199.254.31.1 Threat Intelligence and Host Information

Apr 05, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 199.254.31.1 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 25/100

Host and Network Information

Tags: auto-generated security, tsec
View other sources: Spamhaus VirusTotal

Country: United States
Network:
Noticed: 9 times
Protocols Attacked: SSH
Passive DNS Results: a0.info.afilias-nst.org a0.info.afilias-nst.info

Malware Detected on Host

Count: 5 e4ea5618c3ae799e4294c3b1d754a1ca3ab0fe01fe70f906479e932da855b9cd 4c772a3ae8160e7a794e23e55688bd2c5ff11dd00ef31fb725983b8738cab1da efa2c54c3347762bbc1d8bbbd64e7b11f6ae4bd51ab33eeaf6fe718ced702bba 3778d66acf31948117a05cd1f8c6d8c6c0659a6b8e631dda8ea0c54e55b8c94b 7f00d256c19414f6a50535e349db0db5838cfd8648a97f78c5eebc8ca6dda9b5

Open Ports Detected

Map

Whois Information

NetRange: 199.254.28.0 - 199.254.31.255
CIDR: 199.254.28.0/22
NetName: AFILIAS-NET6
NetHandle: NET-199-254-28-0-1
Parent: NET199 (NET-199-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Afilias, Inc. (AFILI-2)
RegDate: 2007-10-16
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/199.254.28.0
OrgName: Afilias, Inc.
OrgId: AFILI-2
Address: 10500 NE 8th Street
City: Bellevue
StateProv: WA
PostalCode: 98004
Country: US
RegDate: 2018-08-16
Updated: 2024-11-25
Comment: https://identity.digital
Ref: https://rdap.arin.net/registry/entity/AFILI-2
OrgAbuseHandle: CLEME4-ARIN
OrgAbuseName: Clements, Carl
OrgAbusePhone: +1-416-646-1541
OrgAbuseEmail: carl.clements@identity.digital
OrgAbuseRef: https://rdap.arin.net/registry/entity/CLEME4-ARIN
OrgTechHandle: HEL4-ARIN
OrgTechName: Eland, Howard
OrgTechPhone: +1-425-298-2200
OrgTechEmail: Howard@identity.digital
OrgTechRef: https://rdap.arin.net/registry/entity/HEL4-ARIN
OrgAbuseHandle: SILZE-ARIN
OrgAbuseName: Silzer, Scott
OrgAbusePhone: +1-416-673-4197
OrgAbuseEmail: ssilzer@afilias.info
OrgAbuseRef: https://rdap.arin.net/registry/entity/SILZE-ARIN
OrgTechHandle: SILZE-ARIN
OrgTechName: Silzer, Scott
OrgTechPhone: +1-416-673-4197
OrgTechEmail: ssilzer@afilias.info
OrgTechRef: https://rdap.arin.net/registry/entity/SILZE-ARIN
OrgNOCHandle: NOC11438-ARIN
OrgNOCName: Network Operations Centre
OrgNOCPhone: +1-416-673-4150
OrgNOCEmail: noc@afilias-nst.info
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC11438-ARIN
OrgAbuseHandle: HEL4-ARIN
OrgAbuseName: Eland, Howard
OrgAbusePhone: +1-425-298-2200
OrgAbuseEmail: Howard@identity.digital
OrgAbuseRef: https://rdap.arin.net/registry/entity/HEL4-ARIN
OrgTechHandle: CLEME4-ARIN
OrgTechName: Clements, Carl
OrgTechPhone: +1-416-646-1541
OrgTechEmail: carl.clements@identity.digital
OrgTechRef: https://rdap.arin.net/registry/entity/CLEME4-ARIN
OrgAbuseHandle: VLAAR-ARIN
OrgAbuseName: Vlaar, Paul
OrgAbusePhone: +1-416-673-4078
OrgAbuseEmail: pvlaar@identity.digital
OrgAbuseRef: https://rdap.arin.net/registry/entity/VLAAR-ARIN
OrgTechHandle: VLAAR-ARIN
OrgTechName: Vlaar, Paul
OrgTechPhone: +1-416-673-4078
OrgTechEmail: pvlaar@identity.digital
OrgTechRef: https://rdap.arin.net/registry/entity/VLAAR-ARIN

Links to attack logs

****** ****** ******

Share on: