35.198.173.148
# INTELLIGENCE BRIEFING: 35.198.173.148/32
## EXECUTIVE SUMMARY
IP address 35.198.173.148 is a Google Cloud Platform infrastructure endpoint located in Frankfurt, Germany. The address presents a low-risk profile (Risk Score: 25) with no active threat indicators, blacklisting, or malicious campaign associations. The IP is properly classified as cloud infrastructure and maintains stable ownership with no evidence of persistent malicious activity.
## INFRASTRUCTURE PROFILE
Organization: Google LLC
ASN: 396982 (GOOGLE-CLOUD)
CIDR Block: 35.192.0.0/12
Geolocation: Frankfurt, Hesse, Germany (DE)
Coordinates: 50.11°N, 8.68°E
Timezone: Europe/Berlin
The IP address resolves to a Google Cloud infrastructure endpoint with reverse DNS hostname `148.173.198.35.bc.googleusercontent.com`. The address is properly configured with forward-confirmed reverse DNS resolution and is hosted within the Google Cloud network infrastructure.
## RISK ASSESSMENT
Overall Risk Score: 25 (Low Risk)
Provider Score: 0 (Standard Cloud Provider)
Authority Score: 0 (No Authority Indicators)
Threat Indicators: None
Blacklist Count: 0
Abuse Confidence Score: Not Applicable
The address is classified as "Firewalled / No Services" with no open ports detected. The network role identifies this as Google Cloud infrastructure with cloud-based hosting characteristics.
## THREAT INDICATORS
- Known Attacker: No
- Tor Exit Node: No
- Spam Source: No
- Known Campaigns: None
- Threat Feeds: None
- Persistence Days: 0 (No persistent malicious activity observed)
## NETWORK CONTEXT
BGP Prefix: 35.198.160.0/20
Control Plane Status: Route stable
DNSSEC Valid: Yes
DNSBL Listings: 1 of 8 lists (minor listing, likely benign)
Operator Score: 0
The subnet 35.198.173.148/24 shows an abuse density of 1 with classification "mostly_clean." One threat sibling exists within the immediate /24 neighborhood, but the address itself maintains a clean profile with no inherited malicious signals.
## OBSERVATION HISTORY
Historical analysis reveals 20 observations collected over the monitoring period. Key observations include:
- 2026-06-21: Basic DNS, routing, and reputation signals collected with 60% confidence
- 2026-06-16: Ownership stability confirmed with zero ownership changes detected
- Geolocation Validation: Frankfurt, Germany location confirmed via multi-signal inference (56% confidence)
No escalation in threat signals or reputation degradation observed over the observation window. The IP maintains stable characteristics consistent with legitimate cloud infrastructure.
## RELATIONSHIP GRAPH
Six relationships identified:
- Same Network: GOOGLE-CLOUD (multiple entries)
- DNS Association: 148.173.198.35.bc.googleusercontent.com (multiple entries)
All relationships point to standard Google Cloud infrastructure or associated DNS records. No anomalous or suspicious associations detected.
## RECOMMENDATIONS
Action Required: None
Security Classification: Low Risk - Monitor as Standard
This IP address represents legitimate Google Cloud infrastructure with no evidence of malicious activity. Standard logging and monitoring practices are sufficient. No firewall blocking, rate limiting, or other defensive actions are recommended.
---
*Intelligence compiled via IPDebrief threat intelligence platform. Data sourced from real-time network observations and threat intelligence feeds.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGLE-CLOUD |
| CIDR Block | 35.192.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 148.173.198.35.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 148.173.198.35.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | kuberneteskubernetes.defaultkubernetes.default.svckubernetes.default.svc.cluster.local |
| Valid From | 2026-06-09T16:32:15+00:00 |
| Valid Until | 2031-06-08T16:34:15+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 1825 days |
| Serial Number | 00D4567A9EA5793B49898F0D5FF9B7ADF1 |
| Thumbprint | 5309938CFF86A4F8AB431FD65FB04A7A1413EA29 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 24% | 2 | 2 |
| Overall | 26% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-08 14:09:07 UTC |
| Last Seen | 2026-06-21 15:09:04 UTC |
| Profile Built | 2026-06-21 15:31:53 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 24 |
Full dossier details are available via our API.