130.12.180.27
IP Intelligence Briefing: 130.12.180.27/32
*Generated via IPDebrief Tools*
---
**1. Core Profile**
- Risk Score: 59 (Moderate Risk)
- Ownership:
- ASN: 202412
- Organization: Virtualine Technologies (ARIN registered)
- Geolocation: Amsterdam, North Holland, US (latitude: 39.83, longitude: -98.58)
- Threat Indicators:
- Marked as an "Emerging Threat"
- Known Attacker: Yes (1 threat feed listing)
- DNSBL Listed: 1/8 lists (e.g., AlienVault OTX)
- Network Role:
- Firewalled / No Services (no open ports, no TLS/HTTP signatures)
- BGP Analysis:
- Path: `6939 44592 49581 51396 202412`
- Route Stability: Stable (no recent changes)
- IRR Consistency: Conflict (potential misconfigurations)
---
**2. Observation History (Last 30 Days)**
- First Recorded: 2026-06-02
- Key Trends:
- Threat Pulse: 24+ alerts (e.g., "Emerging Threats" campaigns)
- DNSBL Listings: 1/8 DNSBLs (high-severity)
- Geolocation Consistency: Plausible (Amsterdam, US)
- Route Stability: No recent changes (stable for 30 days)
---
**3. Network Relationships**
- Linked Entities:
- Network: LANEDONET (repeated in 152 relationships)
- Subnet: 130.12.180.0/24
- Shared Risks: No direct connections to high-risk IPs
- Subnet Abuse Density: 0.5 (mostly clean, but 2/4 neighbors flagged as low-risk)
---
**4. Neighborhood Analysis**
- Subnet: 130.12.180.0/24 (4 sibling IPs)
- Neighbor Risk Scores:
- 4 IPs with 25/100 risk (low-risk, but 1/4 listed in DNSBLs)
- Abuse Density: 0 (no confirmed abuse in subnet)
---
**5. Actionable Threat Intelligence**
- SOC Recommendations:
- Monitor: Track DNSBL listings and threat pulses (e.g., AlienVault OTX).
- Block: Consider firewall rules to restrict traffic from this IP (e.g., `iptables -A INPUT -s 130.12.180.27/32 -j DROP`).
- Investigate: Verify if LANEDONET is associated with broader network compromises.
- Context: While the IP is firewalled, its association with emerging threats and DNSBL listings warrants closer scrutiny. Neighbors are low-risk, but the subnetβs abuse density suggests cautious monitoring.
---
*End of Briefing*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Virtualine Technologies |
| ASN | AS202412 |
| Network Name | β |
| CIDR Block | 130.12.180.0/24 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 4 |
| routing | 22% | 3 | 4 |
| services | 20% | 2 | 3 |
| ownership | 24% | 3 | 4 |
| reputation | 23% | 1 | 3 |
| geolocation | 26% | 2 | 3 |
| Overall | 23% | 13 | 21 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:39 UTC |
| Last Seen | 2026-06-22 13:32:03 UTC |
| Profile Built | 2026-06-22 13:36:43 UTC |
| Data Freshness | Live |
| Signal Types | 32 |
| Total Observations | 35 |
Full dossier details are available via our API.