Substantial Risk
IP 85.11.183.25 is a high-risk address associated with sustained hacking activity, classified as an exploited host with 835 abuse reports across automated honeypot sensors and a threat level of 8 out of 10. The overwhelming majority of recent reports cite general hacking intrusion attempts, with a smaller subset confirming the IP belongs to a compromised system being weaponised for malicious purposes. This combination of confirmed exploitation and active offensive capability places the address firmly in the highest-risk category for any exposed network service.
The IP is registered to PebbleHost Ltd operating on ASN AS212027 within the United Kingdom, and community reporting spans February through May 2026, indicating persistent malicious activity over approximately four months. Detection volume of 835 reports from 20 separate honeypot sensors reflects widespread automated detection across multiple security monitoring points, with a confidence score of 94 percent confirming high reliability of the reported threat data. The activity frequency rating of 8 out of 10 demonstrates this address is not a sporadic offender but rather maintains continuous probing and exploitation behaviour against target systems.
The dominant threat classification as an exploited host indicates this IP address most likely belongs to a legitimate server or endpoint that has been compromised by threat actors and is now being remotely controlled to conduct attacks without the owner's knowledge. The associated hacking activity compounds this risk, suggesting the compromised system is actively scanning for vulnerabilities, attempting brute-force authentication, or propagating malware and exploits against other targets across the internet. Organisations with exposed SSH, RDP, HTTP, or database services face direct risk of credential theft, vulnerability exploitation, or secondary compromise through this attack platform.
Site operators should immediately block 85.11.183.25 at the firewall level given its confirmed malicious status and high threat rating. Implementing fail2ban or equivalent dynamic firewall rules provides automated response to repeated connection attempts characteristic of this address's behaviour. All exposed services should enforce strong, unique credentials alongside multi-factor authentication to neutralise credential-stuffing and brute-force vectors. Regular patching and vulnerability scanning of internet-facing systems reduces the likelihood of successful exploitation by attack traffic originating from compromised hosts. Finally, reporting the activity to PebbleHost Ltd assists in remediating the compromised asset and may prevent further abuse from this address.
RO 
FR 
SE 
TR