# IP Intelligence Briefing: 35.237.118.216/32
## Executive Summary
Target IP 35.237.118.216 is a Low Risk (risk score 25) infrastructure address belonging to Google Cloud Platform. The IP hosts no active services and maintains a clean threat profile. No immediate defensive action required.
## Infrastructure Profile
- Organization: Google LLC (ASN 396982)
- Network Block: 35.208.0.0/12 (GOOGLE-CLOUD)
- Geolocation: Moncks Corner, South Carolina, US (33.21°N, -80.17°W)
- Infrastructure Type: CloudCompute / Cloud Hosting
- Status: Active, properly registered
## Threat Assessment
- Risk Score: 25/100 (Low Risk)
- Threat Indicators: None detected
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Blacklist Count: 0
- DNSBL Listings: 1 of 8 lists (minimal impact)
## Technical Observations
- DNS Resolution: 216.118.237.35.bc.googleusercontent.com (googleusercontent.com)
- Email Authentication: SPF and DMARC records present
- Open Ports: None detected (firewalled/no services exposed)
- TLS Certificates: None exposed
- HTTP Services: None detected
## Neighborhood Analysis
- Subnet: 35.237.118.0/24
- Abuse Density: 0 (clean)
- Classification: mostly_clean
- Threat Siblings: 1
- Risk Distribution: No high or medium risk neighbors detected
## Historical Analysis
23 observation records indicate stable infrastructure over time. Recent observations confirm:
- Consistent Google Cloud platform assignment
- Stable geolocation data (Moncks Corner, SC)
- No threat persistence patterns
- Ownership stability maintained
## Relationship Graph
74 relationships identified, primarily:
- Same Network associations (GOOGLE-CLOUD)
- DNS associations to googleusercontent.com
- Standard cloud infrastructure linkages
## Recommended Actions
No specific firewall rules recommended. The IP presents low risk and standard operational traffic patterns for Google Cloud infrastructure.
## SOC Analyst Guidance
Classification: Low Risk - Cloud Infrastructure
Action: Monitor as normal cloud traffic
Priority: Low
This IP is part of Google's legitimate cloud computing infrastructure. No anomalous behavior, malicious indicators, or threat intelligence signals detected. Standard logging and monitoring procedures apply.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGLE-CLOUD |
| CIDR Block | 35.208.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 216.118.237.35.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 216.118.237.35.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 20% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-29 05:55:23 UTC |
| Last Seen | 2026-06-29 06:14:59 UTC |
| Profile Built | 2026-06-29 06:36:40 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 33 |
Full dossier details are available via our API.