DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

ASN REPORT — AS208893 · SPARKS COMMUNICATIONS LTD

First sighted: Sept. 20, 2023, 3 a.m. · Last sighted: Oct. 2, 2024, 2:59 a.m.

Risk
48 (med)
Total hits
1114
Total errors
495
Observed IPs
53
Top country
N/A
Top city
N/A

Risk

Model: v1 Computed: 2026-01-18 11:55:01
Risk score
48
Medium
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Key drivers
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 217
Points 1212.83
Path traversal attempts
Request paths/parameters resemble attempts to access files outside intended directories.
trav
Hits 37
Points 264.45
Scan velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
scan_velocity
Hits 33
Points 56.61
Firewall probing
Traffic behavior suggests probing of access controls and protected surfaces.
fwprobe
Hits 4
Points 52.99
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 344
Points 39.57
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 9
Points 16.61
Automated client behavior
Traffic patterns strongly suggest automation rather than a human-operated browser.
bot
Hits 4
Points 1.90
Referrer abuse
Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.
ref
Hits 2
Points 0.25

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this ASN.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
14
3xx
337
4xx
495
5xx
0
Unique URLs
130
Total hits
1114
First seen
Sept. 20, 2023, 3 a.m.
Last seen
Oct. 2, 2024, 2:59 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
Sensitive file probing sfp
Requests target commonly sensitive files, configs, backups, or administrative resources.
hits 217 pts 1212.83
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
24 121 1 523.88 Feb. 6, 2024, 2:13 p.m. Sept. 16, 2024, 8:42 a.m.
sensitive_file 121
40 64 1 518.14 Sept. 20, 2023, 2:33 p.m. Sept. 25, 2024, 8:53 a.m.
sensitive_file 64
34 20 1 128.66 Feb. 6, 2024, 2:13 p.m. Sept. 16, 2024, 8:41 a.m.
sensitive_file 20
30 4 1 22.44 Sept. 25, 2024, 8:53 a.m. Sept. 25, 2024, 8:53 a.m.
sensitive_file 4
16 8 1 19.71 Sept. 5, 2024, 8:09 p.m. Sept. 25, 2024, 8:53 a.m.
sensitive_file 8
Path traversal attempts trav
Request paths/parameters resemble attempts to access files outside intended directories.
hits 37 pts 264.45
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
34 17 1 142.77 Sept. 5, 2024, 8:09 p.m. Sept. 25, 2024, 8:53 a.m.
trav 17
26 20 1 121.68 Feb. 6, 2024, 2:13 p.m. Sept. 16, 2024, 8:41 a.m.
trav 20
Scan velocity scan_velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
hits 33 pts 56.61
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
12 9 1 16.52 Feb. 6, 2024, 2:13 p.m. Sept. 25, 2024, 8:53 a.m.
scan_velocity 9
28 3 1 12.85 Sept. 25, 2024, 8:53 a.m. Sept. 25, 2024, 8:53 a.m.
scan_velocity 3
26 3 1 11.93 Sept. 25, 2024, 8:53 a.m. Sept. 25, 2024, 8:53 a.m.
scan_velocity 3
24 3 1 11.02 Sept. 25, 2024, 8:53 a.m. Sept. 25, 2024, 8:53 a.m.
scan_velocity 3
14 2 1 4.28 Sept. 25, 2024, 8:53 a.m. Sept. 25, 2024, 8:53 a.m.
scan_velocity 2
0 13 1 0.00 Feb. 6, 2024, 2:13 p.m. Sept. 25, 2024, 8:53 a.m.
scan_velocity 13
Firewall probing fwprobe
Traffic behavior suggests probing of access controls and protected surfaces.
hits 4 pts 52.99
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
32 4 1 52.99 Nov. 9, 2023, 2:30 a.m. Nov. 14, 2023, 3:15 p.m.
fwprobe 4
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 344 pts 39.57
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 170 1 24.48 Dec. 28, 2023, 6:58 p.m. Sept. 29, 2024, 3:53 p.m.
ua 170
8 74 1 7.70 Feb. 6, 2024, 2:13 p.m. Sept. 29, 2024, 3:53 p.m.
ua 74
6 98 1 7.06 Feb. 6, 2024, 2:13 p.m. Sept. 29, 2024, 3:53 p.m.
ua 98
12 2 1 0.34 June 4, 2024, 8:43 p.m. June 4, 2024, 8:43 p.m.
ua 2
Credential brute forcing cred
Repeated authentication attempts consistent with password guessing or credential stuffing.
hits 9 pts 16.61
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 3 1 11.55 Nov. 10, 2023, 2:59 a.m. May 13, 2024, 9:47 a.m.
cred 3
8 1 1 3.08 Feb. 6, 2024, 2:13 p.m. Feb. 6, 2024, 2:13 p.m.
cred 1
6 1 1 1.98 May 13, 2024, 9:47 a.m. May 13, 2024, 9:47 a.m.
cred 1
0 4 1 0.00 Nov. 10, 2023, 2:59 a.m. May 13, 2024, 9:47 a.m.
cred 4
Automated client behavior bot
Traffic patterns strongly suggest automation rather than a human-operated browser.
hits 4 pts 1.90
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 4 1 1.90 June 4, 2024, 8:43 p.m. June 4, 2024, 8:43 p.m.
bot 4
Referrer abuse ref
Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.
hits 2 pts 0.25
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
6 2 1 0.25 Feb. 6, 2024, 2:13 p.m. May 13, 2024, 9:47 a.m.
ref 2

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Auto-loads a single aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this ASN snapshot (peer IPs with coordinates).

Loading map…

SUBNETS HELD BY THIS ISP

Derived from ISP snapshot peers (Option A). Grouped into IPv4 /24 and IPv6 /48 by default.
IPv4
IPv6
Limit
Loading subnets…

Interesting IPs

Top risky peers inside this ASN (latest snapshot). Sorted by risk score, then hits.

No peer rows available for this ASN snapshot.