136.113.163.220
## IP Intelligence Briefing: 136.113.163.220/32
Classification: Google Cloud Compute Infrastructure
Risk Assessment: Low Risk (Score: 25)
Report Date: 2026-06-16
Executive Summary
The IP address 136.113.163.220 belongs to Google Cloud Platform (GOOGL-46) and demonstrates low-risk characteristics typical of cloud infrastructure. While the primary profile indicates benign cloud compute usage, historical observations revealed conflicting proxy classification signals and one DNSBL listing that warrant contextual awareness.
Ownership and Network Context
- Owner: Google LLC, AS396982 (GOOGL-46)
- CIDR Block: 136.112.0.0/12
- Infrastructure Type: CloudCompute, hosted on Google Cloud
- Registration: Allocated 2018-08-27 via ARIN
Geographic Analysis
- Primary Location: Council Bluffs, IA, US (America/Chicago timezone)
- Geographic Consensus: Confirmed across multiple sources
- Validation Status: GeoPlausible flag indicates false; minimum RTT and distance metrics unavailable
Threat Indicators
- Risk Score: 25 (Low Risk)
- Abuse Confidence: Not applicable
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Blacklist Count: 0 (primary list)
- DNSBL Listings: 1 of 8 total lists
- Campaign Association: No known campaigns
Network Role and Services
- Cloud Provider: Google Cloud
- Services Status: Firewalled / No Services Detected
- Open Ports: None
- TLS Certificate: Not observed
- HTTP Title: Not observed
Control Plane Indicators
- Route Stability: False
- BGP Prefix: 136.113.0.0/16
- RPKI State: Not available
- Route Changes (30 days): 0
- DNSSEC: Valid
- CAA Records: Present
- Operator Score: 0.3478 (Label: Basic)
Historical Signal Analysis
Observation history reveals 20 data points from 2026-06-16. Key findings:
- Primary Classification: Confirmed AS396982 (GOOGLE-CLOUD-PLATFORM)
- Conflicting Signal: One observation classified the IP as proxy/VPN type with risk score 66 (confidence 0.85)
- Ownership Stability: Zero ownership changes observed
- Threat Persistence: Single threat observation recorded
- Operator Assessment: Basic operator classification with score 0.3478
Neighborhood Context
- Subnet: 136.113.163.220/24
- Abuse Density: 1
- Classification: Mostly Clean
- Inherited Risk: 2
- Threat Siblings: 1 identified in /24
- Active Siblings: 0
- Total Siblings: 1
Relationship Mapping
47 relationships identified, including:
- DNS Associations: 220.163.113.136.bc.googleusercontent.com (multiple entries)
- Network Associations: GOOGL-46 (Google Cloud network)
- Infrastructure: Consistent with Google Cloud DNS and routing structures
Recommended Actions
No specific firewall or security actions recommended based on current risk profile. The IP exhibits characteristics consistent with legitimate cloud infrastructure. However, SOC teams should:
1. Monitor for Proxy Misclassification: One historical signal flagged this as a proxy/VPN with elevated risk. Verify if this is a false positive given the Google Cloud context.
2. DNSBL Awareness: Single DNSBL listing exists; review list sources to determine relevance.
3. Threat Sibling Investigation: One threat sibling exists in the /24 subnet; evaluate if this requires broader subnet monitoring.
4. Baseline Cloud Behavior: Establish expected traffic patterns for Google Cloud infrastructure to distinguish legitimate from anomalous activity.
Conclusion
IP 136.113.163.220 is classified as low-risk Google Cloud infrastructure with no immediate threat indicators. The conflicting proxy classification signal and single DNSBL listing warrant contextual monitoring but do not indicate active malicious behavior. Treat as legitimate cloud infrastructure with standard Google Cloud traffic expectations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGL-46 |
| CIDR Block | 136.112.0.0/12 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 220.163.113.136.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 220.163.113.136.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 21% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-26 12:50:54 UTC |
| Last Seen | 2026-06-29 03:00:18 UTC |
| Profile Built | 2026-06-29 03:16:07 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 22 |
Full dossier details are available via our API.