66.6.44.4 Threat Intelligence and Host Information

Jan 06, 2026 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 66.6.44.4 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Known Malicious Host 🔴 75/100

Host and Network Information

  • Mitre ATT&CK IDs: T1059 - Command and Scripting Interpreter, T1071 - Application Layer Protocol, T1105 - Ingress Tool Transfer, T1497 - Virtualization/Sandbox Evasion

  • Tags: aaaa, a domains, alexa, alexa top, all search, apple, as13335, ascii text, auto-generated security, azorult, bank, blacklist http, blister, british virgin, california, cisco umbrella, class, click, cobalt strike, communicating, contacted, contacted urls, core, creation date, critical, cyber security, d3 a5, date, discord, download, dropped, error, et tor, execution, exit, facebook, false, files, general, generator, gmtn, hacktool, historical ssl, http, hybrid, ioc, ip address, ipv4, june, known tor, link, local, locality, log id, malicious, malicious url, malware, meta, methodpost, metro, million, misc attack, name verdict, network, Nextray, node traffic, ocsp, otx octoseek, page dow, passive dns, pattern match, paypal, phishing, pixel, pulse pulses, q0gpyr1balpdgpo, referrer, relayrouter, resolutions, reverse dns, roblox, runescape, safe site, salford, scan endpoints, script urls, search, sectigo limited, sectigo rsa, secure server, service, showing, site, ssl certificate, status, stopransomware, strings, t1507537243, t1604023287, team phishing, threat roundup, tls web, twitter, united, unknown, url http, urls, whois record, whois whois, win32, woff2, zva8k4ghshhpcb5

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: bambenek_suppobox, cleanmx_viruses, hphosts_ats, hphosts_emd, hphosts_fsa, hphosts_psh

  • Country: United States
  • Network:
  • Noticed: 39 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 71 9982320f45654e981506b9fb881c468c2f9ebd0d03edd9e5c4dd0672e4d7b390 94b756b939784675f32647fa0bf7b36f688604e7196b0b58f50e1bcaaf40dfce 4e95d1e7f22c68bbad3277adb53d69ea1d8447582d7cf2c499c9eec31e5ab472 baf93070b3d9c96aa15b57e3a10560a3533ef4764f50a8ce9cd3351ee7a51850 4a7a55e86963f246f5cc13ce0845e2d3edd083cff98417f83ec056a7fc528ccc 9ddbc4d47a8d19f9977e14ecb4f6ceae0827ba3e897e9db3f398407fb19ab635 63600472a82d69d7f59670b9e16b9938839507afc78443f8a5ca716e920d1597 c378f7e6c0524a5114ee05329e10077f34ad2df03d59702a91d5908fdaec6267 e4f4cec50d81c8fbcfc6ced29078f7f9d7b6bebbacd8371ef8f9f3362deedb2a acb33cbeb287d677d44d36112c16856cd955d695e119983b4632396ec17b5995

Open Ports Detected

443 80

Map

Whois Information

Share on: