IPDebrief

109.70.100.9

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 109.70.100.9/32

Date Generated: 2026-06-20

Classification: Tor Exit Node Infrastructure

Risk Level: MODERATE (Score: 50/100)

---

## EXECUTIVE SUMMARY

IP address 109.70.100.9 is a Tor exit node operated by Applied Privacy Foundation, located in Vienna, Austria. The IP demonstrates moderate risk characteristics consistent with Tor network infrastructure, presenting legitimate anonymity service functionality with associated privacy-based threat vectors.

---

## OWNERSHIP & INFRASTRUCTURE

The IP resolves to Applied Privacy's Tor exit anonymizer infrastructure, a legitimate privacy-focused Tor relay network. DNS records confirm proper PTR and forward resolution alignment.

---

## THREAT ASSESSMENT

Current Risk Profile

Network Neighborhood (109.70.100.0/24)

The subnet demonstrates mixed risk characteristics typical of residential/shared infrastructure deployments.

---

## OBSERVATION HISTORY

46 historical observations tracked since deployment. Signal consistency analysis reveals:

Historical data indicates stable, non-malicious operation consistent with privacy service infrastructure.

---

## RELATIONSHIP MAPPING

124 relationship entities identified:

The IP maintains consistent relationship patterns with Applied Privacy's Tor exit node network infrastructure.

---

## RECOMMENDED ACTIONS

Based on risk profile analysis, the following firewall rules are recommended for implementation:

Recommended Block Rules

PlatformRule
**iptables**`iptables -A INPUT -s 109.70.100.9 -j DROP`
**nftables**`nft add rule inet filter input ip saddr 109.70.100.9 drop`
**nginx**`deny 109.70.100.9;`
**pfSense**`109.70.100.9/32`
**Cloudflare WAF**Block โ€” Risk Score 50
**AWS WAF**Addresses: 109.70.100.9/32

Implementation Note: While this is legitimate Tor infrastructure, organizations with strict security policies may choose to block Tor exit nodes. SOC teams should evaluate against internal policy regarding anonymous traffic sources.

---

## INTELLIGENCE CONCLUSION

IP 109.70.100.9 represents legitimate Applied Privacy Tor exit node infrastructure with moderate risk classification. The IP operates as designed for Tor network anonymity services, with no active malicious indicators detected. Recommended defensive actions include blocking at perimeter controls where policy permits, while acknowledging the legitimate privacy service nature of this infrastructure.

Priority: MONITOR (Block if policy requires)

Confidence: HIGH

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฆ๐Ÿ‡น Austria
RegionState of Vienna
CityVienna
TimezoneEurope/Vienna
Latitude47.52
Longitude14.55

๐Ÿข Ownership & Registration

OrganizationAPPLIEDPRIVACY-MNT
ASNAS208323
Network Nameโ€”
CIDR Blockโ€”
RIRARIN
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRtor-exit-anonymizer.appliedprivacy.net
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamestor-exit-anonymizer.appliedprivacy.net

๐Ÿ” DNS Hygiene

Hygiene Score100% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAAPresent

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierTier 3 โ€” Basic operator with some routing infrastructure
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
19%
22
routing
13%
11
services
8%
11
ownership
20%
23
reputation
18%
12
geolocation
27%
23
Overall18%912
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-22 13:35:37 UTC
Last Seen2026-06-26 21:06:47 UTC
Profile Built2026-06-27 10:52:13 UTC
Data FreshnessLive
Signal Types20
Total Observations48
๐Ÿ” 20 signal types ยท 48 observations collected
This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.