This IP address has been reported a total of
266
times from
176 distinct
sources.
148.222.199.193 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
This IP was detected by CrowdSec triggering custom/vpatch-block-old-chrome. WAF block: custom/vpatch ...
show moreThis IP was detected by CrowdSec triggering custom/vpatch-block-old-chrome. WAF block: custom/vpatch-block-old-chrome from 148.222.199.193 (172.18.0.5)
show less
148.222.199.193 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scal ...
show more148.222.199.193 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale industrial operation attempting unrelenting brute-force login attempts for months on end - between all CIDR ranges in the botnet, our servers receive over 800 authentication attempts per minute on smtp, imap and relative mail ports, as well as ssh, and other protocols.
IP INFO:
- IP 148.222.199.193
- Anycast false
- City N/A
- Region N/A
- Region Code N/A
- Country N/A (N/A)
- Continent N/A (N/A)
- Range N/A
- Provider N/A
- Organisation N/A
- Proxy N/A
- Type N/A
show less
Fail2Ban sshd: repeated SSH login failures (possible brute-force) detected by automated security too ...
show moreFail2Ban sshd: repeated SSH login failures (possible brute-force) detected by automated security tooling. Technical log details and local server identifiers intentionally omitted for privacy.
show less
Fail2Ban sshd: repeated SSH login failures (possible brute-force) detected by automated security too ...
show moreFail2Ban sshd: repeated SSH login failures (possible brute-force) detected by automated security tooling. Technical log details and local server identifiers intentionally omitted for privacy.
show less
Fail2Ban sshd: repeated SSH login failures (possible brute-force) detected by automated security too ...
show moreFail2Ban sshd: repeated SSH login failures (possible brute-force) detected by automated security tooling. Technical log details and local server identifiers intentionally omitted for privacy.
show less
148.222.199.193 (CO/Colombia/customer.bgtacol1.isp.starlink.com), 5 distributed sshd attacks on acco ...
show more148.222.199.193 (CO/Colombia/customer.bgtacol1.isp.starlink.com), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 4 02:55:13 14827 sshd[8423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.222.199.193 user=root
Jun 4 02:55:14 14827 sshd[8423]: Failed password for root from 148.222.199.193 port 38494 ssh2
Jun 4 02:54:44 14827 sshd[8051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.13.207.26 user=root
Jun 4 02:54:46 14827 sshd[8051]: Failed password for root from 103.13.207.26 port 33034 ssh2
Jun 4 02:57:17 14827 sshd[9536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.222.199.193 user=root
IP Addresses Blocked:
show less
Brute-Force
SSH
Anonymous
2026-06-04T09:54:12.387472 localhost.localdomain sshd-session[4056082]: Failed password for root fro ...
show more2026-06-04T09:54:12.387472 localhost.localdomain sshd-session[4056082]: Failed password for root from 148.222.199.193 port 46366 ssh2
2026-06-04T09:54:12.860462 localhost.localdomain sshd-session[4056082]: Disconnected from authenticating user root 148.222.199.193 port 46366 [preauth]
...
show less
2026-06-04T08:24:08.913107+02:00 sfdx sshd[17621]: Invalid user user1 from 148.222.199.193 port 5214 ...
show more2026-06-04T08:24:08.913107+02:00 sfdx sshd[17621]: Invalid user user1 from 148.222.199.193 port 52141
2026-06-04T08:24:09.120283+02:00 sfdx sshd[17621]: Disconnected from invalid user user1 148.222.199.193 port 52141 [preauth]
...
show less