IPDebrief

34.181.202.70

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 34.181.202.70/32

Classification: Low Risk / Google Cloud Infrastructure

Analysis Date: Current

Risk Score: 25/100

---

## EXECUTIVE SUMMARY

Target IP 34.181.202.70 is a Google Cloud Compute infrastructure host operating within US Google Cloud data centers. The IP exhibits low-risk characteristics consistent with legitimate cloud service infrastructure. No malicious indicators, threat associations, or abuse patterns were observed. The subnet maintains a "mostly_clean" classification with minimal threat density.

---

## OWNERSHIP & INFRASTRUCTURE

AttributeValue
**Organization**Google LLC
**ASN**396982
**Network Role**CloudCompute Provider
**Infrastructure Type**Cloud Hosted
**Geolocation**US, Virginia, Ashburn
**Timezone**America/New_York

The IP is registered under Google LLC (ASN 396982) and operates within the Google Cloud Platform. The infrastructure is classified as a hosting environment with single-service host designation.

---

## NETWORK CLASSIFICATION

IndicatorStatus
**Is Cloud**YES
**Is CDN**NO
**Is Hosting**YES
**Is Residential**NO
**Is Tor Exit**NO
**Is Known Attacker**NO
**Is Spam Source**NO
**Is Proxy**NO

---

## THREAT INDICATORS

No threat indicators or malicious associations were identified. The IP is not listed on any threat feeds or known attacker databases.

---

## DNS & HOSTING

---

## NEIGHBORHOOD ANALYSIS

MetricValue
**Subnet**34.181.202.70/24
**Abuse Density**0.5 (Moderate)
**Total Siblings**2
**Active Siblings**2
**Threat Siblings**1
**Classification**mostly_clean
**Inherited Risk**2

Notable Neighbor: 34.181.202.153 (Risk Score: 25, Authority Score: 90)

---

## OBSERVATION HISTORY

Total Observations: 23 signals recorded

Recent Activity Timeline:

Temporal Analysis:

---

## CONTROL PLANE DATA

MetricValue
**BGP Prefix**34.181.128.0/17
**Origin ASN**396982
**Route Stability**FALSE
**Route Changes (30d)**0
**RPKI State**Not evaluated
**DNSSEC Valid**YES
**DNSBL Listed**1 of 8 lists

---

## GEOLOCATION VALIDATION

MetricValue
**Distance from Probe**6295.7 km
**Minimum RTT**23.0 ms
**Average RTT**25.6 ms
**Minimum Possible RTT**125.9 ms
**Validation Status**VIOLATION DETECTED

Note: Geographic distance (6296 km) vs. RTT (23 ms) shows a significant discrepancy, indicating potential measurement anomalies or multi-hop routing. This does not impact threat assessment for cloud infrastructure.

---

## RELATIONSHIP GRAPH

Total Relationships: 36 entities

Primary Associations:

Relationships are predominantly DNS-based and network-level, consistent with legitimate Google Cloud infrastructure patterns.

---

## RECOMMENDATIONS

Based on the IP's risk profile and operational context:

1. ALLOW - No blocking recommended. IP is legitimate Google Cloud infrastructure.

2. MONITOR - Observe SSH port activity for legitimate vs. unauthorized access attempts.

3. CONTEXTUALIZE - Consider traffic patterns in conjunction with known Google Cloud security best practices.

4. NEIGHBOR AWARENESS - Be aware of 1 threat sibling in the /24 subnet (34.181.202.153); monitor for lateral activity.

---

## CONCLUSION

IP 34.181.202.70 is classified as low-risk Google Cloud infrastructure with no malicious indicators. The subnet maintains a mostly_clean classification with moderate abuse density. No security actions are required beyond standard monitoring practices. The IP is suitable for legitimate cloud service operations and does not warrant blocking or enhanced scrutiny absent additional contextual threat intelligence.

Status: CLEAR FOR LEGITIMATE INFRASTRUCTURE

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionVA
CityAshburn
TimezoneAmerica/New_York
Latitude39.04
Longitude-77.49

🏒 Ownership & Registration

OrganizationGoogle LLC
ASNAS396982
Network Nameβ€”
CIDR Blockβ€”
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTR70.202.181.34.bc.googleusercontent.com
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnames70.202.181.34.bc.googleusercontent.com

πŸ” DNS Hygiene

Hygiene Score100% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAAPresent

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting β€” Infrastructure provider without advanced routing
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
41%
25
routing
8%
11
services
21%
22
ownership
24%
23
reputation
26%
13
geolocation
33%
23
Overall26%1017
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceMostly Consistent (80%) β€” 1 contradiction(s)
AttributionModerate (55%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid
⚠ Claimed geolocation contradicts RTT physics measurement

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-17 15:13:00 UTC
Last Seen2026-06-28 05:21:05 UTC
Profile Built2026-06-28 23:25:42 UTC
Data FreshnessLive
Signal Types22
Total Observations27
πŸ” 22 signal types Β· 27 observations collected
This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.