This IP address has been reported a total of
16
times from
12 distinct
sources.
193.239.154.94 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
NOQUEUE - IP: 193.239.154.94 - May 31 02:05:33 plesk postfix/smtpd[125617]: NOQUEUE: reject: RCPT f ...
show moreNOQUEUE - IP: 193.239.154.94 - May 31 02:05:33 plesk postfix/smtpd[125617]: NOQUEUE: reject: RCPT from unknown[193.239.154.94]: 554 5.7.1 Service unavailable; Client host [193.239.154.94] blocked using dnsbl-1.uceprotect.net; IP 193.239.154.94 is UCEPROTECT-Level 1 listed. See http://www.uceprotect.net/rblcheck.php?ipr=193.239.154.94; from=<[email protected]> to=<REDACTED@REDACTED> proto=ESMTP helo=<nt26283-miyagi949.miyagi.t-com.ne.jp>
show less
Source of spoofed email forging From: @atsoho.com domain. Observed via aggregated DMARC RUA reports. ...
show moreSource of spoofed email forging From: @atsoho.com domain. Observed via aggregated DMARC RUA reports.
Between 2026-05-13 and 2026-05-17, this IP and 250+ neighbors in 193.239.154.0/24 (AS136038 HDTIDC LIMITED / AS136526 ALLCLOUD LIMITED) sent over 11,000 spoofed emails forging the From header as our domain "atsoho.com".
All messages fail SPF and DKIM authentication against atsoho.com (DMARC enforced: p=quarantine). Legitimate atsoho.com mail is sent exclusively from Google Workspace, SocketLabs, and XServer.
Reporting receivers (sample): Mail.Ru, Microsoft (Enterprise Outlook), seznam.cz, JCOM, au.com, Yahoo, GMO Pepabo, GMO Internet.
WHOIS abuse-mailbox ([email protected]) is non-functional (550 5.1.1 rejection). APNIC and RIPE NCC have been notified of the invalid abuse contact.
show less
Dec 2 10:59:13 server postfix/smtpd[1483786]: connect from unknown[193.239.154.94]
Dec 2 10:59:14 ...
show moreDec 2 10:59:13 server postfix/smtpd[1483786]: connect from unknown[193.239.154.94]
Dec 2 10:59:14 server postfix/smtpd[1483786]: NOQUEUE: reject: RCPT from unknown[193.239.154.94]: 554 5.7.1 Service unavailable; Client host [193.239.154.94] blocked using zen.spamhaus.org; Listed by DROP, see https://check.spamhaus.org/sbl/query/SBL520298 / Listed by CSS, see https://check.spamhaus.org/query/ip/193.239.154.94 / Listed by XBL, see https://check.spamhaus.org/query/ip/193.239.154.94 / Listed by SBL, see https://check.spamhaus.org/sbl/query/SBL520298; from=<> to=<[email protected]> proto=ESMTP helo=<C202511282194198.local>
...
show less
Nov 21 09:05:29 server postfix/smtpd[3094376]: connect from unknown[193.239.154.94]
Nov 21 09:05:30 ...
show moreNov 21 09:05:29 server postfix/smtpd[3094376]: connect from unknown[193.239.154.94]
Nov 21 09:05:30 server postfix/smtpd[3094376]: NOQUEUE: reject: RCPT from unknown[193.239.154.94]: 554 5.7.1 Service unavailable; Client host [193.239.154.94] blocked using zen.spamhaus.org; Listed by SBL, see https://check.spamhaus.org/sbl/query/SBL520298 / Listed by DROP, see https://check.spamhaus.org/sbl/query/SBL520298 / Listed by CSS, see https://check.spamhaus.org/query/ip/193.239.154.94 / Listed by XBL, see https://check.spamhaus.org/query/ip/193.239.154.94; from=<> to=<[email protected]> proto=ESMTP helo=<C202511200060620.local>
...
show less
Email Spam
Showing 1 to
15
of 16 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ