208.91.197.66 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 208.91.197.66 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 25/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: bambenek_ramnit, hphosts_emd, hphosts_fsa, hphosts_psh

• Country: British Virgin Islands
• Network:
• Noticed: times
• Protocols Attacked: SSH

Malware Detected on Host

Count: 62 060f365b160a829d28ed5df87d791e17922bcea946f1d80d34e9d6aa2b7774f6 7c42114a6a3dc0ceeeb5baee57d936c82e615808357af89214b1c7142509eb71 2e20072bf8b8b6d540e8f7302ebe273190cc0b54440165e3ef0c4d5c258015a2 97f2203ae5f7aacef1d5d580baff490b750aec01e57a72bd9963154e70b903fd bcdb00aed5cf0683f2d1f256bc0da47ba6499d3d24109c6b78f2567d7fe7bec5 f34627dad71e7d858953934c26b62affb2d06a27c8f64bb386471048077ef29e f7e69ddc664559e1de147b9d9fbcfd0d4cbfde2242cee8cb5840071e51f48b37 9bf74a125f65802669941e103b2d27a9f70f2a6586381d12956395a26bd74206 32bb9f90c2ff95645f3728d5494e138b25d4ee6df0306dcea1cb3e29cd68f8d8 04e78ecf5372cf65ff9a5997ea027c750e512590edbd6c4ca4d07cbafcece5ca

Open Ports Detected

443 53 80

Map

Whois Information

• NetRange: 208.91.196.0 - 208.91.197.255
• CIDR: 208.91.196.0/23
• NetName: CONFLUENCE-NETWORK-INC
• NetHandle: NET-208-91-196-0-1
• Parent: NET208 (NET-208-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS40034
• Organization: Confluence Networks Inc (CN)
• RegDate: 2011-04-15
• Updated: 2015-11-23
• Ref: https://rdap.arin.net/registry/ip/208.91.196.0
• OrgName: Confluence Networks Inc
• OrgId: CN
• Address: 3rd Floor, J & C Building, P.O. Box 362
• City: Road Town
• StateProv: Tortola
• PostalCode: VG1110
• Country: VG
• RegDate: 2011-04-07
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CN
• OrgNOCHandle: NOCAD51-ARIN
• OrgNOCName: NOC Admin
• OrgNOCPhone: +1-415-358-0891
• OrgNOCEmail: noc@confluence-networks.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOCAD51-ARIN
• OrgAbuseHandle: ABUSE3065-ARIN
• OrgAbuseName: Abuse Admin
• OrgAbusePhone: +1-415-449-4704
• OrgAbuseEmail: abuse@confluence-networks.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3065-ARIN
• OrgTechHandle: TECHA29-ARIN
• OrgTechName: Tech Admin
• OrgTechPhone: +1-415-358-0891
• OrgTechEmail: noc@confluence-networks.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TECHA29-ARIN

Links to attack logs

****** ****** ******