Independent Internet Security Research
Authorized Security Research Infrastructure

Internet Analyst

Web Security Auditing, Email Infrastructure Analysis & Internet Measurement Research

About This Project

Internet Analyst is an independent research project focused on large-scale security assessment of public internet infrastructure. Our work spans two primary areas: web security posture analysis through automated HTTP/HTTPS probing of publicly accessible endpoints, and email infrastructure security including SMTP configuration assessment, TLS adoption measurement, and authentication mechanism validation (SPF, DKIM, DMARC).

Our web security analysis involves sending HTTP/HTTPS requests to publicly accessible servers to evaluate their security configurations. This includes assessment of security headers (HSTS, CSP, X-Frame-Options), TLS/SSL certificate validity and cipher suite strength, detection of exposed sensitive endpoints, and identification of common misconfigurations that may leave web applications vulnerable. All interactions are limited to standard GET/HEAD requests and do not attempt to modify any data or bypass access controls.

This project operates under responsible disclosure principles and follows established internet measurement research ethics. All activities are strictly non-intrusive, read-only operations that do not modify, exploit, or compromise any target systems. We do not inject payloads, attempt authentication bypass, or perform any destructive testing.

If you are observing connections from our IP addresses listed below, they are part of our ongoing security research. These connections are harmless and consist solely of standard HTTP requests and SMTP protocol handshakes used for security posture analysis.

Network Ranges

All research traffic originates exclusively from the following registered network ranges:

Range Protocol Description
45.159.110.0/23 IPv4 512 addresses — primary research pool
2001:7f8:f6::/48 IPv6 IPv6 research subnet

These ranges are registered under AS50833 in the RIPE database. All IP addresses have valid forward-confirmed reverse DNS (FCrDNS) records within the internetanalyst.cz domain.

Methodology

  • HTTP/HTTPS security header analysis (HSTS, CSP, X-Frame-Options)
  • TLS/SSL certificate and cipher suite evaluation
  • Web server configuration and exposure assessment
  • DNS record enumeration (MX, SPF, DMARC, DKIM, CAA)
  • SMTP configuration and authentication analysis
  • Open relay and mail server misconfiguration detection

Research Principles

  • Non-intrusive: no emails are sent, no data is modified
  • Minimal footprint: connections are brief and rate-limited
  • Responsible disclosure: critical findings are reported to operators
  • Data protection: collected metadata is stored securely and not shared with third parties
  • Opt-out available: contact us to exclude your networks from future scans

Research Output

Findings from this project contribute to a better understanding of global email security posture and help identify systemic vulnerabilities in mail infrastructure. Our goal is to improve the overall security of email communication by providing actionable insights to the internet community.

Aggregated, anonymized statistics and research reports may be published periodically. Individual server data is never disclosed publicly.

Contact & Opt-Out

If you wish to exclude your network from our research or have questions about our activities:

Email
abuse@internetanalyst.cz
Project
Internet Analyst — Email Infrastructure Security Research
AS Number
AS50833