JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 54.37.20.198

54.37.20.198 was found in our database!

This IP was reported 405 times. Confidence of Abuse is 100%: ?

100%

ISP	OVH SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	ip-54-37-20.eu
Domain Name	ovh.net
Country	🇫🇷 France
City	Dunkirk, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 54.37.20.198

Whois 54.37.20.198

IP Abuse Reports for 54.37.20.198:

This IP address has been reported a total of 405 times from 193 distinct sources. 54.37.20.198 was first reported on June 8th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 Alexandr Kulkov	2026-06-18 12:56:57 (1 hour ago)	2026-06-18T12:56:54.750014+00:00 ubuntu24 sshd[45136]: pam_unix(sshd:auth): authentication failure; ... show more 2026-06-18T12:56:54.750014+00:00 ubuntu24 sshd[45136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.20.198 user=root 2026-06-18T12:56:56.561458+00:00 ubuntu24 sshd[45136]: Failed password for root from 54.37.20.198 port 33466 ssh2 ... show less	Brute-Force SSH
🇺🇸 Ferron	2026-06-18 12:54:31 (1 hour ago)	2026-06-18T13:44:30.920044+01:00 mail-us.ferronweb.org sshd-session[1019597]: Invalid user ferron fr ... show more 2026-06-18T13:44:30.920044+01:00 mail-us.ferronweb.org sshd-session[1019597]: Invalid user ferron from 54.37.20.198 port 46092 2026-06-18T13:45:09.794707+01:00 mail-us.ferronweb.org sshd-session[1019825]: Invalid user ferron from 54.37.20.198 port 54762 2026-06-18T13:47:36.802469+01:00 mail-us.ferronweb.org sshd-session[1020386]: Invalid user ferron from 54.37.20.198 port 48610 2026-06-18T13:49:10.788780+01:00 mail-us.ferronweb.org sshd-session[1020734]: Invalid user ferron from 54.37.20.198 port 35230 2026-06-18T13:54:30.546549+01:00 mail-us.ferronweb.org sshd-session[1021891]: Invalid user ferron from 54.37.20.198 port 34986 ... show less	Brute-Force SSH
🇵🇹 WebTejo	2026-06-18 12:44:06 (1 hour ago)	Detected multiple authentication failures and invalid user attempts from IP address 54.37.20.198 on ... show more Detected multiple authentication failures and invalid user attempts from IP address 54.37.20.198 on [PT] Otter Node. show less	Brute-Force SSH
🇨🇭 Mario Bretscher	2026-06-18 11:32:49 (3 hours ago)	2026-06-18T13:30:48.732581+02:00 hades sshd[2686367]: pam_unix(sshd:auth): authentication failure; l ... show more 2026-06-18T13:30:48.732581+02:00 hades sshd[2686367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.20.198 2026-06-18T13:30:50.667013+02:00 hades sshd[2686367]: Failed password for invalid user letsbuild from 54.37.20.198 port 38370 ssh2 2026-06-18T13:32:48.319646+02:00 hades sshd[2686600]: Invalid user letsbuild from 54.37.20.198 port 33784 ... show less	SSH
Anonymous	2026-06-18 11:24:07 (3 hours ago)	SSH tarpit (endlessh) connection from 54.37.20.198	Brute-Force SSH
🇫🇷 evvsk	2026-06-18 11:15:27 (3 hours ago)	SSH Brute Force: 10+ attempts.	Brute-Force SSH
🇵🇱 MP.tv	2026-06-18 11:09:33 (3 hours ago)	2026-06-18T13:03:41.490000+02:00 transfer-srv sshd[3484392]: pam_unix(sshd:auth): authentication fai ... show more 2026-06-18T13:03:41.490000+02:00 transfer-srv sshd[3484392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.20.198 user=root 2026-06-18T13:03:42.730490+02:00 transfer-srv sshd[3484392]: Failed password for root from 54.37.20.198 port 55114 ssh2 2026-06 ... show less	Brute-Force SSH
🇳🇱 Webhoster	2026-06-18 11:03:33 (3 hours ago)	{"level":"debug","time":"2026-06-18T12:57:26.823","sender":"connection_failed","client_ip":"54.37.20 ... show more {"level":"debug","time":"2026-06-18T12:57:26.823","sender":"connection_failed","client_ip":"54.37.20.198","username":"timvdberg","login_type":"password","protocol":"SSH","error":"plugin auth error for user \"timvdberg\": rpc error: code = Unknown desc = user \"timvdberg\" does not exist, elapsed: 58.185005ms, auth scope: 1"} {"level":"debug","time":"2026-06-18T13:03:31.972","sender":"connection_failed","client_ip":"54.37.20.198","username":"timvdberg","login_type":"password","protocol":"SSH","error":"plugin auth error for user \"timvdberg\": rpc error: code = Unknown desc = user \"timvdberg\" does not exist, elapsed: 83.44272ms, auth scope: 1"} ... show less	Brute-Force SSH
🇫🇷 tecnicorioja	2026-06-18 10:00:15 (4 hours ago)	Failed password for root Jun 18 10:11:24 port 53750	Brute-Force SSH
🇭🇰 mutebot.net	2026-06-18 09:10:25 (5 hours ago)	Connection closed by authenticating user root 54.37.20.198 port 33958 [preauth] Connection closed by ... show more Connection closed by authenticating user root 54.37.20.198 port 33958 [preauth] Connection closed by authenticating user root 54.37.20.198 port 40226 [preauth] Connection closed by authenticating user root 54.37.20.198 port 40226 [preauth] Connection closed by authenticating user root 54.37.20.198 port 52596 [preauth] show less	Brute-Force SSH
🇨🇿 plzenskypruvodce.cz	2026-06-18 07:56:09 (6 hours ago)	2026-06-18T09:56:09.253129+02:00 eproxy sshd[2286734]: User root not allowed because account is lock ... show more 2026-06-18T09:56:09.253129+02:00 eproxy sshd[2286734]: User root not allowed because account is locked 2026-06-18T09:56:09.283482+02:00 eproxy sshd[2286734]: Connection closed by invalid user root 54.37.20.198 port 57556 [preauth] ... show less	Web App Attack
🇺🇸 bigscoots.com	2026-06-18 06:01:12 (8 hours ago)	54.37.20.198 (GB/United Kingdom/ip-54-37-20.eu), 5 distributed sshd attacks on account [root] in the ... show more 54.37.20.198 (GB/United Kingdom/ip-54-37-20.eu), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 18 01:00:03 15066 sshd[7072]: Failed password for root from 182.210.76.170 port 14250 ssh2 Jun 18 01:01:01 15066 sshd[7639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.20.198 user=root Jun 18 00:59:30 15066 sshd[6910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.205.85 user=root Jun 18 00:59:33 15066 sshd[6910]: Failed password for root from 206.189.205.85 port 37480 ssh2 Jun 18 01:00:02 15066 sshd[7072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.210.76.170 user=root IP Addresses Blocked: 182.210.76.170 (KR/South Korea/-) show less	Brute-Force SSH
Anonymous	2026-06-18 05:57:25 (8 hours ago)	2026-06-18T07:39:21.318143+02:00 vps sshd[575655]: Failed password for root from 54.37.20.198 port 4 ... show more 2026-06-18T07:39:21.318143+02:00 vps sshd[575655]: Failed password for root from 54.37.20.198 port 44566 ssh2 2026-06-18T07:57:22.389211+02:00 vps sshd[583874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.20.198 user=root 2026-06-18T07:57:24.514983+02:00 vps sshd[583874]: Failed password for root from 54.37.20.198 port 38852 ssh2 ... show less	SSH
🇭🇰 mutebot.net	2026-06-18 05:42:53 (8 hours ago)	Connection closed by authenticating user root 54.37.20.198 port 35024 [preauth] Connection closed by ... show more Connection closed by authenticating user root 54.37.20.198 port 35024 [preauth] Connection closed by authenticating user root 54.37.20.198 port 55534 [preauth] Connection closed by authenticating user root 54.37.20.198 port 57638 [preauth] Connection closed by authenticating user root 54.37.20.198 port 42088 [preauth] Connection closed by authenticating user root 54.37.20.198 port 45416 [preauth] show less	Brute-Force SSH
🇫🇮 jonahtebaa	2026-06-18 05:10:10 (9 hours ago)	SSH tarpit (endlessh) capture on jonahtebaa infra	Port Scan Brute-Force SSH

Showing 1 to 15 of 405 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.207.55.165

🇩🇪 185.242.3.226

🇧🇷 179.98.168.69

🇺🇸 162.216.149.136

🇫🇮 147.185.133.48

🇺🇸 135.119.16.170

🇯🇵 133.18.110.227

🇸🇸 102.211.193.146

🇧🇬 79.124.60.146

🇺🇸 20.83.32.182

🇧🇷 205.210.31.167

🇨🇳 125.77.73.145

🇯🇵 124.18.182.99

🇺🇸 73.158.129.119

🇻🇳 27.79.45.134

🇬🇧 185.247.137.103

🇺🇸 168.100.149.230

🇭🇰 165.154.41.205

🇩🇪 164.92.129.176

🇮🇳 122.187.224.173