Host name:
Latitude:
Longitude:
NetRange: 224.0.0.0 - 239.255.255.255
CIDR: 224.0.0.0/4
NetName: MCAST-NET
NetHandle: NET-224-0-0-0-1
Parent: ()
NetType: IANA Special Use
OriginAS:
Organization: Internet Assigned Numbers Authority (IANA)
RegDate: 1991-05-21
Updated: 2013-08-30
Comment: Addresses starting with a number between 224 and 239 are used for IP multicast. IP multicast is a technology for efficiently sending the same content to multiple destinations. It is commonly used for distributing financial information and video streams, among other things.
Comment:
Comment: A full list of IPv4 multicast assignments can be found at:
Comment:
Comment: http://www.iana.org/assignments/multicast-addresses
Comment:
Comment: A document describing the policies for assigning multicast addresses can be found at:
Comment: http://datatracker.ietf.org/doc/rfc5771
Ref: https://whois.arin.net/rest/net/NET-224-0-0-0-1

OrgName: Internet Assigned Numbers Authority
OrgId: IANA
Address: 12025 Waterfront Drive
Address: Suite 300
City: Los Angeles
StateProv: CA
PostalCode: 90292
Country: US
RegDate:
Updated: 2012-08-31
Ref: https://whois.arin.net/rest/org/IANA

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: ICANN
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org
OrgAbuseRef: https://whois.arin.net/rest/poc/IANA-IP-ARIN

OrgTechHandle: IANA-IP-ARIN
OrgTechName: ICANN
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org
OrgTechRef: https://whois.arin.net/rest/poc/IANA-IP-ARIN
DNS BlackList results:
Most recent complaints on 239.255.255.250
Complaint by wizz :

I do have this address in my firewall block logs, i dont know what it is, in am in saigon,vietnam. Where are you?

Reported on: 18th, Dec. 2011
Complaint by Agbeko :

please can look for the DSN of this IP and its location, thank you 239.255.255.250

Reported on: 3rd, Jan. 2012
Complaint by Agbeko :

please can look for the DSN of this IP and its location, thank you 239.255.255.250

Reported on: 3rd, Jan. 2012
Complaint by Agbeko :

please can look for the DSN of this IP and its location, thank you 239.255.255.250

Reported on: 3rd, Jan. 2012
Complaint by Hang Hackers :

worm helkern attack blocked by kaspersky..i've been tracing attackers i.p.s for the last 10 hours and reporting them and i believe i figured it out..i used to get on the earthcam and baladacam networks and started having all kinds of problems. Got off from them 4 months ago and got Kaspersky and the scanner has blocked over 200 attacks since then. I dont know how many of you are or have been on those networks, but i know for a fact my attacks have come from those 2 networks. To all attackers everywhere; YOUR F***ing days are numbered. You have been figured out. Attackers in china, japan, taiwan, ukraine,korea,ghana,california,massachusette, florida and even russia attackers...your all on those 2 networks....and your fix'n to go down in flames...people, SERIOUSLY, LISTEN to what i'm saying...if your on dsl or dial up, if you can, pay a few bucks more for a secure connection. I'm going back to cable myself..never had this problem until i got on dial up and then dsl.I'm telling at@t to shove their service up their ***. THANK YOU KASPERSKY, YOU SAVED OUR $1,500.00 computer well over 200 times in the last 4 months: Attackers/Hackers, get ready to be someone's Bit**. If reporting this doesnt stop you, i will find people who will...sorry for the book..HEL* NO I'M NOT!!!!!!

Reported on: 9th, Jan. 2012
Complaint by Anonymous :

Blocked; Intrusion.Win.MSSQL.worm.Helkern! Attacker's IP address: 239.255.255.250 Protocol/service: UDP on local port 1434. They are probably in China just like the other 13 attackers i have documented. They are a bunch of wussy cowards and everybody knows it already...China has been attacking my computer for 4 months non stop. I believe they are through the earthcam and baladacam networks. not all cam locations are dangerous but they need to shut them down now ..if you been on them, they got you, just like they did me

Reported on: 11th, Jan. 2012
Complaint by Hang Hackers :

Alright, i've been doing this so many times, i didnt know i already complained about this one. They are from china..my other complaints are true. Last post, maybe. I never laughed sooooo much about a bunch of cowards in all my life...hahahahaha

Reported on: 11th, Jan. 2012
Complaint by hh :

Some kind of zone alarm internet service

Reported on: 14th, Jan. 2012
Complaint by Mieczyslaw :

es muy peligroso? o un vigilante?como se puede eliminar de las redes?

Reported on: 1st, Mar. 2012
Complaint by Bob :

This IP address (239.255.255.250) was caught trying to download information from my computer. This is VERY SUSPICIOUS activity! ISP should watch this IP addy, as well as fraud protection folks.

Reported on: 26th, Dec. 2012
Complaint by cb3232 :

same in canada..239.255.255.250 i'm stuck with it...

Reported on: 12th, Feb. 2013
Complaint by Eric :

Simple Service Discovery Protocol

Reported on: 30th, Mar. 2013
Complaint by Michael :

This ISP is being targetted several times a minute, and thankfully blocked by my firewall. The firewall reads: access as follows: Block incoming SSDP (UPNP) requests for svchost.exe C:\Windows\System32\svchost.exe. I can't seem to find a location for the ISP -- is it really China (where I live)?

Reported on: 18th, Aug. 2014
Complaint by charlie :

Report to http://www.ic3.gov. The more reports that are submitted - the greater the chance of action being taken.

Reported on: 2nd, Apr. 2015
Complaint by nobody :

Lol pretty sure it's a local address, that works with UPNP & while it may be used by attackers, is not an actual IP elsewhere.

Reported on: 20th, Dec. 2015
Complaint by Daretoexpose :

At the ip address of 239.255.255.250 is an employee at the department of education. The attackers attacked my system in 2001 and again in 2004 with a permanent connection to my system as of this date. In order to have access, the spyware operating system uses a cloned mac partition and an unknown virtual tunnel that allows tunnel connections to the victims system. There is also worm devices in all windows operating system registry plus the malware network address also found in the registry of the windows operating system. These are government paid cyber stalkers that has invaded my private network that boots from a remote location using a multicast ip address 224.0.0.0, your loop back 127.0.0.1 but the attacker is on 224.0.0.250 or 239.255.255.250 of the multicast ip address sneaking into the computer and launching cyber attacks using dummy and zombie networks around the world. Removing the multicast ip address from the system via the registry will crash the system with a blue screen of death stating that the tcp stack is missing, meaning you are forever connected to cyber criminals that boots your computer from a malware/spyware remote server belonging to the Department of Education. According to Arin in 2004, 224.0.0.0, 224.0.0.250 and 224.255.255.250 was an experimental ip address called multicast. Now the information has changed with a disclaimer by Arin about the suspicious multicast ip address.

Reported on: 8th, Feb. 2016
Complaint by Daretoexpose :

At the ip address of 239.255.255.250 is an employee at the department of education. The attackers attacked my system in 2001 and again in 2004 with a permanent connection to my system as of this date. In order to have access, the spyware operating system uses a cloned mac partition and an unknown virtual tunnel that allows tunnel connections to the victims system. There is also worm devices in all windows operating system registry plus the malware network address also found in the registry of the windows operating system. These are government paid cyber stalkers that has invaded my private network that boots from a remote location using a multicast ip address 224.0.0.0, your loop back 127.0.0.1 but the attacker is on 224.0.0.250 or 239.255.255.250 of the multicast ip address sneaking into the computer and launching cyber attacks using dummy and zombie networks around the world. Removing the multicast ip address from the system via the registry will crash the system with a blue screen of death stating that the tcp stack is missing, meaning you are forever connected to cyber criminals that boots your computer from a malware/spyware remote server belonging to the Department of Education. According to Arin in 2004, 224.0.0.0, 224.0.0.250 and 224.255.255.250 was an experimental ip address called multicast. Now the information has changed with a disclaimer by Arin about the suspicious multicast ip address. I believe the ISP is aiding in the cyber attacks. The malware/spyware Microsoft operating system is a Trojan horse connection fakecd.99.

Reported on: 8th, Feb. 2016
Complaint by Whaaat? :

Whoa! Relax everyone. Take off your tin foil hats. 239.255.255.250 isn't what you think it is. That is some sort of multicast message that your PC is trying to send out, not someone else trying to get in. (That's why the message says that your svchost.exe program is trying to access 239.255.255.250.) UDP port 1900 is Universal Plug and Play, so I can only assume that your system is attempting to query the local network for the existence of some device (perhaps a printer server or such?).

Reported on: 1st, Nov. 2016
Complaint by Superfish Victim :

I have been hacked and harassed by this Ip address to the point that I am now going to take my own life. They have gotten me fired from 4 jobs, destroyed all my family, friends, ex girlfriends relationships and cost me well over $500,000. This has been going on for 4 years and I just cannot take the non stop never ending harassment from these people. Hopefully my death will bring some attention to this experimentation and torture

Reported on: 13th, Mar. 2018
Complaint by Superfish Victim :

I have been hacked and harassed by this Ip address to the point that I am now going to take my own life. They have gotten me fired from 4 jobs, destroyed all my family, friends, ex girlfriends relationships and cost me well over $500,000. This has been going on for 4 years and I just cannot take the non stop never ending harassment from these people. Hopefully my death will bring some attention to this experimentation and torture. They are not even letting me post this to the public and are doing everything to stop me and disable me from doing so. I will switch networks a few times and try to get this posted for it is like my last words.

Reported on: 13th, Mar. 2018

Please help us keep Internet safer and cleaner by leaving a descriptive comment about 239.255.255.250 IP address


DNSBL* - is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.

WHOIS** - is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. WHOIS lookups were traditionally performed with a command line interface application, and network administrators predominantly still use this method, but many simplified web-based tools exist. WHOIS services are typically communicated using the Transmission Control Protocol (TCP). Servers listen to requests on the well-known port number 43.

** Approximate Geographic Location - This is NOT the exact geographical location of the person/organization with the given IP address. However, this should still give you a good idea about the area/region where this person/orgranization is located.