JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 16.78.21.156

16.78.21.156 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 75%: ?

75%

ISP	Amazon Data Services Jakarta
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-16-78-21-156.ap-southeast-3.compute.amazonaws.com
Domain Name	amazon.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 16.78.21.156

Whois 16.78.21.156

IP Abuse Reports for 16.78.21.156:

This IP address has been reported a total of 16 times from 12 distinct sources. 16.78.21.156 was first reported on June 24th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-25 15:25:32 (8 hours ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 14:55:49 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.c ... show more (mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:55:46.129619 2026] [security2:error] [pid 25661:tid 25661] [client 16.78.21.156:63114] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rlharmongroup.com"] [uri "/wp-config.php"] [unique_id "aj1Bcj3xVUM2_JKMEvdhygAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-06-25 14:51:00 (9 hours ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇫🇷 dynamix	2026-06-25 14:26:53 (9 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 14:15:47 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.c ... show more (mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:15:41.292321 2026] [security2:error] [pid 6426:tid 6426] [client 16.78.21.156:51072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.voodooshop.com"] [uri "/wp-config.php"] [unique_id "aj04Dfbw_WJC4my7jPNUQAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-06-25 14:01:16 (9 hours ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-25 13:32:45 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.c ... show more (mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 09:32:40.310037 2026] [security2:error] [pid 27809:tid 27809] [client 16.78.21.156:62189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.spores101.com"] [uri "/wp-config.php"] [unique_id "aj0t-EUIr1Ft5rSPCtP4-gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Mediashaker	2026-06-25 13:15:37 (10 hours ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 16.78.21.156 (ID/Indones ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 16.78.21.156 (ID/Indonesia/ec2-16-78-21-156.ap-southeast-3.compute.amazonaws.com) show less	Port Scan
🇺🇸 kosada.com	2026-06-25 13:14:23 (10 hours ago)	Web vulnerability probing: /.well-known/gelay.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 12:51:08 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.c ... show more (mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 08:51:02.133204 2026] [security2:error] [pid 16672:tid 16672] [client 16.78.21.156:61859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.scoutinsignia.com"] [uri "/wp-config.php"] [unique_id "aj0kNrTneLTdeq8lIy3GGAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 zynex	2026-06-25 12:39:00 (11 hours ago)	URL Probing: /.well-known/pki-validation/index.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 12:21:22 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.c ... show more (mod_security) mod_security (id:210492) triggered by 16.78.21.156 (ec2-16-78-21-156.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 08:21:15.434583 2026] [security2:error] [pid 27252:tid 27278] [client 16.78.21.156:59108] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.newtrendmag.org"] [uri "/wp-config.php"] [unique_id "aj0dO38XTQGs_1B8kPHCAAAAARg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-24 12:45:59 (1 day ago)	15 requests with url.path /indoxploit.php	Brute-Force Bad Web Bot
🇬🇧 consul.to	2026-06-24 11:16:37 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-24 11:05:31 (1 day ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (364/60 min)'; Requests=364	Port Scan

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.181.108.114

🇰🇿 95.59.142.69

🇫🇷 91.196.152.14

🇺🇦 46.149.191.249

🇺🇸 44.83.103.50

🇷🇴 92.118.39.71

🇳🇱 91.92.40.31

🇺🇸 44.251.57.42

🇸🇬 43.156.168.37

🇨🇳 42.123.124.192

🇺🇸 34.181.181.63

🇺🇸 34.16.248.69

🇪🇬 213.131.76.71

🇨🇳 115.213.234.117

🇨🇳 113.141.171.139

🇨🇳 111.26.63.87

🇸🇬 85.203.21.141

🇨🇳 61.136.224.3

🇺🇸 44.43.116.191

🇶🇦 34.18.218.45