76.87.164.167
IP Intelligence Briefing: 76.87.164.167
Date: 2026-06-18
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership: Charter Communications Inc (ASN 20001)
- Geolocation: Ontario, CA, US (Residential network)
- Services:
- HTTP (port 80), HTTPS (port 443), SSH (port 22)
- Server banner: *GoAhead-Webs*
- Threat Indicators:
- Listed on 5/8 DNSBL (blacklist) sources (e.g., Spamhaus, OpenBL)
- No TLS certificate detected (HTTPS service may be misconfigured)
- No known malware campaigns or attacker associations
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- DNSBL Listings: Confirmed on 5 lists (high-severity risk).
- HTTPS Scans: Failed connection attempts (confidence: 0.30).
- Geolocation: Plausible US location (accuracy: ±2500 km).
- Network Stability: No persistent threats or ownership changes.
---
**3. Network Relationships**
- Linked Entities:
- Subnet: 76.87.164.167/24 (clean, zero abuse density).
- DNS: Resolves to *spectrum.com* (valid SPF/DMArc records).
- No direct ties to C2 servers, CDN nodes, or Tor infrastructure.
---
**4. Neighborhood Analysis**
- Subnet (76.87.164.167/24):
- 0 active neighbors reported.
- Abuse Density: 0% (clean subnet).
- No suspicious sibling IPs or shared infrastructure.
---
**5. Recommendations**
- Monitor DNSBL Listings: Investigate why this residential IP is flagged (false positive or misconfigured service?).
- Secure HTTPS: Ensure TLS certificate is properly configured for HTTPS service.
- Limit Exposure: Consider blocking SSH access unless necessary, given the residential nature.
- Verify Geolocation: Cross-check IP location with internal geolocation tools for accuracy.
---
Conclusion:
This IP is residential and owned by a major ISP, but its high DNSBL score and lack of TLS certificate raise concerns. While not a persistent threat, it may be a misconfigured server or a false positive. SOC teams should prioritize validating DNSBL sources and ensuring service compliance. No immediate action is required unless further suspicious activity is detected.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Charter Communications Inc |
| ASN | AS20001 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | syn-076-087-164-167.res.spectrum.com |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | syn-076-087-164-167.res.spectrum.com |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | End-User β Residential ISP endpoint |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | β |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | GoAhead-Webs |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 2 |
| routing | 8% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 21% | 2 | 2 |
| Overall | 21% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:34 UTC |
| Last Seen | 2026-06-26 18:11:34 UTC |
| Profile Built | 2026-06-26 18:11:52 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 22 |
Full dossier details are available via our API.