# THREAT INTELLIGENCE BRIEFING: 35.220.158.192/32
Classification: LOW RISK โ Legitimate Cloud Infrastructure
Risk Score: 25/100
Analysis Date: 2026-06-16
---
## OWNERSHIP & INFRASTRUCTURE
The IP address 35.220.158.192 is owned by Google LLC (AS396982) under the GOOGLE-CLOUD network block (35.208.0.0/12). The address is allocated from the ARIN RIR and registered to Hong Kong.
Key Infrastructure Attributes:
- Provider: Google Cloud Platform
- Geolocation: Hong Kong (22.31°N, 113.91°E)
- Infrastructure Type: Cloud hosting service
- Connection Type: Firewalled / No services exposed
- Certificate Status: No TLS certificates detected
---
## THREAT ASSESSMENT
Current Risk Profile: LOW RISK
Threat Indicators:
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Blacklist Count: 0
- DNSBL Listings: 1 (minor listing, not significant)
- Threat Persistence: 0 days (not persistently malicious)
- Campaign Association: None detected
Network Role: Google Cloud provider infrastructure with no open ports or active services exposed. The IP shows no evidence of being used for malicious activity.
---
## OBSERVATION HISTORY
Monitoring Period: 20 observations collected (most recent: 2026-06-16 17:17 UTC)
Historical Trends:
- Geolocation: Consistently resolved to Hong Kong with moderate confidence (0.56)
- Port Scanning: Multiple port scan events recorded, but no open ports discovered
- Subnet Classification: Classified as "clean" with 0 abuse density in /24
- Risk Evolution: No upward trend in risk indicators; stable low-risk profile
Signal Confidence: 0.30โ0.70 (moderate confidence across signals)
---
## RELATIONSHIPS & ASSOCIATIONS
DNS Associations:
- PTR Record: 192.158.220.35.bc.googleusercontent.com
- Forward Resolved: 192.158.220.35.bc.googleusercontent.com
- Domain: googleusercontent.com
Network Relationships:
- Same Network: GOOGLE-CLOUD (multiple associations)
- No cross-network threat correlations detected
---
## NEIGHBORHOOD ANALYSIS
Subnet: 35.220.158.192/24
- Abuse Density: 0 (clean)
- Active Siblings: 0
- Threat Siblings: 0
- Classification: Clean
- Inherited Risk: 0
The /24 subnet shows no neighboring threat activity, indicating this IP operates in a trusted Google Cloud environment.
---
## RECOMMENDED ACTIONS
Security Action: No firewall rules or blocking recommended.
Rationale: The IP exhibits characteristics of legitimate Google Cloud infrastructure with no malicious indicators. No security actions recommended.
Firewall Rules: None generated (low-risk profile)
---
## SOC OPERATOR NOTES
This IP address represents legitimate Google Cloud Platform infrastructure located in Hong Kong. No threat indicators, blacklist entries, or malicious activity detected. The IP should be treated as trusted infrastructure. Monitor for any unexpected behavior or service exposure, but no immediate action required.
Confidence Level: High (based on provider reputation, clean neighborhood, and absence of threat indicators)
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGLE-CLOUD |
| CIDR Block | 35.208.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 192.158.220.35.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 192.158.220.35.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 24% | 2 | 2 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 17% | 1 | 1 |
| Overall | 24% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-09 20:27:30 UTC |
| Last Seen | 2026-06-21 16:49:13 UTC |
| Profile Built | 2026-06-21 16:52:03 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.