DigitalOcean Referral Badge
cloud1
cloud2
cloud3
cloud4
cloud5
cloud6
← Back

REGION REPORT — Gyeonggi-do - South Korea · gyeonggi-do - south korea

First sighted: May 16, 2023, 3 a.m. · Last sighted: March 2, 2026, 2 a.m.

Risk
71 (high)
Total hits
5077
Total errors
1609
Distinct IPs
1673
Distinct ASNs
44
Country
South Korea
Region
Gyeonggi-do
Top Org
N/A
Top ASN
N/A
Risk Rank
#165 / 3208
Geo Coverage
100.0%
Confidence
86/100
Push Alert
Watch
Briefing Notes
  • Gyeonggi-do - South Korea: risk 71 (high).
  • Risk rank #165 of 3208 regions.
  • Coverage 100.0% geolocated, confidence 86/100.
  • Push alert posture: Watch (Moderate risk or recent activity).

Risk

Model: v1 Computed: 2026-03-05 10:52:45
Risk score
71
Risk gradient
Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.
Annotator influence radar
Rendering annotator influence profile…
Normalized contribution (0..1) per annotator versus robust per-code envelope.
Key drivers
Command injection attempts
Request content resembles attempts to execute OS commands via an application.
cmdi
Hits 49
Points 1166.20
Credential brute forcing
Repeated authentication attempts consistent with password guessing or credential stuffing.
cred
Hits 143
Points 542.30
Sensitive file probing
Requests target commonly sensitive files, configs, backups, or administrative resources.
sfp
Hits 100
Points 449.68
Automated client behavior
Traffic patterns strongly suggest automation rather than a human-operated browser.
bot
Hits 832
Points 416.00
Scan velocity
High request rate and broad endpoint coverage suggest scanning or automated enumeration.
scan_velocity
Hits 148
Points 354.96
Path traversal attempts
Request paths/parameters resemble attempts to access files outside intended directories.
trav
Hits 14
Points 102.96
User-Agent anomaly
User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.
ua
Hits 229
Points 44.04
HTTP method anomaly
Unusual or unexpected HTTP methods observed for the target endpoints.
method
Hits 6
Points 2.88
Protocol anomaly
Request structure or protocol-level signals deviate from typical browser HTTP traffic.
proto
Hits 3
Points 2.80
Request size anomaly
Requests are unusually large or shaped in a way that suggests abuse or automation.
request_size
Hits 17
Points 1.44
Referrer abuse
Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.
ref
Hits 3
Points 0.54

Top Organizations Operating In The Region

Most-observed organizations in this region
No org rollups available.

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this region.

Loading activity…
Daily activity (hits per day). Total in window: .
Traffic rollup
HTTP status classes, URL diversity, and totals.
2xx
1637
3xx
1691
4xx
1492
5xx
117
Unique URLs
0
Total hits
5077
First seen
May 16, 2023, 3 a.m.
Last seen
March 2, 2026, 2 a.m.

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Uses totals aggregation and renders a donut.

Loading status mix…
Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this region snapshot (peer IPs with coordinates).

Loading map…

Top Autonomous System Networks

Most-observed networks in this region
No ASN rollups available.