203.132.94.196 Threat Intelligence and Host Information

Jul 01, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 203.132.94.196 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • JARM: 27d40d40d00040d00042d43d0000002eaee36112ff2cbee89c0d0dac62faf6

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: bitcoin_nodes_1d, bitcoin_nodes_30d, bitcoin_nodes_7d, bitcoin_nodes

  • Country: Australia
  • Network:
  • Noticed: 30 times
  • Protocols Attacked: Anonymous Proxy
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: paste.luisaranguren.com faucet.luis.im matrix.aranguren.org stikked.aranguren.org private.aranguren.org paste.aranguren.org www.aranguren.org ha.aranguren.org luis.im seed.bitcoinstats.com dnsseed.bluematt.me bitcoin.aranguren.org seed.bitcoin.sipa.be life.luisaranguren.com aranguren.org ns3.luisaranguren.com ns2.luisaranguren.com ns1.luisaranguren.com nextcloud.luisaranguren.com luisaranguren.com zm.aranguren.org plex.aranguren.org munin.aranguren.org munin.luisaranguren.com device-509c7822-2050-4006-8ced-94c027ecb869.remotewd.com

Malware Detected on Host

Count: 4 144ccb6b108b085ea70dbb03f4ed02e853012dc2cdc4d9e0b033bfe3ddb1e58c 1b1e646ae421c8d707a82e6c3edc1aab250c221d5d9afd74198b01c76ea6e6fb 8b3def8dad13830b8bcd8f952b088be84c5759caad99722429f7eeb00489dfca 24264a29c98fccf32c60e160dfbf139b51db79f4127ba88707cf1e63376eed61

Map

Whois Information

  • inetnum: 203.132.94.0 - 203.132.94.255
  • netname: SLC-203-132-94-0
  • descr: SLC-203-132-94-0
  • country: AU
  • geoloc: -37.8184711 144.9561054
  • admin-c: SAPL7-AP
  • tech-c: SAPL7-AP
  • abuse-c: AS2576-AP
  • status: ALLOCATED NON-PORTABLE
  • mnt-by: MAINT-SUPERLOOP-AU
  • mnt-irt: IRT-SUPERLOOP-AU
  • last-modified: 2021-12-21T07:37:12Z
  • irt: IRT-SUPERLOOP-AU
  • address: L1, 545 Queen St, Brisbane, AU
  • phone: +61 739052400
  • e-mail: noc@superloop.com
  • abuse-mailbox: abuse@superloop.com
  • admin-c: SAPL7-AP
  • tech-c: SAPL7-AP
  • mnt-by: MAINT-SUPERLOOP-AU
  • last-modified: 2025-05-11T20:52:43Z
  • role: ABUSE SUPERLOOPAU
  • country: ZZ
  • address: L1, 545 Queen St, Brisbane, AU
  • phone: +61 739052400
  • e-mail: noc@superloop.com
  • admin-c: SAPL7-AP
  • tech-c: SAPL7-AP
  • nic-hdl: AS2576-AP
  • abuse-mailbox: abuse@superloop.com
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-05-11T20:53:23Z
  • role: SUPERLOOP AUSTRALIA PTY LTD administrator
  • address: Level 1, 545 Queen St, Brisbane, Queensland, 4000
  • country: AU
  • phone: +61-7-3171-3700
  • e-mail: goc@superloop.com
  • admin-c: SAPL7-AP
  • tech-c: SAPL7-AP
  • nic-hdl: SAPL7-AP
  • mnt-by: MAINT-SUPERLOOP-AU
  • last-modified: 2020-02-05T04:55:30Z
  • route: 203.132.94.0/24
  • origin: AS38195
  • descr: SUPERLOOP (AUSTRALIA) PTY LTD
  • mnt-by: MAINT-SUPERLOOP-AU
  • last-modified: 2020-12-10T22:40:22Z

Links to attack logs

anonymous-proxy-ip-list-2025-06-30

Share on: