jun 2 11:37:12 ns41 sshd[494672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 ... show less	Brute-Force SSH
🇺🇸 p0tatosmash3r	2026-06-02 08:55:26 (1 day ago)	Port Scan from 197.248.207.139	Port Scan SSH
🇩🇪 ipcop.net	2026-06-02 07:58:43 (1 day ago)	Jun 2 09:45:58 pkg-host01.packages.managed-infra.com sshd[91613]: Disconnected from invalid user re ... show more Jun 2 09:45:58 pkg-host01.packages.managed-infra.com sshd[91613]: Disconnected from invalid user remote 197.248.207.139 port 40705 [preauth] Jun 2 09:55:16 pkg-host01.packages.managed-infra.com sshd[91838]: Disconnected from authenticating user admin 197.248.207.139 port 51112 [preauth] Jun 2 09:57:01 pkg-host01.packages.managed-infra.com sshd[91889]: Disconnected from authenticating user root 197.248.207.139 port 32549 [preauth] Jun 2 09:58:43 pkg-host01.packages.managed-infra.com sshd[91978]: Invalid user duncan from 197.248.207.139 port 17233 Jun 2 09:58:43 pkg-host01.packages.managed-infra.com sshd[91978]: Disconnected from invalid user duncan 197.248.207.139 port 17233 [preauth] show less	Brute-Force
🇩🇪 AetherFox	2026-06-02 07:35:27 (1 day ago)	Jun 2 09:33:38 nexus-node-02 sshd[1400556]: pam_unix(sshd:auth): authentication failure; logname= u ... show more Jun 2 09:33:38 nexus-node-02 sshd[1400556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 Jun 2 09:33:41 nexus-node-02 sshd[1400556]: Failed password for invalid user oracle from 197.248.207.139 port 43033 ssh2 Jun 2 09:35:25 nexus-node-02 sshd[1400567]: Invalid user en from 197.248.207.139 port 11890 Jun 2 09:35:25 nexus-node-02 sshd[1400567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.207.139 Jun 2 09:35:26 nexus-node-02 sshd[1400567]: Failed password for invalid user en from 197.248.207.139 port 11890 ssh2 ... show less	Brute-Force SSH

Showing 121 to 135 of 6506 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.134

🇩🇪 167.94.145.27

🇩🇪 139.19.117.130

🇧🇷 138.94.69.30

🇺🇸 66.132.172.245

🇨🇳 61.53.72.75

🇩🇪 46.202.156.21

🇳🇱 45.156.87.254

🇺🇸 44.126.182.225

🇲🇼 41.75.114.30

🇺🇸 192.252.215.125

🇲🇽 186.96.145.241

🇳🇱 178.16.54.22

🇫🇮 147.185.133.255

🇺🇸 64.62.156.93

🇰🇷 59.24.133.197

🇺🇸 44.177.122.234

🇨🇳 42.122.152.26

🇧🇷 37.148.134.123

🇺🇸 35.223.121.113