Loading threats
Identifies an HTTPS request targeting a .env file in the web root or application directory. Access attempts to /.env indicate automated scanning for exposed environment configuration files that may contain application secrets, database credentials, API keys, or cloud tokens. This probe is commonly associated with opportunistic internet-wide scanning for misconfigured web deployments.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 34.158.168.101 | 100% | 55,669 | 40,182 | 🇳🇱 NL | AS396982 | 2026-03-02 |
| 45.156.87.205 | 100% | 40,850 | 20,505 | 🇳🇱 NL | AS51396 | 2026-03-15 |
| 185.177.72.61 | 100% | 33,297 | 33,294 | 🇫🇷 FR | AS211590 | 2026-04-18 |
| 34.158.79.105 | 100% | 29,621 | 29,438 | 🇳🇱 NL | AS396982 | 2026-03-23 |
| 81.168.83.103 | 100% | 15,830 | 11,331 | 🇬🇧 GB | AS20860 | 2026-04-18 |
| 204.76.203.210 | 100% | 14,509 | 8,369 | 🇳🇱 NL | AS51396 | 2026-02-27 |
| 94.26.88.31 | 100% | 8,656 | 5,983 | 🇧🇬 BG | AS201814 | 2026-04-18 |
| 213.209.159.175 | 100% | 5,954 | 5,839 | 🇹🇼 TW | AS208137 | 2026-04-18 |
| 35.216.144.195 | 100% | 5,421 | 2,534 | 🇨🇭 CH | AS15169 | 2026-04-06 |
| 35.216.195.77 | 100% | 5,139 | 2,038 | 🇨🇭 CH | AS15169 | 2026-04-11 |
| 45.83.31.168 | 100% | 4,525 | 2,034 | 🇺🇸 US | AS210558 | 2026-02-23 |
| 45.148.10.124 | 100% | 3,924 | 2,213 | 🇳🇱 NL | AS48090 | 2026-04-12 |
| 192.253.248.169 | 100% | 3,907 | 3,907 | 🇮🇷 IR | AS213790 | 2026-04-18 |
| 64.112.126.83 | 98% | 3,289 | 2,196 | 🇸🇪 SE | AS214640 | 2026-02-22 |
| 31.58.214.23 | 100% | 3,087 | 3,084 | 🇬🇧 GB | AS20860 | 2026-04-18 |
| 124.198.131.162 | 100% | 3,014 | 3,014 | 🇺🇸 US | AS210558 | 2026-04-18 |
| 23.111.157.206 | 97% | 2,982 | 1,463 | 🇺🇸 US | AS29802 | 2026-02-20 |
| 35.216.201.9 | 100% | 2,692 | 1,257 | 🇨🇭 CH | AS15169 | 2026-04-13 |
| 78.153.140.250 | 100% | 2,654 | 2,117 | 🇬🇧 GB | AS202306 | 2026-04-18 |
| 35.216.140.3 | 100% | 2,606 | 1,424 | 🇨🇭 CH | AS15169 | 2026-04-12 |