66.81.203.133 Threat Intelligence and Host Information

Dec 18, 2025 ipinfopage

General

IP Address

66.81.203.133

IPv4 Address

Location

🇻🇬 British Virgin Islands

Network

Threat Score

70/100

High Risk

aaaaaaaanxdomainabusecontactacceptaccessta0001

Attack Intelligence

MITRE ATT&CK Techniques

T1010 - Application Window Discovery, T1012 - Query Registry, T1031 - Modify Existing Service, T1036 - Masquerading, T1045 - Software Packing, T1053 - Scheduled Task/Job, T1055 - Process Injection, T1060 - Registry Run Keys / Startup Folder, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1091 - Replication Through Removable Media, T1120 - Peripheral Device Discovery, T1129 - Shared Modules, T1143 - Hidden Window, T1147 - Hidden Users, T1158 - Hidden Files and Directories, T1449 - Exploit SS7 to Redirect Phone Calls/SMS, T1497 - Virtualization/Sandbox Evasion, T1574 - Hijack Execution Flow

Open Ports Detected

Geographic Location

Country

British Virgin Islands

City

Unknown

Region

Unknown

Coordinates

18.4985, -64.4999

Network Information

ASN

Organization

Network

WHOIS Information

NetRange

66.81.192.0 - 66.81.207.255

CIDR

66.81.192.0/20

NetName

NetHandle

NET-66-81-192-0-1

Parent

NET66 (NET-66-0-0-0-0)

NetType

Direct Allocation

OriginAS

Organization

Confluence Networks Inc (CN)

RegDate

2011-04-07

Updated

2024-11-25

Comment

Hosted in Austin TX

Ref

https://rdap.arin.net/registry/entity/CN

OrgName

Confluence Networks Inc

OrgId

Address

3rd Floor, J & C Building, P.O. Box 362

City

Road Town

StateProv

Tortola

PostalCode

VG1110

Country

OrgNOCHandle

NOCAD51-ARIN

OrgNOCName

NOC Admin

OrgNOCPhone

+1-415-358-0891

OrgNOCEmail

noc@confluence-networks.com

OrgNOCRef

https://rdap.arin.net/registry/entity/NOCAD51-ARIN

Country: British Virgin Islands
Network:
Noticed: 5 times
Protocols Attacked: SSH
Countries Attacked: United States of America

Malware Detected on Host

Count: 15 768c3fc59589decb6f742ed3ecff533800da9952b0d0d658f51c2fbade5562fb f3c2569b4a2b5e9e4fd5da6ce1c6034be648cf113ce11619fccba10abafe86fe f506144ea262f567871f20b83ce4f3d64f7b699e8204d27ada2c696097db324a 4f9cae3b5a0a3ec8ca2bcd36eb5d16fc31bcc9925d7a50e255a2af1ad04bad72 d330c8e023b24928dc2beb0a855a16eb5eef5e3717d0c4f2ac57a36e1b1a6eee a705f73de418d3167f2368de48a70fddb3190ca01897ad3c475f68fb4ad913ce 325d20b0f3ae873bcbad00fdc6a8010e5f8f6a53cf6e17af246a8c67d2355933 29f413d122242f76652e2abbe94627cbb769d66ecb147a3cd25c078f2973a7f8 d95371b57a86d8207c1ed0f5c7194b9186225d9bb3e5d8da61a2458571755118 161cabd0f35cf74bb15854ae1cfd65c370dc2fdfa9ad8a82ae5cca91421a8a9b

CVEs Detected

CVE-2018-16845 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-23017 CVE-2021-3618 CVE-2023-44487 CVE-2025-23419

Share on:

Disclaimer

This page contains threat intelligence information for the IPv4 address 66.81.203.133 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.