35.204.188.255

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 35.204.188.255/32

## Executive Summary

Target IP 35.204.188.255 is a Google Cloud infrastructure endpoint located in Eemshaven, Netherlands. The IP demonstrates low-risk characteristics with a risk score of 25/100. No active threat indicators were observed across all intelligence sources. The IP serves as a cloud compute resource running Kubernetes services.

## Ownership & Infrastructure

Organization: Google LLC (ASN: 396982)
Network: 35.192.0.0/12 (GOOGLE-CLOUD)
Infrastructure Type: CloudCompute, Cloud Provider
Geolocation: Eemshaven, Netherlands (NL)
Registration: ARIN registry

## Network Classification

Primary Role: Web Server / Hosting
Is Cloud Infrastructure: Yes
Connection Type: Standard internet access
Port 443 (HTTPS): Open and operational
DNS Resolution: 255.188.204.35.bc.googleusercontent.com

## Threat Intelligence Assessment

Risk Score: 25 (Low Risk)
Abuse Confidence: Not elevated
Blacklist Status: 1 DNSBL listing out of 8 total lists scanned
Known Campaigns: None identified
Tor Exit Node: No
Known Attacker: No
Spam Source: No

## TLS/SSL Analysis

Certificate Type: Self-signed certificate
Certificate Subject: CN=35.204.188.255
SANS (Subject Alternative Names):

- kubernetes

- kubernetes.default

- kubernetes.default.svc

- kubernetes.default.svc.cluster.local

Certificate Status: Valid infrastructure certificate for Kubernetes cluster

## Observation History (27 total signals)

Recent observations indicate the IP resolves to various Kubernetes service endpoints:

cluster.local
default.svc
kubernetes.default
googleusercontent.com (with SPF/DMARC configured)

A subnet-level observation from 2026-06-21 classified the 35.204.188.0/24 subnet as "mostly_clean" with an abuse density score of 1.

## Network Neighborhood Analysis

Subnet: 35.204.188.0/24
Abuse Density: 1 (low)
Subnet Classification: mostly_clean
Threat Siblings: 1 identified within subnet
Active Siblings: 1
Risk Distribution: No high or medium risk neighbors detected

## Relationship Graph

38 relationships identified, primarily:

Same Network associations (GOOGLE-CLOUD)
DNS associations to bc.googleusercontent.com hostnames

## Security Recommendations

Based on the low-risk profile and legitimate cloud infrastructure classification:

No blocking recommended – IP is authorized Google Cloud infrastructure
Monitor for anomalies in traffic patterns rather than IP reputation
DNSBL listing: Investigate the single DNSBL listing to determine source and relevance
Traffic analysis: Focus on payload inspection rather than IP-based filtering

## SOC Analyst Notes

This IP represents standard Google Cloud Kubernetes infrastructure. The certificate subject alternative names confirm deployment in a Kubernetes service mesh environment. The low-risk score and cloud provider classification indicate this is legitimate infrastructure rather than malicious hosting. No immediate threat action required.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇳🇱 Netherlands
Region	GR
City	Eemshaven
Timezone	Europe/Amsterdam
Latitude	53.44
Longitude	6.84

🏢 Ownership & Registration

Organization	Google LLC
ASN	AS396982
Network Name	GOOGLE-CLOUD
CIDR Block	35.192.0.0/12
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	255.188.204.35.bc.googleusercontent.com
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`255.188.204.35.bc.googleusercontent.com`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	1/4 domains
DMARC	1/4 domains
FCrDNS	Verified
DNSSEC	Valid
CAA	Present
Domains Checked	4 domains

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
Closed Ports	22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

CN=35.204.188.255

Issued by CN=c035d1da-d671-43c4-9a04-9406fb73f0b7

Self-signed: No

SANs	kuberneteskubernetes.defaultkubernetes.default.svckubernetes.default.svc.cluster.local
Valid From	2026-06-10T15:18:32+00:00
Valid Until	2031-06-09T15:20:32+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_128_GCM_SHA256
Signature Algorithm	sha256RSA
Validity Period	1825 days
Serial Number	00CCE8EE307D166A2DECA074C69CD851F0
Thumbprint	C1483DE8FD06F8B61F0209EFA0654F804F081F83

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	4
routing	13%	1	1
services	27%	2	3
ownership	27%	2	3
reputation	22%	1	3
geolocation	19%	2	2
Overall	22%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-28 18:34:55 UTC
Last Seen	2026-06-29 05:51:15 UTC
Profile Built	2026-06-29 05:52:58 UTC
Data Freshness	Live
Signal Types	25
Total Observations	29

🔍 25 signal types · 29 observations collected

This report is generated from 25+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

35.204.188.255📋 Copy