109.70.100.9📋 Copy

# IP INTELLIGENCE BRIEFING: 109.70.100.9/32

Date Generated: 2026-06-20

Classification: Tor Exit Node Infrastructure

Risk Level: MODERATE (Score: 50/100)

---

## EXECUTIVE SUMMARY

IP address 109.70.100.9 is a Tor exit node operated by Applied Privacy Foundation, located in Vienna, Austria. The IP demonstrates moderate risk characteristics consistent with Tor network infrastructure, presenting legitimate anonymity service functionality with associated privacy-based threat vectors.

---

## OWNERSHIP & INFRASTRUCTURE

• Organization: APPLIEDPRIVACY-MNT (Applied Privacy Foundation)
• ASN: 208323
• RIR: ARIN
• Geolocation: Vienna, Austria (AT) | Coordinates: 47.52°N, 14.55°E
• Primary Hostname: tor-exit-anonymizer.appliedprivacy.net
• Network Role: Tor Exit Nodes — Firewalled / No Services

The IP resolves to Applied Privacy's Tor exit anonymizer infrastructure, a legitimate privacy-focused Tor relay network. DNS records confirm proper PTR and forward resolution alignment.

---

## THREAT ASSESSMENT

Current Risk Profile

• Overall Risk Score: 50 (Moderate)
• Abuse Confidence: Not elevated
• Blacklist Status: No current listings
• Known Attacker: No
• Spam Source: No
• Tor Exit Node: YES

Network Neighborhood (109.70.100.0/24)

• Subnet Classification: Mostly Clean
• Abuse Density: 13.33% (2 of 15 siblings flagged as threats)
• Risk Distribution: 0 high-risk, 5 medium-risk, 9 low-risk
• Notable Neighbors: 109.70.100.6, 100.12, 100.13, 100.14, 100.15 showing elevated risk scores (59)

The subnet demonstrates mixed risk characteristics typical of residential/shared infrastructure deployments.

---

## OBSERVATION HISTORY

46 historical observations tracked since deployment. Signal consistency analysis reveals:

• Operator Score: 0.3478 (Basic classification)
• Temporal Stability: No significant ownership changes
• Threat Persistence: No persistent malicious indicators
• Signal Type: Basic network infrastructure signals with consistent DNSSEC, CAA, and FCRDNS validation

Historical data indicates stable, non-malicious operation consistent with privacy service infrastructure.

---

## RELATIONSHIP MAPPING

124 relationship entities identified:

• Network Associations: Tor-Exit-Anonymizer--Foundation-for-Applied-Privacy (multiple links)
• DNS Associations: tor-exit-anonymizer.appliedprivacy.net
• Infrastructure Type: Unknown (tor exit node classification)

The IP maintains consistent relationship patterns with Applied Privacy's Tor exit node network infrastructure.

---

## RECOMMENDED ACTIONS

Based on risk profile analysis, the following firewall rules are recommended for implementation:

Recommended Block Rules

Implementation Note: While this is legitimate Tor infrastructure, organizations with strict security policies may choose to block Tor exit nodes. SOC teams should evaluate against internal policy regarding anonymous traffic sources.

---

## INTELLIGENCE CONCLUSION

IP 109.70.100.9 represents legitimate Applied Privacy Tor exit node infrastructure with moderate risk classification. The IP operates as designed for Tor network anonymity services, with no active malicious indicators detected. Recommended defensive actions include blocking at perimeter controls where policy permits, while acknowledging the legitimate privacy service nature of this infrastructure.

Priority: MONITOR (Block if policy requires)

Confidence: HIGH

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.