Http Request Path Root Env File

Matches HTTP requests attempting to access the sensitive environment configuration file /root/.env. This primitive helps identify reconnaissance or exploitation attempts where attackers probe for exposed application secrets, credentials, API keys, or database connection strings through file disclosure, path traversal, or misconfigured web server routes.

Observed IPs

Avg Confidence

48%

Protocol

HTTP

Top IPs by event count

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
185.177.72.38	99%	32,544	2,183	🇫🇷 FR	AS211590	2026-04-23
185.177.72.30	98%	26,701	1,384	🇫🇷 FR	AS211590	2026-04-29
185.177.72.52	99%	24,027	1,183	🇫🇷 FR	AS211590	2026-05-04
185.177.72.49	94%	21,285	1,537	🇫🇷 FR	AS211590	2026-05-04
185.177.72.22	98%	20,803	1,499	🇫🇷 FR	AS211590	2026-04-02
185.177.72.13	98%	17,709	1,509	🇫🇷 FR	AS211590	2026-05-04
185.177.72.51	93%	17,689	1,598	🇫🇷 FR	AS211590	2026-04-29
185.177.72.23	97%	15,445	1,614	🇫🇷 FR	AS211590	2026-04-28
192.253.248.169	100%	6,622	6,622	🇮🇷 IR	AS213790	2026-05-04
43.228.157.57	90%	2,752	2,734	🇵🇰 PK	AS205759	2026-03-31
45.148.10.5	100%	553	553	🇳🇱 NL	AS48090	2026-03-21
195.178.110.28	99%	507	507	🇧🇬 BG	AS48090	2026-03-21
213.209.159.151	98%	494	494	🇹🇼 TW	AS208137	2026-04-26
185.177.72.66	92%	143	143	🇫🇷 FR	AS211590	2026-04-27
185.177.72.11	93%	95	93	🇫🇷 FR	AS211590	2026-04-29
185.177.72.205	87%	93	93	🇫🇷 FR	AS211590	2026-04-24
172.70.108.132	11%	80	70	🇫🇷 FR	AS13335	2026-03-29
185.177.72.10	91%	72	72	🇫🇷 FR	AS211590	2026-04-23
185.177.72.67	87%	69	69	🇫🇷 FR	AS211590	2026-05-04
185.177.72.100	84%	61	61	🇫🇷 FR	AS211590	2026-04-24