# IP INTELLIGENCE BRIEFING
Target IP: 35.203.211.13/32
Date: Current Analysis Cycle
Classification: LOW RISK - INFRASTRUCTURE
---
## EXECUTIVE SUMMARY
IP 35.203.211.13 is a Google Cloud infrastructure address with a risk score of 25. The IP demonstrates legitimate cloud compute characteristics with no active threat indicators. No immediate blocking action is recommended, though network-level monitoring is advised given moderate subnet abuse density.
---
## OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| **Organization** | Google LLC |
| **ASN** | 396982 |
| **Network** | Google Cloud |
| **Geolocation** | London, England (GB) |
| **Infrastructure Type** | CloudCompute |
| **Is Cloud** | Yes |
| **Open Ports** | None |
| **Service Purpose** | Firewalled / No Services |
The IP resolves to `13.211.203.35.bc.googleusercontent.com` with forward-reverse DNS confirmation. DNSSEC and CAA records are valid.
---
## THREAT INDICATORS
| Indicator | Status |
|---|---|
| **Risk Score** | 25 (Low) |
| **Abuse Confidence** | Not applicable (legitimate cloud IP) |
| **Tor Exit Node** | No |
| **Known Attacker** | No |
| **Spam Source** | No |
| **Blacklist Count** | 0 |
| **Known Campaigns** | None |
| **Threat Persistence** | 0 days |
No threat indicators were detected across all monitored feeds.
---
## NEIGHBORHOOD ANALYSIS
Subnet: 35.203.211.0/24
Total Siblings: 44 | Active Siblings: 23 | Threat Siblings: 21
Abuse Density: 0.4773 (Moderate)
Classification: Mixed
Risk distribution in the /24 subnet:
- High Risk: 0 IPs
- Medium Risk: 28 IPs
- Low Risk: 15 IPs
The subnet contains 21 sibling IPs with elevated risk scores (40), primarily Google Cloud infrastructure. The target IP's risk score of 25 is consistent with the majority of the subnet's low-risk classification.
---
## OBSERVATION HISTORY
26 observations recorded over the analysis period. Recent signals (June 2026) show:
- Operator Score: 0.5652 (Moderate)
- Route Stability: Stable
- Geo Consensus: Valid
- Ownership Changes: 0
No significant threat signal escalation observed. The IP maintains consistent cloud infrastructure characteristics across all observation windows.
---
## RELATIONSHIP GRAPH
28 relationships identified:
- Same Network: 15 entries (GOOGLE-CLOUD)
- DNS Associations: 13 entries (13.211.203.35.bc.googleusercontent.com)
Relationships confirm legitimate Google Cloud network associations with no suspicious external entity connections.
---
## CONTROL PLANE DATA
- BGP Prefix: 35.203.211.0/24
- AS Path: 57866 โ 15169 โ 396982
- Route Stability: True (No changes in 30 days)
- RPKI State: Not validated
- IRR Consistency: Not checked
- DNSBL Listed: 1 of 8 lists (minor listing)
- Operator Score: 0.5652 (Moderate)
---
## RECOMMENDED ACTIONS
| Action Type | Recommendation |
|---|---|
| **Firewall** | No specific rules required. Standard cloud egress rules apply. |
| **WAF** | No blocking needed. |
| **Monitoring** | Monitor for port scans or service enumeration activity. |
| **Classification** | Whitelist as legitimate Google Cloud infrastructure. |
---
## ANALYST NOTES
This IP represents standard Google Cloud infrastructure with no malicious activity detected. The single DNSBL listing (1 of 8 lists) is inconclusive and does not warrant blocking. Network defenders should treat this as legitimate cloud infrastructure. However, the moderate abuse density in the parent subnet suggests maintaining visibility on this /24 is prudent.
Final Risk Assessment: LOW RISK
Recommended Action: No action required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | โ |
| CIDR Block | 35.203.211.0/24 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 13.211.203.35.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 13.211.203.35.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 24% | 2 | 3 |
| services | 8% | 1 | 1 |
| ownership | 22% | 3 | 4 |
| reputation | 27% | 1 | 3 |
| geolocation | 37% | 2 | 3 |
| Overall | 25% | 11 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-11 22:45:22 UTC |
| Last Seen | 2026-06-27 20:41:02 UTC |
| Profile Built | 2026-06-28 14:46:41 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 30 |
Full dossier details are available via our API.