35.239.177.165
IP INTELLIGENCE BRIEFING: 35.239.177.165/32
---
**EXECUTIVE SUMMARY**
IP 35.239.177.165 is classified as Low Risk with a risk score of 25. This address is part of Google Cloud infrastructure (ASN 396982, GOOGLE-CLOUD) and shows no evidence of malicious activity. The IP resolves to Google-owned hosting domain and exhibits stable cloud infrastructure characteristics.
---
**INFRASTRUCTURE PROFILE**
| Attribute | Value |
|---|---|
| **Organization** | Google LLC |
| **Network Name** | GOOGLE-CLOUD |
| **ASN** | 396982 |
| **CIDR Block** | 35.208.0.0/12 |
| **Geolocation** | US, Council Bluffs, IA |
| **Infrastructure Type** | CloudCompute |
| **Classification** | Cloud Provider |
| **Risk Score** | 25 (Low Risk) |
---
**THREAT ASSESSMENT**
Threat Indicators: None detected
- Blacklist count: 0
- Known attacker: No
- Tor exit node: No
- Spam source: No
- Known campaigns: None
Control Plane Analysis:
- BGP Prefix: 35.239.176.0/20
- Route stability: Unstable (route changes detected)
- DNSBL listings: 1 of 8 total lists (minimal exposure)
- Operator score: 0.3478 (Basic classification)
- RPKI state: Not evaluated
---
**NETWORK RELATIONSHIPS**
The IP exhibits 25 relationships in the threat intelligence graph:
- Primary Association: GOOGLE-CLOUD network
- DNS Resolution: 165.177.239.35.bc.googleusercontent.com
- Network Classification: Same network relationships confirm Google Cloud infrastructure
No anomalous relationships detected outside of legitimate Google Cloud ecosystem associations.
---
**NEIGHBORHOOD ANALYSIS**
Subnet: 35.239.177.165/24
- Abuse Density: 0 (minimal)
- Classification: mostly_clean
- Total Siblings: 1
- Active Siblings: 0
- Threat Siblings: 1 (isolated threat signal)
The /24 subnet demonstrates extremely low abuse density, consistent with legitimate cloud provider operations.
---
**OBSERVATION HISTORY**
21 historical observations tracked with the following temporal signals:
- Most Recent: 2026-06-21T06:58:29 UTC
- Infrastructure Classification: Consistent cloud infrastructure (Google Cloud)
- Confidence Range: 0.20β0.90 across signals
- Persistence: No persistent malicious behavior observed
---
**SERVICE & DNS ANALYSIS**
DNS:
- PTR Hostname: 165.177.239.35.bc.googleusercontent.com
- Forward resolution: Confirmed
- Email authentication: SPF and DMARC present
Services:
- Open ports: None detected
- HTTP services: None detected
- TLS certificates: None detected
- Connection type: Cloud infrastructure (no direct services exposed)
---
**RECOMMENDED ACTIONS**
Current Risk Score: 25 (Low Risk)
Recommendation: No immediate blocking or restrictive actions required. The IP represents legitimate Google Cloud infrastructure with no malicious indicators.
Monitoring: Continue standard monitoring. If traffic patterns change or threat indicators emerge, re-evaluate using the following thresholds:
- Risk score > 70: Investigate
- Risk score > 100: Block
- New threat indicators: Reassess
---
**SOC ANALYST NOTES**
This IP address is part of Google's cloud infrastructure and is unlikely to be a threat actor. The single DNSBL listing and one threat sibling in the neighborhood appear to be isolated or false positives. Standard logging and monitoring is appropriate. No firewall rules or blocking actions are recommended based on current intelligence.
---
Report Generated: Based on IPDebrief intelligence platform data
Classification: Operational Intelligence
Validated: Yes
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGLE-CLOUD |
| CIDR Block | 35.208.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 165.177.239.35.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 165.177.239.35.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | β |
| Closed Ports | 22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | kuberneteskubernetes.defaultkubernetes.default.svckubernetes.default.svc.cluster.local |
| Valid From | 2026-06-15T23:12:14+00:00 |
| Valid Until | 2027-06-15T23:14:14+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 365 days |
| Serial Number | 78437A7949D3C8048EBB500EAE2B7DF8 |
| Thumbprint | 9B8643515CF6916D7C49D0E1CDF153D1EBAE3303 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 22% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-31 23:34:19 UTC |
| Last Seen | 2026-06-21 06:58:23 UTC |
| Profile Built | 2026-06-21 07:26:40 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 24 |
Full dossier details are available via our API.