Loading threats
Matches HTTP requests attempting to access the sensitive AWS CLI configuration file /.aws/config. This primitive helps identify reconnaissance or exploitation activity where attackers probe for exposed cloud configuration data, including account profiles, regions, and role settings, typically through path traversal, local file inclusion, or misconfigured web server directory exposure.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 185.177.72.38 | 95% | 31,943 | 1,582 | 🇫🇷 FR | AS211590 | 2026-03-20 |
| 185.177.72.30 | 94% | 26,360 | 1,043 | 🇫🇷 FR | AS211590 | 2026-03-20 |
| 185.177.72.52 | 93% | 23,814 | 970 | 🇫🇷 FR | AS211590 | 2026-03-19 |
| 185.177.72.49 | 91% | 20,634 | 979 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 185.177.72.22 | 93% | 20,294 | 990 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 185.177.72.51 | 92% | 17,230 | 1,139 | 🇫🇷 FR | AS211590 | 2026-03-20 |
| 185.177.72.13 | 91% | 17,195 | 1,066 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 185.177.72.23 | 92% | 14,928 | 1,099 | 🇫🇷 FR | AS211590 | 2026-03-19 |
| 185.177.72.56 | 91% | 14,306 | 1,036 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 195.178.110.199 | 93% | 5,935 | 1,895 | 🇧🇬 BG | AS48090 | 2026-03-20 |
| 152.42.255.97 | 85% | 4,894 | 4,850 | 🇸🇬 SG | AS14061 | 2026-03-08 |
| 45.138.16.145 | 80% | 1,610 | 1,518 | 🇵🇱 PL | AS210558 | 2026-03-12 |
| 152.42.221.249 | 96% | 984 | 984 | 🇸🇬 SG | AS14061 | 2026-03-04 |
| 45.148.10.5 | 99% | 493 | 493 | 🇳🇱 NL | AS48090 | 2026-03-20 |
| 45.139.104.161 | 84% | 472 | 472 | 🇧🇬 BG | AS399979 | 2026-03-11 |
| 195.178.110.28 | 99% | 442 | 442 | 🇧🇬 BG | AS48090 | 2026-03-20 |
| 146.70.42.180 | 90% | 427 | 426 | 🇩🇰 DK | AS9009 | 2026-03-16 |
| 45.148.10.119 | 100% | 383 | 383 | 🇳🇱 NL | AS48090 | 2026-03-19 |
| 45.148.10.187 | 97% | 342 | 342 | 🇳🇱 NL | AS48090 | 2026-03-13 |
| 172.94.9.245 | 98% | 296 | 296 | 🇮🇷 IR | AS213790 | 2026-03-15 |