130.12.180.72 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 130.12.180.72 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

• Tags: 2026-01, 2026-02, 32-bit, Adbhoney, arm, ascii, AsyncRAT, attacker-ip, automated, Automated, botnetdomain, brute-force, bruteforce, c2-monitor-auto, censys, cisco, ClickFix, ClickFix-cc, CoinMiner, conpot, cowrie, digital ocean, dionaea, dropped-by-amadey, elasticpot, elf, email, Encoded, exe, fatt, fbf543, gafgyt, geofenced, hajime, heralding, hex, hex-loader, honeytrap, html, huntio, iframe, LAMP, lcia, lnk, mailoney, malicious, MaskGramStealer, mips, mirai, Mozi, msi, OffLoader, OpenCTI, opendir, p0f, ParallaxRAT, payload, portscan, ps1, rustystealer, scanners, sensor-tagged, sentrypeer, sftp, sh, siberguvenlik, sip, Sliver, ssh, stealer, suricata, tanner, t-pot, tpot, ua-wget, USA, vbs, Vidar, vultr, x86, xml-opendir

• View other sources: Spamhaus VirusTotal

• Country: Canada
• Network:
• Noticed: 48 times
• Protocols Attacked: portscan
• Passive DNS Results: play.mclighthouse.ir

Malware Detected on Host

Count: 12 de985a75606fbc9c30c8fefe58d354b8111e50a9baf186cbc04fd4fb7f7257d3 49e72e6bff97abaf6c49ace31e9759a1182d3f15f3e6121d51cea98401d26994 da43fd5f615bb7b1256719ccac72ba96fb730f89d6f5737e8e66f6065ab5d0b8 34acb4a68c040d7a6eb26628c1f0b7388a4e35e484033e609505ae1d35a986b7 4ef5dfaca84140897816f79fc8998a53280921657b0fb8f552bc9c15d5a04335 a240c702cedc003c85edca20249c8ea7815e66e4e2aa54c63574903dd3e021cc 05ab1524c773d6db8fc9f33daa925609ce78344a107019dd3f08df00d6ccaa0e 13dc55b0d00ac8a9365df7470747425926a317fc6769490c9412ba2a86b6f24c a032e7a7053822b6d37f8dc47c093ee0ba09ca5b95ad8413f8511fb0cf9c8abd 40b4b8678687daf5daf25dff607144765a956de8b88757c3ce343165fece2dad

Open Ports Detected

3389

Map

Whois Information

• NetRange: 130.12.180.0 - 130.12.183.255
• CIDR: 130.12.180.0/22
• NetName: PRIVATE-NETWORK
• NetHandle: NET-130-12-180-0-1
• Parent: NET130 (NET-130-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Netiface LLC (NL-846)
• RegDate: 2025-10-08
• Updated: 2025-12-20
• Comment: PRIVATE-NETWORK
• Ref: https://rdap.arin.net/registry/ip/130.12.180.0
• OrgName: Netiface LLC
• OrgId: NL-846
• Address: 6844 Bardstown Rd
• City: Louisvile
• StateProv: KY
• PostalCode: 40291
• Country: US
• RegDate: 2024-04-05
• Updated: 2025-05-18
• Ref: https://rdap.arin.net/registry/entity/NL-846
• OrgTechHandle: NETIF2-ARIN
• OrgTechName: Netiface NOC
• OrgTechPhone: +1-216-245-7465
• OrgTechEmail: abuse@abusehandler.net
• OrgTechRef: https://rdap.arin.net/registry/entity/NETIF2-ARIN
• OrgAbuseHandle: NETIF2-ARIN
• OrgAbuseName: Netiface NOC
• OrgAbusePhone: +1-216-245-7465
• OrgAbuseEmail: abuse@abusehandler.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NETIF2-ARIN
• NetRange: 130.12.180.0 - 130.12.180.255
• CIDR: 130.12.180.0/24
• NetName: LANEDONET
• NetHandle: NET-130-12-180-0-2
• Parent: PRIVATE-NETWORK (NET-130-12-180-0-1)
• NetType: Reassigned
• OriginAS:
• Organization: Virtualine Technologies (SITL-8)
• RegDate: 2025-12-19
• Updated: 2026-03-11
• Comment: Geofeed: https://omegatech.sc/geofeed.csv
• Comment: Abuse email: abuse@virtualine.org
• Ref: https://rdap.arin.net/registry/ip/130.12.180.0
• OrgName: Virtualine Technologies
• OrgId: SITL-8
• Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
• City: London
• StateProv:
• PostalCode: WC2H 9JQ
• Country: GB
• RegDate: 2024-09-05
• Updated: 2024-09-11
• Comment: Report your complaint:
• Comment: abuse@virtualine.org
• Ref: https://rdap.arin.net/registry/entity/SITL-8
• OrgTechHandle: VAD36-ARIN
• OrgTechName: VIRTUALINE ABUSE DEPARTMENT
• OrgTechPhone: +447458164463
• OrgTechEmail: abuse@virtualine.org
• OrgTechRef: https://rdap.arin.net/registry/entity/VAD36-ARIN
• OrgAbuseHandle: VAD36-ARIN
• OrgAbuseName: VIRTUALINE ABUSE DEPARTMENT
• OrgAbusePhone: +447458164463
• OrgAbuseEmail: abuse@virtualine.org
• OrgAbuseRef: https://rdap.arin.net/registry/entity/VAD36-ARIN