cloud1

cloud2

cloud3

cloud4

cloud5

cloud6

← Back

ORG REPORT — Contrust · contrust

First sighted: March 16, 2025, 2 a.m. · Last sighted: Aug. 27, 2025, 3 a.m.

Risk

6 (low)

Total hits

180

Total errors

86

Distinct IPs

3

Distinct ASNs

1

Top country

Germany

Top city

Augsburg

Top region

Bavaria

Risk

Model: v1 Computed: 2026-01-15 08:32:00

Risk score

6

Low

Risk gradient

Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.

Key drivers

Sensitive file probing

Requests target commonly sensitive files, configs, backups, or administrative resources.

sfp

Hits 8

Points 60.72

Scan velocity

High request rate and broad endpoint coverage suggest scanning or automated enumeration.

scan_velocity

Hits 24

Points 52.20

Credential brute forcing

Repeated authentication attempts consistent with password guessing or credential stuffing.

cred

Hits 6

Points 23.10

Path traversal attempts

Request paths/parameters resemble attempts to access files outside intended directories.

trav

Hits 2

Points 17.68

User-Agent anomaly

User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.

ua

Hits 1

Points 0.12

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this organization.

Loading activity…

Daily activity (hits per day). Total in window: —.

Traffic rollup

HTTP status classes, URL diversity, and totals.

2xx

4

3xx

89

4xx

86

5xx

0

Unique URLs

88

Total hits

180

First seen

March 16, 2025, 2 a.m.

Last seen

Aug. 27, 2025, 3 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →

Low High

Sensitive file probing sfp

Requests target commonly sensitive files, configs, backups, or administrative resources.

hits 8 pts 60.72

Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.

Severity	Total	Labels	Weighted	First seen	Last seen	Top labels
36	6	1	47.52	April 27, 2025, 7:25 p.m.	April 27, 2025, 7:26 p.m.	sensitive_file 6
30	2	1	13.20	April 27, 2025, 7:25 p.m.	April 27, 2025, 7:25 p.m.	sensitive_file 2

Scan velocity scan_velocity

High request rate and broad endpoint coverage suggest scanning or automated enumeration.

hits 24 pts 52.20

Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.

Severity	Total	Labels	Weighted	First seen	Last seen	Top labels
22	3	1	11.88	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	scan_velocity 3
20	3	1	10.80	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	scan_velocity 3
18	3	1	9.72	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	scan_velocity 3
16	3	1	8.64	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	scan_velocity 3
14	2	1	5.04	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	scan_velocity 2
12	2	1	4.32	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	scan_velocity 2
10	1	1	1.80	April 27, 2025, 7:25 p.m.	April 27, 2025, 7:25 p.m.	scan_velocity 1
0	7	1	0.00	April 27, 2025, 7:25 p.m.	April 27, 2025, 7:26 p.m.	scan_velocity 7

Credential brute forcing cred

Repeated authentication attempts consistent with password guessing or credential stuffing.

hits 6 pts 23.10

Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.

Severity	Total	Labels	Weighted	First seen	Last seen	Top labels
10	3	1	16.50	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	cred 3
12	1	1	6.60	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	cred 1
0	2	1	0.00	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	cred 2

Path traversal attempts trav

Request paths/parameters resemble attempts to access files outside intended directories.

hits 2 pts 17.68

Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.

Severity	Total	Labels	Weighted	First seen	Last seen	Top labels
34	2	1	17.68	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	trav 2

User-Agent anomaly ua

User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.

hits 1 pts 0.12

Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.

Severity	Total	Labels	Weighted	First seen	Last seen	Top labels
6	1	1	0.12	April 27, 2025, 7:26 p.m.	April 27, 2025, 7:26 p.m.	ua 1

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Uses totals aggregation and renders a donut.

Loading status mix…

Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this Org snapshot (peer IPs with coordinates).

Loading map…

ASNs held by this org

Derived from IP rollups (IPReportTotal). Grouped by (asn, as_org_name).

Order Limit

Loading…

Interesting IPs

Top risky peers inside this org (latest snapshot). Sorted by risk score, then hits.

Bucket

Limit

Filter

213.209.150.34 low

Open report

6 /100

Last seen 2025-04-28 03:00

Hits

163

Errors

81

Country

Germany

ASN

AS2856

AS Org

British Telecommunications PLC

213.209.150.207 low

Open report

0 /100

Last seen 2025-08-27 03:00

Hits

14

Errors

5

Country

Germany

ASN

AS2856

AS Org

British Telecommunications PLC

213.209.150.48 low

Open report

0 /100

Last seen 2025-03-18 02:00

Hits

3

Errors

0

Country

Germany

ASN

AS2856

AS Org

British Telecommunications PLC

Syndu