# INTELLIGENCE BRIEFING: 34.38.223.22/32
Classification: Low Risk - Google Cloud Infrastructure
Date: 2026-06-16
Analyst: IPDebrief Intelligence Team
---
## Executive Summary
Target IP 34.38.223.22 is a Google Cloud infrastructure address operating within the GOOGL-2 network block. The IP maintains a low overall risk score of 25, with no active threat indicators, open services, or known malicious campaigns. The address is registered to Google LLC (ASN: 396982) and resolves to Google Cloud DNS infrastructure.
---
## Technical Profile
Ownership & Network Attribution
- Organization: Google LLC
- ASN: 396982
- Network: GOOGL-2 (34.4.5.0/24)
- RIR: ARIN
- Abuse Contact: Available via RDAP
Geolocation
- Country: Belgium (BE)
- Region: Wallonia (WAL)
- City: St. Ghislain
- Coordinates: 50.45°N, 3.82°E
- Geo Confidence: 56% confidence across multi-signal inference
DNS Configuration
- PTR Hostname: 22.223.38.34.bc.googleusercontent.com
- Forward Resolution: Confirmed (googleusercontent.com)
- Email Authentication: SPF and DMARC records present
- DNSSEC: Valid
- CAA Records: Present
Service Exposure
- Open Ports: None detected
- Active Services: None (classified as "Firewalled / No Services")
- HTTP/TLS: No HTTP services detected
- Fingerprinting: No HTTP2, HSTS, or CSP headers observed
---
## Threat Assessment
Risk Metrics
- Overall Risk Score: 25 (Low Risk)
- Abuse Confidence: Not applicable
- Blacklist Count: 1 (of 8 total DNSBL lists)
- Known Campaigns: None
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
Control Plane Observations
- BGP Prefix: 34.38.0.0/16
- Route Stability: Unstable (0 route changes in 30-day window)
- RPKI State: Not verified
- Operator Score: 0.3478 (Basic classification)
- DNSBL Listed: Yes (1 of 8 lists)
---
## Historical Analysis
Observation Period: 17 signals recorded
- Ownership Signals: Consistent attribution to Google LLC with zero ownership changes
- Geolocation Signals: Stable Belgium assignment with 56% confidence
- Threat Persistence: Zero persistent malicious activity detected
- Recent Activity: Most recent signals dated June 16, 2026
---
## Network Relationships
Associated Entities: 8 total
- DNS Associations: 22.223.38.34.bc.googleusercontent.com (multiple entries)
- Network Associations: GOOGL-2 (Google network)
---
## Neighborhood Analysis (34.38.223.0/24)
- Abuse Density: 50% (0.5)
- Classification: Mostly clean
- Total Sibling IPs: 2
- Active Siblings: 0
- Threat Siblings: 1
- Notable Neighbor: 34.38.223.242 (Risk Score: 40, Authority Score: 90)
---
## Security Recommendations
1. Allow List Consideration: IP demonstrates legitimate Google Cloud infrastructure characteristics with no active threat indicators
2. Traffic Monitoring: Monitor for anomalous outbound connections from this IP to prevent potential abuse of Google infrastructure
3. Neighbor Awareness: Investigate associated IP 34.38.223.242 (risk score 40) for context on subnet-level activity
4. DNSBL Review: Investigate listing on 1 of 8 DNSBLs to determine source and relevance
5. Control Plane Validation: Verify route stability and RPKI state for network-level anomaly detection
---
## Conclusion
IP 34.38.223.22 represents standard Google Cloud infrastructure with no immediate threat indicators. The low risk profile, consistent ownership attribution, and lack of active services suggest legitimate operational use. SOC teams may treat this IP as benign, but should maintain monitoring of associated subnet activity, particularly the neighboring address 34.38.223.242 which shows elevated risk characteristics.
Status: No immediate action required. Monitor for behavioral changes.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGL-2 |
| CIDR Block | 34.4.5.0/24 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 22.223.38.34.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 22.223.38.34.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 2 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 17% | 1 | 1 |
| Overall | 21% | 8 | 10 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-10 08:40:26 UTC |
| Last Seen | 2026-06-21 17:23:08 UTC |
| Profile Built | 2026-06-21 17:33:01 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.