130.12.180.78 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 130.12.180.78 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

• Tags: 2026-02, 32-bit, adb, Adbhoney, AgentTesla, AmateraStealer, android, arc, archive, arm, ascii, AsyncRAT, Automated, backdoor, bat, BillGates, blacklist, botnet, botnetdomain, c2-monitor-auto, censys, cisco, ClearFake, ClickFix, CoinMiner, compressed, connectwise, cowrie, Cybercrime, DarkTortilla, digital ocean, dionaea, donutloader, dropped-by-amadey, dropped-by-Phorpiex, dropper, elf, email, Encoded, encrypted, EternalRocks, exe, fatt, fbf543, fbi.gov, Formbook, Fuery, gafgyt, geofenced, GuLoader, gz, hacktool, hajime, heralding, honeytrap, hta, html, jpg-base64-loader, js, kairos, LAMP, Loki, m68k, mailoney, malicious, Malicious IP, malware, MassLogger, miner, mips, mirai, moobot, Mozi, msi, njRAT, OpenCTI, opendir, openssh, p0f, password: 2026, Password: bluys, Password: cyrex, Password: lunex, Password: ryos, PhantomStealer, portscan, PowerPC, powershell, ps1, pub, pubkey, PureCrypter, pw-2026, pw-bluys, pw-cyrex, pw-lunex, pw-ryos, python, QuasarRAT, Ransomware, rat, RedLineStealer, RemcosRAT, rev-base64-loader, SalatStealer, SantaStealer, scan, scanner, scanners, screenconnect, script, sensor-tagged, sentrypeer, sftp, sh, shellcode, SilverFox, SimpleHelp, sip, sparc, ssh, sshdkit, Stealc, strrat, SuperH, suricata, tanner, tcp, tgz, tpot, TrustConnect, ua-wget, USA, Vidar, VIPKeylogger, vjw0rm, vultr, wshrat, x86, x86-32, xworm, zip

• View other sources: Spamhaus VirusTotal

• Country: Canada
• Network:
• Noticed: 26 times
• Protocols Attacked: portscan
• Passive DNS Results: s8.vizja.cc

Malware Detected on Host

Count: 7 c76197716275cc0f0e6db94b4540cbd72ce1469a92a8e387512d10f5d12a71f9 336bc7806fc9521a2fab33174e9aab3a2d2d41ce4708d1e5df088db48820754a 2efa369d053066fcadeb8c53e7d360cf7cec87adfb7d896d20e63ddb35cfdd80 bca9d5b084ae14937ac0f3cb9f0fbead096accd50f452002445d5ba53d41900f f8e3726fb38f00698aea2bd872c81124b2b329597b740c1e5a2184b15aeeab05 e1ae64596c26b831799ce32d5fa7592d0f294559eb3ad64614f027f81598f822 184fd0dab236dcb4889b5824ef2577577a34be3057e7d113c1eed7ef515b1e4e

Open Ports Detected

22 2222 3333 80

Map

Whois Information

• NetRange: 130.12.180.0 - 130.12.183.255
• CIDR: 130.12.180.0/22
• NetName: PRIVATE-NETWORK
• NetHandle: NET-130-12-180-0-1
• Parent: NET130 (NET-130-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Netiface LLC (NL-846)
• RegDate: 2025-10-08
• Updated: 2025-12-20
• Comment: PRIVATE-NETWORK
• Ref: https://rdap.arin.net/registry/ip/130.12.180.0
• OrgName: Netiface LLC
• OrgId: NL-846
• Address: 6844 Bardstown Rd
• City: Louisvile
• StateProv: KY
• PostalCode: 40291
• Country: US
• RegDate: 2024-04-05
• Updated: 2025-05-18
• Ref: https://rdap.arin.net/registry/entity/NL-846
• OrgAbuseHandle: NETIF2-ARIN
• OrgAbuseName: Netiface NOC
• OrgAbusePhone: +1-216-245-7465
• OrgAbuseEmail: abuse@abusehandler.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/NETIF2-ARIN
• OrgTechHandle: NETIF2-ARIN
• OrgTechName: Netiface NOC
• OrgTechPhone: +1-216-245-7465
• OrgTechEmail: abuse@abusehandler.net
• OrgTechRef: https://rdap.arin.net/registry/entity/NETIF2-ARIN
• NetRange: 130.12.180.0 - 130.12.180.255
• CIDR: 130.12.180.0/24
• NetName: LANEDONET
• NetHandle: NET-130-12-180-0-2
• Parent: PRIVATE-NETWORK (NET-130-12-180-0-1)
• NetType: Reassigned
• OriginAS:
• Organization: Virtualine Technologies (SITL-8)
• RegDate: 2025-12-19
• Updated: 2026-03-11
• Comment: Geofeed: https://omegatech.sc/geofeed.csv
• Comment: Abuse email: abuse@virtualine.org
• Ref: https://rdap.arin.net/registry/ip/130.12.180.0
• OrgName: Virtualine Technologies
• OrgId: SITL-8
• Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
• City: London
• StateProv:
• PostalCode: WC2H 9JQ
• Country: GB
• RegDate: 2024-09-05
• Updated: 2024-09-11
• Comment: Report your complaint:
• Comment: abuse@virtualine.org
• Ref: https://rdap.arin.net/registry/entity/SITL-8
• OrgTechHandle: VAD36-ARIN
• OrgTechName: VIRTUALINE ABUSE DEPARTMENT
• OrgTechPhone: +447458164463
• OrgTechEmail: abuse@virtualine.org
• OrgTechRef: https://rdap.arin.net/registry/entity/VAD36-ARIN
• OrgAbuseHandle: VAD36-ARIN
• OrgAbuseName: VIRTUALINE ABUSE DEPARTMENT
• OrgAbusePhone: +447458164463
• OrgAbuseEmail: abuse@virtualine.org
• OrgAbuseRef: https://rdap.arin.net/registry/entity/VAD36-ARIN