JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 162.248.225.36

162.248.225.36 was found in our database!

This IP was reported 219 times. Confidence of Abuse is 100%: ?

100%

ISP	Hosting Solution Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14576
Hostname(s)	all6.apl.com.sa
Domain Name	kingservers.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 162.248.225.36

Whois 162.248.225.36

IP Abuse Reports for 162.248.225.36:

This IP address has been reported a total of 219 times from 160 distinct sources. 162.248.225.36 was first reported on September 11th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bigscoots.com	2026-05-30 16:15:15 (4 days ago)	162.248.225.36 (US/United States/all6.apl.com.sa), 5 distributed sshd attacks on account [root] in t ... show more 162.248.225.36 (US/United States/all6.apl.com.sa), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 30 11:04:59 15002 sshd[8432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.244.233 user=root May 30 11:00:26 15002 sshd[6232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.244.233 user=root May 30 11:00:28 15002 sshd[6232]: Failed password for root from 103.139.244.233 port 37004 ssh2 May 30 11:15:00 15002 sshd[13457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.248.225.36 user=root May 30 11:15:02 15002 sshd[13457]: Failed password for root from 162.248.225.36 port 48006 ssh2 IP Addresses Blocked: 103.139.244.233 (ID/Indonesia/233.244.139.103.metroreload.biz) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-30 15:49:36 (4 days ago)	162.248.225.36 (US/United States/all6.apl.com.sa), 5 distributed sshd attacks on account [root] in t ... show more 162.248.225.36 (US/United States/all6.apl.com.sa), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 30 10:42:11 13989 sshd[17484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.215.191.192 user=root May 30 10:49:33 13989 sshd[21142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.248.225.36 user=root May 30 10:43:56 13989 sshd[18249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.214.226 user=root May 30 10:43:58 13989 sshd[18249]: Failed password for root from 152.32.214.226 port 60114 ssh2 May 30 10:42:13 13989 sshd[17484]: Failed password for root from 186.215.191.192 port 43526 ssh2 IP Addresses Blocked: 186.215.191.192 (BR/Brazil/186.215.191.192.static.gvt.net.br) show less	Brute-Force SSH
🇨🇳 CGT Software Webmaster	2026-05-30 15:00:11 (4 days ago)	2026-05-30T22:53:19.252687+08:00 VM-8-9-debian sshd[3995276]: Failed password for invalid user artem ... show more 2026-05-30T22:53:19.252687+08:00 VM-8-9-debian sshd[3995276]: Failed password for invalid user artem from 162.248.225.36 port 36514 ssh2 2026-05-30T23:00:07.487947+08:00 VM-8-9-debian sshd[3996167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.248.225.36 user=root 2026-05-30T23:00:09.129450+08:00 VM-8-9-debian sshd[3996167]: Failed password for root from 162.248.225.36 port 37832 ssh2 ... show less	Port Scan Brute-Force
🇩🇪 formality	2026-05-30 14:55:08 (4 days ago)	Invalid user artem from 162.248.225.36 port 45620	Brute-Force SSH
🇦🇺 Block Rockin' Beats	2023-12-16 05:54:03 (2 years ago)	Scanning forum with forged referal	Hacking Web App Attack
🇺🇸 gu-alvareza	2023-12-12 07:05:14 (2 years ago)	WordPress.xmlrpc.Pingback.DoS	DDoS Attack
🇺🇸 TPI-Abuse	2023-12-09 19:10:07 (2 years ago)	(mod_security) mod_security (id:210280) triggered by 162.248.225.36 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210280) triggered by 162.248.225.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 09 14:10:01.738386 2023] [security2:error] [pid 13053:tid 47572362254080] [client 162.248.225.36:59706] [client 162.248.225.36] ModSecurity: Access denied with code 403 (phase 1). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "41"] [id "210280"] [rev "4"] [msg "COMODO WAF: HTTP/1.0 POST request missing Content-Length Header\|\|www.rwabutaza.com\|F\|4"] [data "0"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.rwabutaza.com"] [uri "/login.php"] [unique_id "ZXS7iaK8BPHAAXWp3Tq3ZQAAABU"], referer: https://www.rwabutaza.com/register.php?mlvl=-1 show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 odd.rip	2023-09-11 16:22:00 (2 years ago)	Found on a public proxy website	Open Proxy
🇧🇷 odd.rip	2023-09-11 16:00:00 (2 years ago)	Found on a public proxy website	Open Proxy

Showing 211 to 219 of 219 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.83.114.88

🇨🇳 203.76.241.18

🇺🇸 195.184.76.122

🇳🇱 192.142.24.66

🇺🇸 172.234.17.170

🇨🇳 112.109.194.122

🇱🇹 77.90.185.238

🇩🇪 69.5.169.47

🇱🇺 64.89.161.56

🇰🇪 41.89.128.6

🇧🇷 200.232.114.71

🇦🇷 186.139.129.76

🇳🇱 185.226.197.47

🇺🇦 176.119.25.48

🇩🇪 165.154.138.79

🇺🇸 162.216.149.242

🇨🇳 121.40.84.227

🇨🇳 111.228.62.104

🇨🇳 111.170.34.11

🇫🇮 111.88.215.223