# IP INTELLIGENCE BRIEFING
Target IP: 35.252.131.229/32
Classification: LOW RISK β Google Cloud Infrastructure
Report Date: Based on latest available intelligence
Analysis Period: Recent observations through 2026-06-14
---
## EXECUTIVE SUMMARY
IP address 35.252.131.229 is a Google Cloud Compute resource operating from The Dalles, Oregon (US). The IP presents a low-risk profile with no active threat indicators, no malicious blacklist associations, and standard cloud infrastructure characteristics. Historical signal analysis shows consistent benign behavior with no evidence of persistent malicious activity.
---
## TECHNICAL PROFILE
Ownership & Network:
- Organization: Google LLC
- ASN: 396982
- Infrastructure Type: CloudCompute (Google Cloud)
- BGP Prefix: 35.252.128.0/17
- Geolocation: US (OR, The Dalles) β coordinates 45.6, -121.18
DNS Resolution:
- PTR Hostname: 229.131.252.35.bc.googleusercontent.com
- Forward Resolution: Confirmed (1 hostname)
- Email Authentication: SPF and DMARC records present
Service Status:
- Open Ports: None detected
- Network State: Firewalled / No Services exposed
- Infrastructure: Hosting enabled, CDN/proxy/VPN not detected
---
## THREAT INTELLIGENCE
Risk Assessment:
- Overall Risk Score: 25 (Low Risk)
- Reputation: Low Risk
- Abuse Confidence Score: Not applicable (cloud infrastructure)
- Threat Indicators: None detected
- Known Campaigns: None
Threat Attributes:
- Not Tor exit node
- Not known attacker
- Not spam source
- Blacklist count: 0
- No campaign correlations detected
---
## NEIGHBORHOOD ANALYSIS
Subnet Context (35.252.131.0/24):
- Abuse Density: 1 (Low)
- Classification: Mostly Clean
- Inherited Risk: 2
- Sibling Count: 1 active sibling
- Threat Siblings: 1
The /24 subnet shows minimal abuse activity with one active sibling IP. The overall subnet classification remains benign.
---
## OBSERVATION HISTORY
Signal Count: 21 historical observations
Persistence: No persistent malicious behavior detected
Recent Activity:
- 2026-06-14: Most recent observations confirm cloud infrastructure status
- No ownership changes detected
- Threat persistence days: 0
Historical signals indicate stable Google Cloud infrastructure with no escalation in risk profile over time.
---
## NETWORK RELATIONSHIPS
Total Relationships: 44 detected associations
- DNS Associations: Multiple references to googleusercontent.com hostnames
- Network Associations: Linked to GOOGL-2 network identifiers
- Purpose: Standard cloud DNS and network routing relationships
---
## CONTROL PLANE ANALYSIS
- DNSSEC: Valid
- CAA Records: Present
- Route Stability: Not stable (0 route changes in 30-day window)
- RPKI State: Not verified
- DNSBL Listings: 1 of 8 total lists (likely cloud provider baseline listing)
- Operator Score: 0.3478 (Basic)
---
## ACTIONS & RECOMMENDATIONS
SOC Analyst Guidance:
- Classification: Allow/Passive Monitor
- Threat Level: Negligible β legitimate cloud infrastructure
- Recommended Action: No firewall rules required. No blocking recommended.
- Monitoring: Standard cloud traffic monitoring sufficient
Note: This IP represents standard Google Cloud hosting infrastructure. Any activity from this address should be evaluated in context of expected cloud traffic patterns. No anomalous behavior indicators present.
---
END OF BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 229.131.252.35.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 229.131.252.35.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-13 12:13:15 UTC |
| Last Seen | 2026-06-27 23:22:35 UTC |
| Profile Built | 2026-06-28 17:29:05 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.