Check an IP Address, Domain Name, Subnet, or ASN

185.180.141.34 was found in our database!

$ whois 185.180.141.34

country·🇵🇹 Portugal

isp·Zenlayer Inc

asn·AS21859

network·Standard

$ sikker risk 185.180.141.34scoring →

confidence

75%High

first_seen·Jan 22, 2026

last_seen·3h ago

sessions·128

events·143

$ sikker protocols 185.180.141.34

HTTPS

47 / 55

IMAP

38 / 40

MONGODB

6 / 10

FTP

9 / 9

REDIS

7 / 7

SMB

6 / 6

SIP

5 / 5

HTTP

4 / 4

TELNET

3 / 4

RTSP

2 / 2

DOCKER

1 / 1

$ sikker summary 185.180.141.34

185.180.141.34 has a threat confidence score of 75%. This IP address from Portugal (AS21859, Zenlayer Inc) has been observed in 128 honeypot sessions targeting HTTPS, IMAP, MONGODB, FTP, REDIS and 6 other protocols. First observed on January 22, 2026, most recently active March 19, 2026.

$ sikker behaviors 185.180.141.34catalog →

lowRtsp Options Probe1x

Client sends RTSP OPTIONS requests to check supported methods and confirm that an RTSP service is exposed, then disconnects without attempting authentication or stream setup. This pattern is typically associated with automated reconnaissance or internet-wide scanning rather than active stream access.

infoFtp Tls Upgrade7x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

infoHttps Root Path Request6x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Root Path Request4x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 185.180.141.34

ftp_auth_tls7 https_path_root6 http_method_get4 rtsp_options2 redis_command_ff2 imap_logout1 docker_get_method1 imap_capability_probe1 mongodb_hello_command1 redis_command_http_host_header_port_63791

$ sikker related 185.180.141.34

🇵🇹·More threats fromPortugal→AS·More threats fromZenlayer Inc→HTTP·More threats targetingHTTPS→IMAP·More threats targetingIMAP→MONG·More threats targetingMONGODB→FTP·More threats targetingFTP→REDI·More threats targetingREDIS→SMB·More threats targetingSMB→SIP·More threats targetingSIP→HTTP·More threats targetingHTTP→TELN·More threats targetingTELNET→RTSP·More threats targetingRTSP→DOCK·More threats targetingDOCKER→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
45.156.131.7	84%	1,962
185.226.197.32	99%	366
185.226.197.34	64%	115
109.105.210.104	60%	114
185.226.197.52	99%	463

IP Address	Confidence	Events
45.156.128.10	55%	17
45.156.128.128	84%	364
45.156.128.49	74%	376
45.156.131.7	84%	1,962
45.156.129.133	72%	342