top of page

Cyber Abuse Targets Watts, Wrenner

by Ken Signorello

June 2, 2021

An investigation into’s origin uncovered 18 domain names associated with Pallas Web Development and used in a campaign targeting Essex residents Andy Watts and Irene Wrenner.

Watts and Wrenner, with close to 20 years of Selectboard experience between them, have worked toward fair Merger plans over time and took issue with the latest Merger proposal. 

Their names have been misappropriated into web domains, while making it appear that Wrenner is responsible for registering some of them.


Several domain names are configured to redirect users from intended web destinations to (𝐔𝐩𝐝𝐚𝐭𝐞: Shortly after publication of this article, PWD changed these redirections. Most domains now redirect to a competitor of this newspaper.)

The EssexDefender website presents pro-Merger political information. However, the website did not disclose its originator(s) nor who is responsible for its content.

This is in contrast to the two political action committees that operated websites during the Merger campaign.  NoMergerNow (anti Merger) and #oneEssex (pro Merger) were both registered with the Secretary of State’s office.


A tip from a tech-savvy reader indicated that is hosted by Pallas Web Development (PWD), a business operated by Essex resident Athena Letourneau Newhard. Ms. Newhard did not respond to our inquiry.

Through our source we learned that was originally registered on 3/7/21. Its nameserver at that time was set to 

On 3/14/21, the Retorter linked PWD to a sock puppet campaign on Front Porch Forum, Two days later was created and subsequently

set to be the new nameserver for


A quick primer on how the internet works:

Website names must be translated to the IP (internet protocol) address of the actual computer that hosts the intended website. This is done through the Domain Name System (DNS). IP addresses are tied to specific website servers, which are owned or rented by website hosting companies. 


Determining the IP address for a domain name, simplified, is like looking up a phone number in a phone book (remember those?). First you have to figure out which phone book to use, per city or region. Then you look up the name in that phone book to find the phone number to call. 


When you type or click on a website link in a browser, the DNS (simplified) determines which “phone book” to use. The correct phone book is the nameserver set for the specified domain at its registrar, e.g., godaddy. The nameserver then provides the actual IP address for the requested website.


Each nameserver may list many domains, and a single IP Address (actual server) may host many domains and web sites.

Two other domains used in the FPF campaign were and When traced, these four domains,, and ― translate to a single IP address:

A reverse lookup on the Domain Name System will yield all the domains hosted at a single IP address.

Looking up uncovered a list of domain names, all of which, in some way, are associated with PWD. Many are obvious PWD customers, as the related web sites say “Website Design and Development by Pallas Web Development''. is also hosted at that IP address, along with and

From our previous reporting, the last registered agent for PWD was Athena Newhard, whose LinkedIn profile shows it as her current business. 

Three techniques were employed against two Essex residents and their businesses:

1. Typo Squatting - A number of website addresses were set up in such a way that someone seeking the, or, but using the wrong suffix ― .org instead of .com ― is redirected to the contradictory content of


2. Domain Name Squatting - Without Watts’ permission, someone at PWD registered two domains bearing his name: and


Both use a PWD nameserver. Thus PWD agents can create a website and post content without the approval of Watts, the current Selectboard Chair.

Likewise, and, along with other variations, were created without Wrenner’s approval. Her Essex Retorter, NoMergerNow, and Fairness1st names are also objects of this cyber campaign.

If either Andy Watts or Irene Wrenner want to use any of these domain names for a future campaign, these addresses bearing their own names would be unavailable to them.

This is the discovered list of domains, all of which resolve either directly to IP address or have a nameserver that does:


3. Nameserver Chicanery - This might be the most deceptive technique.  Anyone checking the domain name registry for would see its nameserver set to, falsely associating Wrenner with that registration and 15 other domains. The above 16 domain names were set up this way.


PWD now uses three different domains as nameservers depending on the purpose.  All three domains used as nameservers were created on or after 3/18/21:


All of the domain names discovered are registered with They are set to shield the name of the registrant, a common service offered by many registrars.


Because all of these domains resolve to the same IP address and all of the domains related to that IP address are either customers of PWD or part of one of the three campaigns uncovered, PWD is at least complicit in the effort. 


We cannot say for sure who created the content on or who registered all these domains, only that each resolves to a single IP address used exclusively by PWD. 

Irene Wrenner is the publisher of the Essex Retorter.

bottom of page