104.243.245.109
IP Intelligence Briefing: 104.243.245.109/32
*Generated via IPDebrief Tools*
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership: Private Customer (ASN 396356, ARIN registry)
- Geolocation: Mexico City, Mexico (19.43°N, -99.12°W)
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services)
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or DNS anomalies).
---
**2. Observation History**
- Recent Signals (June 2026):
- DNSSEC validation confirmed (minimal risk).
- Geolocation consistency with MaxMind data.
- No changes in ownership or threat persistence.
- Trend: Stable, no spikes in scanning or malicious activity.
---
**3. Network Relationships**
- Linked Entities:
- Same subnet: `NET-104-243-245-0-24` (ARIN-registered).
- No direct links to organizations, certificates, or hostnames.
- Subnet Analysis:
- Abuse Density: 0 (low risk).
- Neighbor IPs: 25 total in /24 subnet.
- Medium Risk: 16 IPs (50 risk score).
- Low Risk: 9 IPs (0β25 risk score).
- Notable Neighbors:
- 104.243.245.7, 104.243.245.18, 104.243.245.22 (all medium risk).
- 104.243.245.14, 104.243.245.30, 104.243.245.73 (low risk).
---
**4. Threat & Security Context**
- No Malicious Indicators:
- No DNS anomalies, spam, or known attacker campaigns.
- No TLS certificate mismatches or server banner threats.
- Recommendations:
- Monitor the `104.243.245.0/24` subnet for emerging risks, as 16 IPs show medium risk.
- Verify if the IP is part of internal infrastructure (e.g., firewalled systems).
- Ensure DNSSEC validation is enforced for the subnet.
---
Summary: The IP is a private, geolocated node in Mexico City with no direct threat indicators. While the subnet has a mix of medium-risk neighbors, the IP itself is currently benign. SOC teams should prioritize monitoring the subnet for lateral movement or new threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Private Customer |
| ASN | AS396356 |
| Network Name | NET-104-243-245-0-24 |
| CIDR Block | 104.243.245.0/24 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 12% | 6 | 6 |
| Data Coherence | Mixed Signals (60%) β 2 contradiction(s) |
| Attribution | Very Low (20%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
β Geo sources disagree on country: MX, US
π Observation Timeline π Live
| First Seen | 2026-05-27 01:06:18 UTC |
| Last Seen | 2026-06-11 07:10:43 UTC |
| Profile Built | 2026-06-11 07:21:22 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 15 |
Full dossier details are available via our API.