Dashboard›🇿🇦 South Africa›165.73.182.83

THREAT REPORT

IP Threat Report
165.73.182.83

ABUSE.MOM — BEHAVE OR GET EXPOSED

Generated: 2026-05-30 08:30:38

First seen: 2026-03-08 07:00:05

Last seen: 2026-03-08 07:00:05

Geolocation & Classification

IP Address

165.73.182.83

Type

Residential

Country

🇿🇦 South Africa

City

Stellenbosch

ISP

Herotel

Organization

HERO TELECOMS (PTY) LTD

Autonomous System

Unknown

Hit Count

Detection Signatures

Signature	Description	Points
Danger strong hits: 3	High-risk paths: shells, RCE vectors, exploits	+75
Danger medium hits: 2	Medium-risk: admin panels, config files	+20
POST requests present	Behavioral anomaly detected by automated analysis	+8

Σ = 103

Observed Activity

Reconstructed HTTP requests from server access logs. Target domains redacted for security.

[redacted]

GET

200

Requests shown: 1 · HTTP 404: 0 · Dangerous patterns: 0

* Typical request patterns for detected signatures. Actual target domains are redacted.

Timeline

2026-03-08 07:00:05

First malicious request detected

IP entered monitoring from server access logs

During observation

Multiple detection signatures triggered

Danger strong hits: 3 (+75), Danger medium hits: 2 (+20), POST requests present (+8)

2026-03-08 07:00:05

Last malicious request observed

Total score reached: 103/100

Next cycle

IP blocked — all subsequent requests denied (HTTP 403)

Added to blocklist automatically

Recommendations

Actions taken & recommended

IP 165.73.182.83 is blocked at application level (HTTP 403)
Consider blocking at firewall level (iptables/CSF) to reduce server load
Ensure sensitive files (.env, .git, backups) are not accessible from the web

⚙️ General Security

Add 165.73.182.83 to your firewall blocklist. Review logs for successful connections. Enable comprehensive logging on all public-facing services.

Blacklist Status (DNSBL)

This IP was checked against major DNS-based blacklists used by mail servers and firewalls worldwide.

⛔ LISTED

Spamhaus ZEN

Checked: Spamhaus, SpamCop, Barracuda, SORBS, CBL, UCEProtect. Results may change over time.

Threat Analysis

165.73.182.83 has been assigned a threat score of 103/100 (Critical). This represents a critical risk level. Our detection systems have flagged multiple high-confidence indicators of malicious intent from this address.

📊 Threat Analysis

Our monitoring infrastructure has identified 165.73.182.83, geolocated to Stellenbosch, South Africa, operating on the network of Herotel, as a source of suspicious network activity. The address has been active for 1 days in our monitoring system, producing 1 flagged requests at a rate of ~1/day. This residential IP is likely a compromised consumer device. Home routers and IoT equipment with default credentials are prime targets for botnet operators. With a threat score of 103/100, this IP is among the most dangerous addresses in our database. Immediate and complete blocking is strongly recommended.

This IP is classified as residential, suggesting it may belong to a compromised home device, IoT botnet member, or an infected personal computer. Residential IPs involved in attacks often indicate malware infection without the owner's knowledge.

Related Threats

🇿🇦 Top threats from South Africa

165.73.183.235 (103)165.73.181.194 (68)165.73.183.110 (68)165.73.183.216 (68)165.73.180.92 (68)View all →

Security Intelligence

💡 Directory Traversal Attacks

Path traversal attacks attempt to access files outside the intended directory by manipulating file path references. Attackers use sequences like ../ to reach sensitive system files such as /etc/passwd or application configuration files.

💡 CAPTCHA and Bot Detection

CAPTCHAs remain a primary bot defense but face increasing bypass rates from AI-powered solvers. Modern alternatives include invisible behavioral analysis, proof-of-work challenges, and device fingerprinting that detect bots without impacting user experience.

🔍 Check Any IP Address

Share this report:

IP Threat Report165.73.182.83

⛔ Verdict: BLOCK