Loading threats
Matches HTTP requests attempting to access a JavaScript file named /.aws/credentials.js. This primitive helps identify reconnaissance or exploitation attempts where attackers probe for improperly stored or exposed AWS credential material embedded in script files, often due to insecure deployment practices, directory exposure, or file disclosure vulnerabilities.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 45.148.10.5 | 99% | 479 | 479 | 🇳🇱 NL | AS48090 | 2026-03-19 |
| 195.178.110.28 | 99% | 424 | 424 | 🇧🇬 BG | AS48090 | 2026-03-19 |
| 45.139.104.225 | 85% | 172 | 172 | 🇧🇬 BG | AS399979 | 2026-03-12 |
| 173.212.230.39 | 51% | 6 | 6 | 🇫🇷 FR | AS51167 | 2026-03-01 |
| 167.86.68.175 | 52% | 6 | 6 | 🇩🇪 DE | AS51167 | 2026-03-05 |
| 207.180.211.231 | 54% | 4 | 4 | 🇫🇷 FR | AS51167 | 2026-02-28 |