185.180.141.33 — Zenlayer Inc, PT — High (71%)

Check an IP Address, Domain Name, Subnet, or ASN

185.180.141.33 was found in our database!

Confidence Level

71%

High?

Geolocation

🇵🇹

Portugal

ISPZenlayer Inc

ASNAS21859

Activity Timeline

First seenJan 22, 2026, 06:23 PM

Last seen1h ago

89Sessions

105Events

Protocol Breakdown

HTTPS

37 / 48

IMAP

18 / 20

FTP

13 / 13

TELNET

7 / 8

SMB

6 / 6

MONGODB

1 / 3

SIP

2 / 2

RTSP

2 / 2

REDIS

2 / 2

HTTP

1 / 1

185.180.141.33 has a high threat confidence level of 71%, originating from Portugal, on the Zenlayer Inc network (21859). It has been observed across 89 sessions targeting HTTPS, IMAP, FTP, TELNET, SMB and 5 other protocols, First observed on January 22, 2026, most recently active March 5, 2026.

Behaviors

Classified behavioral patterns observed

Rtsp Options Probe

low1x

Client sends RTSP OPTIONS requests to check supported methods and confirm that an RTSP service is exposed, then disconnects without attempting authentication or stream setup. This pattern is typically associated with automated reconnaissance or internet-wide scanning rather than active stream access.

Ftp Tls Upgrade

info10x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

Https Root Path Request

info2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

Http Root Path Request

info1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

Primitives

Individual actions observed

Ftp Auth Tls13 Rtsp Options2 Https Path Root2 Http Method Get1

Related Threats

Explore related threat intelligence

🇵🇹More threats fromPortugal ASMore threats fromZenlayer Inc HTTPSMore threats targetingHTTPS IMAPMore threats targetingIMAP FTPMore threats targetingFTP TELNETMore threats targetingTELNET SMBMore threats targetingSMB MONGODBMore threats targetingMONGODB SIPMore threats targetingSIP RTSPMore threats targetingRTSP REDISMore threats targetingREDIS HTTPMore threats targetingHTTP { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
109.105.210.78	84%	1,126
109.105.210.80	74%	1,127
109.105.210.77	76%	1,879
109.105.210.79	72%	975
185.226.197.54	75%	120

IP Address	Confidence	Events
45.156.128.49	70%	292
79.168.139.28	100%	370
94.61.202.92	82%	6
81.193.216.17	98%	76
109.49.149.48	22%	12