IP Address

196.219.54.141

IPv4 Public
EG EG
AS8452
TE Data
238 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
92% Confidence
238 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
EG
EG Location
TE Data ASN 8452
238 Reports
Honeypot Data Source

High Risk

IP 196.219.54.141 is a high-risk address originating from Egypt (AS8452 / TE Data) that has been flagged 238 times by automated honeypot sensors, with a threat level rating of 8 out of 10 and a confidence score of 92 percent, indicating that this IP poses a significant and verified danger to exposed network infrastructure.

The activity profile for this address shows an 8 out of 10 frequency rating, with recent reports clustering entirely within April 2026, suggesting sustained rather than opportunistic malicious behavior. The dominant threat categories include Port Scan activity accounting for the majority of recent reports, supplemented by Hacking-related incidents. All 238 reports were generated through automated honeypot sensors distributed across multiple monitoring points, and the attack-pattern data reveals consistent probing of CiscoASA firewall infrastructure, including stream reassembly anomalies and spurious retransmissions that indicate active reconnaissance against perimeter security devices.

Port scanning activity such as this represents the initial reconnaissance phase of a potential intrusion sequence, where an attacker systematically probes network defenses to map exposed services and identify potential entry points. The CiscoASA-specific targeting observed in the attack patterns suggests the operator may be seeking to exploit known vulnerabilities in Cisco firewall products or gather intelligence for a more targeted follow-up attack. The stream reassembly anomalies further indicate sophisticated packet-crafting techniques designed to evade detection or stress-test stateful inspection capabilities.

Network defenders should implement immediate defensive measures including firewall rules to block or rate-limit traffic from this address, implementation of fail2ban or similar dynamic blocking tools to automate response to repeated scanning activity, strict egress filtering to limit lateral movement capabilities, and continuous monitoring of CiscoASA logs for any correlated exploitation attempts. Organizations running CiscoASA appliances should ensure they are running current firmware versions with known patches applied to reduce vulnerability exposure from targeted reconnaissance.

More threatening than 81% of monitored IPs

Threat Categories

Port Scan 30
Hacking 10

Technical Details

Port scanning identifies open services and potential attack vectors on target systems as reconnaissance for attacks.

Recommended Mitigations

Minimize exposed services, implement firewall rules, and monitor for scanning patterns.

Reputable Network

This IP is hosted on a network (ASN 8452) with generally good reputation. The ISP TE Data maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 77% Verified

Confidence History

27. Apr 2026 - 29. Apr 2026
92% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Hacking Port Scan Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Hacking Port Scan Honeypot x2 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Honeypot 75%
Port Scan Hacking Honeypot x2 75%
Port Scan Honeypot 75%
10 of 238 shown

Technical Details

Basic Information

IP Address
196.219.54.141
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class C

Geolocation

Country
EG EG
ASN
AS8452
ISP
TE Data

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
238
First Reported
23 Apr 2026
Last Reported
29 Apr 2026, 13:06

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS8452
TE Data
EG EG

Network Threat Assessment

2/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

436
Total IPs Monitored
2,650
Total Reports
6.1
Reports per IP

Network Context

This IP address belongs to TE Data (AS8452), which manages 436 IP addresses in our monitoring system. Out of these, 2,650 have been reported for suspicious activities, resulting in a network-wide threat level of 2/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

81 %

Global Threat Ranking

This IP is more threatening than 81% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,472 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 238 avg: 23 ++

Network Comparison

Compared against 787 IPs in ASN 8452

Threat Level 8/10 network avg: 4.6 ++
Total Reports 238 network avg: 4 ++
Network TE Data has overall threat level 2/10

Geographic Comparison

Compared against 1,159 IPs in EG

Threat Level 8/10 country avg: 4.8 ++
Total Reports 238 country avg: 5 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,140 threat incidents tracked globally • Last 24h: 19,043 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,446 20.5%
  2. 02
    IN
    India IN
    29,023 15.5%
  3. 03
    CN
    China CN
    26,021 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,142 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,539 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,654 2.5%
  10. 10
    NL
    Netherlands NL
    4,356 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
9.7/10 Avg Threat
84% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
196.218.222.18 10/10
Confidence 98%
Reports 19
Location EG EG
21 May 2026
41.33.91.226 10/10
Confidence 97%
Reports 98
Location EG EG
9 Jun 2026
197.44.15.210 8/10
Confidence 97%
Reports 42
Location EG EG
6 Jun 2026
41.32.25.178 10/10
Confidence 94%
Reports 135
Location EG EG
11 Jan 2026
41.38.96.28 10/10
Confidence 94%
Reports 70
Location EG EG
10 May 2026
156.204.71.130 10/10
Confidence 94%
Reports 52
Location EG EG
26 Dec 2025
156.204.68.7 10/10
Confidence 94%
Reports 28
Location EG EG
26 Dec 2025
197.44.230.50 10/10
Confidence 94%
Reports 22
Location EG EG
20 Jan 2026
41.38.203.243 10/10
Confidence 89%
Reports 20
Location EG EG
10 Feb 2026
41.38.141.133 10/10
Confidence 88%
Reports 15
Location EG EG
26 Apr 2026
41.33.121.42 8/10
Confidence 86%
Reports 26
Location EG EG
4 Jun 2026
196.219.0.170 10/10
Confidence 80%
Reports 46
Location EG EG
6 Jun 2026
81.10.30.144 10/10
Confidence 79%
Reports 10
Location EG EG
7 Jun 2026
41.32.188.4 10/10
Confidence 77%
Reports 130
Location EG EG
21 Jan 2026
41.32.224.10 10/10
Confidence 71%
Reports 16
Location EG EG
23 May 2026
41.46.128.234 8/10
Confidence 71%
Reports 14
Location EG EG
4 Jun 2026
156.207.191.212 10/10
Confidence 70%
Reports 46
Location EG EG
10 Nov 2025
196.202.80.89 10/10
Confidence 70%
Reports 36
Location EG EG
10 Nov 2025
41.33.199.13 10/10
Confidence 68%
Reports 48
Location EG EG
1 Jun 2026
197.63.209.215 10/10
Confidence 68%
Reports 8
Location EG EG
21 Jan 2026

IPs from the same country with similar threat profiles.

15 Related IPs
9.7/10 Avg Threat
95% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
196.218.222.18 10/10
Confidence 98%
Reports 19
ISP TE Data
21 May 2026
41.33.91.226 10/10
Confidence 97%
Reports 98
ISP TE Data
9 Jun 2026
197.44.15.210 8/10
Confidence 97%
Reports 42
ISP TE Data
6 Jun 2026
41.128.181.199 10/10
Confidence 95%
Reports 116
ISP LINKdotNET
6 Jun 2026
62.193.106.227 10/10
Confidence 95%
Reports 115
ISP Etisalat Misr
20 May 2026
45.246.76.124 8/10
Confidence 95%
Reports 13
ISP LINKdotNET
24 Feb 2026
41.32.25.178 10/10
Confidence 94%
Reports 135
ISP TE Data
11 Jan 2026
197.199.224.52 10/10
Confidence 94%
Reports 132
ISP Etisalat Misr
9 Jun 2026
41.38.96.28 10/10
Confidence 94%
Reports 70
ISP TE Data
10 May 2026
196.131.184.18 10/10
Confidence 94%
Reports 69
ISP RAYA Telecom - ...
30 Dec 2025
102.191.231.103 10/10
Confidence 94%
Reports 66
ISP RAYA Telecom - ...
26 Dec 2025
156.204.71.130 10/10
Confidence 94%
Reports 52
ISP TE Data
26 Dec 2025
156.204.68.7 10/10
Confidence 94%
Reports 28
ISP TE Data
26 Dec 2025
196.221.207.125 10/10
Confidence 94%
Reports 28
ISP RAYA Telecom - ...
17 May 2026
197.44.230.50 10/10
Confidence 94%
Reports 22
ISP TE Data
20 Jan 2026

IPs with similar threat level and confidence scores.

15 Related IPs
8.8/10 Avg Threat
92% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
85.215.239.226 10/10
Confidence 92%
Reports 4,268
Location DE DE
28 Apr 2026
176.65.149.27 10/10
Confidence 92%
Reports 3,993
Location NL NL
8 Jun 2026
51.159.110.167 10/10
Confidence 92%
Reports 1,519
Location FR FR
9 Jun 2026
31.70.66.9 8/10
Confidence 92%
Reports 708
Location DE DE
8 Jun 2026
5.39.101.60 8/10
Confidence 92%
Reports 661
Location FR FR
9 Jun 2026
207.90.244.12 10/10
Confidence 92%
Reports 543
Location US US
9 Jun 2026
167.94.146.50 8/10
Confidence 92%
Reports 468
Location US US
9 Jun 2026
87.106.98.147 8/10
Confidence 92%
Reports 455
Location DE DE
24 May 2026
87.106.223.228 8/10
Confidence 92%
Reports 434
Location DE DE
24 May 2026
172.245.112.205 10/10
Confidence 92%
Reports 427
Location US US
9 Jun 2026
217.160.24.45 8/10
Confidence 92%
Reports 422
Location DE DE
24 May 2026
185.242.226.104 10/10
Confidence 92%
Reports 417
Location US US
9 Jun 2026
87.106.78.3 8/10
Confidence 92%
Reports 417
Location DE DE
24 May 2026
185.132.46.108 8/10
Confidence 92%
Reports 410
Location DE DE
24 May 2026
87.106.189.67 8/10
Confidence 92%
Reports 409
Location DE DE
25 May 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "196.219.54.141",
    "threat_level": 8,
    "confidence_score": 92,
    "total_reports": 238,
    "country_code": "EG",
    "isp_name": "TE Data",
    "asn": "8452",
    "first_reported": "2026-04-23 14:02:05",
    "last_reported": "2026-04-29 13:06:43",
    "exported_at": "2026-06-09T08:54:17+02:00",
    "source": "https://reportedip.de/ip/196.219.54.141/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses