34.78.183.19 — Google LLC, BE — Very High (98%)

Check an IP Address, Domain Name, Subnet, or ASN

34.78.183.19 was found in our database!

Confidence Level

98%

Very High?

Geolocation

🇧🇪

BelgiumBrussels

ISPGoogle LLC

ASNAS396982

Activity Timeline

First seenJan 22, 2026, 11:32 AM

Last seen8d ago

251Sessions

1,250Events

Protocol Breakdown

FTP

74 / 439

MONGODB

50 / 407

SMB

17 / 214

HTTP

23 / 51

HTTPS

30 / 51

POSTGRES

28 / 43

DOCKER

15 / 31

ELASTICSEARCH

14 / 14

34.78.183.19 has a very high threat confidence level of 98%, originating from Brussels, Belgium, on the Google LLC network (396982). It has been observed across 251 sessions targeting FTP, MONGODB, SMB, HTTP, HTTPS and 3 other protocols, First observed on January 22, 2026, most recently active February 25, 2026.

Behaviors

Classified behavioral patterns observed

Ftp Authenticated Directory Reconnaissance

medium5x

FTP session where a client probes for valid usernames, attempts authentication, negotiates transfer settings (ASCII and UTF-8), retrieves the current working directory, changes directories, enters passive mode, issues directory listings, and sends NOOP to maintain the session. This sequence reflects structured post-authentication exploration of the FTP file system to map directory structure and available content.

Smb Authenticated Host And Share Enumeration

medium1x

Composite behavior identifying authenticated SMB activity where a client accesses both IPC$ and data shares, performs root directory reads, and binds to SAMR and SRVSVC RPC interfaces. This sequence is consistent with structured remote enumeration of host configuration, shared resources, and account information, often conducted prior to lateral movement or privilege escalation attempts.

Ftp Passive Directory Listing

low11x

FTP session where the client enters passive mode (PASV) and issues a LIST command to retrieve a directory listing from the server.

Ftp Passive Session Initialization

low3x

FTP session where the client authenticates, queries the working directory, sets transfer mode, and enters passive mode without performing any file transfer or directory listing.

Https Root Path Request

info6x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

Http Root Path Request

info5x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

Primitives

Individual actions observed

Mongodb Lsid Present4880 Mongodb Buildinfo654 Mongodb Client Metadata Pymongo394 Mongodb Listdatabases144 Smb Root Read40 Elastic Http Get Request39 Ftp Print Working Directory38 Elastic Root Path Probe25 Ftp Set Ascii Mode24 Ftp Enter Passive Mode24 Ftp List Directory21 Ftp Set Utf819 Ftp User Probe19 Ftp Password Attempt19 Smb Data Share Access19 Ftp Change Working Directory10 Docker Get Method7 Elastic Http Bad Request Path Probe7 Https Path Root6 Http Method Get5

Related Threats

Explore related threat intelligence

🇧🇪More threats fromBelgium ASMore threats fromGoogle LLC FTPMore threats targetingFTP MONGODBMore threats targetingMONGODB SMBMore threats targetingSMB HTTPMore threats targetingHTTP HTTPSMore threats targetingHTTPS POSTGRESMore threats targetingPOSTGRES DOCKERMore threats targetingDOCKER ELASTICSEARCHMore threats targetingELASTICSEARCH { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
35.203.210.134	53%	74
198.235.24.186	83%	221
205.210.31.202	88%	260
162.216.149.228	73%	103
34.62.131.131	91%	26

IP Address	Confidence	Events
35.240.62.18	78%	15
34.140.188.44	100%	1,302
34.62.156.217	30%	2
35.189.227.206	99%	164
146.148.113.3	95%	51