Check an IP Address, Domain Name, Subnet, or ASN

35.203.210.240 was found in our database!

$ whois 35.203.210.240

country·🇬🇧 United Kingdom

city·City of London

isp·Google LLC

asn·AS396982

network·Standard

$ sikker risk 35.203.210.240scoring →

confidence

76%High

first_seen·Jan 22, 2026

last_seen·1h ago

sessions·101

events·120

$ sikker protocols 35.203.210.240

SMTP

31 / 44

SIP

31 / 31

SMB

8 / 8

REDIS

4 / 8

MONGODB

8 / 8

HTTP

2 / 4

TELNET

4 / 4

HTTPS

3 / 3

MSSQL

3 / 3

FTP

2 / 2

SSH

2 / 2

POSTGRES

2 / 2

DOCKER

1 / 1

$ sikker summary 35.203.210.240

35.203.210.240 has a threat confidence score of 76%. This IP address from United Kingdom (AS396982, Google LLC) has been observed in 101 honeypot sessions targeting SMTP, SIP, SMB, REDIS, MONGODB and 8 other protocols. First observed on January 22, 2026, most recently active May 6, 2026.

$ sikker behaviors 35.203.210.240catalog →

mediumSip Request Uri Sip Nm2x

SIP request using sip:nm as the Request-URI, a malformed or placeholder target commonly observed in SIP scanning and fuzzing activity rather than legitimate client behavior.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoRedis Info Command Invocation2x

Identifies execution of the Redis INFO command (case-insensitive), which retrieves server configuration, version, memory usage, and runtime statistics. This behavior reflects service interrogation and environment fingerprinting activity. While INFO can be used legitimately by administrators, it is also commonly observed during automated scanning and pre-exploitation reconnaissance of exposed Redis instances.

$ sikker primitives 35.203.210.240

smtp_ehlo_greeting14 sip_call_id_alphanumeric_entropy13 mongodb_serverstatus_float_command3 http_method_get2 https_path_root2 docker_get_method2 redis_info_uppercase2 docker_bad_request_uri2 sip_request_uri_sip_nm2

$ sikker related 35.203.210.240

Report IP WHOIS Lookup →

IP Address	Confidence	Events
34.125.61.115	79%	6
34.77.219.71	100%	375
35.187.43.37	75%	15
35.202.9.133	93%	2,356
162.216.149.162	75%	168

IP Address	Confidence	Events
193.104.222.2	94%	2,045
193.104.222.9	97%	445
51.89.235.201	88%	94,401
193.104.222.133	92%	500
65.111.23.59	34%	1