178.83.200.3 — GB — Very High (90%)

Check an IP Address, Domain Name, Subnet, or ASN

178.83.200.3 was found in our database!

Confidence Level

90%

Very High?

Geolocation

🇬🇧

United Kingdom

Activity Timeline

First seenFeb 24, 2026, 06:42 PM

Last seen46m ago

First reportedFeb 26, 2026, 07:15 AM

Last reported9h ago

215Sessions

215Events

3Reports

Protocol Breakdown

SMB

28 / 28

FTP

25 / 25

TELNET

24 / 24

POSTGRES

24 / 24

IMAP

23 / 23

REDIS

22 / 22

HTTPS

20 / 20

SMTP

19 / 19

SSH

15 / 15

HTTP

15 / 15

178.83.200.3 has a very high threat confidence level of 90%, originating from United Kingdom. It has been observed across 215 sessions targeting SMB, FTP, TELNET, POSTGRES, IMAP and 5 other protocols, First observed on February 24, 2026, most recently active March 5, 2026.

Behaviors

Classified behavioral patterns observed

Smtp Tls Capability Probe

info17x

Automated SMTP interaction performing a minimal capability check by issuing EHLO followed by a STARTTLS upgrade request and immediately terminating the session. This pattern is commonly associated with internet-wide scanners, security research crawlers, or opportunistic bots verifying whether an SMTP service supports encrypted communication. The absence of authentication attempts or message submission indicates reconnaissance or service fingerprinting rather than active abuse.

Ftp Tls Upgrade

info7x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

Http Root Path Request

info1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

Primitives

Individual actions observed

Smtp Ehlo Greeting18 Smtp Starttls Upgrade Request17 Ftp Auth Tls9 Http Method Get1

User Reports

3 reports from 1 contributor

Date	Category	Protocol	Comment
Mar 5, 2026	Brute Force	MYSQL	SikkerGuard: 2 blocked packets
Mar 3, 2026	Brute Force	SMB	SikkerGuard: 2 blocked packets
Feb 26, 2026	Brute Force	REDIS	SikkerGuard: 2 blocked packets

Related Threats

Explore related threat intelligence

🇬🇧More threats fromUnited Kingdom SMBMore threats targetingSMB FTPMore threats targetingFTP TELNETMore threats targetingTELNET POSTGRESMore threats targetingPOSTGRES IMAPMore threats targetingIMAP REDISMore threats targetingREDIS HTTPSMore threats targetingHTTPS SMTPMore threats targetingSMTP SSHMore threats targetingSSH HTTPMore threats targetingHTTP { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
178.128.165.87	100%	1,125
193.181.46.12	100%	5,729
46.101.54.39	100%	2,241
185.247.137.159	77%	330
87.236.176.165	80%	305