# IP INTELLIGENCE BRIEFING
Target: 35.203.211.50/32
Classification: Low Risk / Cloud Infrastructure
Generated: 2026-06-25
---
## EXECUTIVE SUMMARY
IP 35.203.211.50 is identified as Google Cloud infrastructure located in London, England. Risk assessment indicates low threat activity with no active malicious indicators. The IP operates in a mixed-use subnet with moderate abuse density but exhibits legitimate cloud provider behavior patterns.
---
## OWNERSHIP & GEOLOCATION
- Organization: Google LLC (ASN: 396982)
- Network: 35.203.211.0/24
- Location: London, England, GB
- Coordinates: 51.51°N, -0.13°W
- Classification: CloudCompute / Hosting Provider
- Registration: ARIN RIR
---
## RISK ASSESSMENT
| Metric | Value |
|---|---|
| Overall Risk Score | 25 (Low) |
| Abuse Confidence | Not Applicable |
| Blacklist Count | 0 |
| Known Campaigns | None |
| Is Known Attacker | False |
| Is Spam Source | False |
Risk Breakdown:
- Provider Score: 0 (Legitimate infrastructure)
- Authority Score: 0
- Stability Score: 0
- Threat Persistence Days: 0
---
## NETWORK BEHAVIOR
- Infrastructure Type: Cloud Compute (Google Cloud)
- DNS Resolution: 50.211.203.35.bc.googleusercontent.com
- PTR Hostname: googleusercontent.com
- Open Ports: None detected (Firewalled)
- Services: No active services exposed
- TLS Certificate: Not detected
- Reverse DNS: Forward confirmed
---
## THREAT INDICATORS
- Active Threat Indicators: None
- Threat Feeds: None
- Campaign Correlations: None
- Certificate Matches: 0
- Banner Matches: 0
- Correlated IPs: 0
Status: No active malicious behavior detected. IP is operating within expected Google Cloud service parameters.
---
## NEIGHBORHOOD ANALYSIS
Subnet: 35.203.211.50/24
- Total Siblings: 47
- Active Siblings: 35
- Threat Siblings: 21
- Abuse Density: 0.4468 (Moderate)
- Subnet Classification: Mixed
Risk Distribution:
- High Risk: 0
- Medium Risk: 22
- Low Risk: 24
Notable Neighbors:
- 35.203.211.184 (Risk: 50, Authority: 90)
- Multiple IPs with Risk: 25-40, Authority: 90
Assessment: Subnet exhibits mixed usage patterns typical of cloud infrastructure hosting. Neighbor risk profiles remain within expected ranges for Google Cloud environments.
---
## OBSERVATION HISTORY
Total Observations: 20
Recent Signals:
- 2026-06-25 16:28: Subnet abuse density 0.4468, mixed classification
- 2026-06-25 16:26: Confirmed Google Cloud provider infrastructure
- 2026-06-25 16:22: Listed on 8 threat intelligence feeds (1 high severity listing)
- 2026-06-25 16:22: Geographic location: London, ENG, GB
- 2026-06-25 16:19: Operator score 0 (minimal threat)
Temporal Trends:
- Ownership changes: 0
- Threat persistence days: 0
- Persistently malicious: False
- Route stability: Unstable (0 route changes in 30d)
---
## RELATIONSHIP MAPPING
Identified Relationships: 53
Primary Associations:
- Network: GOOGLE-CLOUD (Same Network)
- DNS: 50.211.203.35.bc.googleusercontent.com (DNS Association)
- Multiple DNS hostname associations
Network Role: Cloud provider infrastructure with firewalled/no services exposure pattern.
---
## RECOMMENDED ACTIONS
Firewall/Security Recommendations:
- No blocking required โ IP identified as legitimate Google Cloud infrastructure
- Monitoring recommended โ Track for any behavior pattern changes
- No immediate threat mitigation needed
Classification: ALLOW / MONITOR
Rationale: IP 35.203.211.50 exhibits standard Google Cloud provider behavior with no active threat indicators. The subnet's mixed classification and moderate abuse density are consistent with legitimate cloud hosting environments. No firewall rules or blocking actions are recommended.
---
End of Briefing
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 50.211.203.35.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 50.211.203.35.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 43% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 21% | 1 | 2 |
| geolocation | 37% | 2 | 3 |
| Overall | 23% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-09 11:33:59 UTC |
| Last Seen | 2026-06-27 15:32:49 UTC |
| Profile Built | 2026-06-28 09:38:23 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 25 |
Full dossier details are available via our API.