IPDebrief

35.198.173.148

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# INTELLIGENCE BRIEFING: 35.198.173.148/32

## EXECUTIVE SUMMARY

IP address 35.198.173.148 is a Google Cloud Platform infrastructure endpoint located in Frankfurt, Germany. The address presents a low-risk profile (Risk Score: 25) with no active threat indicators, blacklisting, or malicious campaign associations. The IP is properly classified as cloud infrastructure and maintains stable ownership with no evidence of persistent malicious activity.

## INFRASTRUCTURE PROFILE

Organization: Google LLC

ASN: 396982 (GOOGLE-CLOUD)

CIDR Block: 35.192.0.0/12

Geolocation: Frankfurt, Hesse, Germany (DE)

Coordinates: 50.11°N, 8.68°E

Timezone: Europe/Berlin

The IP address resolves to a Google Cloud infrastructure endpoint with reverse DNS hostname `148.173.198.35.bc.googleusercontent.com`. The address is properly configured with forward-confirmed reverse DNS resolution and is hosted within the Google Cloud network infrastructure.

## RISK ASSESSMENT

Overall Risk Score: 25 (Low Risk)

Provider Score: 0 (Standard Cloud Provider)

Authority Score: 0 (No Authority Indicators)

Threat Indicators: None

Blacklist Count: 0

Abuse Confidence Score: Not Applicable

The address is classified as "Firewalled / No Services" with no open ports detected. The network role identifies this as Google Cloud infrastructure with cloud-based hosting characteristics.

## THREAT INDICATORS

## NETWORK CONTEXT

BGP Prefix: 35.198.160.0/20

Control Plane Status: Route stable

DNSSEC Valid: Yes

DNSBL Listings: 1 of 8 lists (minor listing, likely benign)

Operator Score: 0

The subnet 35.198.173.148/24 shows an abuse density of 1 with classification "mostly_clean." One threat sibling exists within the immediate /24 neighborhood, but the address itself maintains a clean profile with no inherited malicious signals.

## OBSERVATION HISTORY

Historical analysis reveals 20 observations collected over the monitoring period. Key observations include:

No escalation in threat signals or reputation degradation observed over the observation window. The IP maintains stable characteristics consistent with legitimate cloud infrastructure.

## RELATIONSHIP GRAPH

Six relationships identified:

All relationships point to standard Google Cloud infrastructure or associated DNS records. No anomalous or suspicious associations detected.

## RECOMMENDATIONS

Action Required: None

Security Classification: Low Risk - Monitor as Standard

This IP address represents legitimate Google Cloud infrastructure with no evidence of malicious activity. Standard logging and monitoring practices are sufficient. No firewall blocking, rate limiting, or other defensive actions are recommended.

---

*Intelligence compiled via IPDebrief threat intelligence platform. Data sourced from real-time network observations and threat intelligence feeds.*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฉ๐Ÿ‡ช Germany
RegionHE
CityFrankfurt
TimezoneEurope/Berlin
Latitude50.11
Longitude8.68

๐Ÿข Ownership & Registration

OrganizationGoogle LLC
ASNAS396982
Network NameGOOGLE-CLOUD
CIDR Block35.192.0.0/12
RIRARIN
CountryUnited States
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR148.173.198.35.bc.googleusercontent.com
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnames148.173.198.35.bc.googleusercontent.com

๐Ÿ” DNS Hygiene

Hygiene Score100% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAAPresent

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierTier 3 โ€” Basic operator with some routing infrastructure
Cloud

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
443httpstcpโ€”
Closed Ports22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
CN=34.141.104.4
Issued by CN=0a477757-3d0f-432a-baf4-3b997c9b7400
Self-signed: No
SANskuberneteskubernetes.defaultkubernetes.default.svckubernetes.default.svc.cluster.local
Valid From2026-06-09T16:32:15+00:00
Valid Until2031-06-08T16:34:15+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_128_GCM_SHA256
Signature Algorithmsha256RSA
Validity Period1825 days
Serial Number00D4567A9EA5793B49898F0D5FF9B7ADF1
Thumbprint5309938CFF86A4F8AB431FD65FB04A7A1413EA29

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
35%
23
routing
17%
11
services
17%
11
ownership
35%
23
reputation
28%
13
geolocation
24%
22
Overall26%913
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-06-08 14:09:07 UTC
Last Seen2026-06-21 15:09:04 UTC
Profile Built2026-06-21 15:31:53 UTC
Data FreshnessLive
Signal Types22
Total Observations24
๐Ÿ” 22 signal types ยท 24 observations collected
This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.