167.172.187.11
IP Intelligence Briefing: 167.172.187.11
Date: 2026-06-15
---
**1. Profile Summary**
- Risk Score: 80 (High Risk)
- Provider: DigitalOcean (Cloud Compute)
- Geolocation: Frankfurt am Main, Germany (Hesse)
- Network Role: Firewalled / No Services
- Threat Indicators: No direct malicious activity detected.
---
**2. Historical Observations**
- DNS Activity:
- Linked to `mail.mtechgroup.me` with SPF/DKIM/DMArc records (June 8β15, 2026).
- SPF record: `v=spf1 include:spf.smtp2go.com ~all`.
- DMARC policy: Initially set to `none`, later adjusted to `quarantine`.
- Network Stability:
- Traceroute shows average RTT of 110.6ms (plausible for Frankfurt).
- No recent route changes or instability.
---
**3. Relationships**
- DNS Associations:
- Strong ties to `mail.mtechgroup.me` (repeated DNS resolution).
- Network Context:
- Part of DigitalOceanβs infrastructure (ASN 14061).
- No connections to known malicious subnets or organizations.
---
**4. Neighborhood Analysis**
- Subnet: `167.172.187.11/24`
- Abuse Density: 0% (clean subnet).
- Neighbors: No active or malicious sibling IPs detected.
---
**5. Threat Assessment**
- No Direct Malicious Activity:
- No indicators of phishing, scanning, or exploitation.
- DNS Security:
- SPF/DKIM/DMArc records suggest legitimate email infrastructure.
- Cloud Provider Context:
- DigitalOcean-hosted instance; no evidence of misconfigured services.
---
**6. Recommendations**
- Monitor DNS Behavior: Track changes to `mail.mtechgroup.me` and ensure SPF/DKIM/DMArc policies align with organizational security standards.
- Network Segmentation: Verify isolation of cloud instances to prevent lateral movement.
- Subnet Surveillance: Continue monitoring `167.172.187.11/24` for unusual activity, though current data suggests low risk.
---
Source: IPDebrief Threat Intelligence Platform
Note: This IP is associated with a legitimate cloud provider and DNS infrastructure. No immediate action required, but ongoing monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | digitalocean |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | mail.mtechgroup.me |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | mail.mtechgroup.me |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 23% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-19 15:38:04 UTC |
| Last Seen | 2026-06-28 09:04:32 UTC |
| Profile Built | 2026-06-29 03:09:25 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 23 |
Full dossier details are available via our API.