dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2127
share rss forum feed


UCOZ

@supernews.net

[Connectivity] UCOZ server blocked by Comcast

Comcast is blocking access to one of our servers [193.109.247.157]

The issues has been reported to us by numerous users from different States, all of them with Comcast.

We would appreciate your help in this matter.

Here are a couple tracert:

Tracing route to ladieschoice.ucoz.com [193.109.247.157]
over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 40 ms 23 ms 16 ms te-2-1-ur02.rollingmdws.il.chicago.comcast.net [
68.86.118.173]
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Tracing route to progressivemind.ucoz.com [193.109.247.157]
over a maximum of 30 hops:

1 1ms 1ms 2ms 192.168.1.1
2 2 43ms 16ms 20ms c-98.220.192.1.hsd1.il.comcast.net [98.220.192.1]
3 11ms 12ms 12ms te-6-2-ur04.wchicagoil.il.chicago.comcast.net [68.77.229.149]
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.


ropeguru
Premium
join:2001-01-25
Mechanicsville, VA

2 recommendations

My guess is that they are not blocking it. I would say it is more of a routing issue.

Here is a traceroute from one of Comcast's Looking Glass sites:


1 te-1-4-0-6-102-cr01.newyork.ny.ibone.comcast.net (66.208.229.6) 4 msec 4 msec 4 msec

2 tengigabitethernet2-3.ar5.NYC1.gblx.net (64.211.60.129) [AS 3549] 0 msec 0 msec 0 msec

3 ae5-40G.scr4.NYC1.gblx.net (67.17.105.237) [AS 3549] 0 msec 0 msec 20 msec

4 ae14-0-20G.scr4.FRA4.gblx.net (67.16.166.45) [AS 3549] 136 msec 84 msec 84 msec

5 lag2.ar4.fra4.gblx.net (67.16.145.242) [AS 3549] 88 msec 84 msec 88 msec

6 rostelecom-ojsc.ethernet10-3.ar4.fra4.gblx.net (64.211.193.170) [AS 3549] 84 msec 84 msec 84 msec

7 46.61.141.134 [AS 12389] 136 msec
46.61.141.218 [AS 12389] 136 msec
46.61.141.134 [AS 12389] 136 msec

8 msk-bgw1-ae0-21.rt-comm.ru (213.59.5.109) [AS 8342] 124 msec 120 msec
msk-bgw1-ae0-83.rt-comm.ru (195.161.4.137) [AS 8342] 124 msec

9 mnogobyte.c.rt-comm.ru (217.106.2.30) [AS 8342] 124 msec 120 msec 124 msec

10 ix.quickline-gw.cust.mnogobyte.net (77.220.168.98) [AS 42632] 120 msec
quickline-gw.cust.mnogobyte.net (77.220.168.22) [AS 42632] 124 msec
ix.quickline-gw.cust.mnogobyte.net (77.220.168.98) [AS 42632] 120 msec

Kearnstd
Space Elf
Premium
join:2002-01-22
Mullica Hill, NJ
kudos:1

1 recommendation

reply to UCOZ
it could be those specific sites are having a problem because I can access the home page www.ucoz.com
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports


koitsu
Premium,MVM
join:2002-07-16
Mountain View, CA
kudos:23

1 recommendation

reply to ropeguru
I'm in agreement with ropeguru See Profile, this looks like a route announcement problem. It may not be with Comcast at all, but with an uplink provider on Comcast's side, or an uplink provider on UCOZ's side (I believe there are a couple). This could all be the case of BGP filtering somewhere; someone may have forgotten to permit a route announcement for a certain prefix or AS on some routers but allowed it on others. It could also be a prefix length limit being reached somewhere.

Before I get started: why is this being posted on DSLR/BBR? Why hasn't UCOZ used peeringdb to reach out to the official Comcast folks? All their contact info is available, including a phone number:

»www.peeringdb.com/private/partic···p?id=822

(If asked for a login/pass, use guest/guest)

Please reach out to Comcast via official means and not some public forum! This is what the peeringdb is for!

193.109.247.157 is part of 193.109.247.0/24, which is AS29076.

Furthermore, when did this issue begin? Using BGPlay I can see there were some route changes recently but that doesn't necessarily indicate anything (and the BGPlay instance I'm looking at is not Comcast-peered).
--
Making life hard for others since 1977.
I speak for myself and not my employer/affiliates of my employer.


NetFixer
Bah Humbug
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
reply to UCOZ
Well, FWIW, I can't do a traceroute from my Comcast connection either, but it seems to work from my AT&T Mobility connection using a tethered cell phone, and using my backup AT&T DSL connection.



C:\>use-comcast.cmd
 
Pinging 192.168.9.1 with 32 bytes of data:
 
Reply from 192.168.9.1: bytes=32 time<1ms TTL=64
 
Ping statistics for 192.168.9.1:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
C:\>route change 0.0.0.0 mask 0.0.0.0 192.168.9.1 metric 10
You are now using the Comcast Business Class connection!
 
C:\>tracert ladieschoice.ucoz.com
 
Tracing route to ladieschoice.ucoz.com [193.109.247.157]
over a maximum of 30 hops:
 
  1    <1 ms    <1 ms    <1 ms  ap2.dcs-net [192.168.9.1]
  2    32 ms    13 ms    27 ms  67.177.172.1
  3     9 ms     9 ms     8 ms  xe-4-0-0-0-sur01.murfreesboro.tn.nash.comcast.net [68.85.50.125]
  4     9 ms     9 ms     9 ms  xe-3-1-2-0-ar03.nashville.tn.nash.comcast.net [68.85.174.17]
  5    10 ms    12 ms    12 ms  ae-2-0-ar01.goodslettvll.tn.nash.comcast.net [68.85.174.238]
  6    19 ms    19 ms    19 ms  pos-5-4-0-0-cr01.56marietta.ga.ibone.comcast.net [68.86.90.189]
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10  ^C
C:\>use-att3g.cmd
 
C:\>rasdial "AT&T Mobility"
Connecting to AT&T MOBILITY...
Verifying username and password...
Registering your computer on the network...
Successfully connected to AT&T MOBILITY.
Command completed successfully.
 
C:\>tracert ladieschoice.ucoz.com
 
Tracing route to ladieschoice.ucoz.com [193.109.247.157]
over a maximum of 30 hops:
 
  1     *        *        *     Request timed out.
  2   216 ms   203 ms   181 ms  172.26.248.2
  3   193 ms   267 ms   153 ms  172.16.7.82
  4   900 ms   442 ms   140 ms  10.251.11.23
  5   256 ms   119 ms   120 ms  10.251.10.2
  6   117 ms   114 ms   116 ms  10.252.1.7
  7   209 ms   114 ms   114 ms  209-183-048-002.mobile.mymmode.com [209.183.48.2]
  8   154 ms   156 ms   162 ms  172.16.75.1
  9   182 ms   139 ms   184 ms  12.88.242.189
 10   170 ms   199 ms   200 ms  cr2.dlstx.ip.att.net [12.122.138.46]
 11   326 ms   171 ms   189 ms  gar26.dlstx.ip.att.net [12.123.16.109]
 12   159 ms   181 ms   246 ms  4.68.62.229
 13   170 ms   191 ms   175 ms  vlan80.csw3.Dallas1.Level3.net [4.69.145.190]
 14   157 ms   160 ms   158 ms  ae-83-83.ebr3.Dallas1.Level3.net [4.69.151.158]
 15   178 ms   179 ms   160 ms  ae-7-7.ebr3.Atlanta2.Level3.net [4.69.134.22]
 16   222 ms   191 ms   401 ms  ae-2-2.ebr1.Washington1.Level3.net [4.69.132.86]
 17   192 ms   223 ms   303 ms  ae-71-71.csw2.Washington1.Level3.net [4.69.134.134]
 18   190 ms   408 ms   178 ms  ae-72-72.ebr2.Washington1.Level3.net [4.69.134.149]
 19   278 ms   633 ms   281 ms  ae-44-44.ebr2.Paris1.Level3.net [4.69.137.61]
 20   298 ms   300 ms   277 ms  ae-46-46.ebr1.Frankfurt1.Level3.net [4.69.143.137]
 21   490 ms   649 ms   473 ms  ae-71-71.csw2.Frankfurt1.Level3.net [4.69.140.6]
 22   278 ms   300 ms   284 ms  ae-2-70.edge3.Frankfurt1.Level3.net [4.69.154.71]
 23   264 ms   272 ms   311 ms  IPTRIPLEPLA.edge3.Frankfurt1.Level3.net [212.162.40.194]
 24   514 ms   289 ms   312 ms  217.65.1.81
 25   307 ms   324 ms   324 ms  ae4-40-rt1.msk.cloud-ix.net [217.65.1.77]
 26   351 ms   338 ms   456 ms  po14-9-fibius.msk.datahouse.ru [217.65.1.250]
 27   313 ms   359 ms   364 ms  dev.ucoz.net [193.109.247.157]
 
Trace complete.
 
C:\>use-att3g.cmd /disconnect
 
C:\>rasdial "AT&T Mobility" /disconnect
Command completed successfully.
 
C:\>use-att.cmd
 
Pinging 192.168.1.254 with 32 bytes of data:
 
Reply from 192.168.1.254: bytes=32 time=93ms TTL=253
 
Ping statistics for 192.168.1.254:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 93ms, Maximum = 93ms, Average = 93ms
 
C:\>route change 0.0.0.0 mask 0.0.0.0 192.168.9.9 metric 10
You are now using the Windcrest AT&T backup connection!
 
C:\>tracert ladieschoice.ucoz.com
 
Tracing route to ladieschoice.ucoz.com [193.109.247.157]
over a maximum of 30 hops:
 
  1    <1 ms    <1 ms    <1 ms  ps1.dcs-net [192.168.9.9]
  2     3 ms     3 ms     3 ms  ap1-dcs-net [192.168.8.254]
  3    55 ms    58 ms    80 ms  192.168.1.254
  4    35 ms    34 ms    36 ms  adsl-74-179-200-1.bna.bellsouth.net [74.179.200.1]
  5   167 ms   138 ms   126 ms  70.159.210.120
  6   161 ms   186 ms   171 ms  70.159.210.122
  7   153 ms   246 ms   174 ms  70.159.210.119
  8   248 ms   224 ms   178 ms  12.81.32.52
  9   249 ms   246 ms   209 ms  12.81.32.45
 10   203 ms   216 ms   219 ms  74.175.192.198
 11   249 ms   262 ms   260 ms  cr1.nsvtn.ip.att.net [12.122.148.14]
 12   254 ms   274 ms   317 ms  cr2.attga.ip.att.net [12.122.28.105]
 13   226 ms    59 ms    44 ms  12.122.117.121
 14   125 ms   106 ms   111 ms  ae15.edge5.atlanta2.level3.net [4.68.62.225]
 15   205 ms   196 ms   189 ms  vlan51.ebr1.Atlanta2.Level3.net [4.69.150.62]
 16   272 ms   240 ms   274 ms  ae-63-63.ebr3.Atlanta2.Level3.net [4.69.148.241]
 17   226 ms   271 ms   304 ms  ae-2-2.ebr1.washington1.level3.net [4.69.132.86]
 18   267 ms   171 ms   199 ms  ae-81-81.csw3.Washington1.Level3.net [4.69.134.138]
 19   256 ms    66 ms    62 ms  ae-82-82.ebr2.Washington1.Level3.net [4.69.134.153]
 20   200 ms   245 ms   279 ms  ae-41-41.ebr2.Paris1.Level3.net [4.69.137.49]
 21   150 ms   185 ms   259 ms  ae-48-48.ebr1.Frankfurt1.Level3.net [4.69.143.145]
 22   146 ms   145 ms   148 ms  ae-91-91.csw4.Frankfurt1.Level3.net [4.69.140.14]
 23   312 ms   400 ms   162 ms  ae-4-90.edge3.Frankfurt1.Level3.net [4.69.154.199]
 24   287 ms   273 ms   348 ms  iptriplepla.edge3.frankfurt1.level3.net [212.162.40.194]
 25   255 ms   234 ms   233 ms  217.65.1.81
 26   424 ms   379 ms   360 ms  ae4-40-rt1.msk.cloud-ix.net [217.65.1.77]
 27   189 ms   188 ms   321 ms  po14-9-fibius.msk.datahouse.ru [217.65.1.250]
 28   352 ms   322 ms   331 ms  dev.ucoz.net [193.109.247.157]
 
Trace complete.
 
 



Possibly a similar cause as in several recent threads in this forum regarding accessing hosting sites on the other side of the big pond (although those sites were in the UK, France, and Germany, not in Russia).

FWIW, this forum is a user helping other users forum, not a direct help forum for Comcast. If you register with this site, you can officially ask for help from Comcast using this site's »Comcast Direct forum.

--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


C_Chipperson
Monster Rain
Premium
join:2009-01-17
00000
kudos:3
reply to UCOZ
I am unable to access that site on my Comcast Business connection, but it loads just fine on my VZW android phone


koitsu
Premium,MVM
join:2002-07-16
Mountain View, CA
kudos:23
reply to koitsu
Note for Comcast customers reading this thread: there is no point in doing traceroutes, trying to visit websites, or pinging the site from your Comcast connection. It's not going to work -- Comcast's routers do not see the route for the netblock in question. That is what ropeguru See Profile and I are talking about. :-)

From Comcast's route server (route-server.newyork.ny.ibone.comcast.net; you can telnet there):

route-server.newyork.ny.ibone>show ip bgp 193.109.247.157
BGP routing table entry for 193.109.247.157/32, version 1499832930
Paths: (8 available, best #7, table Default-IP-Routing-Table, not advertised to EBGP peer)
  Advertised to update-groups:
     2
  64650, (received & used)
    68.86.80.11 (metric 80255) from 68.86.80.11 (68.86.1.11)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.1.40 (metric 69750) from 68.86.80.12 (68.86.1.12)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
      Originator: 68.86.1.40, Cluster list: 68.86.1.12
  64650, (received & used)
    68.86.80.10 (metric 81900) from 68.86.80.10 (68.86.1.10)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.13 (metric 73765) from 68.86.80.13 (68.86.1.13)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.7 (metric 74330) from 68.86.80.7 (68.86.1.7)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.1.5 (metric 69635) from 68.86.80.6 (68.86.1.6)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
      Originator: 68.86.1.5, Cluster list: 68.86.1.6
  64650, (received & used)
    68.86.80.2 (metric 65535) from 68.86.80.2 (68.86.1.2)
      Origin incomplete, metric 0, localpref 100, valid, internal, best
      Community: 64650:50001 no-export
  64650, (received & used)
    68.86.80.0 (metric 66795) from 68.86.80.0 (68.86.1.0)
      Origin incomplete, metric 0, localpref 100, valid, internal
      Community: 64650:50001 no-export
 

Two things to note:

1. The BGP routing table entry is for the /32, not the /24 which is supposedly advertised. That's already an indicator something is amiss.

2. The AS pathing for this /32 goes straight to AS64650, which is an internal AS (non-public). This could be a blackhole AS for Comcast, or it could be an AS used as a dumping ground for prefixes which aren't seen.

Using my own VPS box IP purely as a comparison model, you can see what things "should" look like:

route-server.newyork.ny.ibone>show ip bgp 206.125.172.42
BGP routing table entry for 206.125.168.0/21, version 1502935195
Paths: (8 available, best #3, table Default-IP-Routing-Table)
Flag: 0x1900
  Advertised to update-groups:
     2
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.13 (68.86.1.13)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.13
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.12 (68.86.1.12)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.12
  25973 25795, (received & used)
    68.86.80.11 (metric 80255) from 68.86.80.11 (68.86.1.11)
      Origin IGP, metric 0, localpref 300, valid, internal, best
      Community: 7922:11 7922:3020
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.10 (68.86.1.10)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.10
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.0 (68.86.1.0)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.0
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.6 (68.86.1.6)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.6
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.7 (68.86.1.7)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.7
  25973 25795, (received & used)
    68.86.1.11 (metric 80255) from 68.86.80.2 (68.86.1.2)
      Origin IGP, metric 0, localpref 300, valid, internal
      Community: 7922:11 7922:3020
      Originator: 68.86.1.11, Cluster list: 68.86.1.2
 

So yes, I would say this is definitely a BGP-related issue. Someone isn't picking up a route announcement or isn't announcing a route somewhere in the mix.

--
Making life hard for others since 1977.
I speak for myself and not my employer/affiliates of my employer.


tshirt
Premium
join:2004-07-11
Snohomish, WA
kudos:5
Reviews:
·Comcast

2 recommendations

reply to UCOZ
The last time ucoz reported comcast as blocking them, »[Connectivity] uCoz server blocked by Comcast it turn out to be due to malware/phishing schemes being run off those servers.
Strangely enough it's the same IP again.

Perhaps ucoz should investigate the sites FIRST rather than rushing over here to blame comcast.


koitsu
Premium,MVM
join:2002-07-16
Mountain View, CA
kudos:23

2 recommendations

said by tshirt:

The last time ucoz reported comcast as blocking them, »[Connectivity] uCoz server blocked by Comcast it turn out to be due to malware/phishing schemes being run off those servers.
Strangely enough it's the same IP again.

Perhaps ucoz should investigate the sites FIRST rather than rushing over here to blame comcast.

I had no idea of that issue/history -- thank you very much!

Yes, Comcast could indeed be null-routing their prefix then, to keep Comcast customers from getting infected by something. Can't say I blame them if that's the case.

UCOZ will need to talk directly to Comcast's NOC (see my previous post for details, re: peeringdb has the necessary stuff) to work this out. There's nothing the rest of us can do. UCOZ going forward should be able to determine if they're null routed or not (see previous post of mine for using their route views srever), and then contact Comcast.

Using DSLR/BBR as a "communication gateway" for this sort of thing is depressing and sad, especially if it keeps recurring. This isn't the place for "disputes" of this nature to get worked out. :/
--
Making life hard for others since 1977.
I speak for myself and not my employer/affiliates of my employer.


Caddyroger
Premium
join:2001-06-11
To the west

1 edit
reply to UCOZ
I am able to connect to the site from the west coast. I am using Comcast
--
Caddy


UCOZ

@supernews.net
OK .. as for the malware/phishing angle, are we to assume that Comcast is correct and all the other ISPs are just clueless??

Now, assuming that the issue is with something other than Comcast, somebody must explain, in definitive terms possibly, why customers with any ISP other than Comcast has no problems reaching our server.

Not looking for a dispute, but this needs to be resolved.

Thank you for your feedback and help guys!


ropeguru
Premium
join:2001-01-25
Mechanicsville, VA
I would not venture to say that all other ISP's are clueless but more like Comcast is more pro active against these types of sites when customers complain.

I will let someone else like Koitsu or Netfixer chime in on the other explanation.


NetFixer
Bah Humbug
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage

1 recommendation

said by ropeguru:

I would not venture to say that all other ISP's are clueless but more like Comcast is more pro active against these types of sites when customers complain.

I will let someone else like Koitsu or Netfixer chime in on the other explanation.

Actually, I already provided a possible solution. The OP could register on this site and open a thread in the »Comcast Direct forum. Whether this is actually a case of Comcast doing malware site blocking, or just a run of the mill router misconfiguration problem (which seems to be more likely), that would at least get someone at Comcast to look at the problem.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


UCOZ

@cox.net
Thanks!

will do


C_Chipperson
Monster Rain
Premium
join:2009-01-17
00000
kudos:3
reply to koitsu
10-4


JohnInSJ
Premium
join:2003-09-22
Aptos, CA
reply to UCOZ
Wow that IP address is all kinda bad - listed in multiple sites as malware/phising source.

I'd block it.
--
My place : »www.schettino.us

UCOZ

join:2012-10-24
Beverly Hills, CA
reply to NetFixer
Thanks ... I did that


jlivingood
Premium,VIP
join:2007-10-28
Philadelphia, PA
kudos:3
reply to JohnInSJ
said by JohnInSJ:

Wow that IP address is all kinda bad - listed in multiple sites as malware/phising source.

I'd block it.

I believe that is the issue - it is a source for (at least) phishing. Hopefully the hosting company can clean it up.
--
JL
Comcast