104.196.143.239

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 104.196.143.239/32

Classification: LOW RISK — Cloud Infrastructure

Report Date: 2026-06-28

Analyst: IPDebrief SOC Intelligence

---

## Executive Summary

IP address 104.196.143.239 is a Google Cloud Compute infrastructure endpoint with low-risk characteristics. The address demonstrates stable ownership, minimal threat indicators, and no malicious activity patterns. Operational monitoring recommends standard cloud infrastructure treatment with no immediate blocking or investigation required.

---

## Technical Profile

Attribute	Value
IP Address	104.196.143.239/32
Risk Score	25 (Low)
ASN	396982
Organization	Google LLC
Infrastructure Type	CloudCompute
Network Role	Google Cloud Provider
Geolocation	Moncks Corner, SC, US
Coordinates	33.21, -80.17
Timezone	America/New_York

---

## Network Classification

Infrastructure Type: CloudCompute
Connection Type: Firewalled / No Services
DNS Resolved: 239.143.196.104.bc.googleusercontent.com
Reverse DNS: Confirmed (1 PTR record)
DNSSEC Valid: Yes
Open Ports: None detected

---

## Threat Assessment

Current Risk Level: LOW RISK

Threat Indicators:

Known Attacker: No
Spam Source: No
Tor Exit Node: No
Blacklist Count: 0
DNSBL Listed: 1 (minor)

Campaign Correlation:

Campaign Likelihood: None
Cert Matches: 0
Correlated IPs: 0

---

## Historical Analysis

Observation Count: 24 signals tracked

Temporal Pattern: Stable

Ownership changes: 0
Threat persistence: 0 days
Most recent signal: 2026-06-28T14:55:42
Geographic consistency: Moncks Corner, SC (consistent since 2026-06-20)

Risk Trajectory: No escalation detected. Risk signals remain at minimal levels throughout observation period.

---

## Relationship Network

Total Relationships: 61

Key Associations:

DNS: 239.143.196.104.bc.googleusercontent.com
Network: GOOGLE-CLOUD
Same Subnet: 104.196.143.0/24

Network Environment:

Subnet: 104.196.143.0/24
Abuse Density: 0
Classification: mostly_clean
Threat Siblings: 0

---

## Control Plane & Routing

Metric	Value
BGP Prefix	104.196.128.0/20
Route Stability	Unstable
MoAS Status	No
RPKI State	Not applicable
IRR Consistency	Not applicable
Route Changes (30d)	0

---

## Recommended Actions

Action Level: MONITOR

Firewall Policy: Standard allow for Google Cloud traffic

No blocking required
No egress filtering necessary
Standard cloud provider trust model applies

Monitoring Priority: Low

No immediate threat indicators
Standard cloud infrastructure baseline

Investigation Priority: None

No suspicious activity patterns
No correlation to known campaigns

---

## Intelligence Conclusion

IP 104.196.143.239 represents normal Google Cloud infrastructure with no malicious activity detected. The address maintains low-risk classification across all threat dimensions. Traffic from this IP should be treated under standard cloud provider trust policies with routine monitoring. No defensive actions required at this time.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	SC
City	Moncks Corner
Timezone	America/New_York
Latitude	33.21
Longitude	-80.17

🏢 Ownership & Registration

Organization	Google LLC
ASN	AS396982
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	239.143.196.104.bc.googleusercontent.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`239.143.196.104.bc.googleusercontent.com`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	26%	2	4
routing	53%	1	22
services	12%	2	2
ownership	20%	2	3
reputation	28%	1	3
geolocation	39%	2	3
Overall	30%	10	37

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-21 20:58:36 UTC
Last Seen	2026-06-28 14:55:35 UTC
Profile Built	2026-06-29 08:59:55 UTC
Data Freshness	Live
Signal Types	23
Total Observations	49

🔍 23 signal types · 49 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

104.196.143.239📋 Copy