35.201.165.31

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 35.201.165.31/32

Classification: Google Cloud Infrastructure

Risk Assessment: LOW RISK (Score: 25)

---

## EXECUTIVE SUMMARY

IP address 35.201.165.31 is identified as legitimate Google Cloud infrastructure located in Changhua, Taiwan. The IP demonstrates low-risk characteristics with no malicious indicators, no blacklist entries, and clean subnet classification. No immediate threat action recommended.

---

## OWNERSHIP & INFRASTRUCTURE

Organization: Google LLC
ASN: 396982 (GOOGLE-CLOUD)
CIDR Block: 35.192.0.0/12
RIR: ARIN
Infrastructure Type: Cloud Compute
Reputation: Low Risk

## GEOLOCATION

Country: Taiwan (TW)
City: Changhua
Coordinates: 24.05°N, 120.55°E
Timezone: Asia/Taipei
Accuracy Radius: 150 km

## NETWORK CLASSIFICATION

Cloud Provider: Google Cloud
Open Ports: None detected
DNS Resolution: 31.165.201.35.bc.googleusercontent.com
Forward Resolution: Confirmed
PTR Record: Active
Email Auth: SPF: Yes, DMARC: Yes
TLS Certificate: None detected

## THREAT INDICATORS

Abuse Confidence Score: None
Blacklist Count: 0
Known Attacker: No
Spam Source: No
Tor Exit Node: No
Known Campaigns: None
Threat Feeds: None

## OBSERVATION HISTORY

Total Observations: 19 signals

Timeline: 2026-06-16 to 2026-06-21

Recent signal patterns indicate:

Consistent cloud infrastructure classification (Google Cloud)
Stable geographic location (Changhua, TW)
Clean subnet classification maintained
No ownership changes
No persistently malicious behavior observed

## SUBNET ANALYSIS (35.201.165.0/24)

Classification: Clean
Abuse Density: 0
Threat Siblings: 0
Active Siblings: 0
Risk Distribution: All zero (High: 0, Medium: 0, Low: 0)

## RELATIONSHIPS

DNS Associations: 31.165.201.35.bc.googleusercontent.com (multiple entries)
Network Associations: GOOGLE-CLOUD (repeated entries)
Total Relationships: 8

## CONTROL PLANE DATA

Route Stability: False (route changes within 30d)
DNSSEC Valid: Yes
CAA Records: Yes
DNSBL Listed: 1 of 8 total lists
BGP Prefix: 35.201.160.0/20

---

## THREAT INTELLIGENCE NARRATIVE

This IP address operates within Google Cloud's Taiwan infrastructure and exhibits characteristics consistent with legitimate cloud computing services. The IP shows no malicious indicators across all threat feeds, with zero blacklist entries and no association with known attack campaigns or persistent malicious behavior.

The subnet (35.201.165.0/24) demonstrates clean classification with no threat siblings and minimal abuse density. Historical observations confirm stable infrastructure classification and geographic consistency over the observation period.

SOC Analyst Guidance: This IP represents legitimate Google Cloud infrastructure. No blocking or mitigation action recommended. Standard monitoring practices apply. If this IP appears in blocked traffic logs, investigate the destination/service rather than the source IP, as legitimate cloud services may be used for various purposes including CDN, web hosting, and application delivery.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇹🇼 Taiwan
Region	TXG
City	Changhua
Timezone	Asia/Taipei
Latitude	24.05
Longitude	120.55

🏢 Ownership & Registration

Organization	Google LLC
ASN	AS396982
Network Name	GOOGLE-CLOUD
CIDR Block	35.192.0.0/12
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	31.165.201.35.bc.googleusercontent.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`31.165.201.35.bc.googleusercontent.com`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	24%	2	2
routing	17%	1	1
services	17%	1	1
ownership	35%	2	3
reputation	17%	1	2
geolocation	17%	1	1
Overall	21%	8	10

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-06-13 19:56:51 UTC
Last Seen	2026-06-21 21:09:25 UTC
Profile Built	2026-06-21 21:38:52 UTC
Data Freshness	Live
Signal Types	21
Total Observations	24

🔍 21 signal types · 24 observations collected

This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

35.201.165.31📋 Copy