IPDebrief

136.111.21.196

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 136.111.21.196/32

## Executive Summary

IP address 136.111.21.196 is a Google Cloud infrastructure endpoint operating as a web server. The IP presents low risk (score: 25) with no active threat indicators. Intelligence indicates legitimate cloud infrastructure usage with Kubernetes service association.

## Ownership and Geolocation

## Technical Profile

## Threat Assessment

## Network Context

## Historical Observations (22 signals)

Recent activity indicates active scanning and TLS certificate validation. HTTP/2 endpoints returned 403 status codes. TLS 1.3 connections observed with valid certificate chain. No persistent malicious activity detected.

## Associated Entities

## Recommended Actions

## Intelligence Conclusion

The IP 136.111.21.196/32 operates as a legitimate Google Cloud web server endpoint. Technical indicatorsβ€”including Kubernetes certificate associations, Google Cloud infrastructure classification, and absence of threat indicatorsβ€”confirm benign cloud infrastructure usage. No immediate defensive action required. Standard SOC monitoring recommended.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionIA
CityCouncil Bluffs
TimezoneAmerica/Chicago
Latitude41.26
Longitude-95.85

🏒 Ownership & Registration

OrganizationGoogle LLC
ASNAS396982
Network Nameβ€”
CIDR Blockβ€”
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTR196.21.111.136.bc.googleusercontent.com
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnames196.21.111.136.bc.googleusercontent.com

πŸ” DNS Hygiene

Hygiene Score100% (Excellent)
SPF1/4 domains
DMARC1/4 domains
FCrDNSVerified
DNSSECValid
CAAPresent
Domains Checked4 domains

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierHosting β€” Infrastructure provider without advanced routing
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
443httpstcpβ€”
Closed Ports22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
CN=136.111.21.196
Issued by CN=6e5d9812-34c1-4740-81c3-665064c934c6
Self-signed: No
SANskuberneteskubernetes.defaultkubernetes.default.svckubernetes.default.svc.cluster.local
Valid From2026-06-18T18:50:26+00:00
Valid Until2031-06-17T18:52:26+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_128_GCM_SHA256
Signature Algorithmsha256RSA
Validity Period1825 days
Serial Number412A3D992D8FCA1E53BAA7DEB0B23029
Thumbprint54F5E8D25F9AC046C674A747C79C517CE7D4E03F

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
25%
24
routing
13%
11
services
24%
23
ownership
24%
23
reputation
26%
13
geolocation
39%
23
Overall25%1017
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceMostly Consistent (80%) β€” 1 contradiction(s)
AttributionModerate (55%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid
⚠ Claimed geolocation contradicts RTT physics measurement

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-19 21:39:07 UTC
Last Seen2026-06-28 09:35:32 UTC
Profile Built2026-06-29 03:40:04 UTC
Data FreshnessLive
Signal Types24
Total Observations30
πŸ” 24 signal types Β· 30 observations collected
This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.