35.254.210.173
## IP INTELLIGENCE BRIEFING
Target: 35.254.210.173/32
Classification: LOW RISK β Legitimate Cloud Infrastructure
Date: Current Analysis Cycle
Prepared For: SOC Operations
---
Executive Summary
IP 35.254.210.173 is a Google Cloud Platform (GCP) infrastructure endpoint located in the US with a risk score of 25/100. The IP resolves to Google-owned hostnames and exhibits no active threat indicators. Classification as cloud compute infrastructure with firewalled services. No immediate blocking recommended; monitoring advised for anomaly detection.
---
Ownership and Network Classification
| Attribute | Value |
|---|---|
| Organization | Google LLC |
| ASN | 396982 |
| Network Name | Google Cloud Platform |
| CIDR Block | 35.254.0.0/16 |
| RIR | ARIN |
| Infrastructure Type | CloudCompute |
| Provider | Google Cloud |
---
Geolocation
| Attribute | Value |
|---|---|
| Country | United States (US) |
| Region | Iowa (IA) |
| City | Council Bluffs |
| Timezone | America/Chicago |
| Geo Confidence | Plausible |
| Distance from Probe | 7218.7 km |
---
Threat Assessment
| Metric | Value |
|---|---|
| Risk Score | 25 (Low) |
| Abuse Confidence Score | N/A |
| Blacklist Count | 0 |
| Tor Exit Node | No |
| Known Attacker | No |
| Spam Source | No |
| Known Campaigns | None |
| DNSBL Lists | 1 of 8 |
---
Network Role and Services
| Attribute | Value |
|---|---|
| Is Cloud | Yes |
| Is CDN | No |
| Is Proxy | No |
| Is Tor | No |
| Is Hosting | Yes |
| Is Mobile/Residential | No |
| Open Ports | None |
| TLS Certificate | None |
| Service Status | Firewalled / No Services |
---
DNS Analysis
| Attribute | Value |
|---|---|
| PTR Hostname | 173.210.254.35.bc.googleusercontent.com |
| Forward Resolution | 173.210.254.35.bc.googleusercontent.com |
| Domain | googleusercontent.com |
| SPF Record | Yes |
| DMARC Record | Yes |
| Forward Resolution Count | 1 |
---
Temporal Analysis
- Observation History: 23 total observations
- Recent Activity: June 2026 (latest signals)
- Threat Persistence Days: 0
- Ownership Changes: 0
- Persistence Status: Not persistently malicious
- Route Stability: Unstable (isRouteStable: false)
---
Neighborhood Analysis
| Metric | Value |
|---|---|
| Subnet | 35.254.210.173/24 |
| Abuse Density | 0 |
| Classification | Mostly Clean |
| Total Siblings | 1 |
| Active Siblings | 1 |
| Threat Siblings | 1 |
| Risk Distribution | Low |
---
Relationships
- DNS Associations: 68 relationships identified
- Primary Target: 173.210.254.35.bc.googleusercontent.com (repeated associations)
- Network Affiliation: GOOGL-2
- Same Network: Google Cloud infrastructure
---
Recommended Actions
| Action Type | Recommendation |
|---|---|
| Firewall Rules | None required |
| WAF Rules | Not applicable |
| Monitoring | Standard cloud infrastructure monitoring |
| Blocking | Not recommended |
---
Intelligence Assessment
This IP address represents legitimate Google Cloud infrastructure with no observed malicious activity. The low-risk classification is supported by:
1. Ownership: Verified Google LLC ownership via ASN 396982
2. DNS Resolution: Consistent with Google Cloud infrastructure patterns
3. Threat Indicators: Zero active threat indicators, blacklists, or campaign associations
4. Infrastructure Type: Cloud compute environment with standard security controls
Recommended SOC Action: No immediate action required. Maintain standard monitoring for cloud provider infrastructure. The IP should be treated as benign traffic unless operational context indicates otherwise.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 173.210.254.35.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 173.210.254.35.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 42% | 1 | 8 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 27% | 10 | 23 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-20 17:48:16 UTC |
| Last Seen | 2026-06-28 12:21:54 UTC |
| Profile Built | 2026-06-29 06:26:16 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 34 |
Full dossier details are available via our API.