34.87.138.2
# IP Intelligence Briefing: 34.87.138.2/32
Classification: Low Risk (Google Cloud Infrastructure)
Date: 2026-06-20
Analyst: IPDebrief Intelligence Team
---
## Executive Summary
IP 34.87.138.2 is a Google Cloud infrastructure endpoint classified as low risk with a score of 25. The address resolves to the googleusercontent.com domain within Google's Singapore data center (ASN 396982). Network analysis indicates normal cloud provider behavior with no active malicious indicators. No specific blocking or rate-limiting actions are recommended at this time.
---
## Technical Profile
| Attribute | Value |
|---|---|
| **IP Address** | 34.87.138.2 |
| **Risk Score** | 25 (Low) |
| **Organization** | Google LLC |
| **ASN** | 396982 |
| **Location** | Singapore (1.35, 103.82) |
| **Network Role** | Multi-Service Host (Google Cloud) |
| **Infrastructure Type** | Cloud Provider |
---
## Network Services
Open Ports:
- TCP/80 (HTTP) - nginx/1.22.1
- TCP/22 (SSH) - OpenSSH_9.2p1 Debian-2+deb12u10
DNS Resolution:
- PTR Hostname: 2.138.87.34.bc.googleusercontent.com
- Forward Resolution: Confirmed
- Domain: googleusercontent.com
---
## Threat Indicators
Assessment: CLEAN
| Indicator | Status |
|---|---|
| Blacklist Count | 0 |
| DNSBL Listed | 1 of 8 lists |
| Known Attacker | No |
| Tor Exit Node | No |
| Spam Source | No |
| Threat Feeds | None |
| Known Campaigns | None |
---
## Control Plane Analysis
- Route Stability: Stable
- Delegation Age: 2,854 days
- RPKI State: Valid
- Route Changes (30d): 0
- Operator Score: 0.5652 (Moderate)
- BGP Prefix: 34.87.128.0/20
---
## Historical Observations
Analysis Period: 2026-06-15 to 2026-06-20
Key Findings:
- 25 total signal observations recorded
- Consistent HTTP fingerprinting (nginx/1.22.1)
- HTTP Status Code: 403 (Forbidden)
- Response Time: 489ms
- No significant risk trajectory changes
- Threat persistence: 0 days
- Is persistently malicious: No
---
## Network Relationships
DNS Associations:
- 2.138.87.34.bc.googleusercontent.com (27 relationship entries)
Network Relationships:
- GOOGL-2 network (27 relationship entries)
- All relationships confirm Google Cloud infrastructure membership
---
## Neighborhood Analysis (Subnet: 34.87.138.0/24)
| Metric | Value |
|---|---|
| Abuse Density | 1 (Low) |
| Classification | mostly_clean |
| Total Siblings | 2 |
| Active Siblings | 1 |
| Threat Siblings | 1 |
| Inherited Risk | 2 |
---
## Recommended Actions
Current Status: No action required
Firewall Rules: None recommended (risk score 25 is within acceptable thresholds for Google Cloud infrastructure)
Monitoring: Continue standard monitoring for:
- Unusual outbound connection patterns
- Rate limit violations
- SSH connection anomalies
---
## Intelligence Narrative
This IP address represents legitimate Google Cloud infrastructure hosting services under the googleusercontent.com domain. The address exhibits normal cloud provider behavior with consistent DNS resolution, stable routing, and no malicious indicators. The single DNSBL listing is likely a false positive or related to benign content delivery practices. The neighborhood analysis shows low abuse density consistent with Google's controlled infrastructure.
The HTTP 403 responses and nginx server banner are consistent with Google's content delivery and edge infrastructure patterns. SSH services may support legitimate administrative access for Google's internal operations.
Final Recommendation: Treat as benign infrastructure. No blocking or filtering required. Monitor for any changes in behavior or risk indicators.
---
*Report generated by IPDebrief Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Google LLC |
| ASN | AS396982 |
| Network Name | β |
| CIDR Block | 34.87.128.0/20 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 2.138.87.34.bc.googleusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 2.138.87.34.bc.googleusercontent.com |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | nginx/1.22.1 |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 24% | 2 | 3 |
| services | 30% | 2 | 3 |
| ownership | 27% | 3 | 4 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 26% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-19 15:38:50 UTC |
| Last Seen | 2026-06-28 09:17:38 UTC |
| Profile Built | 2026-06-29 03:22:57 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 28 |
Full dossier details are available via our API.