Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

Execution of uname -a to retrieve full kernel and host identification details (kernel name, release, version, hostname, architecture, and OS) as a single lightweight system fingerprinting action.

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.