116.206.104.141 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 116.206.104.141 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Known Malicious Host 🔴 77/100

Host and Network Information

• Mitre ATT&CK IDs: T1021.001 - Remote Desktop Protocol, T1110 - Brute Force, T1184 - SSH Hijacking, T1192 - Spearphishing Link, T1194 - Spearphishing via Service, T1442 - Fake Developer Accounts, T1454 - Malicious SMS Message, T1566 - Phishing, T1583.001 - Domains, T1583.006 - Web Services, T1585.001 - Social Media Accounts, T1586 - Compromise Accounts, T1591.002 - Business Relationships

• Tags: anydesk, as15169 as16509, as19871 as22612, as9002, business email compromise, c2, caas, cyber security, fraud, hosting, identifying, ioc, malicious, Nextray, parked domains, phishing, scams, ssh hijacking, typosquatting

• JARM: 29d29d15d29d29d00042d42d0000009435214b849738c4ebab4534b5d158dd

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: hphosts_emd, hphosts_fsa, hphosts_psh

• Country: Seychelles
• Network:
• Noticed: 30 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: honnarasarts.com www.rkupvcwindows.com www.southerngroup.co www.aahaarerp.com.dataman.in aahaarerp.com www.paperbizerp.com.dataman.in paperbizerp.com www.thekhalsa.org peafowlinteriors.in acha.cursortech.in www.acha.cursortech.in www.cursorprior.com.cursortech.in fusiontechlab.online www.businesso.epitomeitsolutions.com businesso.epitomeitsolutions.com www.laxmicoebazpur.com www.webmin.jrhosting.in www.indianhealthcaresupport.com.dataman.in indianhealthcaresupport.com.dataman.in indianhealthcaresupport.com rrsledbulb.com product.webtis.in ping-me.in www.jrcrm.jrhosting.in demo2.hotelsidhvedantha.com www.demo2.hotelsidhvedantha.com www.dcm.jrhosting.in titancapitalworld.com www.inventory.fusiontechlab.com www.jeetojoker.fusiontechlab.com www.protechman.jrhosting.in dataman.net.in.dataman.in dataman.net.in www.dataman.net.in.dataman.in datamannet.com.dataman.in www.datamannet.com.dataman.in datamannet.com bishopjames.in www.advancetechforge.com www.ramanoverseas.com tradyzz.cursort.com www.jeevanapp.com robobenz.world mail.zoptin.com.bh-in-35.webhostbox.net mail.purpuligo.com.bh-in-35.webhostbox.net mail.hhh.com.bh-in-35.webhostbox.net bh-in-35.webhostbox.net sitcommercialbrokers.com mail.southerngroup.co bancamps.yathirai.com www.clearaligner.dentalexperience.in clearaligner.dentalexperience.in www.app.dalhousieadventure.com app.dalhousieadventure.com www.firstride.jrhosting.in www.globally-life.com bisolutionsindia.com www.metaforecoin.com mymartstore.com metaforecoin.com wtonlineshope.com pos.amitkumarsoni.com www.pos.amitkumarsoni.com www.letsgo786.com mylifehappy.in sgsgroup.online citroen-akshatmotors.com www.realestate.purpuligo.com realestate.purpuligo.com jeevanapp.com miliontrades.com d2d.purpuligo.com d2dadmin.purpuligo.com rocfinances.com chaskaatl.com cashehub.com webmail.kastham.in www.islamic.jrhosting.in www.malhotraelectrical.jrhosting.in www.newcityconstructions.jrhosting.in biliontrade.com www.e-helpindia.com www.kastham.in letsgo786.com truckersabode.in ping-me.jindevinfotech.com www.ping-me.jindevinfotech.com www.team.jrhosting.in globally-life.com wamitsolutiondxb.com www.saaraholidays.jrhosting.in www.abdabm.com tml2.purpuligo.com www.tml2.purpuligo.com carrefourlogistics.com spcnlko.org vw-kashi.co.in sbgchat.io www.tml.purpuligo.com tml.purpuligo.com www.smartlifecrowdfunding.com smartlifecrowdfunding.com www.himachaldrugpharma.xerohub.com himachaldrugpharma.com himachaldrugpharma.xerohub.com garunlogistics.com www.sec18ceju.cursort.com www.barebonesfitness.jrhosting.in www.unitingtrades.jrhosting.in www.shinebondcleaning.jrhosting.in www.rimeelectrical.jrhosting.in www.perfectionpressurecleaning.jrhosting.in www.pro-mechanical.jrhosting.in www.naturalthaimassageanddayspa.jrhosting.in www.lckitchenandstone.jrhosting.in www.grudrivingschool.jrhosting.in www.fitashf.jrhosting.in www.caseywheelchairmaxitaxis.jrhosting.in www.cheapestpatio.jrhosting.in www.agboxmis.boxfarming.in agboxmis.boxfarming.in logistics.amitkumarsoni.com www.logistics.amitkumarsoni.com www.biliontrades.com uniqwhizz.com www.product.webtis.in www.suda.purpuligo.com suda.purpuligo.com abosesha.cursort.com dipspariwar.cursort.com rvizon.in www.itcryons.com www.hiraautomation.com www.activeprints.cursort.com www.arunjivitahotel.com sbgforex.io www.sdprrdcatwavack.ssdcmaudaha.org www.birdnest.in mymartstore.in www.happyrides.samsunbiotech.com www.himayush.com www.ssdcdhanikhera.ssdcmaudaha.org www.gdcpokhari.ssdcmaudaha.org shiv-interiors.com www.saturnwebmedia.com www.manage.fusiontechlab.com manage.fusiontechlab.com visitindxb.com www.ajrakhblockprints.com abdullatahirtrading.com careershapify.com licenceplus.jrhosting.in www.licenceplus.jrhosting.in staging.phpwork.co.in autofix.co.in biliontrades.com betatrade.world debonaircrafts.xerohub.com www.debonaircrafts.xerohub.com debonaircrafts.com www.cc.cursort.com gsftest.aweil.in www.i-milk.purpuligo.com i-milk.purpuligo.com www.drsahaiclinic.drshalinimohan.com drsahaiclinic.drshalinimohan.com autofix.co.in.xerohub.com www.autofix.co.in.xerohub.com www.mvrhydrocare.com www.trendsetgraphics.com www.hbpostureclinic.com www.tradyzz.cursort.com www.crm.zaaratour.com gainongain.com www.akaaltravels.jrhosting.in akaaltravels.jrhosting.in www.cloth-software.dataman.in www.construction-software.dataman.in www.hotelnar-indra.ssdcmaudaha.org www.hsv.hotelsidhvedantha.com hsv.hotelsidhvedantha.com www.smallscalemachines.in uniqwhizz.amitkumarsoni.com www.uniqwhizz.amitkumarsoni.com emagicaglobal.com emagicaglobal.com.cursort.com www.emagicaglobal.com.cursort.com www.htnursing.org.cursort.com htnursing.org.cursort.com htnursing.org www.concorde.jrhosting.in concorde.jrhosting.in www.concrode.jrhosting.in concrode.jrhosting.in easttoday.in prachibioenergy.com www.narainmarketing.samsunbiotech.com narainmarketing.samsunbiotech.com nasaexportchemicals.com varghesemoolanfoundation.com www.hospital-software.dataman.in paperbiz.dataman.in www.teamcursor.com.cursort.com teamcursor.com.cursort.com teamcursor.com www.hotel.cursortech.in www.ecom.cursortech.in www.pharma.cursortech.in www.service.cursortech.in www.naimisharanya.ssdcmaudaha.org www.transapi.smsmantra.in transapi.smsmantra.in wwytrade.com www.lilliankleanandkare.com.au e-helpindia.com psosmarketing.com lifeeasy.online www.lifeeasy.online ramanoverseas.com www.restaurant.cursort.com www.pos.cursortech.in pos.cursortech.in www.toongabbietobacconist.com.au www.pace-india.samsunbiotech.com pace-india.in pace-india.samsunbiotech.com www.retail.cursort.com dogerich.in www.dostojee.com.cursort.com dostojee.com www.cursorlearning.com.cursort.com cursorlearning.com purelineorganic.com realbul.com www.continex.in spinwins.live www.shivinteriors.amitkumarsoni.com shivinteriors.amitkumarsoni.com magnusfurniture.in www.aspwork.magentowork.co.in zstylish.magentowork.co.in www.zstylish.magentowork.co.in ramkrishna.samsunbiotech.com www.ramkrishna.samsunbiotech.com www.nishantclasses.samsunbiotech.com nishantclasses.samsunbiotech.com www.arunjivitahotel.arunjivittahotel.com arunjivitahotel.arunjivittahotel.com www.dmaarogya.samsunbiotech.com dmaarogya.samsunbiotech.com sahyogekmission.samsunbiotech.com www.sahyogekmission.samsunbiotech.com hotelsaketpalace.samsunbiotech.com www.hotelsaketpalace.samsunbiotech.com www.shrirpporwalhospital.samsunbiotech.com shrirpporwalhospital.samsunbiotech.com tathastuhotel.ssdcmaudaha.org www.tathastuhotel.ssdcmaudaha.org www.hotelvilas.ssdcmaudaha.org hotelvilas.ssdcmaudaha.org www.hotelgurdeep.ssdcmaudaha.org hotelgurdeep.ssdcmaudaha.org www.hotelrajkamalsingrauli.ssdcmaudaha.org hotelrajkamalsingrauli.ssdcmaudaha.org test.dolgroup.in www.test.dolgroup.in www.nationalnettingindustriesvns.ssdcmaudaha.org nationalnettingindustriesvns.ssdcmaudaha.org smcsonline.ssdcmaudaha.org www.smcsonline.ssdcmaudaha.org www.chandnihospital.ssdcmaudaha.org chandnihospital.ssdcmaudaha.org zaaratour.com qsync.amitkumarsoni.com www.qsync.amitkumarsoni.com www.tirupatitransformer.com epossive.us sumitnaru.com www.sumitnaru.com.cursort.com sumitnaru.com.cursort.com gsf.aweil.in www.dolgroup.in svassets.in www.d2dadmin.purpuligo.com www.d2d.purpuligo.com snslabz.in www.snslabz.in.cursort.com snslabz.in.cursort.com webtis.xyz www.payment.cursortech.in payment.cursortech.in amazonrobottrading.com tours.cursortech.in www.tours.cursortech.in www.billing.cursortech.in billing.cursortech.in www.brisbane.jrhosting.in brisbane.jrhosting.in www.uclap.cursort.com resignperfume.com www.resignperfume.cursortechnology.net www.car-rent.cursortech.in car-rent.cursortech.in oxar.in jketapes.com www.jketapes.cursortechnology.net www.broncoequestrian.com admin.orgototours.com orgototours.com.cursorstudios.com www.orgototours.com.cursorstudios.com www.hotel.cursort.com www.retail2.cursort.com www.aweil.in aweil.in www.technodoors.co.in www.food.cursort.com www.esuvery.tomynature.com esuvery.tomynature.com jainschooldimapur.com evedicmitra.com spacepath.in shilpaagencies.co.in app.profuturehosts.com www.app.profuturehosts.com siddhivinayakimpex.com nbcfdc.dataman.in www.nbcfdc.dataman.in www.rera.dataman.in www.vastralaya.dataman.in www.paper.dataman.in www.paperbiz.dataman.in www.college-software.dataman.in dev1.pourtek.com pourtek.com.cursort.com www.pourtek.com.cursort.com www.yathirai.com broncoequestrian.com drshalinimohan.com dipspariwar.com www.dipspariwar.cursort.com reports.rindz.co.in www.bancamps.yathirai.com www.mps.yathirai.com sundiagnostic.in profuture.live cursortech.com.bd cursortech.com.bd.cursortech.in www.cursortech.com.bd.cursortech.in insobc.in bpo.magentowork.co.in www.bpo.magentowork.co.in esurvey.tomynature.com www.esurvey.tomynature.com utrade24.com www.adlindia.ardhilax.com adlindia.ardhilax.com kiaantea.com www.kiaantea.cursort.com www.g-martshopy.biz g-martshopy.biz rodtourism.com himayush.com ramkrishna.in www.learn.cursort.com taskindia99.live hotelsaketpalace.com grahaak.com www.grahaak.com www.atulbanga3di.3di.info atulbanga3di.3di.info atulbanga3di.com aaratoken.com narainmarketing.in empireuae.buzz uniformer.in meenaximaritime.com ecashindiaonline.com robottrading.buzz www.britishbrothers.creationgrid.com britishbrothers.creationgrid.com gevinsttech.com happyrides.co.in webdisk.angamalyorthodoxchurch.com lifezone.live falconauctions.in ajrakhblockprints.com redlemon.in hugebonus.yathirai.com www.hugebonus.yathirai.com simsartravel.com bonus.yathirai.com www.bonus.yathirai.com darshafoods.com www.ultralabcentre.com inrmaster.com tasksindia.com www.stpaulscoachingcentre.com new.pmsrudrapur.com www.new.pmsrudrapur.com www.kallakurichinews.net www.darshafoods.in darshafoods.in mobileshop.phpwork.co.in matrimonial.phpwork.co.in multivendor.phpwork.co.in eurolinklanguageacademy.assetss.in singlevendor.phpwork.co.in chandnihospital.in falconhoard.com kallakurichinews.com www.aapkamunshi.webmaster.ind.in aapkamunshi.com www.falcon.amitkumarsoni.com falcon.amitkumarsoni.com www.shreeramtourism.com www.rannbhoomiresort.webmaster.ind.in adlindia.org www.hotelcityinn.org rannchandniresort.com drsahaiclinic.com www.bitcoinbro.murarilalagrawal.com bitcoinbro.murarilalagrawal.com www.erp.auspiciousspace.in erp.auspiciousspace.in tathastuhotel.com www.nihwf.com mymovingpartner.phpwork.co.in onttechnologies.com www.export.valenzaceramic.com export.valenzaceramic.com hindcaregroup.in www.elitedigitalmarketing.co.in www.hfa.purpuligo.com hfa.purpuligo.com deskeye.in mis.phpwork.co.in portal.sahasratechnik.com www.portal.sahasratechnik.com www.eurolinklanguageacademy.assetss.in eurolinklanguageacademy.com earnbigmoney.in asmcfatehpur.com lms.sinceant.com www.lms.sinceant.com dlrlogistics.com www.amazeklickers.in www.currentaffairs.yuvaplus.in currentaffairs.yuvaplus.in www.crm.digitalfaizan.com tawangnews.com arconstruction.co.in deye.jindevinfotech.com www.deye.jindevinfotech.com dream2money.com dmaarogya.com zinglestar.com www.cityeyehospital.cursortechnology.net manobhumi.org.in www.manobhumi.cursortechnology.net cityeyehospital.in www.omtamangit.skytravelholiday.com www.durgagroupind.webmaster.ind.in durgagroupind.com www.yuvaplus.in www.old.yuvaplus.in old.yuvaplus.in nomadicworkwear.com tgcltours.com wealthtechnology.in ramanimmigration.com www.books.skywipers.com books.skywipers.com www.happyholidaysbhuj.com www.myshopbazzar.com www.ozinskilltech.cursortechnology.net ozinskilltech.com www.prod.newsonarbanglaresort.co.in prod.newsonarbanglaresort.co.in www.tollywoods.cursortechnology.net imagenic.co.in www.imagenic.cursortechnology.net www.thejoinhands.org thejoinhands.org www.pinnaclenest.com www.foozzy.futuredream.live www.cheerzzsolutions.com foozzy.online charity2poor.com www.myjobmychoices.com mohanifoods.in mohaniproducts.com www.brin.cursortechnology.net brin.co.in blueworldindia.cpsahayatasamiti.com www.blueworldindia.cpsahayatasamiti.com blueworldindia.co.in omtamangit.com www.wednstyle.com razarefrigeration.in www.admin.agriquest.info

Malware Detected on Host

Count: 2 df84e7e45f03aa2e0237ce8510611aff9cbf8be088aace94de3b3211ce07f1dd c7c94492f3a571d7c6870d7bc5b80b0e689750e4d6a1838dfe5021201e65fb88

Open Ports Detected

110 2077 2082 2083 2086 2087 21 22 2222 26 3306 443 465 53 587 80 993 995

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

• inetnum: 116.206.104.0 - 116.206.104.255
• netname: PDRO1-AP
• descr: Public domain registry Operations
• country: IN
• geoloc: 19.1140343 72.8921789
• admin-c: PDRO1-AP
• tech-c: PDRO1-AP
• abuse-c: AB1339-AP
• status: ALLOCATED NON-PORTABLE
• mnt-by: MAINT-BR-IN
• mnt-irt: IRT-BR-IN
• last-modified: 2021-01-06T13:12:40Z
• irt: IRT-BR-IN
• address: GPX India. Unit A-001 Boomerang Chandivali Farm Road Andheri East, Mumbai 400072, India
• e-mail: noc@publicdomainregistry.com
• abuse-mailbox: abuse@publicdomainregistry.com
• admin-c: BSLA2-AP
• tech-c: BSLA2-AP
• mnt-by: MAINT-BR-IN
• last-modified: 2025-05-30T16:27:21Z
• role: ABUSE BRIN
• country: ZZ
• address: GPX India. Unit A-001 Boomerang Chandivali Farm Road Andheri East, Mumbai 400072, India
• phone: +000000000
• e-mail: noc@publicdomainregistry.com
• admin-c: BSLA2-AP
• tech-c: BSLA2-AP
• nic-hdl: AB1339-AP
• abuse-mailbox: abuse@publicdomainregistry.com
• mnt-by: APNIC-ABUSE
• last-modified: 2025-05-30T16:27:40Z
• role: Public Domain Registry Operations
• address: GPX India. Unit A-001 Boomerang Chandivali Farm Road Andheri East, Mumbai 400072, India
• country: IN
• phone: +1.2013775952
• e-mail: abuse@publicdomainregistry.com
• admin-c: PDRO1-AP
• tech-c: PDRO1-AP
• nic-hdl: PDRO1-AP
• notify: abuse@publicdomainregistry.com
• mnt-by: MAINT-BR-IN
• last-modified: 2016-05-02T17:30:44Z

Links to attack logs

****** ****** ******