35.205.38.4
# INTELLIGENCE BRIEFING: IP 35.205.38.4/32
Classification: MODERATE RISK
Date: Current Analysis
Status: Active Monitoring
---
## EXECUTIVE SUMMARY
IP address 35.205.38.4 belongs to Google LLC (AS396982) within the GOOGLE-CLOUD infrastructure block (35.192.0.0/12). The IP presents a moderate risk score of 50/100 with no active threat indicators. The IP resolves to googleusercontent.com and exhibits no open ports or service exposure.
---
## OWNERSHIP AND INFRASTRUCTURE
| Attribute | Value |
|---|---|
| Organization | Google LLC |
| ASN | 396982 |
| Network | GOOGLE-CLOUD |
| CIDR Block | 35.192.0.0/12 |
| Geolocation | Brussels Capital, Belgium (BE) |
| RIR | ARIN |
| Abuse Contact | Available via RDAP |
---
## RISK ASSESSMENT
Current Risk Score: 50/100
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
- Abuse Confidence: Not applicable
- Blacklist Count: 0
- Known Attacker: False
- Tor Exit Node: False
- Spam Source: False
Threat Indicators: None detected. No known campaigns, threat feeds, or malicious reputation sources associated with this IP.
---
## NETWORK BEHAVIOR
| Characteristic | Finding |
|---|---|
| Open Ports | None detected |
| DNS Resolution | 4.38.205.35.bc.googleusercontent.com |
| PTR Hostnames | 4.38.205.35.bc.googleusercontent.com |
| Forward Confirmation | Verified |
| Service Classification | Firewalled / No Services |
| HTTP/HTTPS | Not active |
| TLS Certificate | None detected |
Control Plane Observations:
- DNSSEC Valid: Yes
- Route Stability: Unstable (isRouteStable: false)
- DNSBL Listed: 2 of 8 lists
- Operator Score: 0.3478 (Basic)
---
## NEIGHBORHOOD ANALYSIS
Subnet: 35.205.38.0/24
| Metric | Value |
|---|---|
| Total Siblings | 1 |
| Active Siblings | 0 |
| Threat Siblings | 0 |
| Abuse Density | 0 |
| Classification | Clean |
No malicious activity observed in the immediate /24 neighborhood.
---
## OBSERVATION HISTORY
Total Observations: 35 signals
Recent activity (June 2026):
- June 21, 19:32 UTC: Operator score 0.3478 (Basic classification)
- June 21, 13:31 UTC: Operator score 0.3478 (Basic classification)
- June 21, 07:29 UTC: Operator score 0.3478 (Basic classification)
- June 21, 01:28 UTC: Operator score 0.3478 (Basic classification)
Temporal Analysis: No significant changes in risk profile over the observation period. Ownership stability maintained with zero ownership changes recorded.
---
## RELATIONSHIP MAPPING
Identified Relationships: 41 total
- Network Associations: GOOGLE-CLOUD infrastructure
- DNS Associations: Multiple entries for 4.38.205.35.bc.googleusercontent.com
- No Organization/Certificate Links: Beyond Google Cloud infrastructure
---
## RECOMMENDED ACTIONS
Risk Score: 50 (Moderate)
Recommended Firewall Rules:
```bash
# iptables
iptables -A INPUT -s 35.205.38.4 -j DROP
# nftables
nft add rule inet filter input ip saddr 35.205.38.4 drop
# pfSense
35.205.38.4/32
# Cloudflare WAF
Description: "Block 35.205.38.4 β IPDebrief risk score 50"
Expression: "ip.src eq 35.205.38.4"
Action: block
# AWS WAF
Addresses: ["35.205.38.4/32"]
Description: "IPDebrief risk 50"
```
Analysis Notes: While the risk score of 50 triggers moderate-risk classification, the IP belongs to Google Cloud infrastructure with no open ports, no threat indicators, and zero blacklist associations. Consider contextual analysis before blockingβlegitimate Google Cloud traffic may be blocked inadvertently.
---
## ANALYST NOTES
This IP appears to be a Google Cloud infrastructure endpoint with no active malicious indicators. The moderate risk classification (50/100) is driven primarily by the DNSBL listings (2 of 8) and control plane observations rather than confirmed malicious activity. The neighborhood shows clean classification with zero abuse density.
Recommendation: Monitor for pattern-based anomalies rather than immediate blocking. If traffic originates from this IP, verify legitimate business purpose before implementing blocking rules.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGLE-CLOUD |
| CIDR Block | 35.192.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 4.38.205.35.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 4.38.205.35.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 24% | 2 | 2 |
| Overall | 23% | 9 | 13 |
| Data Coherence | Mostly Consistent (85%) β 1 contradiction(s) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-16 06:18:11 UTC |
| Last Seen | 2026-06-26 18:12:24 UTC |
| Profile Built | 2026-06-27 11:00:10 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 47 |
Full dossier details are available via our API.