34.38.29.170
# IP INTELLIGENCE BRIEFING
Target: 34.38.29.170/32
Date: 2026-06-14
Classification: Google Cloud Platform Infrastructure
---
## EXECUTIVE SUMMARY
IP 34.38.29.170 is a low-risk (score: 15) Google Cloud Platform compute host. The address resolves to Google's infrastructure with minimal threat indicators. No immediate blocking is recommended, but the subnet requires monitoring due to mixed geolocation signals.
---
## PROFILE ANALYSIS
Ownership & Network Role:
- Organization: Google LLC (ASN: 396982)
- Infrastructure Type: CloudCompute (Google Cloud Platform)
- Registration: ARIN, allocated 2022-05-09
- Network Block: 34.38.0.0/16
Geolocation:
- Primary Location: Belgium (BE), Walloon Region, St. Ghislain
- Coordinates: 50.45°N, 3.82°E
- GeoConsensus: Confirmed
- Accuracy Radius: 150km
DNS Resolution:
- PTR Record: 170.29.38.34.bc.googleusercontent.com
- Domain: googleusercontent.com
- Forward Resolution: Confirmed (1 record)
- Email Auth: SPF and DMARC records present
Service Exposure:
- Open Ports: TCP/22 (SSH) - OpenSSH_10.0
- HTTP: 403 Forbidden response
- TLS Certificate: None detected
---
## THREAT ASSESSMENT
Risk Score: 15 (Low Risk)
Abuse Confidence: Not applicable (cloud infrastructure)
Threat Indicators: None detected
Blacklist Status: 1 DNSBL listing across 8 lists
Known Campaigns: None
Tor Exit Node: No
Known Attacker: No
Spam Source: No
Control Plane:
- BGP Prefix: 34.38.0.0/16
- RPKI State: Valid
- Route Stability: Stable (0 changes in 30 days)
- Operator Score: 0.7391 (Moderate)
- DNSSEC: Valid
---
## OBSERVATION HISTORY
Total Observations: 32 signals over monitoring period
Recent Activity:
- 2026-06-14 13:12:13 - ASN confirmation: GOOGLE-CLOUD-PLATFORM (US)
- 2026-06-14 12:59:58 - Cloud infrastructure classification confirmed
- 2026-06-14 12:56:37 - Geolocation inference: Belgium (56% confidence)
- 2026-06-14 12:54:14 - AlienVault OTX signals: US location with threat correlations
- 2026-06-14 12:53:27 - Operator score: Moderate (0.7391)
Key Finding: Mixed geolocation data between US and Belgium sources indicates potential CDN/anycast routing or multi-region deployment. No persistent malicious activity detected.
---
## RELATIONSHIP MAPPING
Total Relationships: 167 entities linked
Primary Associations:
- DNS: 170.29.38.34.bc.googleusercontent.com (Google Cloud)
- Network: GOOGL-2 (Google Cloud internal network)
- Cloud Infrastructure: Multiple Google Cloud network relationships
Correlation Analysis:
- No correlated campaign IPs detected
- No certificate subjects matching
- No banner matches indicating campaign activity
---
## NEIGHBORHOOD ANALYSIS
Subnet: 34.38.29.0/24
- Abuse Density: 0 (clean classification)
- Total Siblings: 1 active
- Threat Siblings: 1 (requires monitoring)
- Inherited Risk: 2 (low)
- Classification: Mostly clean
Assessment: The /24 subnet shows minimal abuse activity. The single threat sibling warrants periodic review but does not impact overall risk posture.
---
## RECOMMENDED ACTIONS
Immediate Actions: None required (Low Risk score)
Monitoring Recommendations:
1. Monitor for changes in geolocation consistency
2. Track threat sibling activity within /24 subnet
3. Review DNSBL listing sources (1 of 8 lists)
4. Watch for SSH (22/TCP) exploitation attempts
Firewall Rules: No specific rules generated due to low-risk classification. Standard cloud security policies apply.
---
## CONCLUSION
IP 34.38.29.170 represents legitimate Google Cloud Platform infrastructure with low-risk characteristics. The geolocation inconsistency between US and Belgium sources reflects normal cloud CDN/anycast routing patterns. No immediate threat action required. Continue standard monitoring and review threat sibling activity in the /24 subnet periodically.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | โ |
| CIDR Block | 34.38.0.0/16 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 170.29.38.34.bc.googleusercontent.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 170.29.38.34.bc.googleusercontent.com |
๐ DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_10.0 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 4 |
| routing | 30% | 4 | 5 |
| services | 22% | 2 | 4 |
| ownership | 19% | 3 | 4 |
| reputation | 28% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 24% | 14 | 22 |
| Data Coherence | Consistent (100%) |
| Attribution | High (85%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-09 05:26:06 UTC |
| Last Seen | 2026-06-27 15:00:49 UTC |
| Profile Built | 2026-06-28 09:05:25 UTC |
| Data Freshness | Live |
| Signal Types | 30 |
| Total Observations | 36 |
Full dossier details are available via our API.