DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

ASN REPORT — AS30722 · Vodafone Italia S.p.A.

First sighted: June 26, 2023, 3 a.m. · Last sighted: Dec. 29, 2025, 1:59 a.m.

Risk
6 (low)
Total hits
1310
Total errors
79
Observed IPs
179
Top country
N/A
Top city
N/A

Risk

Model: v1 Computed: 2026-01-18 11:55:17
Risk score
6
Low
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Key drivers
Command injection attempts
Request content resembles attempts to execute OS commands via an application.
cmdi
Hits 4
Points 83.78
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 14
Points 43.12
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 106
Points 13.39
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 2
Points 7.55
Request size anomaly
Requests are unusually large or shaped in a way that suggests abuse or automation.
request_size
Hits 98
Points 5.39

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this ASN.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
834
3xx
150
4xx
53
5xx
26
Unique URLs
704
Total hits
1310
First seen
June 26, 2023, 3 a.m.
Last seen
Dec. 29, 2025, 1:59 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
Command injection attempts cmdi
Request content resembles attempts to execute OS commands via an application.
hits 4 pts 83.78
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
28 4 1 83.78 June 27, 2023, 12:27 a.m. Feb. 12, 2024, 5:29 a.m.
cmdi 4
Credential brute forcing cred
Repeated authentication attempts consistent with password guessing or credential stuffing.
hits 14 pts 43.12
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 6 1 23.32 Dec. 20, 2023, 3:22 p.m. Dec. 20, 2023, 3:33 p.m.
cred 6
12 4 1 19.80 Dec. 20, 2023, 3:22 p.m. Dec. 20, 2023, 3:33 p.m.
cred 4
0 4 1 0.00 Dec. 20, 2023, 3:22 p.m. Dec. 20, 2023, 3:33 p.m.
cred 4
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 106 pts 13.39
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
14 32 1 7.17 Jan. 6, 2025, 2:17 p.m. May 20, 2025, 5:25 p.m.
ua 32
6 50 1 3.60 June 27, 2023, 12:27 a.m. Oct. 7, 2025, 1:51 a.m.
ua 50
8 22 1 2.29 Aug. 3, 2023, 2:42 a.m. July 10, 2025, 9:47 p.m.
ua 22
12 2 1 0.34 Jan. 5, 2025, 1:28 p.m. Jan. 5, 2025, 1:28 p.m.
ua 2
Sensitive file probing sfp
Requests target commonly sensitive files, configs, backups, or administrative resources.
hits 2 pts 7.55
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
22 2 1 7.55 Feb. 21, 2025, 2:49 p.m. Feb. 21, 2025, 2:49 p.m.
sensitive_file 2
Request size anomaly request_size
Requests are unusually large or shaped in a way that suggests abuse or automation.
hits 98 pts 5.39
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
12 9 1 4.21 Jan. 9, 2025, 11:21 a.m. July 22, 2025, 11:48 a.m.
request_size 9
14 2 1 1.18 Oct. 2, 2025, 4:41 p.m. Oct. 2, 2025, 4:41 p.m.
request_size 2
0 87 1 0.00 Jan. 9, 2025, 2:59 a.m. Oct. 17, 2025, 7:32 p.m.
request_size 87

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Auto-loads a single aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this ASN snapshot (peer IPs with coordinates).

Loading map…

SUBNETS HELD BY THIS ISP

Derived from ISP snapshot peers (Option A). Grouped into IPv4 /24 and IPv6 /48 by default.
IPv4
IPv6
Limit
Loading subnets…

Interesting IPs

Top risky peers inside this ASN (latest snapshot). Sorted by risk score, then hits.

No peer rows available for this ASN snapshot.