# IP INTELLIGENCE BRIEFING
Target: 34.173.116.201/32
Classification: Moderate Risk β Google Cloud Infrastructure
Date: 2026-06-22
Analyst: IPDebrief Intelligence Team
---
## EXECUTIVE SUMMARY
The IP address 34.173.116.201 is identified as Google Cloud infrastructure with a moderate risk score of 50/100. The IP resolves to the googleusercontent.com domain and is hosted within US-based Cloud infrastructure. While the IP shows no active threat indicators currently, it has been flagged on 2 DNSBL lists and exhibits elevated operator classification scores.
---
## RISK PROFILE
- Reputation Score: Moderate Risk (50/100)
- Provider Score: 0/100
- Authority Score: 0/100
- Stability Score: 0/100
- Abuse Confidence: Not Available
- Threat Classification: Firewalled / No Services Detected
---
## OWNERSHIP & GEOLOCATION
- Provider: Google Cloud
- ASN: 396982
- BGP Prefix: 34.173.0.0/17
- Country: United States
- Region: Iowa
- City: Council Bluffs
- Geolocation Confidence: Low (2,500 km accuracy radius)
- Infrastructure Type: Unknown
---
## NETWORK CLASSIFICATION
- Cloud Environment: Yes (Google Cloud)
- CDN: No
- Proxy: No
- Tor Exit Node: No
- VPN: No
- Hosting: No
- Mobile: No
- Residential: No
- Bogon: No
---
## DNS & EMAIL REPUTATION
- PTR Record: 201.116.173.34.bc.googleusercontent.com
- Forward Resolution: Confirmed
- DNSSEC Valid: Yes
- CAA Records: Present
- DNSBL Listed: 2 of 8 total lists
- Email Auth: SPF and DMARC records present
- Reverse DNS: Active
---
## THREAT INDICATORS
- Blacklist Count: 0
- Known Campaigns: None
- Threat Feeds: No active detections
- Known Attacker: No
- Spam Source: No
---
## OBSERVATION HISTORY
- Total Observations: 13 signals recorded
- Most Recent Activity: 2026-06-22
- Signal Types: Geolocation, Provider Identification, Operator Classification, Multi-Dimensional Risk Assessment, DNSBL Listings
- Threat Persistence: 0 days
- Ownership Changes: 0
- Status: No persistent malicious activity detected
---
## NETWORK RELATIONSHIPS
- DNS Associations: 2 related hostnames (201.116.173.34.bc.googleusercontent.com)
- Related Entities: Only DNS-based associations identified
- Organization Links: None detected
---
## SUBNET ANALYSIS (34.173.116.0/24)
- Abuse Density: 0 (0% of subnet flagged)
- Total Siblings: 0
- Active Threat Siblings: 0
- Inherited Risk: 0
- Classification: Clean subnet environment
---
## CONTROL PLANE DATA
- Origin ASN: 396982
- Route Stability: Unstable
- MOAS Status: No
- RPKI State: Not Available
- IRR Consistency: Not Available
- Route Changes (30d): 0
- DNSSEC Valid: Yes
- Operator Score: 0.3478 (Basic classification)
---
## RECOMMENDED ACTIONS
Based on the moderate risk profile and DNSBL listings, the following actions are recommended:
1. Monitoring: Add to passive monitoring list due to DNSBL listings
2. Traffic Analysis: Monitor for anomalous traffic patterns from this IP
3. Firewall Rules: No immediate blocking recommended; maintain logging
4. Threat Intelligence: Continue observing for changes in reputation profile
---
## CONCLUSION
IP 34.173.116.201 represents Google Cloud infrastructure with a moderate risk profile. The IP shows no active threat indicators but has been listed on 2 DNSBL feeds. The subnet environment is clean with zero abuse density. Recommend maintaining monitoring protocols while no immediate blocking action is warranted.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGL-2 |
| CIDR Block | 34.128.0.0/10 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 201.116.173.34.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 201.116.173.34.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 1 | 1 |
| routing | 25% | 1 | 1 |
| services | 25% | 1 | 1 |
| ownership | 0% | 0 | 0 |
| reputation | 0% | 0 | 0 |
| geolocation | 0% | 0 | 0 |
| Overall | 12% | 3 | 3 |
| Data Coherence | Mostly Consistent (85%) β 1 contradiction(s) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-20 18:05:44 UTC |
| Last Seen | 2026-06-22 06:39:21 UTC |
| Profile Built | 2026-06-22 04:37:05 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 20 |
Full dossier details are available via our API.