JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.56.3.53

202.56.3.53 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 0%: ?

ISP	Smart Axiata Co., Ltd.
Usage Type	Fixed Line ISP
ASN	AS38600
Domain Name	smart.com.kh
Country	🇰🇭 Cambodia
City	Phnom Penh, Phnom Penh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.56.3.53

Whois 202.56.3.53

IP Abuse Reports for 202.56.3.53:

This IP address has been reported a total of 88 times from 14 distinct sources. 202.56.3.53 was first reported on April 20th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-29 05:26:24 (2 months ago)	DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: a ... show more DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: amplification attacks via third-parties e.g. HTTP_USER_AGENT facebookexternalhit/meta-externalagent/meta-externalfetcher or IPs from googleusercontent.com with fake HTTP_REFERER foxnews.com/newsweek.com/upwork.com/activision.com/... Port 443. show less	DDoS Attack Bad Web Bot Web App Attack
🇮🇩 hermawan	2025-06-03 23:26:31 (1 year ago)	[Wed Jun 04 06:25:09.582816 2025] [security2:error] [pid 57908:tid 139723364345536] [client 202.56.3 ... show more [Wed Jun 04 06:25:09.582816 2025] [security2:error] [pid 57908:tid 139723364345536] [client 202.56.3.53:3265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.14.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "298"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aD-EVYF3oUQbAN-QTIQpoAAAABI"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[57958] [pN4CMStKcoQ] [aD-EVYF3oUQbAN-QTIQpoAAAABI] keep_alive=[0] [2025-06-04 06:25:09.582819] [R:aD-EVYF3oUQbAN-QTIQpoAAAABI] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Accept-Language:'en-US,en;q=0 ... show less	Hacking Web App Attack
Anonymous	2025-06-02 20:40:19 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-31 16:43:18 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-28 04:00:29 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-24 02:52:38 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-21 04:21:05 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇮🇩 Burayot	2025-05-20 16:46:59 (1 year ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 202.56.3.53 (KH/Cambodia/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 202.56.3.53 (KH/Cambodia/-): 1 in the last 3600 secs show less	Web App Attack
🇸🇬 pusathosting.com	2025-05-20 11:45:02 (1 year ago)	2ds22 bruteforce	Brute-Force Web App Attack
Anonymous	2025-05-20 03:23:37 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-15 12:11:35 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-11 17:10:28 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-10 09:39:04 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇦 URAN Publishing Service	2025-05-09 20:38:47 (1 year ago)	202.56.3.53 - - [09/May/2025:23:38:44 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 ... show more 202.56.3.53 - - [09/May/2025:23:38:44 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" ... show less	Web App Attack
Anonymous	2025-05-07 15:40:18 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.217.107.25

🇺🇸 143.198.115.138

🇭🇰 152.32.215.224

🇧🇩 103.183.62.1

🇨🇦 85.217.149.5

🇩🇪 64.89.163.245

🇨🇳 61.145.177.151

🇺🇸 44.96.221.188

🇺🇸 2607:f8b0:4004:100d::120

🇨🇳 183.23.54.202

🇦🇲 178.160.230.39

🇺🇸 172.203.242.24

🇱🇹 45.227.254.170

🇩🇪 45.135.141.14

🇺🇸 44.116.167.129

🇳🇱 176.65.139.236

🇳🇱 176.65.139.231

🇲🇾 49.124.150.252

🇺🇸 45.61.187.220

🇺🇸 44.224.226.63