35.195.23.219

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 35.195.23.219/32

## Executive Summary

The target IP 35.195.23.219 is a Google Cloud infrastructure endpoint with a low-risk profile (score: 25). The address belongs to Google LLC (AS396982) and operates within the Google Cloud network. No active threat indicators were detected, though the IP was listed on one DNSBL. The subnet shows moderate inherited risk with one threat sibling observed.

## Infrastructure Profile

Organization: Google LLC
ASN: 396982
Network Role: CloudCompute / Hosting
Geolocation: US (Brussels region)
Infrastructure Type: Cloud infrastructure with stable BGP routing (35.195.16.0/20)
Control Plane: Route stable, DNSSEC valid, RPKI status pending

## Service Exposure

Open Ports: TCP/443 (HTTPS)
HTTP Version: HTTP/2.0 enabled
TLS Configuration: TLS 1.3 (TLS_AES_128_GCM_SHA256)
Certificate: Valid certificate issued for 34.156.205.131, SANs include Kubernetes service entries
DNS: PTR resolves to 219.23.195.35.bc.googleusercontent.com, forward resolution confirmed
Email Auth: SPF and DMARC records present

## Threat Intelligence Assessment

Risk Score: 25 (Low Risk)
Abuse Confidence: None reported
Known Campaigns: None
Threat Feeds: No matches
Blacklist Status: Listed on 1 of 8 DNSBLs
Campaign Likelihood: None
Tor Exit Node: No
Known Attacker: No
Spam Source: No

## Neighborhood Analysis

Subnet 35.195.23.219/24 classification: mostly_clean

Total Siblings: 1
Active Siblings: 1
Threat Siblings: 1
Abuse Density: 1
Inherited Risk: 2

## Historical Observation (Last 30 Observations)

Recent telemetry shows signal progression from minimal to moderate risk indicators:

2026-06-28: Minimal risk signals (confidence: 0.30)
2026-06-19: Moderate risk control plane signals (confidence: 0.85)
HTTP response: Status 401 (unauthorized), Response time: 310ms
Fingerprint: HTTP/2.0, HTTP/2 headers present

## Related Entities

DNS Association: 219.23.195.35.bc.googleusercontent.com
Network Associations: Multiple GOOGLE-CLOUD network references
Relationship Count: 285 total relationship records

## SOC Analyst Recommendations

No immediate firewall blocking or blocking rules recommended. The IP demonstrates legitimate cloud infrastructure behavior with proper TLS configuration and DNS setup. Monitor for any changes in threat indicators or neighborhood activity. Standard Google Cloud traffic handling applies.

---

*Data sourced from IPDebrief intelligence platform. Analysis generated for defensive security operations.*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇧🇪 Belgium
Region	WAL
City	St. Ghislain
Timezone	Europe/Brussels
Latitude	50.45
Longitude	3.82

🏢 Ownership & Registration

Organization	Google LLC
ASN	AS396982
Network Name	—
CIDR Block	35.195.16.0/20
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	219.23.195.35.bc.googleusercontent.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`219.23.195.35.bc.googleusercontent.com`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	1/4 domains
DMARC	1/4 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Present
Domains Checked	4 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
Closed Ports	22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

CN=34.156.205.131

Issued by CN=cdd5f1b1-6b37-4810-9972-a3a26c3153f4

Self-signed: No

SANs	kuberneteskubernetes.defaultkubernetes.default.svckubernetes.default.svc.cluster.local
Valid From	2026-06-19T23:01:04+00:00
Valid Until	2031-06-18T23:03:04+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_128_GCM_SHA256
Signature Algorithm	sha256RSA
Validity Period	1825 days
Serial Number	23B83752934F6F9A80539A98C4F00FBC
Thumbprint	D19103CBB11BC76AB33EF99FF66D83B02CE651CD

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	29%	2	4
routing	17%	2	3
services	24%	2	3
ownership	22%	3	4
reputation	28%	1	3
geolocation	33%	2	3
Overall	25%	12	20

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-14 07:14:31 UTC
Last Seen	2026-06-28 00:31:39 UTC
Profile Built	2026-06-28 18:35:52 UTC
Data Freshness	Live
Signal Types	28
Total Observations	34

🔍 28 signal types · 34 observations collected

This report is generated from 28+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

35.195.23.219📋 Copy