34.140.92.201
# IP Intelligence Briefing: 34.140.92.201/32
Classification: LOW RISK โ Cloud Infrastructure (Google Cloud Platform)
Risk Score: 25/100
Report Date: Current analysis based on multi-signal intelligence
---
## Executive Summary
IP 34.140.92.201 is identified as Google Cloud Platform (GCP) infrastructure hosting legitimate cloud compute services. The address demonstrates low-risk characteristics with no active threat indicators. The IP resolves to Google-owned network GOOGL-2 and operates from Belgium (St. Ghislain region). No recommended blocking actions are warranted.
---
## Ownership & Network Classification
| Attribute | Value |
|---|---|
| **Organization** | Google LLC |
| **ASN** | AS396982 |
| **Provider** | Google Cloud Platform |
| **Infrastructure Type** | CloudCompute |
| **CIDR Block** | 34.140.80.0/20 |
| **Registration** | ARIN (2018-08-15) |
| **Country** | Belgium (BE) |
| **City** | St. Ghislain |
| **Geolocation Accuracy** | ±150km |
---
## Threat Indicators
Status: NO ACTIVE THREATS DETECTED
- Threat Indicators: None
- Blacklist Count: 0
- DNSBL Listed: 1 of 8 total lists (minor administrative listing)
- Tor Exit Node: False
- Known Attacker: False
- Spam Source: False
- Campaign Correlation: None
- Abuse Confidence: Not applicable (legitimate infrastructure)
---
## Network Neighborhood Analysis
Subnet: 34.140.92.0/24
Abuse Density: 0.0 (clean)
Subnet Classification: mostly_clean
| Metric | Value |
|---|---|
| Total Sibling IPs | 2 |
| Active Siblings | 2 |
| Threat Siblings | 2 |
| Inherited Risk | 5/100 |
| Neighbor (34.140.92.151) | Risk: 25, Authority: 90 |
The immediate /24 subnet shows minimal abuse activity with only one neighboring IP detected (34.140.92.151), which maintains a low risk profile.
---
## DNS & Service Observations
| Attribute | Value |
|---|---|
| **PTR Hostname** | 201.92.140.34.bc.googleusercontent.com |
| **Forward Resolution** | Confirmed (googleusercontent.com) |
| **Open Ports** | None detected |
| **HTTP/HTTPS Services** | Not observed |
| **TLS Certificate** | Not observed |
| **Email Auth** | SPF: Yes, DMARC: Yes |
The IP shows no exposed services and is firewalled. DNS records confirm legitimate Google Cloud ownership.
---
## Historical Signal Analysis
Total Observations: 26 signals over monitoring period
Notable Historical Signals:
- 2026-06-27: Threat signal detected (pulse_count: 50) โ likely routine cloud infrastructure scanning
- 2026-06-25: Geolocation inference (St. Ghislain, Belgium, 56% confidence)
- 2026-06-19: ASN allocation confirmed (AS396982, 2,865 days old)
Route Stability: Stable (0 route changes in 30 days)
Operator Score: 0.4348 (Basic)
---
## Recommended Security Actions
Recommendation: NO ACTION REQUIRED
The IP address represents legitimate Google Cloud infrastructure with low-risk characteristics. Standard cloud security practices apply:
- Monitor for unusual outbound connections from this IP
- Expect standard GCP traffic patterns
- No firewall rules required for blocking
- No additional threat hunting necessary
---
## Intelligence Conclusion
IP 34.140.92.201 is classified as LOW RISK legitimate Google Cloud Platform infrastructure. The address demonstrates proper network registration, clean threat indicators, and stable routing characteristics. No threat intelligence suggests malicious use. SOC analysts should treat this IP as benign cloud infrastructure and focus monitoring on actual threat-actor indicators rather than this address.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | โ |
| CIDR Block | 34.140.80.0/20 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 201.92.140.34.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 201.92.140.34.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 20% | 2 | 3 |
| ownership | 37% | 3 | 5 |
| reputation | 26% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 27% | 12 | 20 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-09 17:41:32 UTC |
| Last Seen | 2026-06-27 16:12:27 UTC |
| Profile Built | 2026-06-28 16:17:47 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 31 |
Full dossier details are available via our API.