DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

ORG REPORT — Zscaler, Inc · zscaler, inc

First sighted: Dec. 18, 2023, 2 a.m. · Last sighted: Aug. 8, 2025, 3 a.m.

Risk
2 (low)
Total hits
1329
Total errors
151
Distinct IPs
64
Distinct ASNs
4
Top country
United States
Top city
Rio de Janeiro
Top region
Rio de Janeiro

Risk

Model: v1 Computed: 2026-01-15 08:32:00
Risk score
2
Low
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Key drivers
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 6
Points 19.80
Scan velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
scan_velocity
Hits 14
Points 12.60
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 67
Points 9.32
Automated client behavior
Traffic patterns strongly suggest automation rather than a human-operated browser.
bot
Hits 10
Points 5.00
Request size anomaly
Requests are unusually large or shaped in a way that suggests abuse or automation.
request_size
Hits 78
Points 4.44
Protocol anomaly
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
proto
Hits 6
Points 4.32
Referrer abuse
Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.
ref
Hits 2
Points 0.36

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this organization.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
942
3xx
19
4xx
17
5xx
134
Unique URLs
811
Total hits
1329
First seen
Dec. 18, 2023, 2 a.m.
Last seen
Aug. 8, 2025, 3 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
Credential brute forcing cred
Repeated authentication attempts consistent with password guessing or credential stuffing.
hits 6 pts 19.80
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 2 1 11.00 March 28, 2025, 10:47 p.m. March 28, 2025, 10:47 p.m.
cred 2
8 2 1 8.80 March 28, 2025, 10:47 p.m. March 28, 2025, 10:47 p.m.
cred 2
0 2 1 0.00 March 28, 2025, 10:47 p.m. March 28, 2025, 10:47 p.m.
cred 2
Scan velocity scan_velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
hits 14 pts 12.60
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 7 1 12.60 March 26, 2025, 10:26 p.m. May 20, 2025, 6:51 p.m.
scan_velocity 7
0 7 1 0.00 March 26, 2025, 10:26 p.m. May 20, 2025, 6:51 p.m.
scan_velocity 7
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 67 pts 9.32
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
6 55 1 6.60 Jan. 14, 2025, 3:45 a.m. Aug. 7, 2025, 3:02 p.m.
ua 55
12 10 1 2.40 April 15, 2024, 12:04 a.m. April 15, 2024, 12:04 a.m.
ua 10
8 2 1 0.32 May 22, 2025, 4:04 p.m. May 22, 2025, 4:04 p.m.
ua 2
Automated client behavior bot
Traffic patterns strongly suggest automation rather than a human-operated browser.
hits 10 pts 5.00
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 10 1 5.00 April 15, 2024, 12:04 a.m. April 15, 2024, 12:04 a.m.
bot 10
Request size anomaly request_size
Requests are unusually large or shaped in a way that suggests abuse or automation.
hits 78 pts 4.44
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
12 5 1 3.60 Feb. 26, 2025, 5:47 p.m. March 28, 2025, 10:47 p.m.
request_size 5
14 1 1 0.84 July 30, 2025, 5:40 a.m. July 30, 2025, 5:40 a.m.
request_size 1
0 72 1 0.00 Jan. 14, 2025, 3:45 a.m. Aug. 7, 2025, 3:02 p.m.
request_size 72
Protocol anomaly proto
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
hits 6 pts 4.32
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
12 4 1 3.84 May 22, 2025, 4:04 p.m. May 22, 2025, 4:04 p.m.
proto 4
3 2 1 0.48 May 22, 2025, 4:04 p.m. May 22, 2025, 4:04 p.m.
proto 2
Referrer abuse ref
Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.
hits 2 pts 0.36
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
6 2 1 0.36 March 28, 2025, 10:47 p.m. March 28, 2025, 10:47 p.m.
ref 2

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Uses totals aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this Org snapshot (peer IPs with coordinates).

Loading map…

ASNs held by this org

Derived from IP rollups (IPReportTotal). Grouped by (asn, as_org_name).
Loading…

Interesting IPs

Top risky peers inside this org (latest snapshot). Sorted by risk score, then hits.

No matching IP rows available for this org.