Extreme Threat
IP 45.95.147.247 is a critical-risk address operating from the Netherlands under Alsycon B.V. (AS49870) that has accumulated 357 abuse reports, with hacking identified as the dominant threat category in recent detections by automated honeypot sensors. The IP received its first reports in August 2025 and continued generating alerts through September 2025, indicating sustained malicious activity over a two-month period.
Analysis of the available data reveals a concerning volume of community and sensor-reported abuse involving this address. All 20 of the most recent reports uniformly classify the activity as hacking attempts, suggesting a focused campaign rather than opportunistic scanning. While the reported activity frequency of 0/10 may indicate reduced engagement in recent observation windows, the sheer cumulative report count demonstrates persistent hostile intent. The Netherlands-based hosting provider Alsycon B.V. operates the AS49870 autonomous system from which these intrusion attempts originate, placing the IP within a commercial hosting environment that may be shared or purpose-rented for adversarial use.
Hacking activity in this context encompasses unauthorized access attempts, exploitation of vulnerable services, and intrusion vectors designed to compromise target systems. For organizations running exposed SSH, RDP, web applications, or database services, an IP with this reputation represents a direct pathway to credential compromise, data exfiltration, or backdoor deployment. The diversity implied by the broad "hacking" classification suggests defenders should not assume a single attack vector—multiple exploitation techniques may be in play simultaneously.
Organizations observing this IP in their logs should implement immediate blocking at the network perimeter firewall or web application firewall level. Rate-limiting authentication endpoints, particularly SSH and RDP services, combined with solutions such as fail2ban or CrowdSec, can automatically mitigate brute-force attempts. Enforcing multi-factor authentication on all remote access services, maintaining current system patches, and deploying intrusion detection monitoring will substantially reduce the risk of successful compromise should this address target your infrastructure.
SC 
UA 
HK 
BE 
PL