Extreme Threat
IP 195.3.222.218 is a high-risk address originating from Poland with a critical threat rating of 10/10, linked to 780 abuse reports across automated honeypot sensors. With a confidence score of 94% and activity frequency rated 8/10, this IP presents a severe and ongoing risk to exposed network services.
The IP is registered to MEVSPACE sp. z o.o. operating AS201814 in Poland. Detection occurred through 20 separate automated honeypot sources during January 2026, with the majority of recent reports categorizing activity as Hacking (19 incidents) alongside a single Exploited Host report (1 incident). The extremely high report volume relative to the short detection window indicates sustained, automated scanning behaviour rather than isolated probing.
Hacking activity encompasses intrusion attempts, vulnerability exploitation and unauthorized access attempts against exposed services. The prevalence of such behaviour from this address suggests an active scanning or exploitation campaign, potentially scanning for unpatched services or misconfigured systems. The accompanying Exploited Host classification raises the possibility that this address may itself be compromised and operating under attacker control, amplifying the threat to any service it contacts. Organizations with exposed SSH, HTTP or other network services should treat contact from this IP as a confirmed hostile event.
Network defenders should block 195.3.222.218 at the firewall or network edge immediately. Implement fail2ban or equivalent log-based intrusion prevention to automatically ban repeat offenders. Enforce strong authentication on all exposed services, disable unused daemons and ensure operating systems and applications are patched against known vulnerabilities. Providers managing infrastructure within AS201814 should investigate whether this activity originates from a compromised subscriber node.
BG 
AZ 
RO 
FR 
SE 
TR