34.18.173.49
Threat Intelligence Briefing: IP 34.18.173.49/32
IP Address: 34.18.173.49/32
Overview:
The IP address 34.18.173.49/32 is geolocated in the United States. It is allocated to a commercial entity and has been observed in various network activities. This address is associated with a well-known cloud service provider, suggesting legitimate usage for cloud-based services and applications.
Observation History:
- The IP address has a stable pattern of activity, primarily associated with cloud service traffic.
- Network logs indicate consistent communication with other cloud infrastructure IPs, aligning with typical cloud service operations.
- There have been no significant anomalies or deviations from expected traffic patterns.
Relationships:
- The IP address is part of a larger network of addresses owned by a major cloud provider, indicating it is likely used for hosting or accessing cloud-based applications and services.
- No direct associations with known malicious entities or botnets have been identified.
Neighborhood Data:
- The surrounding IP addresses are also allocated to the same cloud provider, reinforcing the likelihood of legitimate cloud service usage.
- Network traffic analysis shows typical patterns consistent with other cloud service IPs, such as API calls, data transfers, and service communications.
Actionable Insights:
- Given the legitimate cloud service provider association, traffic from this IP should generally be considered safe unless specific indicators suggest otherwise.
- SOC teams should monitor for any deviations from typical cloud service traffic patterns that could indicate misuse or compromise.
- Implement whitelisting for known cloud service IPs to streamline traffic monitoring and reduce false positives.
Conclusion:
The IP address 34.18.173.49/32 is primarily associated with legitimate cloud service operations. While no immediate threats have been observed, continuous monitoring is recommended to ensure the integrity of network traffic and to detect any potential misuse.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
| Honeypot | Trap endpoint probes | 1 |
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | β |
| CIDR Block | 34.18.0.0/16 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 49.173.18.34.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 49.173.18.34.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 20% | 2 | 4 |
| routing | 43% | 4 | 8 |
| services | 15% | 2 | 2 |
| ownership | 22% | 3 | 4 |
| reputation | 24% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 24% | 14 | 23 |
| Data Coherence | Consistent (100%) |
| Attribution | High (85%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-14 20:19:48 UTC |
| Last Seen | 2026-06-28 01:36:50 UTC |
| Profile Built | 2026-06-29 01:46:05 UTC |
| Data Freshness | Live |
| Signal Types | 32 |
| Total Observations | 39 |
Full dossier details are available via our API.