← Back

IP Address Overview

Model: v1 Updated: Feb. 13, 2026, 5:31 p.m.

Report for 18.117.121.206 • United States • AWS EC2 (us-east-2)

High-level context about this IP: ownership, geography, and traffic profile.

Access Mode

Visitor mode shows a reduced view for performance (recent activity window and gated deep analysis). Log in or create an account to unlock full-history analysis, advanced tools, training, and richer context.

Traffic ready Risk ready Report ready Model v1

IP Address

18.117.121.206

Total Hits

559

Organization

AWS EC2 (us-east-2)

ASN

AS16509 Amazon.com, Inc.

ISP

16509 Amazon.com, Inc.

Region

Ohio

City

Dublin

Country

United States

Subnet

18.117.121.0/24

Risk Level

high

First Seen

Feb. 1, 2026, 12:41 a.m.

Last Seen

Feb. 1, 2026, 12:50 a.m.

Total Errors

551

Risk Score

Risk

Model: v1 Computed: Feb. 13, 2026, 5:31 p.m.

Risk score

High

Risk gradient

Contributor codes are normalized (e.g. sqli, cmdi, trav, sfp). Totals and breakdowns are derived from rollups and explainability tables only.

Annotator influence radar

Rendering annotator influence profile…

Normalized contribution (0..1) per annotator versus robust per-code envelope.

All contributing signals

Sensitive file probing sfp Requests target commonly sensitive files, configs, backups, or administrative resources. 289 hits 2409.00 pts

Severity	Hits	Labels	Weighted	Top labels
40	253	1	2226.40	{'count': 253, 'label': 'sensitive_file'}
24	20	1	105.60	{'count': 20, 'label': 'sensitive_file'}
16	11	1	38.72	{'count': 11, 'label': 'sensitive_file'}
36	4	1	31.68	{'count': 4, 'label': 'sensitive_file'}
30	1	1	6.60	{'count': 1, 'label': 'sensitive_file'}

Scan velocity scan_velocity High request rate and broad endpoint coverage suggest scanning or automated enumeration. 131 hits 510.48 pts

Severity	Hits	Labels	Weighted	Top labels
32	36	1	207.36	{'count': 36, 'label': 'scan_velocity'}
28	24	1	120.96	{'count': 24, 'label': 'scan_velocity'}
30	16	1	86.40	{'count': 16, 'label': 'scan_velocity'}
26	4	1	18.72	{'count': 4, 'label': 'scan_velocity'}
24	4	1	17.28	{'count': 4, 'label': 'scan_velocity'}
22	4	1	15.84	{'count': 4, 'label': 'scan_velocity'}
20	4	1	14.40	{'count': 4, 'label': 'scan_velocity'}
18	3	1	9.72	{'count': 3, 'label': 'scan_velocity'}
16	3	1	8.64	{'count': 3, 'label': 'scan_velocity'}
14	2	1	5.04	{'count': 2, 'label': 'scan_velocity'}
12	2	1	4.32	{'count': 2, 'label': 'scan_velocity'}
10	1	1	1.80	{'count': 1, 'label': 'scan_velocity'}
0	28	1	0.00	{'count': 28, 'label': 'scan_velocity'}

Path traversal attempts trav Request paths/parameters resemble attempts to access files outside intended directories. 9 hits 79.56 pts

Severity	Hits	Labels	Weighted	Top labels
34	9	1	79.56	{'count': 9, 'label': 'trav'}

Credential brute forcing cred Repeated authentication attempts consistent with password guessing or credential stuffing. 2 hits 5.50 pts

Severity	Hits	Labels	Weighted	Top labels
10	1	1	5.50	{'count': 1, 'label': 'cred'}
0	1	1	0.00	{'count': 1, 'label': 'cred'}

Technical summary

Computed at

Feb. 13, 2026, 5:31 p.m.

Raw total

3004.54

Total hits

559

Errors

551

Traffic

Rollup

Daily activity with stacked HTTP response classes plus a total-hits trend line from the traffic rollup.

Activity Access

Visitor

Visitor mode is limited to the most recent 30 days for performance. Log in or create an account to unlock the full activity history and deeper analysis.

Daily activity (stacked response classes + total hits). Showing recent 30 days in visitor mode.

2xx

3xx

4xx

502

5xx

Unique URLs

disabled

Total Hits

559

First Seen

Feb. 1, 2026, 12:41 a.m.

Last Seen

Feb. 1, 2026, 12:50 a.m.

HTTP Status Breakdown

Response mix grouped by status class (2xx/3xx/4xx/5xx). Auto-loads a single aggregation and renders a donut.

Loading status mix…

Running one aggregation and rendering the chart.

Geolocation

Live geolocation and map tiles auto-load for this IP.

Loading map…

Subnet footprint

Loading subnet peers…

Next step

Explore the annotated logs

The full Log Explorer is members-only because this deep drill-down is computationally expensive. Create an account to unlock ungated analyst tooling, training, and richer contextual workflows.