54.240.4.2 - IPInfo

Basic Info

City: Seattle

Region: Washington

Country: United States

Internet Service Provider: Amazon Web Services Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
54.240.48.101	attackspambots	SpamScore above: 10.0	2020-10-01 03:12:25
54.240.48.101	attack	SpamScore above: 10.0	2020-09-30 19:26:55
54.240.48.65	attackspam	.	2020-07-11 07:09:08
54.240.48.24	attackbots	54.240.48.24	2020-05-14 20:40:39
54.240.48.104	attackspambots	Emails with suspicious links are sent with different From.	2020-02-28 02:47:25
54.240.47.88	attackspam	#30670 - [54.240.47.88] Closing connection (IP still banned) #30670 - [54.240.47.88] Closing connection (IP still banned) #30670 - [54.240.47.88] Closing connection (IP still banned) #30670 - [54.240.47.88] Closing connection (IP still banned) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=54.240.47.88	2019-10-24 02:26:06
54.240.4.15	attackbotsspam	Spam	2019-10-09 22:37:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.240.4.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24867
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.240.4.2.			IN	A

;; AUTHORITY SECTION:
.			220	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121301 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 14 04:47:04 CST 2019
;; MSG SIZE  rcvd: 114

Host info

2.4.240.54.in-addr.arpa domain name pointer a4-2.smtp-out.eu-west-1.amazonses.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.4.240.54.in-addr.arpa	name = a4-2.smtp-out.eu-west-1.amazonses.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.244.39.159	attackspam	2020-10-07 08:00:14.260498-0500 localhost sshd[40167]: Failed password for root from 185.244.39.159 port 32996 ssh2	2020-10-07 21:24:52
194.150.215.4	attack	Lines containing failures of 194.150.215.4 Oct 5 19:08:24 shared04 postfix/smtpd[3437]: connect from unknown[194.150.215.4] Oct x@x Oct 5 19:08:24 shared04 postfix/smtpd[3437]: disconnect from unknown[194.150.215.4] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Oct 5 19:09:23 shared04 postfix/smtpd[3439]: connect from unknown[194.150.215.4] Oct x@x Oct 5 19:09:23 shared04 postfix/smtpd[3439]: disconnect from unknown[194.150.215.4] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Oct 5 19:10:24 shared04 postfix/smtpd[3439]: connect from unknown[194.150.215.4] Oct x@x Oct 5 19:10:24 shared04 postfix/smtpd[3439]: disconnect from unknown[194.150.215.4] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Oct 5 19:11:23 shared04 postfix/smtpd[11148]: connect from unknown[194.150.215.4] Oct x@x Oct 5 19:11:23 shared04 postfix/smtpd[11148]: disconnect from unknown[194.150.215.4] ehlo=1 mail=1 rcpt=0/1 data=0/1 quhostname=1 commands=3/5 Oct 5 1........ ------------------------------	2020-10-07 21:13:11
42.194.217.169	attackspam	2020-10-07T06:57:37.093727ns386461 sshd\[6773\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.194.217.169 user=root 2020-10-07T06:57:39.114484ns386461 sshd\[6773\]: Failed password for root from 42.194.217.169 port 56582 ssh2 2020-10-07T07:10:16.663441ns386461 sshd\[18147\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.194.217.169 user=root 2020-10-07T07:10:18.881022ns386461 sshd\[18147\]: Failed password for root from 42.194.217.169 port 59326 ssh2 2020-10-07T07:15:06.761711ns386461 sshd\[22659\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.194.217.169 user=root ...	2020-10-07 20:59:22
167.86.117.63	attackbotsspam	Oct 7 11:21:22 cdc sshd[7937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.86.117.63 user=root Oct 7 11:21:24 cdc sshd[7937]: Failed password for invalid user root from 167.86.117.63 port 57666 ssh2	2020-10-07 21:19:05
35.232.144.28	attackspam	SSH Brute Force	2020-10-07 21:33:03
47.30.178.158	attackspam	1602017105 - 10/06/2020 22:45:05 Host: 47.30.178.158/47.30.178.158 Port: 445 TCP Blocked	2020-10-07 20:58:38
167.71.53.185	attack	WordPress wp-login brute force :: 167.71.53.185 0.080 - [06/Oct/2020:20:44:59 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2383 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-10-07 21:14:25
186.147.160.189	attackspambots	2020-10-07T11:17:38+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-07 21:31:47
89.248.167.141	attackspam	scans 21 times in preceeding hours on the ports (in chronological order) 7389 8443 3326 3331 20009 8520 3345 4400 3331 10010 3314 33000 5858 9995 3352 5858 1130 9995 3315 8007 2050 resulting in total of 234 scans from 89.248.160.0-89.248.174.255 block.	2020-10-07 21:01:55
39.109.114.141	attackspambots	Oct 7 10:24:25 email sshd\[5371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.109.114.141 user=root Oct 7 10:24:27 email sshd\[5371\]: Failed password for root from 39.109.114.141 port 58764 ssh2 Oct 7 10:28:57 email sshd\[6136\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.109.114.141 user=root Oct 7 10:28:59 email sshd\[6136\]: Failed password for root from 39.109.114.141 port 58847 ssh2 Oct 7 10:34:10 email sshd\[7015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.109.114.141 user=root ...	2020-10-07 21:29:21
122.51.238.227	attackbots	Lines containing failures of 122.51.238.227 Oct 6 08:38:12 shared06 sshd[10844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.238.227 user=r.r Oct 6 08:38:14 shared06 sshd[10844]: Failed password for r.r from 122.51.238.227 port 43708 ssh2 Oct 6 08:38:14 shared06 sshd[10844]: Received disconnect from 122.51.238.227 port 43708:11: Bye Bye [preauth] Oct 6 08:38:14 shared06 sshd[10844]: Disconnected from authenticating user r.r 122.51.238.227 port 43708 [preauth] Oct 6 08:51:15 shared06 sshd[15400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.238.227 user=r.r Oct 6 08:51:17 shared06 sshd[15400]: Failed password for r.r from 122.51.238.227 port 58660 ssh2 Oct 6 08:51:18 shared06 sshd[15400]: Received disconnect from 122.51.238.227 port 58660:11: Bye Bye [preauth] Oct 6 08:51:18 shared06 sshd[15400]: Disconnected from authenticating user r.r 122.51.238.227 port 58660........ ------------------------------	2020-10-07 21:04:20
27.102.114.131	attack	SSH login attempts.	2020-10-07 21:27:10
139.59.228.154	attackbots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-07 21:36:43
192.99.55.242	attackbotsspam	Oct 7 15:20:17 vpn01 sshd[20972]: Failed password for root from 192.99.55.242 port 59572 ssh2 ...	2020-10-07 21:37:16
202.83.161.117	attackspam	$f2bV_matches	2020-10-07 21:03:03

Recently Reported IPs

101.127.210.10	147.235.124.216	66.113.181.152	98.204.104.107
174.199.2.30	92.204.225.247	203.58.250.227	118.200.101.164
139.196.5.205	12.139.40.18	177.147.29.40	189.203.160.201
31.160.216.164	139.52.14.90	45.242.126.192	162.144.209.154
160.89.226.146	192.164.157.57	174.209.246.58	77.191.154.155