Trends in Networks: Spam #4

Posted on September 4, 2020 by Thomas

Another week of Digital Ocean abuse using Freenom domains… I don’t want to assume they are all bad, but I have yet to see a ‘legit’ domain.

Aug28
134.122.81.184	x1	srv0.mails13.ml
142.93.96.187	x1	srv0.mails13.ga
161.35.112.82	x1	der005-fv03.powerdealers.xyz
164.90.237.213	x4	srv0.mails13.tk
167.172.144.58	x1	server.moneymake.xyz
167.99.3.240	x4	dfc005-fvg02.marketingorrilla.xyz
198.199.66.197	x3	train.appcustomerservice.xyz

Aug29
104.248.139.76	x1	srv0.mails14.tk
104.248.36.244	x1	srv0.mails14.ga
134.122.83.13	x4	srv0.mails14.ml
157.230.122.151	x10	srv0.mails13ss.ml
164.90.228.146	x12	srv0.mails13ss.tk
68.183.77.224	x2	srv0.mails14.cf

Aug30
198.199.122.148	x2	box.prominet.xyz

Aug31
104.131.127.246	x3	box.fredsa.xyz
134.122.79.101	x10	srv0.mails15.ml
134.209.254.159	x3	srv0.mails16.ga
161.35.57.22	x1	vidnews.xyz
164.90.238.24	x1	srv0.mails15.gq
208.68.36.97	x2	spintraffic.xyz

Sep1
142.93.228.57	x1	bizcloud-send.hjimnhunhj.xyz
164.90.210.163	x2	srv0.mails16.ml
165.22.23.184	x1	srv0.mails16.cf
165.22.25.104	x2	srv0.mails16.tk
67.205.166.64	x2	help.goodhiresolutions.xyz

Sep2
46.101.234.168	x1	srv0.mails16.gq
46.101.254.158	x2	srv0.mails17.tk

Sep3
139.59.141.180	x2	srv0.mails17.ga
46.101.224.116	x6	srv0.mails17.gq
46.101.232.43	x7	srv0.mails17.cf

Sep4
104.248.38.160	x4	srv0.mails18.ga
128.199.254.60	x3	zhd0.508.maxzizo.gq
134.122.44.209	x5	zhd0.514.maxzizo.gq
138.68.92.88	x1	zhd0.ckcmeinron.ga
157.230.55.104	x6	zhd0.513.maxzizo.gq
157.245.245.154	x62	zhd0.drxvivo.gq
161.35.166.40	x11	zhd0.512.maxzizo.gq
161.35.167.185	x1	zhd0.515.maxzizo.gq
161.35.168.114	x3	zhd0.506.maxzizo.gq
161.35.171.228	x1	zhd0.505.maxzizo.gq
161.35.43.93	x5	zhd0.509.maxzizo.gq
164.90.149.102	x2	hotice.xyz
167.71.228.251	x4	zhd0.drxvivo.gq
167.71.234.42	x3	zhd0.ckcmeinron.ml
46.101.226.151	x1	srv0.mails18.ml
46.101.249.241	x2	bizcloud-afyseinc.xyz

This entry was posted in Informative and tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply