IP Address

185.11.61.226

IPv4 Public
HK HK
AS57523
Chang Way Technologies Co. Limited
903 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
63% Confidence
903 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 10% High Threat
HK
HK Location
Chang Way Technologies Co... ASN 57523
903 Reports
Honeypot Data Source

Critical Threat

IP 185.11.61.226 is a critical-risk address associated with 903 reported incidents of SSH brute-force intrusion activity, originating from Hong Kong and operated by Chang Way Technologies Co. Limited under ASN AS57523, with automated honeypot sensors recording consistent malicious contact over a compressed January–February 2026 timeframe.

The IP accumulated 903 total abuse reports across 20 distinct honeypot detection points, with the vast majority categorised as general hacking activity alongside six explicit SSH-specific incidents. The aggregate confidence score of 63% reflects moderate attribution certainty typical of anonymised network infrastructure, yet the sheer volume of independent sensor detections creates a compelling threat profile. Geolocation places the source in Hong Kong, and routing through AS57523 identifies a dedicated hosting provider historically associated with transient attack infrastructure. The first reports emerged in January 2026, escalating through February, indicating sustained rather than opportunistic targeting.

SSH brute-force attacks represent a persistent and automated threat vector where adversaries systematically iterate authentication credentials against exposed SSH daemons until valid access is obtained. These attacks exploit weak or default passwords and target any publicly reachable server running SSH on standard or alternate ports. Successful compromise grants lateral movement potential, data exfiltration capability, and the ability to leverage the compromised host as a pivot for further network intrusion. The frequency of such probes across global honeypot networks reflects their effectiveness as a low-cost, high-reward initial access method.

Defenders should immediately block or rate-limit inbound connections from this address at the network perimeter firewall, and audit all SSH-facing services for unnecessary exposure. Implementing key-based authentication exclusively, disabling password-based authentication entirely, and relocating SSH to a non-standard port materially reduces attack surface. Deploying automated dynamic blocking tools such as fail2ban can detect repeated authentication failures and dynamically update firewall rules, while disabling direct root login ensures adversaries cannot escalate privileges with a single valid credential pair.

More threatening than 91% of monitored IPs

Threat Categories

Hacking 25
SSH 10

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Reputable Network

This IP is hosted on a network (ASN 57523) with generally good reputation. The ISP Chang Way Technologies Co. Limited maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 60% High Confidence

Confidence History

31. Jan 2026 - 1. Feb 2026
63% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking SSH Honeypot x5 75%
Hacking Honeypot 75%
Hacking Honeypot x8 75%
Hacking Honeypot x9 75%
Hacking Honeypot 75%
Hacking Honeypot x8 75%
Hacking Honeypot x3 75%
Hacking Honeypot x6 75%
SSH Honeypot 75%
Hacking Honeypot x4 75%
Hacking SSH Honeypot x2 75%
Hacking Honeypot x3 75%
SSH Honeypot 75%
Hacking Honeypot x4 75%
SSH Honeypot x2 75%
Hacking Honeypot x3 75%
Hacking Honeypot x5 75%
SSH Honeypot 75%
Hacking Honeypot x3 75%
Hacking Honeypot 75%
Hacking SSH Honeypot x4 75%
Hacking Honeypot 75%
Hacking SSH Honeypot x6 75%
Hacking Honeypot x4 75%
Hacking SSH Honeypot x3 75%
Hacking Honeypot x2 75%
SSH Honeypot 75%
Hacking Honeypot x3 75%
Hacking Honeypot 75%
Hacking Honeypot x2 75%
10 of 903 shown

Technical Details

Basic Information

IP Address
185.11.61.226
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class B

Geolocation

Country
HK HK
ASN
AS57523
ISP
Chang Way Technologies Co. Limited

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
903
First Reported
20 Jan 2026
Last Reported
1 Feb 2026, 09:39

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS57523
Chang Way Technologies Co. Limited
HK HK

Network Threat Assessment

0/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

8
Total IPs Monitored
7,750
Total Reports
968.8
Reports per IP

Network Context

This IP address belongs to Chang Way Technologies Co. Limited (AS57523), which manages 8 IP addresses in our monitoring system. Out of these, 7,750 have been reported for suspicious activities, resulting in a network-wide threat level of 0/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

91 %

Global Threat Ranking

This IP is more threatening than 91% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,583 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 903 avg: 23 ++

Network Comparison

Compared against 8 IPs in ASN 57523

Threat Level 10/10 network avg: 6.0 ++
Total Reports 903 network avg: 561 ++
Network Chang Way Technologies Co. Limited has overall threat level 0/10

Geographic Comparison

Compared against 2,682 IPs in HK

Threat Level 10/10 country avg: 6.1 ++
Total Reports 903 country avg: 45 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,273 threat incidents tracked globally • Last 24h: 18,965 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,457 20.5%
  2. 02
    IN
    India IN
    29,090 15.5%
  3. 03
    CN
    China CN
    26,027 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,143 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,543 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,670 2.5%
  10. 10
    NL
    Netherlands NL
    4,357 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

3 Related IPs
9/10 Avg Threat
49% Avg Confidence
3 High Threat
High-risk network: Majority of related IPs are flagged
185.11.61.151 10/10
Confidence 62%
Reports 3,569
Location RU RU
31 Jan 2026
185.11.61.252 10/10
Confidence 60%
Reports 1,291
Location RU RU
6 Jan 2026
185.11.61.102 7/10
Confidence 25%
Reports 1
Location RU RU
14 Dec 2025

IPs from the same country with similar threat profiles.

15 Related IPs
9.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
65.52.167.153 8/10
Confidence 100%
Reports 79
ISP MICROSOFT-CORP-...
22 Jan 2026
165.154.41.13 7/10
Confidence 100%
Reports 79
ISP ZEN-DPS
7 Jun 2026
165.154.22.6 8/10
Confidence 100%
Reports 52
ISP UCLOUD INFORMAT...
30 Apr 2026
119.28.9.170 10/10
Confidence 100%
Reports 51
ISP Tencent Buildin...
6 Jun 2026
45.249.246.120 8/10
Confidence 100%
Reports 51
ISP UCLOUD INFORMAT...
30 Apr 2026
165.154.6.26 10/10
Confidence 100%
Reports 49
ISP UCLOUD INFORMAT...
26 May 2026
152.32.130.174 10/10
Confidence 100%
Reports 47
ISP UCLOUD INFORMAT...
26 May 2026
165.154.6.104 10/10
Confidence 100%
Reports 41
ISP UCLOUD INFORMAT...
25 May 2026
152.32.130.144 10/10
Confidence 100%
Reports 38
ISP UCLOUD INFORMAT...
26 May 2026
103.106.188.32 10/10
Confidence 100%
Reports 37
ISP cognetcloud INC
5 Jun 2026
165.154.5.148 10/10
Confidence 100%
Reports 33
ISP UCLOUD INFORMAT...
27 May 2026
152.32.213.101 8/10
Confidence 100%
Reports 26
ISP UCLOUD INFORMAT...
25 Apr 2026
144.48.243.18 10/10
Confidence 100%
Reports 21
ISP Overcasts Limited
8 Jun 2026
154.83.13.181 10/10
Confidence 100%
Reports 21
ISP YISU CLOUD LTD
2 Jun 2026
165.154.23.26 10/10
Confidence 100%
Reports 19
ISP UCLOUD INFORMAT...
26 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.2/10 Avg Threat
63% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
3.130.96.91 8/10
Confidence 63%
Reports 43,462
Location US US
4 Feb 2026
3.134.148.59 8/10
Confidence 63%
Reports 14,980
Location US US
4 Feb 2026
92.118.39.87 10/10
Confidence 63%
Reports 14,713
Location US US
18 Apr 2026
87.120.191.13 10/10
Confidence 63%
Reports 13,131
Location US US
19 Feb 2026
3.137.73.221 8/10
Confidence 63%
Reports 10,228
Location US US
4 Feb 2026
3.132.23.201 8/10
Confidence 63%
Reports 9,576
Location US US
4 Feb 2026
3.149.59.26 8/10
Confidence 63%
Reports 8,795
Location US US
4 Feb 2026
167.250.224.25 10/10
Confidence 63%
Reports 8,244
Location BR BR
14 May 2026
176.117.107.74 10/10
Confidence 63%
Reports 5,739
Location NL NL
21 Dec 2025
142.202.188.211 10/10
Confidence 63%
Reports 4,136
Location US US
8 Apr 2026
176.117.107.91 10/10
Confidence 63%
Reports 3,994
Location NL NL
17 Dec 2025
196.251.70.234 10/10
Confidence 63%
Reports 3,796
Location SC SC
15 Oct 2025
45.88.186.70 8/10
Confidence 63%
Reports 3,632
Location NL NL
2 Feb 2026
2.57.122.209 10/10
Confidence 63%
Reports 2,573
Location RO RO
10 Feb 2026
64.188.91.248 10/10
Confidence 63%
Reports 2,232
Location DE DE
3 Mar 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "185.11.61.226",
    "threat_level": 10,
    "confidence_score": 63,
    "total_reports": 903,
    "country_code": "HK",
    "isp_name": "Chang Way Technologies Co. Limited",
    "asn": "57523",
    "first_reported": "2026-01-20 20:47:44",
    "last_reported": "2026-02-01 09:39:02",
    "exported_at": "2026-06-09T09:55:45+02:00",
    "source": "https://reportedip.de/ip/185.11.61.226/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses