DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

ORG REPORT — Intelligence Hosting LLC · intelligence hosting llc

First sighted: Aug. 15, 2023, 3 a.m. · Last sighted: Jan. 11, 2026, 2 a.m.

Risk
78 (high)
Total hits
9816
Total errors
334
Distinct IPs
24
Distinct ASNs
1
Top country
The Netherlands
Top city
Eygelshoven
Top region
Limburg

Risk

Model: v1 Computed: 2026-01-15 08:32:00
Risk score
78
High
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Key drivers
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 257
Points 2177.12
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 5996
Points 992.68
Scan velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
scan_velocity
Hits 177
Points 429.48
HTTP method anomaly
Unusual or unexpected HTTP methods observed for the target endpoints.
method
Hits 272
Points 103.80
Path traversal attempts
Request paths/parameters resemble attempts to access files outside intended directories.
trav
Hits 8
Points 70.72
Protocol anomaly
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
proto
Hits 19
Points 16.72
Firewall probing
Traffic behavior suggests probing of access controls and protected surfaces.
fwprobe
Hits 1
Points 13.50
Automated client behavior
Traffic patterns strongly suggest automation rather than a human-operated browser.
bot
Hits 1
Points 0.50

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this organization.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
6
3xx
9471
4xx
315
5xx
19
Unique URLs
3381
Total hits
9816
First seen
Aug. 15, 2023, 3 a.m.
Last seen
Jan. 11, 2026, 2 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
Sensitive file probing sfp
Requests target commonly sensitive files, configs, backups, or administrative resources.
hits 257 pts 2177.12
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
40 241 1 2120.80 Jan. 22, 2025, 4:46 p.m. Nov. 23, 2025, 2:34 a.m.
sensitive_file 241
16 16 1 56.32 Sept. 22, 2025, 11:30 a.m. Nov. 6, 2025, 5:13 a.m.
sensitive_file 16
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 5996 pts 992.68
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
8 5691 1 910.56 Dec. 1, 2023, 2:51 a.m. Jan. 10, 2026, 4:56 a.m.
ua 5691
14 269 1 75.32 May 18, 2025, 12:12 a.m. Oct. 28, 2025, 5:02 a.m.
ua 269
10 31 1 6.20 Jan. 22, 2025, 4:46 p.m. Aug. 16, 2025, 2:12 a.m.
ua 31
6 5 1 0.60 Dec. 1, 2023, 2:51 a.m. Dec. 21, 2025, 11:05 p.m.
ua 5
Scan velocity scan_velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
hits 177 pts 429.48
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
32 20 1 115.20 March 1, 2025, 2:04 p.m. March 4, 2025, 10:30 p.m.
scan_velocity 20
24 22 1 95.04 Feb. 23, 2025, 3:36 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 22
10 27 1 48.60 Feb. 23, 2025, 3:35 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 27
22 6 1 23.76 Feb. 23, 2025, 3:36 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 6
20 6 1 21.60 Feb. 23, 2025, 3:36 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 6
30 4 1 21.60 March 1, 2025, 2:04 p.m. March 4, 2025, 10:28 p.m.
scan_velocity 4
28 4 1 20.16 March 1, 2025, 2:03 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 4
18 6 1 19.44 Feb. 23, 2025, 3:36 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 6
26 4 1 18.72 March 1, 2025, 2:03 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 4
16 6 1 17.28 Feb. 23, 2025, 3:36 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 6
14 6 1 15.12 Feb. 23, 2025, 3:36 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 6
12 6 1 12.96 Feb. 23, 2025, 3:36 p.m. March 4, 2025, 10:27 p.m.
scan_velocity 6
0 60 1 0.00 Feb. 23, 2025, 3:35 p.m. March 4, 2025, 10:30 p.m.
scan_velocity 60
HTTP method anomaly method
Unusual or unexpected HTTP methods observed for the target endpoints.
hits 272 pts 103.80
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
6 223 1 80.28 June 19, 2025, 8:36 p.m. Jan. 10, 2026, 4:56 a.m.
method 223
8 49 1 23.52 Dec. 1, 2023, 2:51 a.m. Dec. 17, 2025, 4:09 a.m.
method 49
Path traversal attempts trav
Request paths/parameters resemble attempts to access files outside intended directories.
hits 8 pts 70.72
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
34 8 1 70.72 Sept. 22, 2025, 11:30 a.m. Nov. 6, 2025, 5:13 a.m.
trav 8
Protocol anomaly proto
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
hits 19 pts 16.72
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
11 19 1 16.72 Dec. 1, 2023, 2:51 a.m. Dec. 17, 2025, 4:09 a.m.
proto 19
Firewall probing fwprobe
Traffic behavior suggests probing of access controls and protected surfaces.
hits 1 pts 13.50
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
30 1 1 13.50 Aug. 15, 2023, 4:55 a.m. Aug. 15, 2023, 4:55 a.m.
fwprobe 1
Automated client behavior bot
Traffic patterns strongly suggest automation rather than a human-operated browser.
hits 1 pts 0.50
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 1 1 0.50 Oct. 11, 2025, 2:25 p.m. Oct. 11, 2025, 2:25 p.m.
bot 1

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Uses totals aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this Org snapshot (peer IPs with coordinates).

Loading map…

ASNs held by this org

Derived from IP rollups (IPReportTotal). Grouped by (asn, as_org_name).
Loading…

Interesting IPs

Top risky peers inside this org (latest snapshot). Sorted by risk score, then hits.

204.76.203.213 med
Open report
42 /100
Last seen 2025-10-13 03:00
Hits
206
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.18 med
Open report
39 /100
Last seen 2026-01-10 02:00
Hits
5148
Errors
10
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.30 low
Open report
29 /100
Last seen 2025-11-24 02:00
Hits
137
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.208 low
Open report
4 /100
Last seen 2025-10-29 02:00
Hits
203
Errors
134
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.206 low
Open report
2 /100
Last seen 2025-07-11 03:00
Hits
706
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.8 low
Open report
2 /100
Last seen 2026-01-11 02:00
Hits
116
Errors
95
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.219 low
Open report
1 /100
Last seen 2026-01-11 02:00
Hits
1776
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.28 low
Open report
1 /100
Last seen 2025-11-26 02:00
Hits
25
Errors
25
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.193 low
Open report
1 /100
Last seen 2025-08-16 03:00
Hits
16
Errors
14
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.4 low
Open report
1 /100
Last seen 2023-08-16 03:00
Hits
1
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.212 low
Open report
0 /100
Last seen 2025-11-30 02:00
Hits
1047
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.15 low
Open report
0 /100
Last seen 2025-04-02 03:00
Hits
338
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.10 low
Open report
0 /100
Last seen 2025-09-21 03:00
Hits
46
Errors
23
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.201 low
Open report
0 /100
Last seen 2025-06-01 03:00
Hits
14
Errors
14
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.29 low
Open report
0 /100
Last seen 2025-09-24 03:00
Hits
8
Errors
8
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.233 low
Open report
0 /100
Last seen 2025-10-09 03:00
Hits
7
Errors
7
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.83 low
Open report
0 /100
Last seen 2025-02-27 02:00
Hits
6
Errors
2
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.32 low
Open report
0 /100
Last seen 2023-12-02 02:00
Hits
6
Errors
2
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.35 low
Open report
0 /100
Last seen 2025-05-28 03:00
Hits
3
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.56 low
Open report
0 /100
Last seen 2025-01-25 02:00
Hits
2
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.203 low
Open report
0 /100
Last seen 2023-10-19 03:00
Hits
2
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.214 low
Open report
0 /100
Last seen 2025-12-15 02:00
Hits
1
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.166 low
Open report
0 /100
Last seen 2025-01-23 02:00
Hits
1
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG
204.76.203.2 low
Open report
0 /100
Last seen 2024-01-09 02:00
Hits
1
Errors
0
Country
The Netherlands
ASN
AS51396
AS Org
Pfcloud UG