Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
192.109.200.205 has a very high threat confidence level of 94%, originating from Stockholm, Sweden, on the Pfcloud UG (haftungsbeschrankt) network (51396). It has been observed across 473 sessions targeting HTTPS, HTTP, SSH, First observed on January 25, 2026, most recently active March 2, 2026.
Automated multipart form-data payload attempting prototype pollution against a Next.js / React Server Components deserialization context using __proto__ and constructor:constructor gadget references. Indicates staged remote code execution probing against Node.js-based public-facing applications.
Identifies SSH sessions where the actor executes uname -s -v -n -r -m to retrieve detailed kernel, hostname, architecture, and OS version information for environment profiling and post-access decision making.
Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.