IPDebrief

34.38.29.170

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 34.38.29.170/32

Date: 2026-06-14

Classification: Google Cloud Platform Infrastructure

---

## EXECUTIVE SUMMARY

IP 34.38.29.170 is a low-risk (score: 15) Google Cloud Platform compute host. The address resolves to Google's infrastructure with minimal threat indicators. No immediate blocking is recommended, but the subnet requires monitoring due to mixed geolocation signals.

---

## PROFILE ANALYSIS

Ownership & Network Role:

Geolocation:

DNS Resolution:

Service Exposure:

---

## THREAT ASSESSMENT

Risk Score: 15 (Low Risk)

Abuse Confidence: Not applicable (cloud infrastructure)

Threat Indicators: None detected

Blacklist Status: 1 DNSBL listing across 8 lists

Known Campaigns: None

Tor Exit Node: No

Known Attacker: No

Spam Source: No

Control Plane:

---

## OBSERVATION HISTORY

Total Observations: 32 signals over monitoring period

Recent Activity:

Key Finding: Mixed geolocation data between US and Belgium sources indicates potential CDN/anycast routing or multi-region deployment. No persistent malicious activity detected.

---

## RELATIONSHIP MAPPING

Total Relationships: 167 entities linked

Primary Associations:

Correlation Analysis:

---

## NEIGHBORHOOD ANALYSIS

Subnet: 34.38.29.0/24

Assessment: The /24 subnet shows minimal abuse activity. The single threat sibling warrants periodic review but does not impact overall risk posture.

---

## RECOMMENDED ACTIONS

Immediate Actions: None required (Low Risk score)

Monitoring Recommendations:

1. Monitor for changes in geolocation consistency

2. Track threat sibling activity within /24 subnet

3. Review DNSBL listing sources (1 of 8 lists)

4. Watch for SSH (22/TCP) exploitation attempts

Firewall Rules: No specific rules generated due to low-risk classification. Standard cloud security policies apply.

---

## CONCLUSION

IP 34.38.29.170 represents legitimate Google Cloud Platform infrastructure with low-risk characteristics. The geolocation inconsistency between US and Belgium sources reflects normal cloud CDN/anycast routing patterns. No immediate threat action required. Continue standard monitoring and review threat sibling activity in the /24 subnet periodically.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ง๐Ÿ‡ช Belgium
RegionWAL
CitySt. Ghislain
TimezoneEurope/Brussels
Latitude50.45
Longitude3.82

๐Ÿข Ownership & Registration

OrganizationGoogle LLC
ASNAS396982
Network Nameโ€”
CIDR Block34.38.0.0/16
RIRARIN
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR170.29.38.34.bc.googleusercontent.com
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnames170.29.38.34.bc.googleusercontent.com

๐Ÿ” DNS Hygiene

Hygiene Score100% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAAPresent

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeSingle-Service Host
Network TierTier 3 โ€” Basic operator with some routing infrastructure
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
22sshtcp
Closed Ports25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”
SSH VersionSSH-2.0-OpenSSH_10.0

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
24%
24
routing
30%
45
services
22%
24
ownership
19%
34
reputation
28%
13
geolocation
23%
22
Overall24%1422
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionHigh (85%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-09 05:26:06 UTC
Last Seen2026-06-27 15:00:49 UTC
Profile Built2026-06-28 09:05:25 UTC
Data FreshnessLive
Signal Types30
Total Observations36
๐Ÿ” 30 signal types ยท 36 observations collected
This report is generated from 30+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.