Another look into’s troubled past

I previously reported on and the current and previous owners.  But what about the February 2016 botnet attacks? Who was the owner when the domain name was invoked in those attacks? According to DomainTools, the owner of in February 2016 was Slawek Modrzejewski.  Slawek was original owner of the domain name since it was first registered in 11/15/2015. On 4/9/2016, the registration for was dropped by GoDaddy.  Five days later, the registration was picked up by SouthNames Inc. ( with an anonymous owner protected by United Privacy Corp, which is based in Belize. In addition to the number WHOIS record updates for …

Read MoreAnother look into’s troubled past

Hall of Shame updated with known IP addresses with PTR records going to

The Hall of Shame has been updated with a list of known IP addresses with PTR records going to I have found the following IP addresses in my syslog with PTR records going to was previously discussed due to the sheer volume of attacks. All IP addresses are managed by Quasi Networks LTD, per the RIPE  Database lookup. Source IP count Protocol 20489 TCP 91 TCP 11 TCP & UDP 11 TCP 7 UDP 4 UDP 3 UDP 2 TCP 2 TCP 2 TCP 1 TCP 1 TCP …

Read MoreHall of Shame updated with known IP addresses with PTR records going to

Google Search Console Team deems Bad Packets Report a safe website!

Huzzah! Bad Packets Report has been cleared as a safe site by the Google Search Console Team. Earlier this morning, we received the following notification: To: Webmaster of https://badpackets[.]net/, Google has received and processed your security review request. Google systems indicate that https://badpackets[.]net/ no longer contains links to harmful sites or downloads. The warnings visible to users are being removed from your site. This may take a few hours to happen. Thank you to Google Search Console Team for clearing up this false-positive so quickly! – The mother of all PTR records

Recently, I posted about the IP and the DoS attacks I observed in my syslog. I presumed the reverse DNS record (PTR record) pointing to was just a one-time fake. However, further investigation blew that theory out of the water. Upon review of the top three networks in my all-time dropped packets list, I saw which is also managed by Quasi Networks LTD and has a PTR record, you guessed it, going to At that point I figured further investigation into this domain name was needed. IBM X-Force Exchange is reporting the DNS name has 245 associated DNS records …

Read – The mother of all PTR records