34.175.86.21
IP INTELLIGENCE BRIEFING: 34.175.86.21/32
Classification: Google Cloud Infrastructure | Risk Level: Moderate (50/100)
---
OVERVIEW
IP address 34.175.86.21 is a Google Cloud Compute instance (ASN 396982) classified as a Single-Service Host. The IP operates on US infrastructure with DNS resolution to 21.86.175.34.bc.googleusercontent.com (googleusercontent.com). Open ports indicate SSH (port 22/tcp) with OpenSSH_8.0 banner.
THREAT INDICATORS
- DNSBL Listings: 2 of 8 DNS blacklist sources with high severity ratings
- Abuse Confidence: No active threat indicators detected; not classified as Tor exit node, known attacker, or spam source
- Campaign Activity: No known campaign correlations or certificate matches
NETWORK CONTEXT
- Infrastructure: Google Cloud Platform (Cloud Compute)
- Subnet Classification: 34.175.86.0/24 marked as clean with 0% abuse density
- Threat Siblings: 0 threat IPs detected in adjacent subnet
- Neighborhood Risk: Inherited risk score of 0; subnet classified as low-risk
HISTORICAL OBSERVATIONS
Analysis of 23 signal observations reveals:
- DNS blacklist activity detected on 2026-06-25 (8 total lists, 2 active with high severity)
- Geolocation consistently reported as United States (Cymru data)
- Operator score of 0.2174 (Minimal risk indicator)
- No persistent malicious behavior patterns detected
EVIDENCE & RELATIONSHIPS
- 92 total relationships identified
- Primary DNS association with googleusercontent.com domain
- Multiple network-level relationships to GOOGL-2 network block
---
RECOMMENDATION
The IP exhibits moderate risk primarily from DNSBL listings but operates within a clean Google Cloud subnet with no threat sibling activity. The IP appears to be a legitimate cloud infrastructure host with standard SSH service exposure. No immediate blocking recommended; monitor for escalation in DNSBL activity or emergence of threat indicators. SOC teams should verify connection legitimacy against internal allowlists before any filtering action.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 21.86.175.34.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 21.86.175.34.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.0 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 17% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 27% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Mostly Consistent (85%) β 1 contradiction(s) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-09 05:26:06 UTC |
| Last Seen | 2026-06-27 15:00:20 UTC |
| Profile Built | 2026-06-28 09:05:25 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 28 |
Full dossier details are available via our API.