DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

ASN REPORT — AS396190 · Leaseweb USA, Inc.

First sighted: Oct. 4, 2023, 3 a.m. · Last sighted: Oct. 15, 2025, 2:59 a.m.

Risk
1 (low)
Total hits
93
Total errors
11
Observed IPs
28
Top country
N/A
Top city
N/A

Risk

Model: v1 Computed: 2026-01-18 11:54:58
Risk score
1
Low
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Key drivers
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 2
Points 16.19
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 6
Points 13.86
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 4
Points 0.29
Referrer abuse
Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.
ref
Hits 2
Points 0.25

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this ASN.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
62
3xx
12
4xx
7
5xx
4
Unique URLs
54
Total hits
93
First seen
Oct. 4, 2023, 3 a.m.
Last seen
Oct. 15, 2025, 2:59 a.m.

Annotators (All-time)

Heatmap of annotator × severity. Darker cells mean more volume in that band. Tip: switch to Weighted points to see what drives impact (not just noise).

Severity →
Low High
Sensitive file probing sfp
Requests target commonly sensitive files, configs, backups, or administrative resources.
hits 2 pts 16.19
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
40 2 1 16.19 Feb. 23, 2024, 1:45 a.m. Feb. 23, 2024, 2:21 a.m.
sensitive_file 2
Credential brute forcing cred
Repeated authentication attempts consistent with password guessing or credential stuffing.
hits 6 pts 13.86
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
10 2 1 7.70 Dec. 31, 2023, 12:51 p.m. Dec. 31, 2023, 12:51 p.m.
cred 2
8 2 1 6.16 Dec. 31, 2023, 12:51 p.m. Dec. 31, 2023, 12:51 p.m.
cred 2
0 2 1 0.00 Dec. 31, 2023, 12:51 p.m. Dec. 31, 2023, 12:51 p.m.
cred 2
User-Agent anomaly ua
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
hits 4 pts 0.29
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
6 4 1 0.29 Oct. 10, 2025, 7:19 p.m. Oct. 14, 2025, 12:40 p.m.
ua 4
Referrer abuse ref
Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.
hits 2 pts 0.25
Breakdown by severity band (all-time). “Weighted” reflects your weight configuration.
Severity Total Labels Weighted First seen Last seen Top labels
6 2 1 0.25 Dec. 31, 2023, 12:51 p.m. Dec. 31, 2023, 12:51 p.m.
ref 2

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Auto-loads a single aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this ASN snapshot (peer IPs with coordinates).

Loading map…

SUBNETS HELD BY THIS ISP

Derived from ISP snapshot peers (Option A). Grouped into IPv4 /24 and IPv6 /48 by default.
IPv4
IPv6
Limit
Loading subnets…

Interesting IPs

Top risky peers inside this ASN (latest snapshot). Sorted by risk score, then hits.

No peer rows available for this ASN snapshot.