Loading threats
Matches HTTP requests attempting to access a potentially encrypted AWS credentials file at /.aws/credentials.gpg. This primitive helps identify reconnaissance or exploitation attempts where attackers probe for protected or archived cloud credential material that may still be retrievable due to misconfigured file exposure, directory listing, or file disclosure vulnerabilities.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 185.177.72.38 | 99% | 32,536 | 2,175 | 🇫🇷 FR | AS211590 | 2026-04-22 |
| 185.177.72.49 | 94% | 21,260 | 1,512 | 🇫🇷 FR | AS211590 | 2026-04-19 |
| 45.148.10.5 | 100% | 553 | 553 | 🇳🇱 NL | AS48090 | 2026-03-21 |
| 195.178.110.28 | 99% | 507 | 507 | 🇧🇬 BG | AS48090 | 2026-03-21 |
| 185.177.72.66 | 92% | 130 | 130 | 🇫🇷 FR | AS211590 | 2026-04-22 |
| 185.177.72.205 | 87% | 90 | 90 | 🇫🇷 FR | AS211590 | 2026-04-22 |
| 185.177.72.11 | 92% | 78 | 78 | 🇫🇷 FR | AS211590 | 2026-04-22 |
| 185.177.72.100 | 85% | 57 | 57 | 🇫🇷 FR | AS211590 | 2026-04-22 |
| 185.177.72.5 | 71% | 36 | 36 | 🇫🇷 FR | AS211590 | 2026-04-19 |