87.167.171.97
IP Intelligence Briefing: 87.167.171.97
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- ASN: AS3320
- Organization: DTAG-NIC (Deutsche Telekom AG)
- Country: Germany (DE)
- Region: Saxony
- City: Annaberg-Buchholz
- Geolocation:
- Latitude: 50.58, Longitude: 13.01
- Timezone: Europe/Berlin
- Network Role: Mobile carrier (LTE/5G)
- Threat Indicators: No known malicious activity, no spam, no Tor exit node, no blacklist entries.
---
**2. Observation History**
- Latest Signals (16 total):
- Geolocation: Confirmed Germany (Annaberg-Buchholz) with 52% confidence.
- Threat Signal: Alienvault-OTX flagged the IP as associated with a potential threat (pulse_count=1).
- BGP Prefix: Linked to AS3320 (Deutsche Telekom) via Team-Cymru-DNS.
- DNSSEC: Validated, no CAA records.
- Consistency: Mixed confidence levels (15%โ85%), suggesting potential data inconsistency.
---
**3. Relationships**
- DNS Associations:
- Resolves to `p57a7ab61.dip0.t-ipconnect.de` (t-ipconnect.de).
- Network Links:
- Part of the `DTAG-DIAL21` subnet (Deutsche Telekom).
- No direct connections to known malicious networks.
---
**4. Neighborhood Analysis**
- Subnet: 87.167.171.97/24
- Neighbor Count: 0 (isolated /32 IP)
- Abuse Density: 0% (no malicious activity detected in the subnet).
---
**5. Actionable Insights**
- Monitor: The OTX threat signal (pulse_count=1) requires further investigation to confirm legitimacy.
- Verify: Cross-check DNS records (`p57a7ab61.dip0.t-ipconnect.de`) for any anomalies.
- Segment: Ensure mobile carrier IPs are isolated in network segmentation to prevent lateral movement.
- Baseline: Track changes in geolocation or threat signals, as inconsistent data may indicate spoofing or dynamic IP behavior.
Conclusion: This IP is a legitimate Deutsche Telekom mobile carrier node with no confirmed malicious activity. However, the OTX threat signal warrants closer scrutiny. No immediate mitigation is required, but ongoing monitoring is recommended.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DTAG-NIC |
| ASN | AS3320 |
| Network Name | DTAG-DIAL21 |
| CIDR Block | 87.160.0.0/12 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | p57a7ab61.dip0.t-ipconnect.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | p57a7ab61.dip0.t-ipconnect.de |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 15% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-18 03:23:45 UTC |
| Last Seen | 2026-06-08 12:04:15 UTC |
| Profile Built | 2026-06-08 12:13:50 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.