35.196.24.13
## Intelligence Briefing: IP 35.196.24.13/32
Classification: LOW RISK / GOOGLE CLOUD INFRASTRUCTURE
Date: 2026-06-15
Analyst: IPDebrief Intelligence
---
Executive Summary
IP address 35.196.24.13 is registered to Google LLC (ASN 396982) and operates within Google Cloud infrastructure. The IP demonstrates low risk characteristics with a risk score of 25. No active threat indicators or malicious activity were observed during the assessment period.
---
Infrastructure Profile
Ownership:
- Organization: Google LLC
- ASN: 396982
- RIR: ARIN
- Network: Google Cloud Provider infrastructure
Geolocation:
- Country: United States (US)
- Region: South Carolina (SC)
- City: Moncks Corner
- Coordinates: 33.21°N, -80.17°W
- Timezone: America/New_York
Network Classification:
- Infrastructure Type: CloudCompute
- Cloud Provider: Google Cloud
- Service Purpose: Firewalled / No Services
- Anycast: No
- CDN: No
- VPN/Proxy: No
---
DNS Resolution
- PTR Hostname: 13.24.196.35.bc.googleusercontent.com
- Forward Resolution: Confirmed (googleusercontent.com)
- Email Authentication: SPF and DMARC records present
- DNSSEC: Valid
---
Threat Assessment
Risk Indicators:
- Risk Score: 25 (Low Risk)
- Abuse Confidence Score: Not applicable
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
Blacklist Status:
- DNS Blacklist Listings: 1 out of 8 total lists
- Last Notable Listing: 2026-06-01 (High severity listing observed)
Campaign Correlation:
- Campaign Likelihood: None
- CERT Matches: 0
- Correlated IPs: 0
---
Neighborhood Analysis
Subnet: 35.196.24.13/24
- Abuse Density: 0 (Clean)
- Classification: Mostly Clean
- Threat Siblings: 1
- Active Siblings: 1
The /24 subnet demonstrates minimal abuse activity with low overall risk density. No significant threat patterns were observed among neighboring addresses.
---
Observation History
Historical signal analysis reveals the following temporal patterns:
2026-06-15:
- Routing and ownership signals observed with 0.60 confidence
- Operator score: 0.3478
2026-06-10:
- Cloud infrastructure classification confirmed (Google Cloud)
- Geolocation inference: Moncks Corner, SC (0.56 confidence)
2026-06-01:
- DNS blacklist listing activity detected (8 total lists, 1 active listing)
- Maximum severity: High
The IP has maintained consistent ownership characteristics with no significant changes observed across the observation window.
---
Recommended Actions
Based on the risk profile and threat indicators, the following actions are recommended:
1. No immediate blocking required - IP classified as low risk Google Cloud infrastructure
2. Monitor blacklist status - Continue monitoring for DNSBL reappearances
3. Standard traffic logging - Apply standard cloud infrastructure monitoring policies
4. No firewall rules recommended - No specific iptables/nftables rules required
---
Intelligence Summary
IP 35.196.24.13 represents legitimate Google Cloud infrastructure with standard risk characteristics. The single historical blacklist listing from June 2026 has not resulted in sustained malicious activity. Current threat indicators show no active exploitation or abuse patterns. The IP resolves to Google's content delivery infrastructure and demonstrates normal cloud provider behavior.
Disposition: Continue standard monitoring; no escalation required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 13.24.196.35.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 13.24.196.35.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 20% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-23 06:22:32 UTC |
| Last Seen | 2026-06-28 20:38:34 UTC |
| Profile Built | 2026-06-29 02:40:51 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 22 |
Full dossier details are available via our API.