Tag Archives: spam

Trends in Networks: Spam #11

Here are the past week’s Freenom TLD and .xyz domains detecting spamming on the Digital Ocean network. Oct22 104.131.60.188 x3 xnx0.517.vexxo.ml 104.248.2.30 x6 xnx0.527.vexxo.ml 128.199.152.3 x1 xnx0.509.vexxo.ml 128.199.23.11 x2 xnx0.513.vexxo.ml 128.199.23.23 x27 xnx0.516.vexxo.ml 128.199.26.255 x2 xnx0.511.vexxo.ml 134.122.59.13 x8 xnx0.508.vexxo.ml 134.209.44.46 … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment

Trends in Networks: Spam #10

Here are this week’s spammy Freenom and .xyz TLDs coming from the Digital Ocean network. Oct16 134.122.41.131 x1 girlssoft.gq 134.122.45.114 x1 chocolatesoft.tk 134.122.45.115 x1 chocolatesoft.ml 134.122.45.119 x2 softaustralia.ga 134.122.45.120 x1 softaustin.ga 134.122.45.121 x2 softaustralia.tk 134.122.45.123 x2 softaustralia.gq 134.122.45.50 x2 softaustralia.ml … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment

The Many Faces of Emotet

You’ve probably heard the recent news of Microsoft’s attempt to take down the Trickbot botnet. An interesting correlation with this event (though perhaps not directly related..) is the sudden uptick of Emotet email spam shortly after the Microsoft news hit. … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #9

Outside of the typical throwaway domain spam, we have been seeing a tremendous volume of marketing email coming from the Digital Ocean network. But first, here are this week’s Freenom and .xyz TLDs detected spamming on the Digital Ocean network. … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #8

Another week, and sadly nothing has changed. Spoke too soon last week, nothing has been done about Digital Ocean IPs spamming with Freenom TLDs in the PTR record. Oct1 164.90.146.134 x1 rdns0.okisat.xyz 165.227.161.178 x7 bizcloud-send0.servar.xyz 165.227.164.181 x1 vcu0.minixo.gq 206.189.210.58 x1 … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #7

This week we saw a significant drop in the use of Freenom TLDs coming from Digital Ocean. Wonder if the spammers just took a break from using them, but if this was the result of Digital Ocean’s efforts then good … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #6

Picking up where we left off, more spam coming from the Digital Ocean network with freenom and xyz TLDs in the PTR/reverse DNS record. Sep12 157.245.94.185 x1 mail.opoczanie.xyz 161.35.230.193 x1 server.healthdocs.xyz 164.90.228.251 x1 srv0.mails27.gq 164.90.233.88 x3 srv0.mails27.cf 165.22.74.145 x3 srv0.mails28.tk … Continue reading

Posted in Informative | Tagged , , , , , , , | Leave a comment

Trends in Networks: Spam #5

Weekly dump of Digital Ocean abuse using Freenom (and .xyz) domains. Sep5 134.122.112.139 x1 kota.paypak.xyz 138.68.110.2 x3 srv0.mails19.ga 138.68.87.194 x4 srv0.mails19.ml 138.68.96.83 x1 srv0.mails19.cf 159.65.232.195 x2 bundi.paypax.xyz 161.35.14.115 x2 srv0.mails18.cf 46.101.163.120 x2 srv0.mails18.gq 64.225.10.63 x1 srv0.mails19.tk Sep6 134.122.125.156 x2 srv0.mails19.gq … Continue reading

Posted in Informative | Tagged , , , , , , , , | Leave a comment

Trends in Networks: Spam #4

Another week of Digital Ocean abuse using Freenom domains… I don’t want to assume they are all bad, but I have yet to see a ‘legit’ domain. Aug28 134.122.81.184 x1 srv0.mails13.ml 142.93.96.187 x1 srv0.mails13.ga 161.35.112.82 x1 der005-fv03.powerdealers.xyz 164.90.237.213 x4 srv0.mails13.tk … Continue reading

Posted in Informative | Tagged , , , , , , , , | Leave a comment

Trends in Networks: Spam #3

Just a quick data dump today, not much to say. The activity continues, and people continue to get spammed by the Digital Ocean network with the exact same patterns. If anyone is interested in other data points related to this … Continue reading

Posted in Informative | Tagged , , , , , , , , | Leave a comment