IP Risk Score: 83 / 100

This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.

Protect your system

What is this IP address?

IP Address: 130.180.240.9

Country: United States flag

United States (US)

Region Name: District of Columbia (DC)

City: Washington

ISP: RCN

Threat level: 83 / 100
Conf. level: 100 / 100

Properties

ASN: AS6079

AS Name: RCN

Timezone: America/New_York

Status: Critical

Observed Client Profile

OS: Android (50%)
Device Type: Mobile (100%)
Browser Family: Chrome (100%)
Rendering Engine: Gecko (100%)

Variability

Behavioral Indicators

The IP exhibits suspicious behavior with multiple botnet detections and lacks JavaScript support, indicating potential automated probing. The user-agent strings appear to be spoofed mobile devices, further raising concerns about malicious intent.

The supernet (130.180.0.0/16), which this IP belongs to, exhibits highly repetitive behavior with low interaction, characterized by multiple IPs making one-page visits with a lack of RDNS and forward DNS matches. This suggests potential automated scraping or bot activity, particularly given the absence of legitimate user agent diversity and the consistent use of non-matching DNS records.

🕸️

Botnet Node

JavaScript Support

⚠️ No

User-Agent Samples

Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.6224.1582 Mobile Safari/537.36
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.6718.1531 Mobile Safari/537.36

Integrate IPIntel into your system

IP Location

Region: District of Columbia, United States

City: Washington

Local time: 2026-06-25 17:23:30

Subnet
130.180.240.0/24
Supernet
130.180.0.0/16