IP Address

85.11.183.27

IPv4 Public
GB GB
AS212027
PebbleHost Ltd
793 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
10/10 Threat
94% Confidence
793 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Top 5% Most Dangerous
GB
GB Location
PebbleHost Ltd ASN 212027
793 Reports
Honeypot Data Source

Extreme Threat

IP 85.11.183.27 is a critical-risk address operated by PebbleHost Ltd in the United Kingdom (ASN AS212027) that has been linked to 793 reported hacking incidents detected by automated honeypot sensors between February and May 2026. With a threat level of 10/10 and a confidence score of 94%, this IP represents a significant and persistent threat to exposed network services worldwide.

The volume and consistency of malicious activity associated with 85.11.183.27 are substantial. All 20 most recent reports uniformly categorize the activity as hacking, with the IP generating reports across a four-month window at a frequency rating of 8/10. Detection came exclusively from automated honeypot sensors, which identified connection attempts consistent with intrusion and exploitation behaviour. The IP's assignment to PebbleHost Ltd, a hosting provider, suggests the address may be part of a larger infrastructure used to distribute automated attack tools rather than a single-purpose malicious endpoint.

The specific attack patterns observed include anomalous TLS record types flagged by Suricata intrusion detection rules. Invalid TLS record types are a common indicator of reconnaissance probes, malformed packet injection attempts, or attempts to trigger vulnerabilities in TLS implementation stacks. Combined with general hacking classification, this suggests 85.11.183.27 is conducting systematic vulnerability scanning and exploitation attempts against target systems, potentially searching for unpatched services or misconfigured endpoints that accept unexpected input.

Network defenders should treat connection attempts from 85.11.183.27 as hostile and block the address at the firewall or network edge. Implementing rate-limiting on authentication endpoints and using tools such as fail2ban or equivalent threat-response automation can mitigate brute-force and scanning activity. Ensuring all systems receive timely patches, disabling unnecessary services, and deploying intrusion detection signatures capable of identifying anomalous TLS traffic will reduce exposure to the exploitation vectors this IP attempts to leverage.

More threatening than 98% of monitored IPs

Threat Categories

Hacking 30
Exploited Host 1

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Moderate Network Risk

The network hosting this IP (ASN 212027, operated by PebbleHost Ltd) shows moderate threat indicators. Some concerning activity has been detected from neighboring addresses.

Consider the network context when assessing this individual IP.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 8/10 High
Confidence Score 72% High Confidence

Confidence History

2. May 2026 - 5. May 2026
94% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Exploited Host Honeypot x2 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 793 shown

Technical Details

Basic Information

IP Address
85.11.183.27
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
GB GB
ASN
AS212027
ISP
PebbleHost Ltd

DNS Information

Reverse DNS
None
PTR Record
No
Connection Type
Static

Statistics

Total Reports
793
First Reported
18 Feb 2026
Last Reported
5 May 2026, 10:33

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS212027
PebbleHost Ltd
GB GB

Network Threat Assessment

4/10
This network has low threat indicators with minimal suspicious activity.

Network Statistics

15
Total IPs Monitored
4,135
Total Reports
275.7
Reports per IP

Network Context

This IP address belongs to PebbleHost Ltd (AS212027), which manages 15 IP addresses in our monitoring system. Out of these, 4,135 have been reported for suspicious activities, resulting in a network-wide threat level of 4/10.

Network notice: This network shows some suspicious activity patterns. Monitor interactions with IPs from this ASN.

Comparative Analysis

How this IP compares to others in our threat intelligence database

98 %

Global Threat Ranking

This IP is more threatening than 98% of all IPs in our database.

Top 10% Most Dangerous

Global Comparison

Compared against 199,840 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 793 avg: 23 ++

Network Comparison

Compared against 20 IPs in ASN 212027

Threat Level 10/10 network avg: 8.5 +
Total Reports 793 network avg: 273 ++
Network PebbleHost Ltd has overall threat level 4/10

Geographic Comparison

Compared against 4,301 IPs in GB

Threat Level 10/10 country avg: 5.4 ++
Total Reports 793 country avg: 27 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,519 threat incidents tracked globally • Last 24h: 18,988 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,480 20.5%
  2. 02
    IN
    India IN
    29,193 15.6%
  3. 03
    CN
    China CN
    26,036 13.9%
  4. 04
    BR
    Brazil BR
    10,259 5.5%
  5. 05
    DE
    Germany DE
    7,147 3.8%
  6. 06
    SG
    Singapore SG
    6,479 3.5%
  7. 07
    ID
    Indonesia ID
    5,557 3%
  8. 08
    RU
    Russia RU
    4,707 2.5%
  9. 09
    PK
    Pakistan PK
    4,689 2.5%
  10. 10
    NL
    Netherlands NL
    4,361 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

9 Related IPs
9.6/10 Avg Threat
78% Avg Confidence
9 High Threat
High-risk network: Majority of related IPs are flagged
85.11.183.25 8/10
Confidence 94%
Reports 835
Location GB GB
5 May 2026
85.11.183.21 10/10
Confidence 94%
Reports 812
Location GB GB
5 May 2026
85.11.183.19 10/10
Confidence 94%
Reports 802
Location GB GB
5 May 2026
85.11.183.23 10/10
Confidence 94%
Reports 789
Location GB GB
5 May 2026
85.11.183.2 10/10
Confidence 74%
Reports 141
Location GB GB
23 Nov 2025
85.11.183.3 10/10
Confidence 74%
Reports 93
Location GB GB
26 Nov 2025
85.11.183.4 10/10
Confidence 73%
Reports 41
Location GB GB
22 Nov 2025
85.11.183.6 8/10
Confidence 65%
Reports 383
Location GB GB
18 Apr 2026
85.11.183.5 10/10
Confidence 41%
Reports 7
Location GB GB
10 Nov 2025

IPs from the same country with similar threat profiles.

15 Related IPs
8.9/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
185.196.9.127 8/10
Confidence 100%
Reports 157
ISP Global-Data Sys...
1 Mar 2026
213.171.208.232 8/10
Confidence 100%
Reports 135
ISP IONOS SE
7 Jun 2026
213.171.208.62 8/10
Confidence 100%
Reports 123
ISP IONOS SE
9 Jun 2026
62.232.51.140 8/10
Confidence 100%
Reports 107
ISP Wavenet Limited
31 May 2026
198.38.94.18 10/10
Confidence 100%
Reports 92
ISP WHG Hosting Ser...
9 Jun 2026
198.38.94.14 10/10
Confidence 100%
Reports 78
ISP WHG Hosting Ser...
8 Jun 2026
209.42.20.53 8/10
Confidence 100%
Reports 52
ISP WHG Hosting Ser...
9 Jun 2026
167.71.136.93 10/10
Confidence 100%
Reports 39
ISP DigitalOcean, LLC
9 Jun 2026
87.106.67.224 8/10
Confidence 100%
Reports 31
ISP IONOS SE
9 Jun 2026
64.89.160.178 8/10
Confidence 100%
Reports 29
ISP Ghosty Networks...
4 Jun 2026
94.76.235.103 10/10
Confidence 100%
Reports 27
ISP Team Blue Carri...
28 May 2026
77.68.30.172 10/10
Confidence 100%
Reports 17
ISP IONOS SE
6 May 2026
2.27.36.16 10/10
Confidence 100%
Reports 14
ISP DpkgSoft Intern...
23 May 2026
37.143.61.60 10/10
Confidence 100%
Reports 12
ISP UK Dedicated Se...
26 May 2026
34.39.58.191 8/10
Confidence 99%
Reports 108
ISP GOOGLE-CLOUD-PL...
3 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.7/10 Avg Threat
94% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
193.32.162.28 10/10
Confidence 94%
Reports 5,435
Location RO RO
25 May 2026
51.68.207.118 10/10
Confidence 94%
Reports 5,267
Location FR FR
9 Jun 2026
185.246.128.133 10/10
Confidence 94%
Reports 5,120
Location SE SE
9 Jun 2026
185.233.247.245 8/10
Confidence 94%
Reports 3,686
Location TR TR
6 Jun 2026
49.12.27.102 10/10
Confidence 94%
Reports 3,548
Location DE DE
8 Jun 2026
128.199.240.7 10/10
Confidence 94%
Reports 3,512
Location SG SG
25 May 2026
162.55.119.195 10/10
Confidence 94%
Reports 3,404
Location DE DE
30 Apr 2026
66.132.172.162 10/10
Confidence 94%
Reports 3,326
Location US US
9 Jun 2026
66.132.172.165 10/10
Confidence 94%
Reports 3,324
Location US US
9 Jun 2026
66.132.172.175 10/10
Confidence 94%
Reports 3,318
Location US US
9 Jun 2026
66.132.172.164 10/10
Confidence 94%
Reports 3,311
Location US US
9 Jun 2026
66.132.172.167 10/10
Confidence 94%
Reports 3,306
Location US US
9 Jun 2026
66.132.172.171 10/10
Confidence 94%
Reports 3,292
Location US US
9 Jun 2026
66.132.172.160 8/10
Confidence 94%
Reports 3,275
Location US US
9 Jun 2026
66.132.172.161 10/10
Confidence 94%
Reports 3,275
Location US US
9 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "85.11.183.27",
    "threat_level": 10,
    "confidence_score": 94,
    "total_reports": 793,
    "country_code": "GB",
    "isp_name": "PebbleHost Ltd",
    "asn": "212027",
    "first_reported": "2026-02-18 01:00:15",
    "last_reported": "2026-05-05 10:33:22",
    "exported_at": "2026-06-09T11:56:08+02:00",
    "source": "https://reportedip.de/ip/85.11.183.27/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses