DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

ASN REPORT — AS3786 · LG DACOM Corporation

First sighted: June 17, 2023, 3 a.m. · Last sighted: Dec. 22, 2025, 1:59 a.m.

Risk
6 (low)
Total hits
290
Total errors
28
Observed IPs
23
Top country
N/A
Top city
N/A

Risk

Model: v1 Computed: 2026-01-18 11:55:20
Risk score
6
Low
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Key drivers
Command injection attempts
Request content resembles attempts to execute OS commands via an application.
cmdi
Hits 3
Points 62.83
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 9
Points 33.98
Protocol anomaly
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
proto
Hits 45
Points 27.72
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 7
Points 21.56
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 60
Points 6.56
Scan velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
scan_velocity
Hits 2
Points 1.26
Automated client behavior
Traffic patterns strongly suggest automation rather than a human-operated browser.
bot
Hits 1
Points 0.48
Request size anomaly
Requests are unusually large or shaped in a way that suggests abuse or automation.
request_size
Hits 2
Points

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this ASN.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
64
3xx
180
4xx
25
5xx
3
Unique URLs
131
Total hits
290
First seen
June 17, 2023, 3 a.m.
Last seen
Dec. 22, 2025, 1:59 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
Command injection attempts cmdi
Request content resembles attempts to execute OS commands via an application.
hits 3 pts 62.83
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
28 3 1 62.83 June 17, 2023, 11:24 p.m. Nov. 2, 2023, 12:23 p.m.
cmdi 3
Sensitive file probing sfp
Requests target commonly sensitive files, configs, backups, or administrative resources.
hits 9 pts 33.98
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
22 9 1 33.98 Dec. 19, 2024, 12:38 p.m. March 3, 2025, 9:25 p.m.
sensitive_file 9
Protocol anomaly proto
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
hits 45 pts 27.72
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
11 45 1 27.72 March 3, 2025, 9:25 p.m. March 3, 2025, 9:25 p.m.
proto 45
Credential brute forcing cred
Repeated authentication attempts consistent with password guessing or credential stuffing.
hits 7 pts 21.56
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 3 1 11.66 Dec. 22, 2024, 11:13 a.m. Dec. 22, 2024, 11:14 a.m.
cred 3
12 2 1 9.90 Dec. 22, 2024, 11:13 a.m. Dec. 22, 2024, 11:14 a.m.
cred 2
0 2 1 0.00 Dec. 22, 2024, 11:13 a.m. Dec. 22, 2024, 11:14 a.m.
cred 2
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 60 pts 6.56
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
8 51 1 5.30 April 26, 2024, 11:49 p.m. Aug. 22, 2025, 1:43 p.m.
ua 51
14 4 1 0.90 Jan. 19, 2025, 4:25 p.m. Oct. 2, 2025, 6:53 a.m.
ua 4
6 5 1 0.36 June 17, 2023, 11:24 p.m. Nov. 3, 2024, 3:14 p.m.
ua 5
Scan velocity scan_velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
hits 2 pts 1.26
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 1 1 1.26 March 3, 2025, 9:25 p.m. March 3, 2025, 9:25 p.m.
scan_velocity 1
0 1 1 0.00 March 3, 2025, 9:25 p.m. March 3, 2025, 9:25 p.m.
scan_velocity 1
Automated client behavior bot
Traffic patterns strongly suggest automation rather than a human-operated browser.
hits 1 pts 0.48
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 1 1 0.48 Oct. 15, 2024, 7:26 a.m. Oct. 15, 2024, 7:26 a.m.
bot 1
Request size anomaly request_size
Requests are unusually large or shaped in a way that suggests abuse or automation.
hits 2 pts 0.00
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
0 2 1 0.00 March 27, 2025, 11:29 a.m. March 27, 2025, 11:46 a.m.
request_size 2

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Auto-loads a single aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this ASN snapshot (peer IPs with coordinates).

Loading map…

SUBNETS HELD BY THIS ISP

Derived from ISP snapshot peers (Option A). Grouped into IPv4 /24 and IPv6 /48 by default.
IPv4
IPv6
Limit
Loading subnets…

Interesting IPs

Top risky peers inside this ASN (latest snapshot). Sorted by risk score, then hits.

No peer rows available for this ASN snapshot.