103.12.161.194 Threat Intelligence and Host Information

Aug 19, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.12.161.194 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 54/100

Host and Network Information

  • Mitre ATT&CK IDs: T1046 - Network Service Scanning, T1566 - Phishing

  • Tags: addresses, azorult, chthonic, compromise iocs, email security, emotet, endpoint na, endpoint secure, file hashes, mirai, mitre att, mozi, registry keys, see json, stealthwatch na, tinba, ursnif

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: proxylists_30d, proxylists_7d, proxz_30d, proxz_7d

  • Country: Cambodia
  • Network:
  • Noticed: 2 times
  • Protocols Attacked: Anonymous Proxy

Malware Detected on Host

Count: 120 933df6fe43c1bf0ec3ec6b83273a70c96dda1fe9b6d6580a59200bbf4ec14273 9e4c235986ff08ef3dc9c5f7d010cb86a3b6624d96ee24b8a1adef3f2c9afecb f761a87c72a59dbbcb213265b19ada2ac10a562ed3457a4a47fe0c841caddb3a f101a136627b645c5321b9a738b09ca1d1f8d9559e104689f7c66075f059a06c ed02974241e1f4e99da7be24a0ba88d1b5ab013b249c38faa494f66e825f9a83 dc631976929d58d6d0cc8940dfea7d5ca6258f142a93826c5ad5c3c04386ef51 ae8512dff19e1af74f6184445c1de59a3bba33ba3467362c00f6e7e0c21d3d49 8bd38d092290e93426a4a420ffc78758f1e342fadf3719b26ab928de194d0211 3ce21b6bc04ebe968e0888552c37affdb31291b809a2aeb4a0dd740362d8f701 939e1e7960eddf3f2eb657cd5b5b9dc791b825f3d538e54bace2b606ada8a2e9

Map

Whois Information

  • inetnum: 103.12.161.0 - 103.12.161.255
  • netname: EZECOM
  • descr: Ip block for ADSL internet
  • country: KH
  • admin-c: TTL13-AP
  • tech-c: TTL13-AP
  • abuse-c: AE259-AP
  • status: ALLOCATED NON-PORTABLE
  • mnt-by: MAINT-KH-KINGCORP
  • mnt-by: MAINT-EZECOM-KH
  • mnt-irt: IRT-EZECOM-KH
  • last-modified: 2023-09-01T02:12:07Z
  • irt: IRT-EZECOM-KH
  • e-mail: irt@ezecomcorp.com
  • abuse-mailbox: irt@ezecomcorp.com
  • admin-c: KC1521-AP
  • tech-c: KC1521-AP
  • mnt-by: MAINT-EZECOM-KH
  • last-modified: 2025-04-22T04:56:33Z
  • role: ABUSE EZECOMKH
  • country: ZZ
  • phone: +000000000
  • e-mail: irt@ezecomcorp.com
  • admin-c: KC1521-AP
  • tech-c: KC1521-AP
  • nic-hdl: AE259-AP
  • abuse-mailbox: irt@ezecomcorp.com
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-04-22T04:57:01Z
  • person: Tran Thanh Long
  • country: KH
  • phone: +855977770579
  • e-mail: long.tran@opennet.com.kh
  • nic-hdl: TTL13-AP
  • mnt-by: MAINT-KH-KINGCORP
  • last-modified: 2020-03-04T02:48:40Z
  • route: 103.12.161.0/24
  • origin: AS131178
  • descr: KingCorp Inc
  • mnt-by: MAINT-KH-KINGCORP
  • last-modified: 2019-03-08T15:13:49Z

Links to attack logs

****** anonymous-proxy-ip-list-2023-07-16 anonymous-proxy-ip-list-2023-06-22 ****** ******

Share on: