217.26.179.37
IP Intelligence Briefing: 217.26.179.37
Date: June 6, 2026
---
**1. Core Profile**
- Risk Score: 55 (Moderate Risk)
- Ownership: Registered to Fanari Maurizio (ASN 209353, RIPE).
- Geolocation: Italy (Oristano), with geolocation accuracy within 500 km.
- Network Role: Single-service host (HTTP on port 80 via lighttpd/1.4.39).
- Threat Indicators: No direct malicious activity detected.
---
**2. Observed Behavior**
- Service Fingerprint:
- HTTP server with banner `lighttpd/1.4.39`.
- Redirects (302 status code) detected.
- No TLS certificate or HTTPS activity.
- DNS:
- No PTR records or domain associations.
- DNSBL listings (3/8 total lists).
- Network Activity:
- BGP prefix: `217.26.176.0/22` (mixed subnet abuse density).
- 26 high-risk neighbors in the `/24` subnet.
---
**3. Historical Trends**
- Geolocation Stability: Consistent Italy location.
- Service Changes: HTTP service observed since at least May 29, 2026.
- Threat Signals: No persistent malicious activity.
---
**4. Relationships & Neighbors**
- Linked Networks:
- Associated with subnet `217.26.179.37/24` (abuse density: 26.8%).
- High-Risk Neighbors:
- 19 IPs with high risk scores (e.g., 217.26.179.13, 217.26.179.19).
- 49 medium-risk IPs.
- Shared Attributes:
- Subnet includes both residential and commercial IPs.
---
**5. Recommendations**
- Monitor Neighbors: Investigate high-risk IPs in the same subnet for potential lateral movement.
- Secure HTTP Service: Ensure the HTTP server (lighttpd) is patched and configured to block unauthorized access.
- Check DNSBL Listings: Verify if the IP is listed on DNSBLs and resolve any false positives.
- Network Segmentation: Consider isolating this subnet to limit exposure from high-risk neighbors.
---
Note: No direct malicious activity detected, but the IPโs environment warrants further scrutiny due to mixed subnet risk and DNSBL associations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Fanari Maurizio |
| ASN | AS209353 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | lighttpd/1.4.39 |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 19% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 21% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-11 21:10:55 UTC |
| Last Seen | 2026-06-26 12:30:08 UTC |
| Profile Built | 2026-06-26 12:37:57 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 20 |
Full dossier details are available via our API.