Loading threats
Matches HTTP requests attempting to access a configuration file at /.aws/keys.conf. This primitive helps identify reconnaissance or exploitation attempts where attackers probe for exposed AWS key material or custom credential configuration files that may be accessible due to insecure deployment practices, directory listing, or file disclosure vulnerabilities.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 45.148.10.5 | 99% | 493 | 493 | 🇳🇱 NL | AS48090 | 2026-03-20 |
| 195.178.110.28 | 99% | 442 | 442 | 🇧🇬 BG | AS48090 | 2026-03-20 |
| 45.139.104.225 | 85% | 172 | 172 | 🇧🇬 BG | AS399979 | 2026-03-12 |