35.252.104.44
# IP Intelligence Briefing: 35.252.104.44/32
Date: [Current Date]
Subject: Threat Intelligence Assessment
Classification: Standard
Analyst: IPDebrief Intelligence Team
---
## Executive Summary
IP address 35.252.104.44 is a Google Cloud infrastructure endpoint located in Oregon, US. The IP presents a low-risk profile with no active threat indicators. Analysis of 22 historical observations, 23 relationship nodes, and subnet-level neighborhood data confirms legitimate cloud compute usage. No security actions are required based on current intelligence.
---
## Technical Profile
| Attribute | Value |
|---|---|
| **IP Address** | 35.252.104.44/32 |
| **Risk Score** | 25 (Low Risk) |
| **ASN** | 396982 |
| **Organization** | Google LLC |
| **Netblock** | 35.252.0.0/14 (GOOGL-2) |
| **Geolocation** | US, OR, The Dalles |
| **Infrastructure Type** | Cloud Compute |
| **Network Role** | Google Cloud Provider |
| **DNS Resolution** | 44.104.252.35.bc.googleusercontent.com |
| **Open Ports** | None detected |
| **Service Status** | Firewalled / No Services |
---
## Threat Assessment
Current Status: CLEAN
- Abuse Confidence Score: Not applicable (no abuse data recorded)
- Blacklist Count: 0
- Known Campaigns: None
- Threat Indicators: Empty (no indicators in threat feeds)
- Known Attacker: False
- Spam Source: False
- Tor Exit Node: False
- Proxy/VPN: False
Historical Trend: No persistent malicious activity detected. 22 observations tracked from June 12-16, 2026 show consistent benign behavior. Campaign likelihood rated as "none" across all observations.
---
## Network Context
Neighborhood Analysis (35.252.104.44/24)
- Abuse Density: 0.0 (clean)
- Classification: Clean
- Threat Siblings: 0
- Active Siblings: 1
- High Risk Neighbors: 0
- Medium Risk Neighbors: 0
- Low Risk Neighbors: 0
Relationship Graph
- Total Relationships: 23
- Primary Associations: Google Cloud network (GOOGL-2)
- DNS Associations: 44.104.252.35.bc.googleusercontent.com (repeated across multiple entries)
- Network Type: Cloud infrastructure
---
## Control Plane Data
| Metric | Value |
|---|---|
| **Origin ASN** | 396982 |
| **BGP Prefix** | 35.252.64.0/18 |
| **RPKI State** | Not configured |
| **IRR Consistency** | Not evaluated |
| **Route Changes (30d)** | 0 |
| **Route Stability** | Not stable |
| **DNSSEC Valid** | Valid |
| **CAAA Records** | Present |
| **DNSBL Listed** | 1 of 8 total lists |
---
## Recommended Security Actions
Status: No action required
Based on the low-risk profile (score 25) and legitimate cloud infrastructure classification, this IP does not require blocking or special firewall rules. The IP represents standard Google Cloud service infrastructure with no malicious indicators.
Monitoring Recommendation: Continue standard monitoring as part of baseline traffic analysis. No elevated alerting thresholds recommended.
---
## Key Findings for SOC Analysts
1. Legitimate Cloud Infrastructure: This is a standard Google Cloud endpoint with no abuse indicators
2. No Active Services: No open ports detected; the service shows as "Firewalled / No Services"
3. Clean Subnet Environment: The /24 subnet shows zero abuse density and no threat siblings
4. Stable Reputation: Historical data shows consistent benign behavior over the observation period
5. Standard DNS Configuration: Proper Google Cloud DNS resolution with forward confirmation enabled
---
Report Generated: IPDebrief Intelligence Platform
Data Sources: 22 historical observations, 23 relationship nodes, subnet neighborhood scan
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGL-2 |
| CIDR Block | 35.252.0.0/14 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 44.104.252.35.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 44.104.252.35.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 21% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 21% | 2 | 2 |
| Overall | 22% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Fresh
| First Seen | 2026-05-31 05:08:42 UTC |
| Last Seen | 2026-06-21 06:13:37 UTC |
| Profile Built | 2026-06-21 08:42:52 UTC |
| Data Freshness | Fresh |
| Signal Types | 23 |
| Total Observations | 23 |
Full dossier details are available via our API.