๐ง๐ท
ICS Labs
2026-07-06 13:15:34
(9 hours ago)
ICS Labs identified 165.73.242.163 as a malicious indicator from threat intelligence.
DDoS Attack
Port Scan
Hacking
Brute-Force
Exploited Host
๐ฉ๐ช
FeG Deutschland
2026-07-03 16:42:35
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ฉ๐ช
raph
2026-06-25 18:01:37
(1 week ago)
[SQL UNION SELECT] f2b match %{+Q}r for ^.*haproxy\[[0-9]+\]: <HOST>:.* (GET |POST ).*\?.*(UNION%20| ...
show more
[SQL UNION SELECT] f2b match %{+Q}r for ^.*haproxy\[[0-9]+\]: <HOST>:.* (GET |POST ).*\?.*(UNION%20|union%20|SELECT%20|select%20).* HTTP/1.1$
show less
SQL Injection
Anonymous
2026-06-01 04:30:34
(1 month ago)
Failed login attempt detected by Fail2Ban in plesk-postfix jail
Brute-Force
๐บ๐ธ
mnsf
2026-05-30 23:05:18
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฉ๐ช
Martin Lundstrom
2026-05-28 15:16:12
(1 month ago)
Blocked by EagleEye Security (https://www.eagleeye-intelligence.com) on server.imagia.ma. Attack typ ...
show more
Blocked by EagleEye Security (https://www.eagleeye-intelligence.com) on server.imagia.ma. Attack type: IDS: network scan [rule 100570]. Origin: ZA. Source: 165.73.242.163 (Psychz Networks ZA - Cloud Services). AbuseIPDB score: 23/100. Automated detection and blocking.
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-24 04:29:26
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 165.73.242.163 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 165.73.242.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 00:29:19.649180 2026] [security2:error] [pid 32525:tid 32525] [client 165.73.242.163:47800] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||billswilliams.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "billswilliams.com"] [uri "/dump.sql"] [unique_id "ahJ-n_mot6mI58SiuBbZNAAAAAs"], referer: billswilliams.com/dump.sql
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-19 00:37:10
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 165.73.242.163 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 165.73.242.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 20:37:06.424482 2026] [security2:error] [pid 25745:tid 25745] [client 165.73.242.163:54426] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.calvaryadminservices.com"] [uri "/.git/config"] [unique_id "aguwshuKxvvnpChZbeIBhQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-06 04:00:33
(2 months ago)
2026-05-05 19:00:10,681 fail2ban.actions [3625835]: NOTICE [tor] Ban 165.73.242.163
2026-05- ...
show more
2026-05-05 19:00:10,681 fail2ban.actions [3625835]: NOTICE [tor] Ban 165.73.242.163
2026-05-05 22:00:08,662 fail2ban.actions [3625835]: NOTICE [tor] Ban 165.73.242.163
2026-05-06 01:00:07,897 fail2ban.actions [3625835]: NOTICE [tor] Ban 165.73.242.163
2026-05-06 04:00:14,225 fail2ban.actions [3625835]: NOTICE [tor] Ban 165.73.242.163
2026-05-06 07:00:31,711 fail2ban.actions [3625835]: NOTICE [tor] Ban 165.73.242.163
show less
Brute-Force
๐ง๐ช
cmbplf
2026-05-02 03:10:35
(2 months ago)
1428 limiting connections by zone (9m59s)
DDoS Attack
Anonymous
2026-04-24 21:00:47
(2 months ago)
2026-04-24 12:00:09,662 fail2ban.actions [7718]: NOTICE [tor] Ban 165.73.242.163
2026-04-24 ...
show more
2026-04-24 12:00:09,662 fail2ban.actions [7718]: NOTICE [tor] Ban 165.73.242.163
2026-04-24 15:00:08,517 fail2ban.actions [7718]: NOTICE [tor] Ban 165.73.242.163
2026-04-24 18:00:08,478 fail2ban.actions [7718]: NOTICE [tor] Ban 165.73.242.163
2026-04-24 21:00:19,342 fail2ban.actions [7718]: NOTICE [tor] Ban 165.73.242.163
2026-04-25 00:00:42,805 fail2ban.actions [7718]: NOTICE [tor] Ban 165.73.242.163
show less
Brute-Force
๐ฉ๐ช
big-cloud.nl
2026-04-23 20:01:23
(2 months ago)
Try to access /xmlrpc.php
Web App Attack
๐ฉ๐ช
LRob
2026-04-07 22:45:11
(2 months ago)
Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk- ...
show more
Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk-login jail
show less
Brute-Force
Web App Attack
๐ช๐ธ
gnom4ik
2026-03-25 02:18:50
(3 months ago)
ban-reviewer auto report; ip=165.73.242.163; scenario=http:scan; verdict=valid_ban; confidence=0.92; ...
show more
ban-reviewer auto report; ip=165.73.242.163; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high
show less
Port Scan
Hacking
Brute-Force
SSH
Anonymous
2026-03-25 00:10:37
(3 months ago)
sqlinjection union
SQL Injection
Brute-Force
Web App Attack