35.221.85.18
# IP Intelligence Briefing: 35.221.85.18/32
## Executive Summary
IP 35.221.85.18 is a low-risk address assigned to Google LLC within the GOOGLE-CLOUD infrastructure block (35.208.0.0/12). The IP is geolocated to Tokyo, Japan (JP), and demonstrates stable operational patterns with no evidence of malicious activity.
## Threat Assessment
Risk Score: 25/100 (Low Risk)
Threat Indicators: None detected. The address is not flagged on threat feeds, not associated with known campaigns, and is not classified as a Tor exit node, spam source, or known attacker. Blacklist count: 0.
Infrastructure Classification:
- Organization: Google LLC (ASN: 396982)
- Network: GOOGLE-CLOUD
- Geolocation: Tokyo, Japan (35.68°N, 139.69°E)
- Network Role: Firewalled / No Services
- Services: No open ports detected
## Behavioral History
Analysis of 21 observation signals reveals consistent low-risk behavior over the observation window (June 16โ21, 2026). The IP shows no threat persistence (0 threat persistence days) and zero threat observations. The subnet (35.221.85.18/24) maintains a clean classification with zero abuse density and no active or threat siblings.
## Network Relationships
- DNS Associations: 18.85.221.35.bc.googleusercontent.com
- Network Affiliation: GOOGLE-CLOUD infrastructure
- Control Plane: Origin ASN 396982, BGP prefix 35.221.80.0/20
- Security Controls: DNSSEC valid, CAA records present, SPF and DMARC configured
## Neighborhood Analysis
The /24 subnet (35.221.85.18/24) contains one sibling IP with no active or threat-classified neighbors. Abuse density is 0, indicating this subnet is not exhibiting coordinated malicious behavior.
## Recommended Actions
No immediate security actions are recommended. The IP demonstrates benign characteristics consistent with Google Cloud infrastructure. If traffic from this address requires monitoring, standard cloud provider logging practices apply. No specific firewall rules or WAF recommendations were generated based on the risk profile.
Status: Routine monitoring. No elevated threat indicators present.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGLE-CLOUD |
| CIDR Block | 35.208.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 18.85.221.35.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 18.85.221.35.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 24% | 2 | 2 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 17% | 1 | 1 |
| Overall | 24% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-11 21:18:12 UTC |
| Last Seen | 2026-06-21 19:18:18 UTC |
| Profile Built | 2026-06-21 19:23:13 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 21 |
Full dossier details are available via our API.