Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1110
  • Last Modified:

malicious domain?

Greetings,

Does anyone know what x.tagstat.com is and what its used for. We are getting reports from our internal security team that the site is possibly hosting malware on it but McAfee reports the site as minimal risk.

Thank you.
0
centem
Asked:
centem
  • 2
1 Solution
 
centemAuthor Commented:
what is that saying? It looks like it simply checks connectivity to the site and all is well. It shows "OK" per that links results. What are the results of?
0
 
AlexiosCommented:
It's not just connectivity, it checks if the specific domain is consider blacklisted
So it's not
0
 
Giovanni HewardCommented:
The tagstat.com domain is registered to Tagged LLC a "social discovery website."  The FQDN x.tagstat.com resolves to IP addresses assigned to NTT America, Inc., which appear to be part of the Akamai Technologies, Inc. Internet content delivery network.

The nature of the content being hosted (whether malicious or not) would require an analysis of the actual content in question (e.g. packet capture, download locations, etc.)

If you can provide links to actual suspicious content, or a packet capture, I can provide more information.

You can get a good idea of the type of content this FQDN is hosting by performing this search: https://www.google.com/search?q=site%3Ax.tagstat.com#filter=0&q=site:x.tagstat.com

You'll see it's mostly flash, PDF's, and other document types.  You could scan each of these using Virus Total to quickly ascertain their known risk.  Here's an example scan.

Here's one source reporting blacklisting of x.tagstat.com, although that source doesn't provide any meaningful detail. http://www.urlvoid.com/scan/x.tagstat.com/

Whois
Domain Name: TAGSTAT.COM
Creation Date: 2007-08-14 17:05:49Z
Registrar Registration Expiration Date: 2014-08-14 17:05:00Z
Registrar: REGISTER.COM, INC.
Registrant Name: SITE OPERATIONS
Registrant Organization: TAGGED, LLC
Registrant Street: 840 BATTERY ST
Registrant Street: 2ND FLOOR
Registrant City: SAN FRANCISCO
Registrant State/Province: CA
Registrant Postal Code: 94111
Registrant Country: US
Admin Name: SITE OPERATIONS
Admin Organization: TAGGED, LLC
Admin Street: 840 BATTERY ST
Admin Street: 2ND FLOOR
Admin City: SAN FRANCISCO
Admin State/Province: CA
Admin Postal Code: 94111
Admin Country: US
Admin Phone: +1.4159461944
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: SITEOPS@TAGGED.COM
Tech Name: SITE OPERATIONS
Tech Organization: TAGGED, LLC
Tech Street: 840 BATTERY ST
Tech Street: 2ND FLOOR
Tech City: SAN FRANCISCO
Tech State/Province: CA
Tech Postal Code: 94111
Tech Country: US
Tech Phone: +1.4159461944
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: SITEOPS@TAGGED.COM
Name Server: NS1.TAGGED.COM
Name Server: NS2.TAGGED.COM
Name Server: USC4.AKAM.NET
Name Server: USE3.AKAM.NET
nslookup x.tagstat.com

Open in new window


Name:    a1841.mm1.akamai.net
Addresses:  128.241.220.97
          128.241.220.106
Aliases:  x.tagstat.com
          staticcdn.tagged.com.edgesuite.net

http://whois.arin.net/rest/net/NET-128-241-0-0-1/pft
http://www.us.ntt.net/
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now