Check an IP Address, Domain Name, Subnet, or ASN

35.205.166.64 was found in our database!

$ whois 35.205.166.64

country·🇧🇪 Belgium

city·Brussels

isp·Google LLC

asn·AS396982

network·Standard

$ sikker risk 35.205.166.64scoring →

confidence

68%High

first_seen·Mar 18, 2026

last_seen·22m ago

sessions·7

events·7

$ sikker protocols 35.205.166.64

HTTPS

3 / 3

HTTP

2 / 2

FTP

1 / 1

POSTGRES

1 / 1

$ sikker summary 35.205.166.64

35.205.166.64 has a threat confidence score of 68%. This IP address from Belgium (AS396982, Google LLC) has been observed in 7 honeypot sessions targeting HTTPS, HTTP, FTP, POSTGRES protocols. First observed on March 18, 2026, most recently active March 22, 2026.

$ sikker behaviors 35.205.166.64catalog →

mediumFtp Authenticated Directory Reconnaissance1x

FTP session where a client probes for valid usernames, attempts authentication, negotiates transfer settings (ASCII and UTF-8), retrieves the current working directory, changes directories, enters passive mode, issues directory listings, and sends NOOP to maintain the session. This sequence reflects structured post-authentication exploration of the FTP file system to map directory structure and available content.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 35.205.166.64

http_method_get2 https_path_root2 ftp_list_directory2 ftp_set_ascii_mode2 ftp_enter_passive_mode2 ftp_change_working_directory2 ftp_set_utf81 ftp_user_probe1 ftp_noop_request1 ftp_password_attempt1 ftp_print_working_directory1

$ sikker related 35.205.166.64

🇧🇪·More threats fromBelgium→AS·More threats fromGoogle LLC→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→FTP·More threats targetingFTP→POST·More threats targetingPOSTGRES→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
34.158.79.105	100%	28,729
216.180.246.199	82%	147
35.203.210.73	72%	166
35.203.210.204	78%	139
35.189.227.206	100%	299

IP Address	Confidence	Events
35.210.61.208	100%	1,213
35.189.227.206	100%	299
34.38.83.65	100%	892
34.140.251.161	99%	53
35.233.95.0	100%	1,511