66.81.203.8 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 66.81.203.8 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 70/100

Host and Network Information

• Mitre ATT&CK IDs: T1010 - Application Window Discovery, T1012 - Query Registry, T1031 - Modify Existing Service, T1036 - Masquerading, T1045 - Software Packing, T1053 - Scheduled Task/Job, T1055 - Process Injection, T1060 - Registry Run Keys / Startup Folder, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1091 - Replication Through Removable Media, T1120 - Peripheral Device Discovery, T1129 - Shared Modules, T1143 - Hidden Window, T1147 - Hidden Users, T1158 - Hidden Files and Directories, T1449 - Exploit SS7 to Redirect Phone Calls/SMS, T1497 - Virtualization/Sandbox Evasion, T1574 - Hijack Execution Flow

• Tags: aaaa, aaaa nxdomain, abuse contact, accept, access ta0001, address, a domains, alexa, alexa top, algorithm, all scoreblue, all search, analyzer paste, analyzer threat, apache, apex lehends, archive, arial, as15169 google, as16276, as16342 toya, as16509, as198921, as202425 ip, as20940, as29686 probe, as3215 orange, as36352, as3842 inmotion, as40676 psychz, as4230 claro, as44273 host, as46606, as50599, as53667, as5617 orange, as63949 linode, as8075, asn as16342, asnone, asnone united, a td, august, av detections, azorult, backdoor, bank, blacklist, body, body doctype, body html, browsing, buckler, bush, campaign, checkin, cisco umbrella, cname, co20230203, cobalt strike, code, contact email, contact phone, contained, content, content length, copy, country, crack, crack serial, create c, creation date, cryptexportkey, cus olet, cyber threat, data, data redacted, date, date hash, ddos, defense evasion, detection list, dlls defense, dll sideloading, dlls privilege, dns replication, dns resolutions, dnssec, dock, domain, domain check, domain name, domain status, dostpne jzyki, download, downloader, download full, dynamicloader, email, emails, emotet, encrypt, encrypt cne1, engineering, entries, error, evasion, executable, expiration date, expiry date, exploit, ezcrack all, facebook, file, filehash, files, file samples, files copied, files domain, files dropped, files ip, files location, files matching, files related, first, flag united, flow t1574, formbook cnc, france unknown, fraud risk, free, generic windos, germany, germany unknown, gmt content, gmt contenttype, gmt server, google domain, google safe, grum, gustier, hacktool, hash, hashes, head body, header intel, head title, high, high defense, historical ssl, hostname, hostnames, html public, ids detections, ietfdtd html, info compiler, infrastructure, intel, internet mobile, invalid url, iocs, ip address, ip summary, ip traffic, ipv4, just, key algorithm, key info, keys license, kingdom unknown, language, location poland, luna moth, mail spammer, malicious, malicious site, maltiverse, malware, malware trojan, media t1091, medium, memcommit, menu files, meta, meta http, microsoft stuff, million, mitre att, modify existing, module load, modyfikuj stref, moved, ms windows, mtb feb, mtb mar, mx a, name, name md5, name servers, namesilo, next, number, nxdomain, ordination, os2 executable, otx scoreblue, overview ip, passive dns, pe32 executable, pe resource, phishing, please, pointers, poland unknown, posix tar, postal code, pragma, privacy, privacy admin, privacy create, privacy tech, problems, products id, provides, pulse pulses, pulse submit, pungency, push, query, query time, read c, record type, record value, redacted for, referrer, registrant fax, registrar, registrar abuse, registrar iana, registrar url, registry, related, related nids, related pulses, replication, reverse dns, runescape, safe site, sample, samplepath, samples, sapphire, scan endpoints, script, script domains, script urls, search, server, service, sha256, shellexecuteexw, show, showing, singapore asn, site, site kit, software, softwares, spawns, stateprovince, status, stream, subject public, summary, suppobox, support, susp, suspicious, switch dns, t1031, t1055, t1055 spawns, table, td td, td tr, team, team phishing, telefonica co, threat network, title, title head, tofsee, traffic, trojan, trojandropper, trojan features, trojanspy, tr table, tr tr, ttl value, type, type name, type texthtml, udp a83f8110, united, united kingdom, unknown, updated date, url analysis, url https, urls, urls http, url summary, user, utwrz stref, v3 serial, validity, vary, verdict, version crack, virgin islands, virtool, whitelisted, whois lookup, win16 ne, win32, win32botgor, win32 exe, win32mofksys, win32qqpass, win32salgorea, win32tofsee, win32vb, window, windows, winhttp authip, wordpress site, worm, worm worm, write, write c, writeconsolew, written c, x00x00, yara detections, yara rule, zbot

• View other sources: Spamhaus VirusTotal

• Country: British Virgin Islands
• Network:
• Noticed: 5 times
• Protocols Attacked: SSH
• Countries Attacked: United States of America
• Passive DNS Results: supermercadoida.com sipaqp.com www.sipaqp.com acohagan.com leximialawfirm.com www.leximialawfirm.com www.breezyfreelancelife.com agrstonework.com www.turtleparkllc.com blog.rpnuri.com www.blog.rpnuri.com main-street-gallery.org www.main-street-gallery.org soterotech.net brilliantcareer.org navigatinghomeschoolinguniquelearners.com www.navigatinghomeschoolinguniquelearners.com meldeirosonlinemarketing.com motheroftwohs.com jeannemorales.com abundantauthorsolution.com www.garrconnect.org globono-org.damianwampler.com wamplerimage.damianwampler.com sisaingenieros.nieesac.com garrconnect.org eemzot.com www.eemzot.com thepeargroup.com www.yeswaycrochet.com yeswaycrochet.com www.azventuresinc.com www.hvizd-site.modige.com hvizd-site.modige.com yourrealestate-agency.modige.com www.yourrealestate-agency.modige.com www.theunconventionaladdict.com sweetappleslearningcenter.org www.vacationrentalsloscabos.com vacationrentalsloscabos.com ficprisonministry.com www.marpinh.com www.pmera.org pmera.net pmera.org indigipopx.com www.gingersnapcreativedesign.com gingersnapcreativedesign.com hotcustoms-top.hytdiycustom.com hudieca-top.hytdiycustom.com www.hotcustoms-top.hytdiycustom.com www.hudieca-top.hytdiycustom.com trendemagazine.com religionlessxianity.org www.religionlessxianity.org tritionencinitas.stoakedwet.com www.tritionencinitas.stoakedwet.com golddustmagazine.com www.golddustmagazine.com www.nexusdesigns.lakeatitlanwomenweavers.com nexusdesigns.lakeatitlanwomenweavers.com www.mxcap.net mxcap.net archtechbc.com www.archtechbc.com oasisschools.farmthru.org www.oasisschools.farmthru.org www.glassacteyewear.com www.tepitoboys.com volksaver.biz www.slowtravelcafe.com website-4718c8f1.mosharif.com www.website-4718c8f1.mosharif.com www.spotify.jaqhavoq.com en.totalcloudadvisory.com track.sl.quantumroofingllc.com lifeofkuhlathome.com almadamedical.com astonautorepair.com timh.org www.gimmethegarlic.com www.appliancearts.revolucaonacozinha.com appliancearts.revolucaonacozinha.com www.beexcitedhq.com medicalresearch101.com e-poweredsolutions.com hccbc.net betweentwoheads.com website-1217ed7c.hondunetwork.com hondunetwork.com www.website-1217ed7c.hondunetwork.com www.hondunetwork.com burienculture.burienculturehub.org www.itarchitex.com octbgwww.dev.seattlevacancy.com trbchecksreviews.com www.trbchecksreviews.com www.blibet.com blibet.com www.victoriagarlick.com laporciondelmarcom.boveda-creativa.net website-01baa5eb.poweredbygrenfell.com www.website-01baa5eb.poweredbygrenfell.com stylesbyshaina.com www.stylesbyshaina.com aprilapothecary.com www.petroneering.asia-offshore.com petroneering.asia-offshore.com www.redpublicadeheroes.org redpublicadeheroes.org batiscia.com www.qm-usa.com www.passivelyinvest.com www.wnetwork.info ipacusa.com www.www.thehabitsofprofit.com cpcontacts.nationalwellnessassociation.org www.thehabitsofprofit.com www.cpcontacts.nationalwellnessassociation.org gotstrings.com just-thinkin.net findingharmonycoach.com xn–hy1bv3cft39p8umdzt.com trustwood-sa.com www.trustwood-sa.com www.underachievedrebels.com underachievedrebels.com orangebeancoatings.com repere.sdmliaisons.org www.trackingyourphone.com trackingyourphone.com doorcountysocialmedia.com wetourportugal.com www.wetourportugal.com executivemediamanagement.com www.executivemediamanagement.com www.intellixstrat.com thebeatprogram.com thebearfisherking.com yiesafrica.com www.seapinesmontessori.com quenbyfung.com www.quenbyfung.com resultsmatterpodcast.com www.polishedchap.com yudati.com michaelspake.com www.michaelspake.com bag2vent.com ritzenith.com brettmusco.com www.brettmusco.com www.maryhartmannjewelry.com maryhartmannjewelry.com www.stephaniehelmersross.balancenowzenandpow.com stephaniehelmersross.balancenowzenandpow.com www.visitor.kontzeng.com visitor.kontzeng.com novahomestyler.com www.novahomestyler.com tamidmedicalgroup.com www.bglightphotography.com exoticpetsplace.com bglightphotography.com www.tamidmedicalgroup.com mathaqalumarah.com www.store.covecreeklavender.com www.motorhomesandmore.com motorhomesandmore.com www.p2pspot.com p2pspot.com alisonlevy.com www.geramy.com www.theaxiomfather.com theaxiomfather.com masterpiecetattoosf.com geramy.com www.inscriptionwellness.com aplacenomancanfollow.com www.tonyszabo.com tonyszabo.com bareboneschemistry.com website-56e1ae9d.asfood-sa.com www.website-56e1ae9d.asfood-sa.com www.thrupthikundar.com thrupthikundar.com ullmanpublishing.com ttosystem.com www.ullmanpublishing.com www.ttosystem.com tituselectric.net www.tituselectric.net www.ukiahterraceapartments.com www.trumpchicagohome.com trumpchicagohome.com collectivesrx.com elevatedtexan.com www.elevatedtexan.com magnoliowellness.com www.magnoliowellness.com www.pathwaytoadultingacademy.com pathwaytoadultingacademy.com www.mathaqalumarah.com sologuardian.com www.innerworkart.com www.website-46c099db.snowgumconsulting.com website-46c099db.snowgumconsulting.com www.plantifultravels.com sagepharmaco.com.deepvisionshop.com bodroon.com.deepvisionshop.com www.sagepharmaco.com.deepvisionshop.com www.bodroon.com.deepvisionshop.com www.fuzzypov.com www.bvtinvestments.com bvtinvestments.com plcusa.info www.hirconl.com hirconl.com oboadvocacy.com www.oboadvocacy.com www.buyoae.com buyoae.com www.fromnairsdesk.com fromnairsdesk.com svyrapp.com opponline.org www.opponline.org www.philo-uqam-cegep.com philo-uqam-cegep.com www.mywherewithal.com www.gregorioremodeling.com mywherewithal.com www.sousshelfs.com capecodparadise.net www.capecodparadise.net www.naughtyball.com naughtyball.com upperlakesbasketball.com www.upperlakesbasketball.com www.frequencyland.com www.members.contentprepacademy.com members.contentprepacademy.com axa-group-co.cruzautoltda.com www.axa-group-co.cruzautoltda.com www.grouchcave.toddlersandtyrants.com grouchcave.toddlersandtyrants.com wellventura.com www.wellventura.com www.mgdwashedupcarwash.com mgdwashedupcarwash.com yyhuanglaura.com www.yyhuanglaura.com mcchristianacademy.org cainspartyrentalsandmore.com www.hellospringco.com asambleaenlinea.com coralmemory.org www.coralmemory.org www.integritysphere.aleksoft.net integritysphere.aleksoft.net kevinsmullin.com www.israelimusiconline.stamplessmarketing.com www.shronfamily.stamplessmarketing.com shronfamily.stamplessmarketing.com israelimusiconline.stamplessmarketing.com www.heidicruz.dancingontheroof.com heidicruz.dancingontheroof.com shelbiewrites.com acheteurdemaisonquebec.com restshed.com www.restshed.com www.vkccu.net vkccu.net pennium.com www.pennium.com www.elyruiz.com elyruiz.com iits-ae.iconicisometric.com www.iits-ae.iconicisometric.com www.findyourwealthy.com www.weedatesapp.com penwick.uwbudgeting.com www.penwick.uwbudgeting.com www.healthystart.uwbudgeting.com healthystart.uwbudgeting.com healthystartlactation.uwbudgeting.com www.healthystartlactation.uwbudgeting.com willowisefoundation.com panesparaelalma.com www.panesparaelalma.com www.ainemarketing.com lightofthebay.com www.mantras.newagetreasure.com mantras.newagetreasure.com friendlydwelling.com www.5stepstosupersaiyan.com 5stepstosupersaiyan.com cabogroundservicesandactivities.com www.cabogroundservicesandactivities.com drupal8.spanmag.com www.drupal8.spanmag.com update.spanmag.com www.update.spanmag.com genyskinhope.com johngarrisononline.com www.appuniversity-es.publicartuarticulo.com www.juegos-pasteles.publicartuarticulo.com lenceriaerotik.publicartuarticulo.com www.marketinalia.publicartuarticulo.com marketinalia.publicartuarticulo.com juegos-pasteles.publicartuarticulo.com www.lenceriaerotik.publicartuarticulo.com appuniversity-es.publicartuarticulo.com www.all-adwords.publicartuarticulo.com all-adwords.publicartuarticulo.com cursosem-net.publicartuarticulo.com publicartuarticulo.com www.cursosem-net.publicartuarticulo.com www.publicartuarticulo.com www.beta.screamingforvintage.com countrygrocery.net www.countrygrocery.net volunteerhealthprofessionals.org www.volunteerhealthprofessionals.org js3sllc.com techncodex.com shophvg.com survivalisthomestead.com parentbeastgaming.net www.bestopportunityonline.com amscapitalinvestments.com adventureinblack.com www.website-626c905e.discernwithmercy.com website-626c905e.discernwithmercy.com chelseagardner.com www.promotionphotovideo.com promotionphotovideo.com www.overmylashes.com lawlawlong.com www.bagsdr.org bagsdr.org redhatlyrics.com www.poppytex.com poppytex.com www.petstogo.georgereis.com petstogo.georgereis.com rekaf.net www.rekaf.net www.griffsgreens.com wildjackstreats.com www.wildjackstreats.com nmschoolofyoga.com www.nmschoolofyoga.com www.tcenterllc.com tcenterllc.com timesharesecrets.net www.fedbusters.com fedbusters.com www.sixweeksinthemiddleeast.com www.roofing.nuesite.com www.lawnservice.nuesite.com lawnservice.nuesite.com www.hvac.nuesite.com hvac.nuesite.com roofing.nuesite.com www.spincitymat.com spincitymat.com www.flinttoothfairy.org flinttoothfairy.com www.flinttoothfairy.com flinttoothfairy.org modernawesome.com www.modernawesome.com www.axonathletics.com www.palmariojewelry.com palmariojewelry.com travel.gigivaldez.com www.travel.gigivaldez.com gwentconcretenetwork.com enjoyfreefall.com inestwine.com www.affordablesolartx.com cvlsolutions.net cdn-6.pythonpip.com www.webmail.corporateboxingevent.com www.mail.corporateboxingevent.com webmail.corporateboxingevent.com wordwanderings.com www.wordwanderings.com www.gardeningcurious.com www.dreamstargetaways.com fastfatburnboss.com www.wishurban.com wishurban.com royalshiptw.com srlaekeonlinemktg.com www.dramshopdefense.com dramshopdefense.com shopnjsm.com www.shopnjsm.com txtwisters.org www.txtwisters.org waxwerkcandleco.com www.waxwerkcandleco.com www.chezchefs.com www.newpoolcode.com newpoolcode.com mpcdc.org www.mpcdc.org www.karlynruns.org karlynruns.org www.iceagecrunch.com iceagecrunch.com profanechef.com www.profanechef.com www.judyharris.com judyharris.com www.gcattire.com www.ryanrpennington.com ryanrpennington.com refertostephanie.com www.refertostephanie.com aprendiendobim-org.millionairemindsetreview.com www.aprendiendobim-org.millionairemindsetreview.com www.hungryforbliss.thespiritjungle.com hungryforbliss.thespiritjungle.com www.itsthewayyousayit.com itsthewayyousayit.com mappingwonders.com jobdadi.com www.proveedormultiplesa.com www.website-191d62d1.brahmandayoga.com website-191d62d1.brahmandayoga.com www.ams-palmdesert.com ams-palmdesert.com theconcussioncoach.lifeinspiredcoach.com www.theconcussioncoach.lifeinspiredcoach.com www.indulgebyparisa.com indulgebyparisa.com romanshadesplus.com www.minizakis.com www.skissiks.com skissiks.com the42code.com media.asambleaenlinea.com www.byronnavas.com byronnavas.com rizzoplumbingandheating.manometplumbing.com www.rizzoplumbingandheating.manometplumbing.com rvvitals.com housevitals.kevinjeffs.com www.rvvitals.kevinjeffs.com www.rvvitals.com rvvitals.kevinjeffs.com www.housevitals.kevinjeffs.com www.pennsylvaniapatriotcoalition.com www.hooksettrentatool.com hooksettrentatool.com www.survivalisthomestead.com www.24degreeinteriors.com www.sidelineexposure.com sidelineexposure.com bookings.aswinsarang.com chaseterranova.com www.chaseterranova.com arrivals.thesatorilab.com www.amazinggracenursingcare.com goodmoviesamerica.com tomieraines-newsletter.com www.tomieraines-newsletter.com massmailer.themarvals.com tech.osciogroup.com www.tech.osciogroup.com selectcontractingltd-ca.sheenaraebeauty.com www.selectcontractingltd-ca.sheenaraebeauty.com org.familyschulz.net www.org.familyschulz.net stonebridgesurfaces.com childskingdompreschool.net www.diversity-dive.com diversity-dive.com godappdemo.net cbdsidekick.com fredamoreno.com stemmermans.com va-ads.com www.va-ads.com hiphop4ahealthyheart.com www.hiphop4ahealthyheart.com box2531-temp-domains.gwemblog.com www.box2531-temp-domains.gwemblog.com www.parrotlearning.bsacrew494.com twah-info.hkah.net www.twah-info.hkah.net slsalam.auto-pal.com www.slsalam.auto-pal.com michaelpalladini.com www.michaelpalladini.com www.jeanaatkison.com itsparkedjoy.com

Malware Detected on Host

Count: 9 768c3fc59589decb6f742ed3ecff533800da9952b0d0d658f51c2fbade5562fb f3c2569b4a2b5e9e4fd5da6ce1c6034be648cf113ce11619fccba10abafe86fe 4f9cae3b5a0a3ec8ca2bcd36eb5d16fc31bcc9925d7a50e255a2af1ad04bad72 522577a88f7ac599efd8fd9eb416ed979b138981083f8ecb440602cc65f9f9d3 b2e08d5a7c6b27be72a5c0c5851dff9695922fefba57bb48e42d5828e1827658 024b86a718d5a908b41bbe6481156ddf701431d106676fe9e4ed5ae99c64d6c0 c2b5482eb7b5ac59e6cafb521d05e37544b94a8ff233e69a474b0a210d38c0e2 7efede89f526cbac8bf856c775924cfbe0e9bea3dc90d6c68e169cd49895e853 106a09a4d636dff47577e4e61e2cb5288e8f362441d7ef616abb656653678162

Open Ports Detected

80

CVEs Detected

CVE-2018-16845 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-23017 CVE-2021-3618 CVE-2023-44487 CVE-2025-23419

Map

Whois Information

• NetRange: 66.81.192.0 - 66.81.207.255
• CIDR: 66.81.192.0/20
• NetName: CN
• NetHandle: NET-66-81-192-0-1
• Parent: NET66 (NET-66-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Confluence Networks Inc (CN)
• RegDate: 2017-01-23
• Updated: 2021-03-10
• Comment: Hosted in Austin TX
• Ref: https://rdap.arin.net/registry/ip/66.81.192.0
• OrgName: Confluence Networks Inc
• OrgId: CN
• Address: 3rd Floor, J & C Building, P.O. Box 362
• City: Road Town
• StateProv: Tortola
• PostalCode: VG1110
• Country: VG
• RegDate: 2011-04-07
• Updated: 2024-11-25
• Ref: https://rdap.arin.net/registry/entity/CN
• OrgAbuseHandle: ABUSE3065-ARIN
• OrgAbuseName: Abuse Admin
• OrgAbusePhone: +1-415-449-4704
• OrgAbuseEmail: abuse@confluence-networks.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3065-ARIN
• OrgTechHandle: TECHA29-ARIN
• OrgTechName: Tech Admin
• OrgTechPhone: +1-415-358-0891
• OrgTechEmail: noc@confluence-networks.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TECHA29-ARIN
• OrgNOCHandle: NOCAD51-ARIN
• OrgNOCName: NOC Admin
• OrgNOCPhone: +1-415-358-0891
• OrgNOCEmail: noc@confluence-networks.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOCAD51-ARIN