Kenya (KE) Threat Intelligence

Kenya has 5,021 malicious IP addresses with 373,445 abuse reports. Top threat categories include ssh bruteforce, generic bruteforce, rdp bruteforce, web attack. Top attacking networks: Liquid Telecommunications Ltd (1,149 IPs), CKL1-ASN (554 IPs), SAFARICOM-LIMITED (523 IPs). Data collected since 2022-12-10, last activity 2026-04-16.

Threat Assessment: Kenya exhibits moderate cyber threat activity, with a notable number of malicious IPs across multiple attack categories. The dominant attack types are ssh bruteforce, generic bruteforce, rdp bruteforce. The majority of threats originate from networks operated by Liquid Telecommunications Ltd and CKL1-ASN.

Total Reports

373,445

Unique IPs

5,021

First Seen

2022-12-10

Last Activity

2026-04-16

Top Threat Categories

Ssh Bruteforce 162

Generic Bruteforce 29

Rdp Bruteforce 29

Web Attack 2

Top Attacking Networks

AS30844 Liquid Telecommunications Ltd

1,149 IPs

AS36926 CKL1-ASN

554 IPs

AS33771 SAFARICOM-LIMITED

523 IPs

Most Reported IPs in Kenya

197.248.8.33 257 reports

105.27.148.94 252 reports

41.90.100.147 239 reports

197.248.104.19 228 reports

41.203.213.8 224 reports

Access this data via API

Get Kenya threat intelligence programmatically.

curl https://ip.wayscloud.services/api/country/KE

View full API documentation

See how we classify and verify threats →

Check any IP from Kenya

Look up threat intelligence for a specific IP address.

Related: Country Threat Ranking Country Risk Trends → Top Malicious IPs → AS30844 Intelligence AS36926 Intelligence AS33771 Intelligence Global Attack Trends Detect Malicious Traffic

Loading threat intelligence data...

Kenya (KE) Threat Intelligence

Top Threat Categories

Top Attacking Networks

Most Reported IPs in Kenya

Access this data via API

Check any IP from Kenya

Country Threat Intelligence Summary: Kenya

AI Threat Analysis

Activity Trend

Attack Categories

Severity Distribution

Top Attacking IPs