Is IP address 195.47.238.93 dangerous?

Yes, 195.47.238.93 is considered dangerous with a threat level of 8/10. It has been reported 181 times for malicious activities including . We recommend blocking this IP address.

Who owns or operates IP address 195.47.238.93?

IP address 195.47.238.93 is operated by No ACK Group Holding AB (ASN 30893) and is geolocated to SE. This information is derived from public WHOIS and geolocation databases.

Should I block IP address 195.47.238.93?

Yes, blocking 195.47.238.93 is strongly recommended. With a threat level of 8/10 and 181 security reports, this IP poses significant risk. Implement firewall rules to block incoming and outgoing traffic.

How accurate is this threat assessment for 195.47.238.93?

Our threat assessment for 195.47.238.93 has a confidence score of 91%, based on 181 independent reports from multiple independent sources. Higher confidence scores indicate more reliable assessments.

IP Address

195.47.238.93

IPv4 Public

AS30893

No ACK Group Holding AB

181 Reports

SE Location

No ACK Group Holding AB ASN 30893

181 Reports

Honeypot Data Source

Elevated Risk

IP 195.47.238.93 is a high-risk address operating from Swedish network infrastructure that has been flagged by automated honeypot sensors with 181 abuse reports and a threat level of 8 out of 10, indicating a consistent and dangerous pattern of intrusion activity. The IP demonstrates an activity frequency score of 8 out of 10, placing it among the most persistently active hostile sources currently monitored. The overwhelming majority of recent reports categorize the activity as general hacking attempts, including exploitation attempts and unauthorized access probes against exposed services.

Detection data collected between September 2025 and January 2026 shows sustained malicious behavior originating from this address, with all 20 recent reports attributing the activity to automated honeypot sensors rather than community reporting. The IP is registered to No ACK Group Holding AB and operates within AS30893, a Swedish autonomous system. With a confidence score of 91 percent, analysts can place substantial weight on the reliability of these findings. The geographic origin in Sweden does not indicate any reduced threat posture, as threat actors routinely route traffic through compromised infrastructure in well-connected regions to obscure their true point of origin.

Hacking activity of this nature represents an active intrusion threat to any exposed service listening on common ports. Such probes typically precede more targeted attacks, scanning for outdated software with known exploits, misconfigured authentication mechanisms, or weak credentials that can be brute-forced. Organizations with SSH, RDP, web interfaces, or database services exposed to the internet face the highest risk from this source. The volume and persistence of reports suggest this IP participates in automated attack campaigns that systematically sweep large portions of the internet seeking vulnerable entry points.

Site operators should treat this IP as a confirmed threat source and implement immediate blocking at the network perimeter firewall or intrusion prevention system. Deploying tools such as fail2ban or equivalent rate-limiting solutions can automatically ban IPs after repeated failed authentication attempts. All exposed services should enforce strong password policies, disable default credentials, and ensure software patches are current. Continuous monitoring of authentication logs for connections originating from this address will help identify any successful intrusion attempts that may require incident response procedures.

More threatening than 81% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Moderate Network Risk

The network hosting this IP (ASN 30893, operated by No ACK Group Holding AB) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Continue monitoring for emerging patterns.

Reputation Summary

Threat Level 8/10 High

Critical

Activity Frequency 8/10 High

Confidence Score 61% High Confidence

Confidence History

21. Jan 2026

91% Current

Stable Trend

Date	Categories	Source	Confidence
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%
21. Jan 2026	Hacking	Honeypot	75%

Basic Information

IP Address: 195.47.238.93
IP Version: IPv4
Network Type: Public
Tor Network: No
Network Class: Class C

Geolocation

Country: SE
ASN: AS30893
ISP: No ACK Group Holding AB

DNS Information

Reverse DNS: tor-11.no-ack.net
PTR Record: Yes
Connection Type: Static

Statistics

Total Reports: 181
First Reported: 10 Sep 2025
Last Reported: 21 Jan 2026, 02:51

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

ASN: AS30893

Organization: No ACK Group Holding AB

Country:

Network Threat Assessment

6/10

This network shows moderate threat levels with some malicious activity patterns.

Network Statistics

Total IPs Monitored

1,012

Total Reports

67.5

Reports per IP

Network Context

This IP address belongs to No ACK Group Holding AB (AS30893), which manages 15 IP addresses in our monitoring system. Out of these, 1,012 have been reported for suspicious activities, resulting in a network-wide threat level of 6/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

81 %

Global Threat Ranking

This IP is more threatening than 81% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,335 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++

Total Reports 181 avg: 23 ++

Network Comparison

Compared against 15 IPs in ASN 30893

Threat Level 8/10 network avg: 7.5 =

Total Reports 181 network avg: 67 ++

Network No ACK Group Holding AB has overall threat level 6/10

Geographic Comparison

Compared against 1,018 IPs in SE

Threat Level 8/10 country avg: 5.6 +

Total Reports 181 country avg: 19 ++

Daily report activity over the last 30 days showing patterns and peaks.

Peak Day 0 reports

Daily Average 0 reports/day

Most Active Thursday 122 reports

Evolution of threat level over time based on reported categories and frequency.

Initial Threat 6/10

Current Threat 6/10

Distribution of threat categories reported over time.

Top Threat Categories

Hacking 177

WP Login Brute Force 4

Brute-Force 4

Activity patterns showing when this IP is most active during the day and week.

Hourly Activity

Peak activity at 07:00 with 63 reports

Weekly Activity

Geographic Threat Distribution

187,017 threat incidents tracked globally • Last 24h: 18,967 Logs

FEED

Top Threat Sources

01

United States US

38,426 20.5%
02

India IN

28,977 15.5%
03

China CN

26,016 13.9%
04

Brazil BR

10,249 5.5%
05

Germany DE

7,139 3.8%
06

Singapore SG

6,475 3.5%
07

Indonesia ID

5,533 3%
08

Russia RU

4,701 2.5%
09

Pakistan PK

4,647 2.5%
10

Netherlands NL

4,355 2.3%

+40 more countries

THREAT LEVEL

LOW MED HIGH

IPs from the same Autonomous System (AS) network provider.

14 Related IPs

7.4/10 Avg Threat

46% Avg Confidence

12 High Threat

High-risk network: Majority of related IPs are flagged

Elevated Risk

Threat Categories

Technical Details

Recommended Mitigations

Moderate Network Risk

Security Recommendations

Basic Information

Geolocation

DNS Information

Statistics

Network Reputation

Network Identity

Network Threat Assessment

Network Statistics

Network Context

Global Threat Ranking

Top Threat Categories

Hourly Activity

Weekly Activity

FEED

Top Threat Sources

JSON Report

Firewall Rules

iptables / netfilter

UFW (Ubuntu)

Windows Firewall

Cloudflare

nginx

Apache .htaccess

PDF Report

Analyzed high-risk IP addresses

reportedIP

Parkstraße 19, 80339 München

Consultation

+49-89-215505888

Report a IP

[email protected]