64.32.80.29
IP Intelligence Briefing: 64.32.80.29
Date: 2026-06-11
---
**Key Risk Indicators**
- Risk Score: 80/100 (High Risk)
- Threat Observations: No direct malicious indicators (no malware, C2, or phishing detected).
- DNSBL Listings: Flagged by 4/8 DNS blacklists (potential spam or abuse risk).
- Geolocation Discrepancy: Registered to a Dominican telecom provider (Compaña Dominicana de Teléfonos S.A.) but geolocated to Atlanta, GA, USA.
---
**Ownership & Network Context**
- ASN: 6400 (Compaña Dominicana de Teléfonos S.A.)
- Subnet: 64.32.64.0/18 (Shared with 65,536 IPs; no abuse density detected).
- Network Role: Firewalled with no open services or TLS certificates.
---
**Threat & Behavioral Analysis**
- DNS Associations: Linked to `29stb10.codetel.net.do` (no domain validation or email auth records).
- Historical Signals:
- DNSSEC valid but no CAA records.
- Geolocation inconsistencies (Dominican Republic vs. US).
- Low confidence in threat observations (0.14β0.60).
- No Active Neighbors: Subnet (64.32.80.29/24) shows zero active or risky sibling IPs.
---
**Recommended Actions**
1. Monitor DNS Records: Investigate `29stb10.codetel.net.do` for malicious activity or spoofing.
2. Validate Geolocation: Confirm if the IP is legitimately hosted in the US or if thereβs a misconfiguration.
3. Check DNSBL Context: Review why the IP is listed on 4 DNS blacklists (e.g., Spamhaus, OpenDNS).
4. Network Segmentation: Ensure the IP is isolated in a DMZ or segmented network due to its high risk score.
---
Conclusion: While no direct malicious activity is detected, the IPβs DNSBL flags, geolocation mismatch, and high risk score warrant further investigation. SOC teams should prioritize validating DNS integrity and monitoring for unexpected behavior.
Source: IPDebrief Threat Intelligence Platform
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Compañía Dominicana de Teléfonos S. A. |
| ASN | AS6400 |
| Network Name | 64.32.64.0 - 64.32.127.255 |
| CIDR Block | 64.32.64.0/18 |
| RIR | ARIN |
| Country | DO |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 29stb10.codetel.net.do |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 29stb10.codetel.net.do |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-25 18:48:30 UTC |
| Last Seen | 2026-06-11 00:39:25 UTC |
| Profile Built | 2026-06-11 01:26:16 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.