JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 16.171.11.9

16.171.11.9 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 35%: ?

35%

ISP	Amazon Data Services Sweden
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-16-171-11-9.eu-north-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 16.171.11.9

Whois 16.171.11.9

IP Abuse Reports for 16.171.11.9:

This IP address has been reported a total of 8 times from 6 distinct sources. 16.171.11.9 was first reported on April 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-03 21:35:11 (1 day ago)	16.171.11.9 - - [04/Jun/2026:00:35:03 +0300] "GET /app/.env HTTP/1.1" 404 218 "-" "Mozilla/5.0 (Maci ... show more 16.171.11.9 - - [04/Jun/2026:00:35:03 +0300] "GET /app/.env HTTP/1.1" 404 218 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 16.171.11.9 - - [04/Jun/2026:00:35:07 +0300] "GET /apps/.env HTTP/1.1" 404 2783 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" ... show less	Web App Attack
🇳🇱 e.fierstra	2026-06-03 17:21:23 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 04:24:06 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 16.171.11.9 (ec2-16-171-11-9.eu-north-1.compute ... show more (mod_security) mod_security (id:210492) triggered by 16.171.11.9 (ec2-16-171-11-9.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:23:59.798924 2026] [security2:error] [pid 3296:tid 3296] [client 16.171.11.9:34808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.daikin.cloudex.link"] [uri "/.env"] [unique_id "ah-sX4P7STzctoZ05C9rDwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-03 04:06:34 (1 day ago)	Abuse Detected (5)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 06:41:27 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 16.171.11.9 (ec2-16-171-11-9.eu-north-1.compute ... show more (mod_security) mod_security (id:210492) triggered by 16.171.11.9 (ec2-16-171-11-9.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 02:41:23.693658 2026] [security2:error] [pid 150035:tid 150035] [client 16.171.11.9:50400] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livesteamtracks.info"] [uri "/.git/config"] [unique_id "ad3hkxLmAgIJ9lOxdKY9LwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 06:13:34 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 16.171.11.9 (ec2-16-171-11-9.eu-north-1.compute ... show more (mod_security) mod_security (id:210492) triggered by 16.171.11.9 (ec2-16-171-11-9.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 02:13:26.301060 2026] [security2:error] [pid 1816545:tid 1816545] [client 16.171.11.9:60536] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liverpoolfootballprogrammes.com"] [uri "/.git/config"] [unique_id "ad3bBiA0CvcU5scHQ1NMJwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-04-14 05:45:02 (1 month ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-04-14 05:38:32 (1 month ago)	Excessive 404/403 errors	Brute-Force

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 150.5.141.198

🇺🇸 147.185.132.200

🇺🇸 107.173.41.67

🇷🇺 79.104.0.82

🇷🇴 2.57.121.112

🇷🇴 2.57.121.25

🇺🇸 167.172.133.85

🇮🇩 163.7.9.84

🇺🇸 162.216.150.55

🇭🇰 103.158.29.100

🇻🇳 14.225.46.21

🇺🇸 172.217.107.155

🇺🇸 172.202.118.45

🇺🇸 147.185.132.212

🇳🇱 129.121.88.64

🇨🇳 106.40.121.148

🇮🇹 93.92.77.217

🇺🇸 64.95.9.247

🇸🇬 47.128.122.12

🇨🇳 211.149.131.113