← Back to Dashboard

197.248.104.19 Threat Intelligence Report

Risk Level: CRITICAL — 280 abuse reports from 24 sources

Threat Intelligence Summary

IP address 197.248.104.19 has been flagged in 280 abuse reports across 24 independent threat intelligence sources, resulting in a threat score of 100.0/100 (critical risk). The primary activity associated with this IP is abuseipdb blacklist, along with aggregated threat, attacks, brute force, bruteforce, malware c2, reconnaissance, reputation low, scanning, severe abuse, ssh-bruteforce, ssh brute force, ssh bruteforce, voip attack, web attack, web brute force.

This IP is geolocated in Kenya (Nairobi) and belongs to the network Safaricom (AS37061). Reports span from 2023-12-13 to 2026-04-12.

Assessment: With 280 abuse reports, 197.248.104.19 shows persistent malicious activity that has been flagged by multiple threat intelligence feeds. The IP has been observed conducting automated SSH login attempts against internet-facing servers, a technique commonly used to gain unauthorized access to systems.

Data aggregated from 24 independent threat intelligence sources.

Geolocation

Country Kenya
City Nairobi
Region Nairobi County
ISP/ASN Safaricom
Timezone Africa/Nairobi

Threat Status

Overall Status Critical
Threat Score 100.0%
Report Count 280
Sources 24
First Seen 2023-12-13
Last Seen 2026-04-12
AI Analysis

Check IPs automatically with the WAYSCloud API

Free tier: 1,000 lookups/day. Get threat scores, geolocation, and abuse reports via REST API.

Explore the API →

See how we classify and verify threats →

Related Intelligence

Kenya Threat Intelligence → AS37061 Network Intelligence → See all top malicious IPs → View latest attacks →
Learn about these threats: