| Hostname | Request Count |
|---|---|
| www.darcherif.fr | 721 |
| Path | Distinct Hostnames |
|---|---|
| bot/.env.local | 1 |
| application/.env | 1 |
| site-old/.env | 1 |
| demo/.env.dist | 1 |
| old/.env.dist | 1 |
| tenant/.env | 1 |
| admin/.env.local | 1 |
| .github/.env | 1 |
| node/.env.bak | 1 |
| stage/.env.local | 1 |
| qa/.env.dev | 1 |
| deployment/.env | 1 |
| server/.env.dev | 1 |
| billing/.env | 1 |
| admin/.env.bak | 1 |
| stage/.env.dist | 1 |
| beta/.env | 1 |
| web/.env.dist | 1 |
| app/config/.env | 1 |
| erp/config.env | 1 |
| node/.env.local | 1 |
| workflows/.env | 1 |
| erp/.env.bak | 1 |
| stage/.env.bak | 1 |
| .travis/.env | 1 |
| core/.env | 1 |
| admin/.env.dist | 1 |
| .env.staging | 1 |
| prod/.env.bak | 1 |
| crm/.env.local | 1 |
| api/v1/.env | 1 |
| live/.env | 1 |
| lms/.env.local | 1 |
| demo/.env.bak | 1 |
| .env.development | 1 |
| mail/config.env | 1 |
| test/config.env | 1 |
| nova/.env | 1 |
| node/.env.dist | 1 |
| conf/config.env | 1 |
| deployment/config.env | 1 |
| web/.env.local | 1 |
| source/.env | 1 |
| node/.env.dev | 1 |
| server/src/.env | 1 |
| .circleci/.env | 1 |
| function/config.env | 1 |
| staging/.env.dist | 1 |
| service/.env.staging | 1 |
| helper/.env.local | 1 |
IP 35.79.222.149 targeted highly sensitive configuration files (e.g., .env) with all requests flagged by WAF and triggered multiple critical deny rules including LFI-ANOMALY, IPBLOCK-BURST4, and BOT-BROWSER-IMPERSONATOR. Its associated ASN (AS16509) is already blocklisted for persistent malicious activity, with many other IPs from this ASN also blocklisted for identical severe behavior.