IPHighVerifiedSignal 86/100

`5.200.176.105`

Location

Iran

Gorgan, Golestan

ASN

AS58224

Iran Telecommunication Company PJS

First Seen

Jun 20, 2026

Last Seen

Jun 26, 2026

Jun 20

First Seen

5d ago

Jun 26

Last Seen

today

133

Reports

source reports

95%

Confidence

high

Found in 133 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

95%

Signal Score

86 / 100

IDS Rule

Yes

Threat Context

Threat Actors3

AAkira KKimsuky LLockBit

Malware Families23

XXorDDoS NNjRAT XXWorm WWannaCry AAsyncRAT FFormBook NNetWire AAkira PPegasus NNanocore MMozi SSocGholish XXMRig RRemcos DDarkComet RRhysida SStealc MMirai VVidar HHavoc SSliver LLockBit MMetasploit

Network Information

Country

Iran

RegionGorgan, Golestan

ASNAS58224

OrganizationIran Telecommunication Company PJS

Feed Intelligence Summary

133 reports95% confidence

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4210 indicators)

3505 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4225 indicators)

3513 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4236 indicators)

3522 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4238 indicators)

3526 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4328 indicators)

3609 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4328 indicators)

3609 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4321 indicators)

3604 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4324 indicators)

3610 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4327 indicators)

3613 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4332 indicators)

3582 IOCs in report

Activity Timeline

133 total obs

Jun 26Jun 20

Threat Activity Heatmap

· Peak: 2026-06-21

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Critical

133

Critical

30d

133

Critical

3mo

133

Critical

Threat ScoreHigh Risk

SIGNAL

Signal Score

95%

Confidence

133

Reports

First seenJun 20, 2026

Last seenJun 26, 2026

Verified IOC

GeolocationIR

CountryIran

LocationGorgan, Golestan

ASNAS58224

OrgIran Telecommunication Company PJS

Coords36.8445, 54.4566

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

high

First detected 5 days ago · Last seen today

Appeared in 133 threat reports from 10 sources

Associated with: Akira, Kimsuky, LockBit

Used by malware: XorDDoS, NjRAT, XWorm, WannaCry, AsyncRAT, FormBook, NetWire, Akira, Pegasus, Nanocore, Mozi, SocGholish, XMRig, Remcos, DarkComet, Rhysida, Stealc, Mirai, Vidar, Havoc, Sliver, LockBit, Metasploit

5.200.176.105

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`5.200.176.105`