January 22, 2018

We are scanning to look for malicious domains.

Dear colleague,

you probably found this website because you saw activity on your network. Our team at the University of Sydney, Australia is doing an analysis of the current state of Internet security and deployment. Similar scans have been conducted several times by us and other researchers. The purpose of our work is purely scientific. Our current focus is on the detection of malicious domains. This is a large-scale scan, which we expect to last up to a week. The starting date of our scan was 2018-01-22 00:00 UTC.

Current scan activity

Our current scan activity is limited to TCP and HTTP to port 80. If a redirection is encountered, we also follow it via HTTPS to port 443.

Source IPs / blacklisting

The scanning machine is this machine, Please note that we do not attempt to login or break into your system.

We are perfectly aware that some IDS systems will count this as an attack. We are thus addint this statement in order to inform you of our activity. If there is anything you can do- adding us to a whitelist, adding a comment in your DB etc. - we would very much appreciate your help.

Please note that we respond to every complaint and are happy to blacklist systems with annoyed admins.

If you have any further questions, or hints where we can improve, we would be happy to hear from you. You can also directly ask us to blacklist you.