116.206.105.72 Threat Intelligence and Host Information

Jun 12, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 116.206.105.72 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Known Malicious Host 🔴 80/100

Host and Network Information

Mitre ATT&CK IDs: T1021.001 - Remote Desktop Protocol, T1027 - Obfuscated Files or Information, T1053 - Scheduled Task/Job, T1110 - Brute Force, T1184 - SSH Hijacking, T1192 - Spearphishing Link, T1194 - Spearphishing via Service, T1218 - Signed Binary Proxy Execution, T1220 - XSL Script Processing, T1442 - Fake Developer Accounts, T1454 - Malicious SMS Message, T1564 - Hide Artifacts, T1566 - Phishing, T1583.001 - Domains, T1583.006 - Web Services, T1585.001 - Social Media Accounts, T1586 - Compromise Accounts, T1591.002 - Business Relationships
Tags: adwind, adwind rat, agent tesla, agenttesla, aggah, alienspy, all at, amadey, ammyy, ammyy admin, andromut, angler, anydesk, apart, april, as15169 as16509, as19871 as22612, as9002, asyncrat, august, aurora, ave maria, axpergle, azorult, belarus, bitcoin, bladabindi, bokbot, browserpassview, business email compromise, c2, caas, chacha, chanitor, chatgpt, chthonic, click, cloudeye, cobalt strike, cobaltstrike, copy, cridex, crimson, crimson rat, cryptbot, crysis, cve201711882, cyber security, danabot, darkcomet, darkside, desktop, dharma, discord, dofoil, dridex, dunihi, dyre, egregor, emotet, eternalblue, execution, fallout, fareit, february, first, flawedammy, flawedammyy, formbook, fraud, friendly, gandcrab, glupteba, gootkit, gozi, guloader, hancitor, hawkeye, hermes, hosting, houdini, hunter, hworm, icedid, identifying, ioc, jenxcus, june, kill, killswitch, loader, lockbit, loki bot, lokibot, macos, mailpassview, mailto, maldoc, malicious, malspam, malware, march, mars, maze, mega, mexico, mimikatz, nanocore, nanocore rat, napoleon, nemty, netwalker, netwire, neutrino, next, Nextray, njrat, nuclear, open, orcus, orcus rat, panda banker, parked domains, path, phishing, phobos, pinkslipbot, poisonivy, polish, pony, powershell, predator, predator pain, psexec, qakbot, qbot, quasar, quasar rat, raccoon, racealer, ransom, ransomware, rats, recent blog, redline, redline stealer, remcos, revenge, revenge rat, revil, ryuk, ryuk ransomware, scams, scarimson, screen, seen, servhelper, service, shadow, siplog, smokeldr, smoke loader, smokeloader, snake, sockrat, sodinokibi, spelevo, squirrelwaffle, ssh hijacking, sticky, systembc, teamspy, teamviewer, terdot, thief, track them, trickbot, trojan, troldesh, typosquatting, ukraine, ursnif, vawtrak, vidar, virustotal, wannacry, wcry ransomware, windigo, winrar, xtremerat, zbot, zloader
JARM: 29d29d15d29d29d00042d42d0000009435214b849738c4ebab4534b5d158dd
View other sources: Spamhaus VirusTotal
Contained within other IP sets: blocklist_net_ua, hphosts_emd, hphosts_psh

Country: Seychelles
Network:
Noticed: 35 times
Protocols Attacked: SSH
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: www.library.atipra.in lloydsenterprises.in fitlife.digimaddy.com www.fitlife.digimaddy.com www.pune.marutiinternational.in pune.marutiinternational.in www.gadbyte.com www.aucermd.edu.in www.dimansolar.com www.official.mediamitra.in official.mediamitra.in www.test.arcweb.in test.arcweb.in www.staynest.oneeightyaamoksh.com staynest.oneeightyaamoksh.com software.accountsguy.net www.software.accountsguy.net admissions.pictmodelschool.edu.in www.admissions.pictmodelschool.edu.in premdubey.mediamitra.in www.flowchemactuators.com mail.birdmeditech.com webmail.ndshares.com www.tax.accountsguy.net tax.accountsguy.net www.kohliiron.com jaambu.com www.dev.jaambu.com www.mailing.pfawildlifehospital.org www.nlp.ptsunderam.com nlp.ptsunderam.com www.automationtraining.diac.co.in automationtraining.diac.co.in www.myroshop.com pfawildlifehospital.org sidhidiamond.com cp-in-17.webhostbox.net www.laxmimoverspackers.com loangebra.com suite.swifterz.co www.suite.swifterz.co feeportal.eastpointschooldelhi.edu.in www.feeportal.eastpointschooldelhi.edu.in www.ok.dyz.in.net www.test.dyz.in.net www.boi.thewebdevelopers.co.in boi.thewebdevelopers.co.in www.guru5fxadmin.thewebdevelopers.co.in guru5fxadmin.thewebdevelopers.co.in assessments.globalvoxinc.com www.assessments.globalvoxinc.com clinicguru.in irrigationsystem.ictmu.in webmail.dhyanalingagranites.in www.sscf.in d17.digipost.swifterz.co www.d17.digipost.swifterz.co sargamnotes.in www.sargam.sargamnotes.in www.verb.phpblog.site verb.phpblog.site renting.phpblog.site www.renting.phpblog.site www.pratik.mediamitra.in pratik.mediamitra.in www.ctclive.phpblog.site www.demo.tistmedia.in demo.tistmedia.in www.veristep.verifiindia.com veristep.verifiindia.com www.piyush.mediamitra.in www.pragati.mediamitra.in www.premdubey.mediamitra.in www.varsha.mediamitra.in erahasya.atipra.in www.erahasya.atipra.in www.apparentpower.ae clean.phpblog.site www.clean.phpblog.site www.huddle2023.unltdindia.org huddle2023.unltdindia.org partner.cqra.com www.aconnect.racloop.com aconnect.racloop.com rasyog.pw www.hustlier.indiacraftbazaar.com hustlier.indiacraftbazaar.com demo2.tistmedia.in www.demo2.tistmedia.in www.adworldsignages.com adworldsignages.com pgrlt.in www.ssdistributors.in www.videos.sanharabs.com sanharabs.com apanel.dyz.in.net www.dyz.in.net www.apanel.dyz.in.net qrmenu.dyz.in.net pos.dyz.in.net www.beta.dyz.in.net www.qrmenu.dyz.in.net hscart.dyz.in.net beta.dyz.in.net www.pos.dyz.in.net www.hscart.dyz.in.net dyz.in.net rasyog.online bhakti-dham.s2infinitum.com www.bhakti-dham.s2infinitum.com rasyog.in www.demo1.tistmedia.in demo1.tistmedia.in www.deskdesigner.in housecart.in www.housecart.in bharat.mediamitra.in www.bharat.mediamitra.in www.dev.tecqubes.com dev.tecqubes.com arcweb.in www.pau-acs.in www.best.euroluxceilings.com best.euroluxceilings.com angelsring.atipra.in www.angelsring.atipra.in qrmenu.housecart.in www.qrmenu.housecart.in www.hip.atipra.in hip.atipra.in uvaach.in www.hscart.housecart.in hscart.housecart.in crud.phpblog.site www.crud.phpblog.site pos.housecart.in www.pos.housecart.in info.ihfafitness.com www.info.ihfafitness.com www.certification.ihfafitness.com certification.ihfafitness.com www.affiliate.idigitals.in affiliate.idigitals.in www.birdmeditech.com www.sunday.mediamitra.in sunday.mediamitra.in www.omturanth.com www.web.ihfafitness.com web.ihfafitness.com www.apanel.parasclasses.com apanel.parasclasses.com www.beta.parasclasses.com beta.parasclasses.com www.cab.parasclasses.com theater.parasclasses.com www.theater.parasclasses.com www.lab.parasclasses.com lab.parasclasses.com cab.parasclasses.com www.erp.krisamautomation.com erp.krisamautomation.com www.school.parasclasses.com exam.parasclasses.com school.parasclasses.com www.exam.parasclasses.com www.lahorizeera.com www.tecfizo2k22.aucermd.edu.in tecfizo2k22.aucermd.edu.in www.kausar.mediamitra.in www.harshal.mediamitra.in www.myshop.indibooks.in myshop.indibooks.in www.indibooks.in www.prachi.indibooks.in www.mailer.indibooks.in indibooks.in www.store.indibooks.in www.udaan.indibooks.in www.shop.indibooks.in www.publish.indibooks.in www.news.indibooks.in devnew.kaathputli.com www.devnew.kaathputli.com www.ropebuselevator.com crm.dakshcctv.com www.crm.dakshcctv.com www.test.lightdeliteracy.com phplist.evindia.today www.phplist.evindia.today www.rajedu.phpblog.site rajedu.phpblog.site www.cinemo.phpblog.site cinemo.phpblog.site www.billing.dakshcctv.com billing.dakshcctv.com www.health.chqup.com www.dcrm.phpblog.site news.parasclasses.com www.news.parasclasses.com pharmacy.parasclasses.com www.pharmacy.parasclasses.com www.shop.atipra.in staging.reqroots.com www.staging.reqroots.com www.blooddonor.parasclasses.com blooddonor.parasclasses.com admin.trzy.co.in www.admin.trzy.co.in www.investment.phpblog.site investment.phpblog.site booking.parasclasses.com www.booking.parasclasses.com www.food.parasclasses.com food.parasclasses.com www.weekdayv.mediamitra.in weekdayv.mediamitra.in www.rehan.mediamitra.in www.sahilb.mediamitra.in www.nevya.mediamitra.in www.ali.mediamitra.in www.sahilj.mediamitra.in www.shubham.mediamitra.in www.smartcity.thewebdevelopers.co.in smartcity.thewebdevelopers.co.in www.crm.grahrealtors.com crm.grahrealtors.com notify.parasclasses.com www.notify.parasclasses.com www.inc.leminoindia.com inc.leminoindia.com shop.littlenests.com www.shop.littlenests.com www.home.seinteriors.co home.seinteriors.co www.crontest.phpblog.site crontest.phpblog.site staging.mothers.edu.in www.staging.mothers.edu.in pizza.parasclasses.com www.pizza.parasclasses.com kishor.mediamitra.in www.kishor.mediamitra.in teamcrossfrag.thewebdevelopers.co.in www.teamcrossfrag.thewebdevelopers.co.in housecart.parasclasses.com www.housecart.parasclasses.com www.weekendv.mediamitra.in weekendv.mediamitra.in www.uessoftware.myunipower.com www.spirit-in-nature.naiduart.com spirit-in-nature.naiduart.com www.mypunepulse.com www.forwork1.myunipower.com www.infotech.kshivo.com infotech.kshivo.com hclimax.thecareeredge.in www.hclimax.thecareeredge.in www.ctcv2.phpblog.site ctcv2.phpblog.site learn.ptsunderam.com www.hc.thecareeredge.in hc.thecareeredge.in wp.thecareeredge.in www.wp.thecareeredge.in graphicdesigning.mediamitra.in www.graphicdesigning.mediamitra.in www.old.phoenix-fitness.in old.phoenix-fitness.in calls.front-line.in www.calls.front-line.in 2022.dharanifarms.co.in www.2022.dharanifarms.co.in 2017.indec.net.in patient.chqup.com www.patient.chqup.com www.prathak.in prathak.in demo.reqroots.com www.demo.reqroots.com www.countrytyme.phpblog.site countrytyme.phpblog.site www.ctc.phpblog.site ctc.phpblog.site www.docker.phpblog.site docker.phpblog.site testing.naiduart.com www.testing.naiduart.com www.test.uatoys.com test.uatoys.com varungroup.naiduart.com www.varungroup.naiduart.com www.libraryv3.phpblog.site www.rejoicefinserv.com www.demo.networksutra.com demo.networksutra.com amazcart.phpblog.site www.amazcart.phpblog.site www.join.mediamitra.in join.mediamitra.in www.vibesmultientertainment.com www.sign.naiduart.com sign.naiduart.com www.morning.mediamitra.in morning.mediamitra.in vip.phpblog.site www.vip.phpblog.site www.embla.phpblog.site embla.phpblog.site www.cashback.chqup.com www.cb.chqup.com www.indec.net.in shop.prachidigital.in www.belladonna.biz www.irislearnings.com www.mis.shubhankari.org www.seo.mediamitra.in seo.mediamitra.in catalogue.uatoys.com www.catalogue.uatoys.com www.mithrin.phpblog.site mithrin.phpblog.site www.school.phpblog.site school.phpblog.site www.edenacademy.net www.dummy.plussizegarments.com dummy.plussizegarments.com www.balloonpeople.in invest.phpblog.site www.invest.phpblog.site www.m.ajibmama.com m.ajibmama.com wealth.mediamitra.in www.wealth.mediamitra.in oldone.eastpointschooldelhi.edu.in www.oldone.eastpointschooldelhi.edu.in www.connect.vibesmultientertainment.com connect.vibesmultientertainment.com nruk.rayalaseemauniversity.ac.in results.rayalaseemauniversity.ac.in www.site.shubhankari.org site.shubhankari.org www.test.shubhankari.org test.shubhankari.org news.mediamitra.in www.news.mediamitra.in www.nycta.phpblog.site nycta.phpblog.site www.vromachines.com www.rforce.co.in rajkotcovidhelp.ictmu.in www.demo.ooceanls.com www.zoracoin.phpblog.site zoracoin.phpblog.site konnect.salientdesignstudio.com www.konnect.salientdesignstudio.com business.mediamitra.in www.business.mediamitra.in taracliq.com www.taracliq.com www.crmdemo.markoncs.com crmdemo.markoncs.com xkcd.comic.ictmu.in www.xkcd.comic.ictmu.in www.temp.shubhankari.org temp.shubhankari.org weekend.mediamitra.in www.weekend.mediamitra.in www.old.crubbit.com crubbit.com staging.rayalaseemauniversity.ac.in www.stmtcmarathahalli.com www.main.mediamitra.in main.mediamitra.in ayushinternational.in.net himayant.atipra.in www.himayant.atipra.in nextcloud.evindia.today www.nextcloud.evindia.today www.trizasia.com www.marketplace.swifterz.co marketplace.swifterz.co www.prashant.vibesmultientertainment.com prashant.vibesmultientertainment.com www.poulomi.vibesmultientertainment.com poulomi.vibesmultientertainment.com www.demo.naiduart.com www.digimaddy.com www.rafihotel.phpblog.site rafihotel.phpblog.site crossfrag.thewebdevelopers.co.in www.crossfrag.thewebdevelopers.co.in www.nruk.rayalaseemauniversity.ac.in www.bangcreativesolutions.com readlogics.cursivelogics.com www.readlogics.cursivelogics.com www.flight.phpblog.site flight.phpblog.site www.product.phpblog.site product.phpblog.site www.assets.emot.co.in cdn.humalitix.com www.cdn.humalitix.com www.libraryv2.phpblog.site libraryv2.phpblog.site www.jilaniwholesalesuit.com www.harshsharmatechnicals.com www.grahrealtors.com www.goldenswan.club www.ghrd.in payfast.phpblog.site www.payfast.phpblog.site www.library.phpblog.site library.phpblog.site www.anjali.mediamitra.in anjali.mediamitra.in www.demo.spark3e.com demo.spark3e.com www.writersball.com www.login.shubhankari.org login.shubhankari.org www.collage-portal.enggenius.in collage-portal.enggenius.in www.funcruisesgoa.com www.rafidevelopment.phpblog.site rafidevelopment.phpblog.site www.tragopan.touchlineenterprise.in tragopan.touchlineenterprise.in sesllp.shubhankari.org www.llp.shubhankari.org llp.shubhankari.org www.sesllp.shubhankari.org priority.phpblog.site www.priority.phpblog.site www.erp1.sstools.co.in www.staging.rayalaseemauniversity.ac.in www.lpage.phpblog.site lpage.phpblog.site www.cleangreen-energy.com evindia.today www.app.talentquestforindia.org app.talentquestforindia.org mpsonline.mothers.edu.in www.mpsonline.mothers.edu.in gtmorning.mediamitra.in www.gtmorning.mediamitra.in slisglocal.com www.wp.vaatsalyafoods.com wp.vaatsalyafoods.com it.swifterz.co www.dev.introvords.com www.jorani.phpblog.site jorani.phpblog.site www.fishterianz.com www.asiansurgicalindia.com www.website.mediamitra.in website.mediamitra.in www.lp.mediamitra.in lp.mediamitra.in www.pav1.phpblog.site pav1.phpblog.site photov1.phpblog.site www.photov1.phpblog.site photos.phpblog.site www.photos.phpblog.site www.results.rayalaseemauniversity.ac.in www.mywebmail.leleela.com mywebmail.leleela.com flip.phpblog.site www.flip.phpblog.site www.bonus.rahultuliphotography.com bonus.rahultuliphotography.com www.shequal.travancoreroyals.in shequal.travancoreroyals.in www.laravel.phpblog.site laravel.phpblog.site mailx.myunipower.com beyondbicycle.in www.timworkv2.phpblog.site timworkv2.phpblog.site www.humalitix.in www.whatsapp.clatpath.in niyara.co.in www.bo.mediamitra.in bo.mediamitra.in www.comics.ictmu.in comics.ictmu.in www.agrireport.unltdindia.org agrireport.unltdindia.org www.hvac.sanasm.com hvac.sanasm.com www.tecqubes.com www.r-tech.in www.ncerindia.com www.mining.phpblog.site www.original.phpblog.site www.tcafe.touchlineenterprise.in www.agent.chqup.com blogs.clatpath.in www.blogs.clatpath.in www.paws.touchlineenterprise.in

Malware Detected on Host

Count: 17 0420369af9dab57e2151e486b10fa2ba5b43e57277ef7b6723428a1cd30745a7 b40b5b861789591d5bc3ad42bbfaa3c87f4fee40ee2fcee5c5a33abe1ca16208 d696accdb25627c9ec4f6fba7b298f16a6640fa57e6d059f1934d9094a2cca14 59d71596b2037be3a7beed10cdd7d0e96f10fcd1365720378fc6f45ad35cc851 2df7925bc15596c6a946a5ff21dd35a013c0f2601ea82b8333d412483c30e25c f917034d08d7cc2d2af50ff28d1b52944691fba6bb96965e18948cf7473bbd80 03a6ee2d361b84531aee6643e8c77957a9385f64acff7cc47f23798db57361ee a37011f4db99b06727ee861d1931ea2b0cd1d048aadce2e51485983dd83d8a99 b71201a3e8494346c053fb930330ed784ff0f33dcf986ac67b756c5a1c8e04b7 274d6bdb4de8fb4f0a67c46ca06f2971f2116b12edd489f4e75199765879573f

Open Ports Detected

2083 2086 2087 21 22 2222 26 3306 443 465 53 587 80 993 995

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

inetnum: 116.206.105.0 - 116.206.105.255
netname: PDRO1-AP
descr: Public domain registry Operations
country: IN
geoloc: 19.1140343 72.8921789
admin-c: PDRO1-AP
tech-c: PDRO1-AP
abuse-c: AB1339-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-BR-IN
mnt-irt: IRT-BR-IN
last-modified: 2021-01-06T13:12:40Z
irt: IRT-BR-IN
address: GPX India. Unit A-001 Boomerang Chandivali Farm Road Andheri East, Mumbai 400072, India
e-mail: noc@publicdomainregistry.com
abuse-mailbox: abuse@publicdomainregistry.com
admin-c: BSLA2-AP
tech-c: BSLA2-AP
mnt-by: MAINT-BR-IN
last-modified: 2025-05-30T16:27:21Z
role: ABUSE BRIN
country: ZZ
address: GPX India. Unit A-001 Boomerang Chandivali Farm Road Andheri East, Mumbai 400072, India
phone: +000000000
e-mail: noc@publicdomainregistry.com
admin-c: BSLA2-AP
tech-c: BSLA2-AP
nic-hdl: AB1339-AP
abuse-mailbox: abuse@publicdomainregistry.com
mnt-by: APNIC-ABUSE
last-modified: 2025-05-30T16:27:40Z
role: Public Domain Registry Operations
address: GPX India. Unit A-001 Boomerang Chandivali Farm Road Andheri East, Mumbai 400072, India
country: IN
phone: +1.2013775952
e-mail: abuse@publicdomainregistry.com
admin-c: PDRO1-AP
tech-c: PDRO1-AP
nic-hdl: PDRO1-AP
notify: abuse@publicdomainregistry.com
mnt-by: MAINT-BR-IN
last-modified: 2016-05-02T17:30:44Z

Links to attack logs

****** ****** ******

Share on: