8.231.147.192
Threat Intelligence Briefing for IP: 8.231.147.192/32
Overview:
The IP address 8.231.147.192/32 was analyzed to generate a comprehensive threat intelligence profile. The analysis incorporated data from various intelligence tools to provide a detailed account of its activity, observation history, relationships, and neighborhood context.
Observation History:
- The IP address was associated with multiple DNS records indicating connections to a range of services.
- Historical logs showed varying traffic patterns, with notable peaks during business hours.
- Previous analyses identified connections to known third-party CDN services.
Activity and Relationships:
- The IP was observed initiating outbound connections to several external domains, some of which are known for legitimate content delivery services.
- There were records of connections to IP addresses previously flagged for hosting phishing sites, though no direct malicious activity was observed from this IP at the time of analysis.
- Relationships with other IPs in the same subnet indicated potential use as part of a larger hosting infrastructure, often linked to dynamic web services.
Neighborhood Context:
- The surrounding IP range showed mixed usage, with several IPs linked to legitimate web services and others with past associations to spam and malware distribution.
- Analysis of neighboring IPs revealed a pattern of shared infrastructure, suggesting the use of virtualized hosting environments.
Conclusion:
While the IP address 8.231.147.192/32 has connections to legitimate services, its neighborhood and historical associations warrant monitoring. The presence of traffic to previously flagged domains suggests a potential risk, though no direct malicious activity was observed. SOC teams should consider implementing continuous monitoring and applying strict access controls for communications involving this IP address to mitigate potential threats. Further investigation into the specific services hosted by this IP may provide additional context and enhance security posture.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGL-2 |
| CIDR Block | 8.228.0.0/14 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 192.147.231.8.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 192.147.231.8.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 24% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 35% | 3 | 5 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 24% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-27 19:23:03 UTC |
| Last Seen | 2026-06-29 04:52:15 UTC |
| Profile Built | 2026-06-29 04:58:14 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 27 |
Full dossier details are available via our API.