35.193.154.30📋 Copy

IP INTELLIGENCE BRIEFING

Subject: 35.193.154.30/32

Classification: Google Cloud Infrastructure

Risk Assessment: LOW RISK (Score: 25/100)

Report Date: Current Intelligence Cycle

---

EXECUTIVE SUMMARY

IP 35.193.154.30 is a low-risk residential endpoint hosted within Google Cloud infrastructure. The address demonstrates minimal threat indicators and standard operational patterns consistent with cloud-based services. No active malicious campaigns, blacklisting, or abuse signals were detected during intelligence collection.

---

INFRASTRUCTURE PROFILE

Technical Configuration:

• DNS Resolution: 30.154.193.35.bc.googleusercontent.com
• Reverse DNS: 30.154.193.35.bc.googleusercontent.com (forward-confirmed)
• Email Authentication: SPF and DMARC records present
• Open Ports: TCP/22 (SSH) - OpenSSH 10.0
• TLS/Certificate: None detected

---

THREAT INDICATORS

Risk Breakdown:

• Risk Score: 25/100 (Low Risk)
• Provider Score: 0
• Authority Score: 0
• Stability Score: 0

---

NETWORK NEIGHBORHOOD ANALYSIS

Subnet: 35.193.154.30/24

• Abuse Density: 0-1 (Low/Moderate - data variance between sources)
• Classification: mostly_clean
• Inherited Risk: 2/100
• Total Siblings: 1
• Active Siblings: 1
• Threat Siblings: 1

The /24 subnet exhibits minimal abuse activity with a single active sibling endpoint classified as potentially threatening. No high-risk neighbors detected.

---

OBSERVATION HISTORY

Total Signals Observed: 21

Recent Activity Timeline:

• 2026-06-20 07:55:52 UTC - Banner scan (confidence: 0.30)
• 2026-06-15 08:18:44 UTC - Subnet abuse analysis (density: 1, mostly_clean)
• 2026-06-15 08:12:21 UTC - Port scan detection (SSH:22, TCP/22)
• 2026-06-15 08:05:41 UTC - Geolocation probe (RTT validation failure)
• 2026-06-15 07:57:47 UTC - Reputation check (US, Council Bluffs, IA)

Temporal Analysis:

• Ownership Changes: 0
• Threat Persistence Days: 0
• Threat Observation Count: 1
• Persistently Malicious: False

---

RELATIONSHIP GRAPH

Total Relationships: 26

• DNS Associations: 14 instances pointing to 30.154.193.35.bc.googleusercontent.com
• Network Associations: 12 instances linked to GOOGLE-CLOUD network

Related Entities:

• Hostname: 30.154.193.35.bc.googleusercontent.com
• Network: GOOGLE-CLOUD (multiple instances)

---

GELOCATION VALIDATION

Anomaly Detected: RTT/Distance Discrepancy

• Claimed Distance: 7,218.7 km
• Observed RTT: 55.0 ms
• Minimum Possible RTT: 144.4 ms (for 7,219 km)
• Status: INVALID (GeoPlausible: false)
• Probe Count: 5

Analysis: Geolocation data indicates a validation violation where the observed round-trip time is significantly below the physically possible minimum for the claimed distance. This suggests either:

1. Inaccurate geolocation database data

2. Potential routing anomalies

3. Data source inconsistency

---

RECOMMENDED ACTIONS

Firewall/Blocking: NOT RECOMMENDED

Risk Level: LOW (Score: 25/100)

Justification:

• IP is part of legitimate Google Cloud infrastructure
• No active threat indicators detected
• No blacklist entries or abuse signals
• Standard cloud compute endpoint behavior

Monitoring Recommendations:

• Monitor for changes in risk score or threat indicators
• Track geolocation consistency over time
• Watch for emergence of open ports beyond SSH

No immediate blocking or restrictive actions recommended.

---

CONCLUSION

IP 35.193.154.30 operates as a standard Google Cloud infrastructure endpoint with low-risk characteristics. The single observed threat signal is insufficient to warrant blocking. The geolocation validation anomaly should be monitored but does not currently indicate malicious activity. This IP may be safely permitted through standard security controls while maintaining baseline monitoring.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.