Check an IP Address, Domain Name, Subnet, or ASN

34.79.80.71 was found in our database!

$ whois 34.79.80.71

country·🇧🇪 Belgium

city·Brussels

isp·Google LLC

asn·AS396982

network·Standard

$ sikker risk 34.79.80.71scoring →

confidence

92%Very High

first_seen·Mar 14, 2026

last_seen·1h ago

sessions·37

events·37

$ sikker protocols 34.79.80.71

FTP

6 / 6

HTTP

6 / 6

POSTGRES

6 / 6

ELASTICSEARCH

6 / 6

SMB

5 / 5

HTTPS

5 / 5

MONGODB

3 / 3

$ sikker summary 34.79.80.71

34.79.80.71 has a threat confidence score of 92%. This IP address from Belgium (AS396982, Google LLC) has been observed in 37 honeypot sessions targeting FTP, HTTP, POSTGRES, ELASTICSEARCH, SMB and 2 other protocols. First observed on March 14, 2026, most recently active March 16, 2026.

$ sikker behaviors 34.79.80.71catalog →

mediumSmb Remote Enumeration Via Samr And Srvsvc4x

Composite behavior identifying authenticated SMB interaction where a client accesses the IPC$ share, performs root directory reads, binds to the SAMR RPC interface, and interacts with the SRVSVC service pipe. This sequence is consistent with remote host and account enumeration activity over SMB, typically used to gather domain, user, and share information prior to lateral movement or privilege escalation attempts.

lowFtp Passive Directory Listing3x

FTP session where the client enters passive mode (PASV) and issues a LIST command to retrieve a directory listing from the server.

infoHttp Root Path Request6x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 34.79.80.71

elastic_http_get_request16 smb_srvsvc_rpc_bind8 elastic_root_path_probe8 smb_root_read7 http_method_get6 ftp_print_working_directory6 smb_samr_rpc_bind4 smb_ipc_share_access4 smb_srvsvc_pipe_open4 elastic_http_bad_request_path_probe4 ftp_set_utf83 ftp_user_probe3 ftp_list_directory3 ftp_set_ascii_mode3 ftp_password_attempt3 ftp_enter_passive_mode3 https_path_root2

$ sikker related 34.79.80.71

🇧🇪·More threats fromBelgium→AS·More threats fromGoogle LLC→FTP·More threats targetingFTP→HTTP·More threats targetingHTTP→POST·More threats targetingPOSTGRES→ELAS·More threats targetingELASTICSEARCH→SMB·More threats targetingSMB→HTTP·More threats targetingHTTPS→MONG·More threats targetingMONGODB→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
198.235.24.238	94%	258
147.185.132.16	97%	350
34.79.232.97	94%	21
205.210.31.252	97%	286
147.185.132.91	96%	332

IP Address	Confidence	Events
34.79.232.97	94%	21
35.195.17.170	95%	46
34.52.173.82	70%	10
35.241.150.107	86%	12
35.240.75.51	100%	872