# INTELLIGENCE BRIEFING: IP 35.241.176.131/32
Classification: LOW RISK โ Google Cloud Infrastructure
Date: June 15, 2026
Risk Score: 25/100
Status: Not Recommended for Blocking
---
## EXECUTIVE SUMMARY
IP 35.241.176.131 is a Google Cloud infrastructure endpoint with a low risk profile. The address is associated with legitimate cloud hosting services, returns HTTP 403 (Forbidden) responses, and shows no active malicious indicators. No blocking action required.
---
## INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **Organization** | Google LLC (ASN 396982) |
| **Infrastructure Type** | Cloud Compute / Hosting |
| **Geolocation** | St. Ghislain, Wallonia, Belgium (BE) |
| **CIDR Block** | 35.241.176.0/20 |
| **Classification** | Cloud Infrastructure, Hosting |
| **DNS Resolution** | 131.176.241.35.bc.googleusercontent.com |
| **HTTP Status** | 403 (Forbidden) |
---
## OBSERVATION HISTORY (22 Signals)
Temporal Analysis:
- Latest Activity: June 15, 2026
- Risk Trend: Stable (no persistent malicious activity detected)
- Threat Persistence: 0 days
- Ownership Stability: No changes recorded
Key Observations:
- Cloud infrastructure classification confirmed across multiple probes
- Geolocation consistently resolved to Belgium region
- HTTP fingerprinting indicates restricted access endpoints (403 responses)
- Operator score: 0.3478 (Basic classification)
- DNSSEC validation: Valid
- RPKI state: Not available
---
## THREAT INDICATORS
| Indicator | Status |
|---|---|
| **Threat Indicators** | None detected |
| **Blacklist Count** | 0 |
| **Known Campaigns** | None |
| **Tor Exit Node** | False |
| **Known Attacker** | False |
| **Spam Source** | False |
| **VPS/Hosting** | Hosting provider (Google Cloud) |
| **DNSBL Listings** | 1 of 8 lists |
Network Threat Signals:
- No active threat feeds matches
- No banner or certificate anomalies
- No correlated malicious IPs detected
---
## NEIGHBORHOOD ANALYSIS (35.241.176.0/24)
| Metric | Value |
|---|---|
| **Total Siblings** | 2 IPs |
| **Active Siblings** | 1 |
| **Threat Siblings** | 1 |
| **Abuse Density** | 0.5 (50%) |
| **Classification** | Mostly Clean |
| **Inherited Risk** | 2 |
Neighbor Assessment:
- Single active neighbor: 35.241.176.243 (Risk Score: 25)
- No high or medium risk neighbors detected
- Subnet overall risk distribution: 1 low, 0 medium, 0 high
---
## RELATIONSHIP GRAPH (43 Relationships)
Primary Associations:
- Network: Multiple GOOGLE-CLOUD network relationships
- DNS: 131.176.241.35.bc.googleusercontent.com
- Infrastructure: Google Cloud Platform services
No suspicious relationships detected with threat actors, known malicious subnets, or adversarial organizations.
---
## SERVICE & PORT ANALYSIS
| Parameter | Value |
|---|---|
| **Open Ports** | None detected |
| **TLS Certificates** | None |
| **HTTP Title** | Not available |
| **HTTP Version** | 2.0 |
| **Response Time** | 310ms |
| **Security Headers** | Limited |
| **Cache Control** | Present |
| **Content-Type Options** | nosniff |
---
## RECOMMENDED ACTIONS
| Action | Priority |
|---|---|
| **Block/Threat List** | Not Required |
| **Rate Limiting** | Not Required |
| **Allow Traffic** | Recommended |
| **Monitor** | Standard Monitoring |
Firewall Rules: No restrictions recommended. The IP is classified as Google Cloud infrastructure with legitimate hosting patterns and no malicious activity.
---
## ASSESSMENT CONCLUSION
IP 35.241.176.131 represents standard Google Cloud infrastructure with no threat indicators. The 403 response indicates the endpoint is intentionally restricted (likely an administrative or protected resource), not indicative of malicious activity. The subnet shows 50% abuse density but the specific IP demonstrates clean behavior with a low risk score of 25.
Final Determination: This is a benign cloud infrastructure IP. No defensive actions required.
---
*Generated by IPDebrief Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 131.176.241.35.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 131.176.241.35.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-15 08:44:16 UTC |
| Last Seen | 2026-06-28 02:08:44 UTC |
| Profile Built | 2026-06-29 02:14:40 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.