DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

ASN REPORT — AS22927 · Telefonica de Argentina

First sighted: Nov. 2, 2023, 2 a.m. · Last sighted: Jan. 11, 2026, 1:59 a.m.

Risk
9 (low)
Total hits
7966
Total errors
1907
Observed IPs
6537
Top country
N/A
Top city
N/A

Risk

Model: v1 Computed: 2026-01-18 11:54:53
Risk score
9
Low
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Key drivers
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 71
Points 216.48
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 110
Points 9.94
Request size anomaly
Requests are unusually large or shaped in a way that suggests abuse or automation.
request_size
Hits 35
Points 3.05
Scan velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
scan_velocity
Hits 4
Points 2.52
Protocol anomaly
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
proto
Hits 2
Points 1.31

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this ASN.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
2510
3xx
3425
4xx
1815
5xx
92
Unique URLs
6833
Total hits
7966
First seen
Nov. 2, 2023, 2 a.m.
Last seen
Jan. 11, 2026, 1:59 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
Credential brute forcing cred
Repeated authentication attempts consistent with password guessing or credential stuffing.
hits 71 pts 216.48
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 29 1 112.53 Dec. 20, 2023, 3:29 p.m. Jan. 11, 2025, 1:26 p.m.
cred 29
12 21 1 103.95 Dec. 20, 2023, 3:29 p.m. Jan. 11, 2025, 1:26 p.m.
cred 21
0 21 1 0.00 Dec. 20, 2023, 3:29 p.m. Jan. 11, 2025, 1:26 p.m.
cred 21
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 110 pts 9.94
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
8 63 1 6.55 Nov. 2, 2023, 3:42 a.m. Nov. 8, 2025, 10:04 a.m.
ua 63
6 47 1 3.38 May 7, 2024, 4:50 a.m. Dec. 31, 2025, 2:30 p.m.
ua 47
Request size anomaly request_size
Requests are unusually large or shaped in a way that suggests abuse or automation.
hits 35 pts 3.05
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
12 4 1 1.87 Jan. 15, 2025, 9:27 p.m. April 23, 2025, 11:41 p.m.
request_size 4
14 2 1 1.18 Oct. 4, 2025, 6:47 a.m. Oct. 28, 2025, 9:45 p.m.
request_size 2
0 29 1 0.00 Jan. 15, 2025, 9:27 p.m. Oct. 11, 2025, 8:01 p.m.
request_size 29
Scan velocity scan_velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
hits 4 pts 2.52
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 2 1 2.52 Jan. 15, 2025, 9:28 p.m. Jan. 15, 2025, 9:28 p.m.
scan_velocity 2
0 2 1 0.00 Jan. 15, 2025, 9:28 p.m. Jan. 15, 2025, 9:28 p.m.
scan_velocity 2
Protocol anomaly proto
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
hits 2 pts 1.31
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
12 1 1 0.69 June 21, 2025, 5:18 p.m. June 21, 2025, 5:18 p.m.
proto 1
11 1 1 0.62 Oct. 7, 2025, 3:13 p.m. Oct. 7, 2025, 3:13 p.m.
proto 1

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Auto-loads a single aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this ASN snapshot (peer IPs with coordinates).

Loading map…

SUBNETS HELD BY THIS ISP

Derived from ISP snapshot peers (Option A). Grouped into IPv4 /24 and IPv6 /48 by default.
IPv4
IPv6
Limit
Loading subnets…

Interesting IPs

Top risky peers inside this ASN (latest snapshot). Sorted by risk score, then hits.

No peer rows available for this ASN snapshot.