IP Address

195.47.238.87

IPv4 Public
SE SE
AS30893
No ACK Group Holding AB
302 Reports
This IP is under Observation Suspicious activity detected - monitor closely
8/10 Threat
66% Confidence
302 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
SE
SE Location
No ACK Group Holding AB ASN 30893
302 Reports
Honeypot Data Source

Significant Threat

IP 195.47.238.87 is a high-risk address with a threat level of 8/10 that has accumulated 302 abuse reports since September 2025, predominantly linked to automated hacking intrusion attempts detected by honeypot sensors in Sweden.

The IP originates from a Swedish network operated by No ACK Group Holding AB (ASN AS30893) and has been monitored since September 2025, with the most recent activity logged in October 2025. Despite the relatively low current activity frequency of 0/10, the historical report volume of 302 total submissions — all attributed to automated honeypot detections of hacking activity — underscores a persistent threat profile. The confidence score of 66% reflects that while the pattern is well-established, some uncertainty remains in attributing all activity exclusively to this single source. The geographic origin in Sweden places this address within European network infrastructure, and the exclusively honeypot-sourced reports indicate that probes and intrusion attempts have been systematically documented by defensive sensor systems rather than arising from false positives in production environments.

The dominant hacking classification encompasses a broad spectrum of unauthorized access attempts, vulnerability exploitation and intrusion activity. For any exposed service — particularly remote administration interfaces, web applications or network endpoints — this IP represents an active probing threat. The automated nature of the attacks means exposure can result in rapid, repeated attempts to identify weak configurations or unpatched software, increasing the probability of successful compromise if defensive layers are absent or insufficient.

Site operators should treat this IP as hostile and implement immediate mitigations: block or rate-limit access at the firewall level, enforce strong authentication mechanisms such as key-based SSH access, and deploy intrusion detection rules capable of flagging the attack patterns associated with automated reconnaissance tools. Regular patching cycles and monitoring of authentication logs for repeated failed attempts from this address will further reduce risk exposure.

More threatening than 79% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Moderate Network Risk

The network hosting this IP (ASN 30893, operated by No ACK Group Holding AB) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 0/10 Inactive
Confidence Score 61% High Confidence

Confidence History

9. Oct 2025
66% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 302 shown

Technical Details

Basic Information

IP Address
195.47.238.87
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class C

Geolocation

Country
SE SE
ASN
AS30893
ISP
No ACK Group Holding AB

DNS Information

Reverse DNS
tor-5.no-ack.net
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
302
First Reported
10 Sep 2025
Last Reported
9 Oct 2025, 13:51

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS30893
No ACK Group Holding AB
SE SE

Network Threat Assessment

6/10
This network shows moderate threat levels with some malicious activity patterns.

Network Statistics

15
Total IPs Monitored
1,012
Total Reports
67.5
Reports per IP

Network Context

This IP address belongs to No ACK Group Holding AB (AS30893), which manages 15 IP addresses in our monitoring system. Out of these, 1,012 have been reported for suspicious activities, resulting in a network-wide threat level of 6/10.

Network warning: This network has elevated threat levels. Exercise caution when interacting with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

79 %

Global Threat Ranking

This IP is more threatening than 79% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,386 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 302 avg: 23 ++

Network Comparison

Compared against 15 IPs in ASN 30893

Threat Level 8/10 network avg: 7.5 =
Total Reports 302 network avg: 67 ++
Network No ACK Group Holding AB has overall threat level 6/10

Geographic Comparison

Compared against 1,018 IPs in SE

Threat Level 8/10 country avg: 5.6 +
Total Reports 302 country avg: 19 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,137 threat incidents tracked globally • Last 24h: 19,005 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,445 20.5%
  2. 02
    IN
    India IN
    29,023 15.5%
  3. 03
    CN
    China CN
    26,021 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,141 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,538 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,654 2.5%
  10. 10
    NL
    Netherlands NL
    4,356 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

13 Related IPs
7.5/10 Avg Threat
50% Avg Confidence
11 High Threat
High-risk network: Majority of related IPs are flagged
195.47.238.177 10/10
Confidence 96%
Reports 131
Location SE SE
21 Jan 2026
195.47.238.91 8/10
Confidence 96%
Reports 77
Location SE SE
21 Jan 2026
195.47.238.93 8/10
Confidence 91%
Reports 181
Location SE SE
21 Jan 2026
195.47.238.82 10/10
Confidence 66%
Reports 186
Location SE SE
9 Oct 2025
195.47.238.88 8/10
Confidence 65%
Reports 64
Location SE SE
9 Oct 2025
195.47.238.178 10/10
Confidence 63%
Reports 26
Location SE SE
11 Mar 2026
195.47.238.176 8/10
Confidence 60%
Reports 16
Location SE SE
7 Mar 2026
195.47.238.83 8/10
Confidence 52%
Reports 11
Location SE SE
12 Feb 2026
195.47.238.50 0/10
Confidence 30%
Reports 1
Location SE SE
3 Mar 2026
195.47.238.89 7/10
Confidence 17%
Reports 1
Location SE SE
25 Aug 2025
195.47.238.86 7/10
Confidence 5%
Reports 5
Location SE SE
10 Sep 2025
195.47.238.92 7/10
Confidence 5%
Reports 4
Location SE SE
10 Sep 2025
195.47.238.90 6/10
Confidence 4%
Reports 2
Location SE SE
10 Sep 2025

IPs from the same country with similar threat profiles.

15 Related IPs
9.6/10 Avg Threat
98% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
192.109.200.101 8/10
Confidence 100%
Reports 266
ISP Pfcloud UG (haf...
9 Jun 2026
192.176.172.166 8/10
Confidence 100%
Reports 248
ISP Kepler Technolo...
1 Jun 2026
83.68.248.161 10/10
Confidence 100%
Reports 94
ISP Arkaden Konsult AB
8 Jun 2026
171.25.158.58 10/10
Confidence 100%
Reports 56
ISP Patrik Lagerman
9 Jun 2026
4.225.39.110 10/10
Confidence 100%
Reports 53
ISP Microsoft Corpo...
11 May 2026
192.109.200.237 10/10
Confidence 100%
Reports 35
ISP Pfcloud UG (haf...
18 May 2026
171.25.158.24 10/10
Confidence 99%
Reports 71
ISP Patrik Lagerman
9 Jun 2026
171.25.158.82 10/10
Confidence 99%
Reports 67
ISP Patrik Lagerman
7 Jun 2026
171.25.158.80 10/10
Confidence 99%
Reports 37
ISP Patrik Lagerman
4 Jun 2026
90.143.178.70 10/10
Confidence 97%
Reports 26
ISP Tele2 SWIPnet
2 Jun 2026
195.47.238.177 10/10
Confidence 96%
Reports 131
ISP No ACK Group Ho...
21 Jan 2026
171.25.158.74 10/10
Confidence 96%
Reports 86
ISP Patrik Lagerman
3 Jun 2026
195.47.238.91 8/10
Confidence 96%
Reports 77
ISP No ACK Group Ho...
21 Jan 2026
171.25.158.70 10/10
Confidence 95%
Reports 124
ISP Patrik Lagerman
8 Jun 2026
185.246.128.133 10/10
Confidence 94%
Reports 5,109
ISP w1n ltd
9 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.9/10 Avg Threat
66% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
66.132.153.51 10/10
Confidence 66%
Reports 1,778
Location US US
23 Mar 2026
66.132.153.56 10/10
Confidence 66%
Reports 1,696
Location US US
23 Mar 2026
66.132.153.53 10/10
Confidence 66%
Reports 1,533
Location US US
23 Mar 2026
66.132.153.49 10/10
Confidence 66%
Reports 1,471
Location US US
23 Mar 2026
161.97.159.246 10/10
Confidence 66%
Reports 943
Location FR FR
3 Mar 2026
176.120.22.47 8/10
Confidence 66%
Reports 881
Location RU RU
3 Mar 2026
35.200.237.19 10/10
Confidence 66%
Reports 880
Location IN IN
17 Apr 2026
103.174.103.249 10/10
Confidence 66%
Reports 780
Location IN IN
19 Feb 2026
87.121.84.24 10/10
Confidence 66%
Reports 746
Location US US
8 Mar 2026
154.83.16.198 10/10
Confidence 66%
Reports 725
Location HK HK
24 Oct 2025
87.120.191.65 10/10
Confidence 66%
Reports 720
Location US US
1 Mar 2026
185.217.0.130 10/10
Confidence 66%
Reports 717
Location SE SE
5 Mar 2026
36.50.54.13 10/10
Confidence 66%
Reports 634
Location VN VN
20 Oct 2025
63.41.9.210 10/10
Confidence 66%
Reports 619
Location US US
30 Oct 2025
45.149.204.47 10/10
Confidence 66%
Reports 615
Location DE DE
5 Dec 2025

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "195.47.238.87",
    "threat_level": 8,
    "confidence_score": 66,
    "total_reports": 302,
    "country_code": "SE",
    "isp_name": "No ACK Group Holding AB",
    "asn": "30893",
    "first_reported": "2025-09-10 13:45:47",
    "last_reported": "2025-10-09 13:51:14",
    "exported_at": "2026-06-09T08:18:26+02:00",
    "source": "https://reportedip.de/ip/195.47.238.87/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses