IP INTELLIGENCE BRIEFING: 34.56.189.87/32
Classification: LOW RISK β Google Cloud Infrastructure
1. EXECUTIVE SUMMARY
IP address 34.56.189.87 is identified as legitimate Google Cloud infrastructure with a low-risk profile (Risk Score: 25). The address is associated with Google LLC (AS396982) and operates as cloud compute infrastructure. No malicious indicators or threat activity were observed during analysis.
2. OWNERSHIP AND GEOLOCATION
- Organization: Google LLC
- AS Number: 396982 (GOOGL-2)
- CIDR Block: 34.4.5.0/24
- Location: Council Bluffs, IA, United States
- Timezone: America/Chicago
- Registration: ARIN registry
3. NETWORK ROLE AND CLASSIFICATION
- Infrastructure Type: CloudCompute (Google Cloud Platform)
- DNS Resolves: 87.189.56.34.bc.googleusercontent.com
- Hosted Domain: googleusercontent.com
- Open Ports: TCP/443 (HTTPS)
- TLS Certificate: Kubernetes infrastructure certificates (kubernetes.default, kubernetes.default.svc)
- Server Banner: HTTP/2 enabled
4. THREAT ASSESSMENT
- Risk Score: 25 (Low)
- Abuse Confidence: Not applicable (legitimate cloud infrastructure)
- Blacklist Status: 0 blacklistings
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Threat Persistence: None detected
- Campaign Association: None
5. OBSERVATION HISTORY (29 Signals)
Historical analysis reveals consistent infrastructure patterns:
- DNS signals show Kubernetes cluster components (cluster.local, default.svc, kubernetes.default)
- ASN 396982 stability confirmed (2,862 days)
- No escalation in threat indicators
- SPF/DMARC records present on googleusercontent.com domain
6. RELATIONSHIP ANALYSIS (41 Relationships)
- DNS associations point to 87.189.56.34.bc.googleusercontent.com
- Network relationships confirm GOOGL-2 ownership
- No malicious entity correlations detected
7. NEIGHBORHOOD ANALYSIS (Subnet 34.56.189.0/24)
- Abuse Density: 0
- Classification: Mostly Clean
- Threat Siblings: 0
- Active Siblings: 0
8. CONTROL PLANE DATA
- BGP Prefix: 34.56.0.0/16
- Routing Stability: Confirmed (0 changes in 30 days)
- RPKI State: Valid
- DNSSEC: Valid
9. RECOMMENDED ACTIONS
No blocking or mitigation actions required. This IP represents legitimate Google Cloud infrastructure hosting Kubernetes-based services. Standard cloud provider traffic handling applies.
10. INTELLIGENCE CONFIDENCE
High confidence in benign classification based on:
- Established Google Cloud ownership
- Clean neighborhood metrics
- Kubernetes infrastructure certificates
- Zero threat indicators
- 2862-day ASN stability
ANALYST NOTES: This IP belongs to Google's cloud compute infrastructure. Traffic patterns consistent with legitimate cloud services. No defensive action recommended unless specific organizational policy requires cloud provider IP scrutiny.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | GOOGL-2 |
| CIDR Block | 34.4.5.0/24 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 87.189.56.34.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 87.189.56.34.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | 1/4 domains |
| DMARC | 1/4 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
| Domains Checked | 4 domains |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | β |
| Closed Ports | 22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | kuberneteskubernetes.defaultkubernetes.default.svckubernetes.default.svc.cluster.local |
| Valid From | 2026-06-14T02:45:28+00:00 |
| Valid Until | 2031-06-13T02:47:28+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 1825 days |
| Serial Number | 1D3C2133B3E992E4396CF94E8298CD3B |
| Thumbprint | 8EC6DE36EBDA4813F73B7F8A0D23A53B9A46C95F |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 24% | 2 | 3 |
| ownership | 35% | 3 | 5 |
| reputation | 22% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 28% | 12 | 21 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-27 19:22:36 UTC |
| Last Seen | 2026-06-29 04:46:12 UTC |
| Profile Built | 2026-06-29 04:58:15 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 31 |
Full dossier details are available via our API.