185.15.171.44
IP Intelligence Briefing: 185.15.171.44
Date: 2026-06-07
---
**1. Core Profile**
- Risk Score: 55 (Moderate Risk)
- Ownership: Registered to DONATO CONTE (ASN 57558, METIS-V4-NET-2).
- Geolocation: Italy (Picerno), RIPE network.
- Threat Indicators: No malicious activity detected (no blacklists, spam, or campaigns).
- Network Role: Firewalled / No Services (closed ports, no TLS/HTTP services).
---
**2. Historical Observations (30-Day Window)**
- 18 total signals recorded, with 0.26 operator score (Basic risk rating).
- Key findings:
- 0.85 confidence ownership stability (no ownership changes).
- 0.60 confidence DNSSEC validation (valid, no CAA records).
- No persistent malicious behavior or threat persistence.
---
**3. Network Relationships**
- DNS Associations: Linked to host044-171-015-185.retemetis.net (multiple entries).
- Subnet: 185.15.171.0/24.
- Neighbor Risk:
- 24 high-risk neighbors (80+ score).
- 56 medium-risk neighbors (50โ80 score).
- 7 low-risk neighbors (<50 score).
- Subnet Abuse Density: 27.6% (moderate risk).
---
**4. Actionable Insights**
- Monitor Subnet: The 185.15.171.0/24 subnet contains a mix of risks, with notable high-risk neighbors. Investigate potential lateral movement or shared infrastructure.
- Verify DNS: The DNS hostname host044-171-015-185.retemetis.net appears to be internal; confirm if itโs part of a legitimate network or a honeypot.
- Block High-Risk Neighbors: Consider blocking or isolating high-risk IPs in the subnet to mitigate potential exposure.
---
**5. Recommendations**
- SOC Analyst Actions:
- Correlate this IP with other network traffic to identify if itโs part of a broader threat pattern.
- Check for DNS resolution anomalies or unexpected connections from the subnet.
- Review the METIS-V4-NET-2 ASN for additional threat intelligence.
This IP is not directly malicious but should be monitored due to its subnetโs mixed risk profile.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DONATO CONTE |
| ASN | AS57558 |
| Network Name | METIS-V4-NET-2 |
| CIDR Block | 185.15.170.0/23 |
| RIR | RIPE |
| Country | IT |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | host044-171-015-185.retemetis.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | host044-171-015-185.retemetis.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | lighttpd/1.4.39 |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 22% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-14 01:09:09 UTC |
| Last Seen | 2026-06-26 18:10:54 UTC |
| Profile Built | 2026-06-26 05:26:36 UTC |
| Data Freshness | Fresh |
| Signal Types | 22 |
| Total Observations | 22 |
Full dossier details are available via our API.