Severe Risk
IP 130.12.180.72 is a high-risk address that has been identified as an exploited host, with 452 total abuse reports and a maximum threat level rating of 10 out of 10. The address, registered to US-based network operator Omegatech LTD under ASN AS202412, was actively reported throughout March 2026 across automated honeypot sensors, indicating sustained malicious behavior from a compromised infrastructure source rather than a deliberate attack platform.
The abuse data shows 452 total reports attributed to this IP, with the dominant threat category being "Exploited Host" accounting for 20 of the most recent reports. All detections originated from automated honeypot infrastructure, yielding a 72 percent confidence score that this address is operating as a compromised system. The reported attack patterns reference malware and exploit activity, consistent with an infected endpoint being weaponized by threat actors for secondary attacks. The activity frequency metric of 0 out of 10 suggests intermittent or batch-style engagement rather than continuous scanning behavior, which is typical of botnets or automated attack scripts running on hijacked hosts.
An exploited host represents a serious security concern for network defenders because the IP belongs to a machine that has been compromised without its owner's knowledge and is now being leveraged as an attack platform. This means the originating infrastructure may be participating in distributed denial-of-service campaigns, credential stuffing campaigns, spam distribution, or serving as a command-and-control relay. Because the compromised system resides within a legitimate US network operated by Omegatech LTD, blocklisting this address will not only protect target systems but may also prompt the hosting provider to investigate and remediate the infected endpoint, breaking the attack chain at its source.
Network operators should immediately block IP 130.12.180.72 at the firewall or intrusion prevention level and monitor their logs for any related traffic patterns. Implementing standard brute-force mitigation tools such as fail2ban can help harden authentication endpoints against the automated attack patterns commonly emitted from exploited hosts. Organizations experiencing repeated contact from this address should consider filing an abuse report with Omegatech LTD to facilitate takedown of the compromised system. Regular patch management and endpoint monitoring will reduce the risk of similarly compromised infrastructure targeting your network in the future.
UA 
GB