# IP Intelligence Briefing: 75.80.65.214/32
## Executive Summary
IP 75.80.65.214 presents as a High Risk residential endpoint associated with Charter Communications/Comcast. The IP carries an elevated risk score of 80 with multiple DNSBL listings (5 of 8 lists), though neighborhood analysis indicates minimal subnet-wide abuse activity.
## Threat Profile
- Risk Score: 80 (High Risk)
- Classification: Residential Endpoint
- Provider: Charter Communications Inc (ASN 20001)
- Geolocation: Hawaii, US (Kahului area)
- DNS: syn-075-080-065-214.biz.spectrum.com
## Key Indicators
- DNSBL Status: Listed on 5 of 8 monitored blacklists
- Network Role: Residential (not cloud, CDN, proxy, or hosting infrastructure)
- Control Plane: Route stability flagged as false; DNSSEC valid
- Geolocation Validation: RTT anomaly detected (141ms measured vs 234ms minimum expected for Hawaii distance)
## Historical Observations
Analysis of 21 observation records reveals:
- Recent observations from June 2026
- Classification consistently identifies as residential infrastructure
- Risk signals range from "Minimal" to "Basic" severity
- No persistent malicious behavior detected
- Ownership and configuration changes: 0
## Network Relationships
- 48 total relationship records identified
- Multiple same-network associations (RRWE)
- DNS association to spectrum.com domain infrastructure
- No certificate matches or correlated IP campaigns identified
## Subnet Analysis (75.80.65.0/24)
- Abuse Density: 0 (minimal)
- Risk Classification: mostly_clean
- Inherited Risk: 2
- Active Threat Siblings: 1
- Total Siblings: 1
## SOC Recommendations
1. Block/Restrict: Consider blocking this IP at perimeter due to High Risk classification and multiple blacklist listings
2. Monitor: Track for outbound connections; residential IPs often indicate compromised endpoints
3. Context: Evaluate against known threat intelligence feeds if available
4. Geolocation Review: Investigate RTT anomalyβpotential misconfiguration or proxy usage
5. Action Priority: Medium-High (risk score 80 warrants attention despite clean neighborhood)
## Notes
While the immediate subnet shows minimal abuse density, the individual IP's risk profile and DNSBL presence suggest it has been flagged for suspicious activity. Treat as potentially compromised residential endpoint requiring monitoring or blocking depending on threat context.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Charter Communications Inc |
| ASN | AS20001 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | syn-075-080-065-214.biz.spectrum.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | syn-075-080-065-214.biz.spectrum.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Residential |
| Service Purpose | Web Server |
| Network Tier | End-User β Residential ISP endpoint |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-dropbear_2018.76 l\?;$?G??r2O?G?curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-ni |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 20% | 9 | 15 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:34 UTC |
| Last Seen | 2026-06-26 18:11:33 UTC |
| Profile Built | 2026-06-26 02:30:39 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 23 |
Full dossier details are available via our API.