Loading threats
Matches HTTP requests attempting to access a file at /.aws/s3/config.json. This primitive helps identify reconnaissance or exploitation attempts where attackers probe for exposed Amazon S3 configuration data or credential-related settings that may be retrievable due to misconfigured file serving, directory listing, or file disclosure vulnerabilities.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 185.177.72.38 | 94% | 31,924 | 1,563 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 185.177.72.30 | 92% | 26,325 | 1,008 | 🇫🇷 FR | AS211590 | 2026-03-19 |
| 185.177.72.52 | 93% | 23,814 | 970 | 🇫🇷 FR | AS211590 | 2026-03-19 |
| 185.177.72.49 | 91% | 20,634 | 979 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 185.177.72.22 | 93% | 20,294 | 990 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 185.177.72.51 | 91% | 17,216 | 1,125 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 185.177.72.13 | 91% | 17,195 | 1,066 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 185.177.72.23 | 92% | 14,928 | 1,099 | 🇫🇷 FR | AS211590 | 2026-03-19 |
| 185.177.72.56 | 91% | 14,306 | 1,036 | 🇫🇷 FR | AS211590 | 2026-03-18 |
| 45.148.10.5 | 99% | 486 | 486 | 🇳🇱 NL | AS48090 | 2026-03-19 |
| 195.178.110.28 | 99% | 427 | 427 | 🇧🇬 BG | AS48090 | 2026-03-19 |
| 45.139.104.225 | 85% | 172 | 172 | 🇧🇬 BG | AS399979 | 2026-03-12 |
| 45.139.104.222 | 73% | 66 | 66 | 🇧🇬 BG | AS399979 | 2026-02-26 |
| 104.23.229.8 | 4% | 25 | 12 | 🇫🇷 FR | AS13335 | 2026-03-19 |
| 172.71.127.159 | 4% | 15 | 9 | 🇫🇷 FR | AS13335 | 2026-03-18 |
| 173.249.27.120 | 35% | 14 | 14 | 🇫🇷 FR | AS51167 | 2026-03-14 |
| 167.86.123.86 | 37% | 9 | 9 | 🇫🇷 FR | AS51167 | 2026-03-14 |
| 172.68.151.123 | 5% | 8 | 8 | 🇫🇷 FR | AS13335 | 2026-03-19 |
| 104.23.229.53 | 5% | 7 | 7 | 🇫🇷 FR | AS13335 | 2026-03-18 |
| 172.71.127.127 | 5% | 7 | 7 | 🇫🇷 FR | AS13335 | 2026-03-19 |