198.167.206.145
IP Intelligence Briefing: 198.167.206.145
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Registered to 1337 Services LLC (ASN 39287, ARIN).
- Geolocation:
- Primary: Newark, NJ, US (MaxMind).
- Conflict: Earlier observation (2026-06-02) flagged Sweden (latitude 59.3247, longitude 18.056).
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
- Network Role: Labeled as "Tor Exit Node" in network classification, but not a verified Tor exit node.
---
**2. Observation History**
- Latest (2026-06-11):
- Subnet abuse density: 0.1 (mostly clean).
- 4 active neighbors, 1 threat sibling in subnet.
- Earlier (2026-06-02):
- Geolocation discrepancy: Sweden vs. US.
- DNS resolution to c6a7ce91.vpn.njalla.net (likely aVPN hostname).
---
**3. Relationships**
- Key Associations:
- DNS: c6a7ce91.vpn.njalla.net (PTR record).
- Network: Linked to 1337-NET-KN (same ASN).
- No Direct Threat Links: No known malicious campaigns, spam, or abuse confidence scores.
---
**4. Neighborhood Analysis**
- Subnet: 198.167.206.145/24.
- Neighbor Risk:
- 9 IPs with low risk (score 25).
- 1 IP with unusually low risk (score 0).
- Abuse Density: 0.1 (mostly clean).
---
**5. Anomalies & Flags**
1. Geolocation Conflict: Sweden vs. US; potential spoofing or misconfigured DNS.
2. Tor Exit Node Misclassification: Not a verified Tor exit node.
3. DNS Hostname: c6a7ce91.vpn.njalla.net suggests possibleVPN or anonymization tool usage.
---
**6. Recommended Actions**
- Verify Geolocation: Cross-check with alternative sources (e.g., WHOIS, traceroute).
- Monitor DNS: Investigate njalla.net for associated malicious activity.
- Review Subnet: Ensure low-risk neighbors are not masking potential threats.
- Validate Tor Classification: Confirm if this IP is part of a legitimate Tor network.
---
Conclusion: This IP appears benign but requires further validation due to geolocation inconsistencies and unclear network role. Monitor DNS and subnet activity for anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | 1337 Services LLC |
| ASN | AS39287 |
| Network Name | 1337-NET-KN |
| CIDR Block | 198.167.192.0/19 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | c6a7ce91.vpn.njalla.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | c6a7ce91.vpn.njalla.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 7 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-26 18:10:05 UTC |
| Last Seen | 2026-06-11 05:43:17 UTC |
| Profile Built | 2026-06-11 05:49:35 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.