Spam Alert
 
 Full Report: /DiscoverTotal_com_spam196808.html
 
 Changed status to confirmed spam.When entered in a browser, http://bestrockbottom.com/scw/kpnkmyphpblrbrq/ph redirects to https://www.freecreditreports360.com/ppc/creditreport/aff40.aspxIP Converted: 64.191.83.119

dword = 1086280567
hex1 = 0x40bf5377
hex2 = 0x40.0xbf.0x53.0x77
oct = 0100.0277.0123.0167
IP Converted: 72.32.107.99

dword = 1210084195
hex1 = 0x48206b63
hex2 = 0x48.0x20.0x6b.0x63
oct = 0110.040.0153.0143
View CIDR AS21788 Report: http://www.cidr-report.org/cgi-bin/as-report?as=21788

"21788 | US | arin | 2001-06-21 | NOC - Network Operations Center Inc."<br />
Extended information for AS21788:
State/Province: pa
Country: us
Responsible Domain: hostnoc.net
Abuse Email: abuse@hostnoc.net
IP Converted: 66.151.248.186

dword = 1117255866
hex1 = 0x4297f8ba
hex2 = 0x42.0x97.0xf8.0xba
oct = 0102.0227.0370.0272
View CIDR AS33070 Report: http://www.cidr-report.org/cgi-bin/as-report?as=33070

"33070 | US | arin | 2004-09-24 | RMH-14 - Rackspace.com, Ltd."<br />
Extended information for AS33070:
State/Province: tx
Country: us
Responsible Domain: rackspace.com
Abuse Email: noc@rackspace.com
IP Converted: 64.191.83.101

dword = 1086280549
hex1 = 0x40bf5365
hex2 = 0x40.0xbf.0x53.0x65
oct = 0100.0277.0123.0145
View CIDR AS12179 Report: http://www.cidr-report.org/cgi-bin/as-report?as=12179

"12179 | US | arin | 1999-04-13 | INTERNAP-2BLK - Internap Network Services Corporation"<br />
Extended information for AS12179:
State/Province: ga
Country: us
Responsible Domain: internap.com
Abuse Email: abuse@internap.com

Reference: [ThePlanetAbuse-C24400082K]

To Whom It May Concern:

Please note that neither the below-referenced [IP address or URL or e-mail] nor the domain name that is being advertised is within our network as of the date stamp .in this email

Regards,
Abuse Department
The Planet

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: FREECREDITREPORTS360.COM

Domain servers in listed order:
NS1.THEPLANET.COM
NS2.THEPLANET.COM

ThePlanet.com has the nameservers, not the spammed domain.

discovertotal scans the net for 404 - unused domains - old domains - ( by my spam count 100+) but where there is a http server still running. They then upload a short redirect script and hijack the server. You then get spam for travel, training, etc that points you at olddomain.com/wodkvjlatlkaklsdf. The origional owner of olddomain, who doesn't use it any more never knows the difference. If you curl http://olddomain.com you get 404 error but curl olddomain.com/wodkv.... you get "... refresh=0 http://discovertotal.com/[base64-string].

Isn't it a crime to hack into someone computer?

discovertotal is registered by
DomainsByProxy.com
15111 N. Hayden Rd., Ste 160, PMB 353
Scottsdale, Arizona 85260

DomainsByProxy.com is:
Administrative Contact:
GoDaddy.com, Inc., GoDaddy.com, Inc. dns@jomax.net
GoDaddy.com, Inc.
14455 N Hayden Rd #226
Scottsdale, Arizona 85260

jomax is:
Administrative Contact:
GoDaddy.com, Inc., GoDaddy.com, Inc. dns@jomax.net
GoDaddy.com, Inc.
14455 N Hayden Rd #226
Scottsdale, Arizona 85260

and from what I can tell: jomax.net is GoDaddy.com
http://www.aboutus.org/Jomax.net