IPDebrief

172.104.175.50

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

INTELLIGENCE BRIEFING: 172.104.175.50

Classification: Low Risk

Date of Analysis: Current

Intel Source: IPDebrief Platform

---

EXECUTIVE SUMMARY

Target IP 172.104.175.50/32 presents a low-risk threat profile (Risk Score: 25/100) associated with Linode cloud infrastructure (ASN 63949). The IP resolves to hostname na.notionx.com and demonstrates clean operational characteristics with no active threat indicators.

OWNERSHIP & INFRASTRUCTURE

The IP is assigned to Linode (ASN 63949), a cloud compute provider. Infrastructure classification indicates CloudCompute hosting with service purpose marked as "Firewalled / No Services." The control plane demonstrates route stability with BGP prefix 172.104.160.0/19 and no recent route changes in the past 30 days.

GEOGRAPHIC ATTRIBUTION

Geolocation consensus identifies Singapore (SG) with geoPlausible flag set to true. Multiple geo sources confirm this attribution with an accuracy radius of 2500km. Historical observations show occasional low-confidence US geolocation signals (confidence: 0.35), but Singapore remains the prevailing attribution.

THREAT ASSESSMENT

DNS & HOSTNAME INTELLIGENCE

DNS resolution confirms forward confirmation to na.notionx.com. The IP does not host email services (no SPF or DMARC records detected). Network role indicates hosting infrastructure with no active open ports or TLS certificates observed.

NETWORK NEIGHBORHOOD ANALYSIS

Subnet 172.104.175.50/24 shows low abuse density (0.0) with classification "mostly_clean." One neighboring IP (172.104.175.234) shares the risk profile with a risk score of 25. Inherited risk from neighborhood is 5/100.

OBSERVATION HISTORY

Signal observation history contains 26 recorded observations. ASN registration dates back to 2015-02-16 (4142 days old). Recent operator scores range from 0.26 to 0.39, both labeled "Basic." One threat observation was recorded in the history, with no persistent malicious activity detected (threatPersistenceDays: 0).

RELATIONSHIP GRAPH

Forty-five relationships identified, including DNS associations to na.notionx.com and same-network associations with LINODE infrastructure.

---

RECOMMENDATIONS

No immediate firewall rules or blocking actions recommended. The IP demonstrates benign operational characteristics consistent with cloud hosting infrastructure. Routine monitoring is advised.

CONCLUSION

IP 172.104.175.50 is a low-risk cloud infrastructure endpoint with no active threat indicators. The asset operates within Linode's Singapore hosting infrastructure with stable routing and no evidence of malicious activity. SOC analysts may continue standard monitoring procedures without escalation.

---

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΈπŸ‡¬ Singapore
Regionβ€”
CitySingapore
Timezoneβ€”
Latitude1.29
Longitude103.85

🏒 Ownership & Registration

OrganizationLinode
ASNAS63949
Network Nameβ€”
CIDR Block172.104.160.0/19
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRna.notionx.com
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesna.notionx.com

πŸ” DNS Hygiene

Hygiene Score40% (Fair)
SPFNot configured
DMARCNot configured
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierTier 3 β€” Basic operator with some routing infrastructure
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
23
routing
27%
23
services
8%
11
ownership
37%
36
reputation
26%
13
geolocation
40%
23
Overall28%1119
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-23 18:29:05 UTC
Last Seen2026-06-28 22:38:46 UTC
Profile Built2026-06-29 04:40:49 UTC
Data FreshnessLive
Signal Types23
Total Observations26
πŸ” 23 signal types Β· 26 observations collected
This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.