# IP Intelligence Briefing: 35.195.23.219/32
## Executive Summary
The target IP 35.195.23.219 is a Google Cloud infrastructure endpoint with a low-risk profile (score: 25). The address belongs to Google LLC (AS396982) and operates within the Google Cloud network. No active threat indicators were detected, though the IP was listed on one DNSBL. The subnet shows moderate inherited risk with one threat sibling observed.
## Infrastructure Profile
- Organization: Google LLC
- ASN: 396982
- Network Role: CloudCompute / Hosting
- Geolocation: US (Brussels region)
- Infrastructure Type: Cloud infrastructure with stable BGP routing (35.195.16.0/20)
- Control Plane: Route stable, DNSSEC valid, RPKI status pending
## Service Exposure
- Open Ports: TCP/443 (HTTPS)
- HTTP Version: HTTP/2.0 enabled
- TLS Configuration: TLS 1.3 (TLS_AES_128_GCM_SHA256)
- Certificate: Valid certificate issued for 34.156.205.131, SANs include Kubernetes service entries
- DNS: PTR resolves to 219.23.195.35.bc.googleusercontent.com, forward resolution confirmed
- Email Auth: SPF and DMARC records present
## Threat Intelligence Assessment
- Risk Score: 25 (Low Risk)
- Abuse Confidence: None reported
- Known Campaigns: None
- Threat Feeds: No matches
- Blacklist Status: Listed on 1 of 8 DNSBLs
- Campaign Likelihood: None
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
## Neighborhood Analysis
Subnet 35.195.23.219/24 classification: mostly_clean
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
- Abuse Density: 1
- Inherited Risk: 2
## Historical Observation (Last 30 Observations)
Recent telemetry shows signal progression from minimal to moderate risk indicators:
- 2026-06-28: Minimal risk signals (confidence: 0.30)
- 2026-06-19: Moderate risk control plane signals (confidence: 0.85)
- HTTP response: Status 401 (unauthorized), Response time: 310ms
- Fingerprint: HTTP/2.0, HTTP/2 headers present
## Related Entities
- DNS Association: 219.23.195.35.bc.googleusercontent.com
- Network Associations: Multiple GOOGLE-CLOUD network references
- Relationship Count: 285 total relationship records
## SOC Analyst Recommendations
No immediate firewall blocking or blocking rules recommended. The IP demonstrates legitimate cloud infrastructure behavior with proper TLS configuration and DNS setup. Monitor for any changes in threat indicators or neighborhood activity. Standard Google Cloud traffic handling applies.
---
*Data sourced from IPDebrief intelligence platform. Analysis generated for defensive security operations.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | โ |
| CIDR Block | 35.195.16.0/20 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 219.23.195.35.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 219.23.195.35.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | 1/4 domains |
| DMARC | 1/4 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
| Domains Checked | 4 domains |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | kuberneteskubernetes.defaultkubernetes.default.svckubernetes.default.svc.cluster.local |
| Valid From | 2026-06-19T23:01:04+00:00 |
| Valid Until | 2031-06-18T23:03:04+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 1825 days |
| Serial Number | 23B83752934F6F9A80539A98C4F00FBC |
| Thumbprint | D19103CBB11BC76AB33EF99FF66D83B02CE651CD |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 17% | 2 | 3 |
| services | 24% | 2 | 3 |
| ownership | 22% | 3 | 4 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 25% | 12 | 20 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 07:14:31 UTC |
| Last Seen | 2026-06-28 00:31:39 UTC |
| Profile Built | 2026-06-28 18:35:52 UTC |
| Data Freshness | Live |
| Signal Types | 28 |
| Total Observations | 34 |
Full dossier details are available via our API.