DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

ORG REPORT — Xantho UAB · xantho uab

First sighted: June 12, 2024, 3 a.m. · Last sighted: Oct. 16, 2025, 3 a.m.

Risk
31 (low)
Total hits
1774
Total errors
994
Distinct IPs
14
Distinct ASNs
5
Top country
Germany
Top city
Frankfurt
Top region
Hesse

Risk

Model: v1 Computed: 2026-03-03 20:12:57
Risk score
31
Low
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Annotator influence radar
Rendering annotator influence profile…
Normalized contribution (0..1) per annotator versus robust per-code envelope.
Key drivers
HTTP method anomaly
Unusual or unexpected HTTP methods observed for the target endpoints.
method
Hits 1682
Points 611.28
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 1732
Points 275.88
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 6
Points 52.80
Protocol anomaly
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
proto
Hits 4
Points 2.88

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this organization.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
7
3xx
751
4xx
994
5xx
0
Unique URLs
0
Total hits
1774
First seen
June 12, 2024, 3 a.m.
Last seen
Oct. 16, 2025, 3 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
HTTP method anomaly method
Unusual or unexpected HTTP methods observed for the target endpoints.
hits 1682 pts 611.28
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
6 1637 1 589.32 Aug. 16, 2025, 1:10 p.m. Oct. 15, 2025, 8:56 a.m.
method 1637
8 42 1 20.16 Oct. 31, 2024, 10:49 p.m. March 26, 2025, 3:11 p.m.
method 42
10 3 1 1.80 March 27, 2025, 1:39 a.m. March 28, 2025, 1:18 a.m.
method 3
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 1732 pts 275.88
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
8 1697 1 271.52 June 12, 2024, 10:16 p.m. Oct. 15, 2025, 8:56 a.m.
ua 1697
6 33 1 3.96 Oct. 31, 2024, 10:40 p.m. Sept. 29, 2025, midnight
ua 33
10 2 1 0.40 Oct. 31, 2024, 10:40 p.m. Oct. 31, 2024, 10:49 p.m.
ua 2
Sensitive file probing sfp
Requests target commonly sensitive files, configs, backups, or administrative resources.
hits 6 pts 52.80
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
40 6 1 52.80 June 12, 2024, 10:16 p.m. June 12, 2024, 10:16 p.m.
sensitive_file 6
Protocol anomaly proto
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
hits 4 pts 2.88
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
11 3 1 2.64 Oct. 31, 2024, 10:40 p.m. Oct. 31, 2024, 10:49 p.m.
proto 3
3 1 1 0.24 Oct. 31, 2024, 10:40 p.m. Oct. 31, 2024, 10:40 p.m.
proto 1

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Uses totals aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this Org snapshot (peer IPs with coordinates).

Loading map…

ASNs held by this org

Derived from IP rollups (IPReportTotal). Grouped by (asn, as_org_name).
Loading…

Interesting IPs

Top risky peers inside this org (latest snapshot). Sorted by risk score, then hits.

185.244.104.2 high
Open report
93 /100
Last seen 2025-10-16 03:00
Hits
1645
Errors
964
Country
Germany
ASN
AS213200
AS Org
Ferdinand Zink trading as Tube-Hosting
91.227.62.167 low
Open report
2 /100
Last seen 2024-12-02 02:00
Hits
36
Errors
18
Country
United Kingdom
ASN
AS20724
AS Org
GlobalTeleHost Corp.
91.227.114.134 low
Open report
2 /100
Last seen 2024-06-13 03:00
Hits
6
Errors
4
Country
The Netherlands
ASN
AS215026
AS Org
Alessandro Accorsi trading as Len Service SRL
193.200.78.250 low
Open report
0 /100
Last seen 2025-01-23 02:00
Hits
35
Errors
0
Country
Germany
ASN
AS3320
AS Org
Deutsche Telekom AG
91.227.62.213 low
Open report
0 /100
Last seen 2025-10-13 03:00
Hits
27
Errors
0
Country
United Kingdom
ASN
AS20724
AS Org
GlobalTeleHost Corp.
91.227.62.26 low
Open report
0 /100
Last seen 2024-11-01 02:00
Hits
5
Errors
2
Country
United Kingdom
ASN
AS20724
AS Org
GlobalTeleHost Corp.
45.92.77.40 low
Open report
0 /100
Last seen 2025-05-15 03:00
Hits
4
Errors
0
Country
United States
ASN
AS43641
AS Org
SOLLUTIUM EU Sp z.o.o.
193.200.78.21 low
Open report
0 /100
Last seen 2025-03-28 03:00
Hits
4
Errors
4
Country
Germany
ASN
AS3320
AS Org
Deutsche Telekom AG
193.200.78.24 low
Open report
0 /100
Last seen 2025-02-03 02:00
Hits
3
Errors
0
Country
Germany
ASN
AS3320
AS Org
Deutsche Telekom AG
193.200.78.252 low
Open report
0 /100
Last seen 2024-12-11 02:00
Hits
3
Errors
2
Country
Germany
ASN
AS3320
AS Org
Deutsche Telekom AG
45.92.77.133 low
Open report
0 /100
Last seen 2025-05-14 03:00
Hits
2
Errors
0
Country
United States
ASN
AS43641
AS Org
SOLLUTIUM EU Sp z.o.o.
91.227.62.247 low
Open report
0 /100
Last seen 2024-12-25 02:00
Hits
2
Errors
0
Country
United Kingdom
ASN
AS20724
AS Org
GlobalTeleHost Corp.
45.92.77.222 low
Open report
0 /100
Last seen 2025-05-15 03:00
Hits
1
Errors
0
Country
United States
ASN
AS43641
AS Org
SOLLUTIUM EU Sp z.o.o.
193.200.78.34 low
Open report
0 /100
Last seen 2025-02-04 02:00
Hits
1
Errors
0
Country
Germany
ASN
AS3320
AS Org
Deutsche Telekom AG