The host at this IP address is being used by spammers to provide DNS resolution to spammer domains.
——————————
Spammer redirection chain:
https://israeltaxrefund.co.il/apotheke.html [redirection]
-> https://bit.ly/3gTE9cd [redirection]
—> https://www.online-rezeptfrei.de/ [Final spammer site]
$ dig +short www.online-rezeptfrei.de
104.21.49.169
172.67.191.50
$ dig +short online-rezeptfrei.de NS
kim.ns.cloudflare.com.
earl.ns.cloudflare.com.
$ dig +short earl.ns.cloudflare.com.
108.162.193.161
173.245.59.161
172.64.33.161
$ dig +short kim.ns.cloudflare.com.
108.162.192.126
172.64.32.126
173.245.58.126
Spam sample
==========================================
Received: from mail7.jokesurdu.com (mail7.jokesurdu.com [135.125.153.246])
by X (Postfix) with ESMTPS id X
for <X>; Tue, 6 Jul 2021 X
DKIM-Signature: X
To: X
Subject: X, George Clooney kauft nur hier
Content-Type: multipart/alternative; boundary=»X»
Date: Tue, 06 Jul 2021 X
Feedback-ID: X
From: Rabatt <Sascha@studioses.com>
List-ID: X
List-Unsubscribe: <mailto:reply@studioses.com?X>
List-Unsubscribe-Post: List-Unsubscribe=One-Click
MIME-Version: 1.0
Message-ID: <X@studioses.com>
Precedence: bulk
Reply-To: Verkauf <Sascha@studioses.com>
X-Csa-Complaints: whitelist-complaints@eco.de
X-Mailin-Campaign: X
X-Mailin-Client: X
X-sib-ID: X
—X
Content-Type: multipart/alternative;
boundary=»X»
—X
Content-Type: text/plain;
charset=»utf-8″
Content-Transfer-Encoding: quoted-printable
Guten Tag X,
Nanggon, wir verschicken gratis in die Schweiz/nach Austria.
https://israeltaxrefund.co.il/apotheke.html
[…]
==========================================