← Back

REGION REPORT — Gyeonggi-do - South Korea · gyeonggi-do - south korea

Contextual Risk

Syndu matches the queried target properties against aggregated behavioral baselines across the IP hierarchy and calculates a contextual risk score from the matched dimensions.

Contextual Risk Score

--unknown

Computed instantly from Syndu's current trust-and-risk model.

Total Hits

5135

Total Errors

1609

First Seen

May 16, 2023, 3 a.m.

Last Seen

March 9, 2026, 2 a.m.

Risk Level

Risk Score

Dimension Baselines

In-scope matched dimensions contribute directly to the contextual score. Each value links to the corresponding report and latest computed baseline.

Create API Account Risk API Docs View Pricing

Briefing Notes

Gyeonggi-do - South Korea: risk 72 (high).
Risk rank #172 of 3210 regions.
Coverage 100.0% geolocated, confidence 86/100.
Push alert posture: Watch (Moderate risk or recent activity).

Behavioral Risk

Model: v1 Computed: 2026-03-13 11:53:15

Risk score

Risk gradient

Key drivers are enriched against the published annotator catalog when available; otherwise sensible defaults are used.

Annotator influence radar

Rendering annotator influence profile…

Normalized contribution (0..1) per annotator versus robust per-code envelope.

Key drivers

Command injection attempts

Request content resembles attempts to execute OS commands via an application.

cmdi

Points 1166.20

Credential brute forcing

Repeated authentication attempts consistent with password guessing or credential stuffing.

cred

Points 621.50

Sensitive file probing

Requests target commonly sensitive files, configs, backups, or administrative resources.

sfp

Points 449.68

Automated client behavior

Traffic patterns strongly suggest automation rather than a human-operated browser.

bot

Points 416.00

Scan velocity

High request rate and broad endpoint coverage suggest scanning or automated enumeration.

scan_velocity

Points 354.96

Path traversal attempts

Request paths/parameters resemble attempts to access files outside intended directories.

trav

Points 102.96

User-Agent anomaly

User-Agent signals look missing, inconsistent, or indicative of non-browser tooling.

Points 44.04

HTTP method anomaly

Unusual or unexpected HTTP methods observed for the target endpoints.

method

Points 2.88

Protocol anomaly

Request structure or protocol-level signals deviate from typical browser HTTP traffic.

proto

Points 2.80

Request size anomaly

Requests are unusually large or shaped in a way that suggests abuse or automation.

request_size

Points 1.44

Referrer abuse

Referrer patterns look manipulated, irrelevant, or inconsistent with normal navigation.

ref

Points 0.54

Top Organizations Operating In The Region

Most-observed organizations in this region

No org rollups available.

Traffic

Rollup

Daily activity (hits per day) and basic HTTP rollup counters for this region.

Loading activity…

Daily activity (hits per day). Total in window: —.

Traffic rollup

HTTP status classes, URL diversity, and totals.

2xx

1691

3xx

1695

4xx

1492

5xx

117

Unique URLs

Total hits

5135

First seen

May 16, 2023, 3 a.m.

Last seen

March 9, 2026, 2 a.m.

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Uses totals aggregation and renders a donut.

Loading status mix…

Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this region snapshot (peer IPs with coordinates).

Loading map…

Top Autonomous System Networks

Most-observed networks in this region

No ASN rollups available.