IOC Radar
IPMediumSignal 52/100

91.186.247.205

Location
JordanJordan
Al Fayşalīyah, AM
ASN
AS9038
NETS
First Seen
Dec 1, 2025
Last Seen
Apr 30, 2026
Dec 1
First Seen
194d ago
Apr 30
Last Seen
45d ago
8
Reports
source reports
52%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
52%
Signal Score
52 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

6 techniques

Network Information

CountryJOJordan
RegionAl Fayşalīyah, AM
ASNAS9038
OrganizationNETS

Feed Intelligence Summary

8 reports52% confidence
8
Source reports
52%
Confidence score
Category tags
active scanactive scanningaptbad web botbotnet activityddosdenial of serviceexploitation activityimapimap attackindicatorjordannetworkreconnaissanceresearchedscannersmtpsmtp attackert1190t1203t1499.001t1595.001t1595.002t1595.003threat actortor nodeweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
Apr 30Apr 30

Threat Activity Heatmap

· Peak: 2026-04-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
52
SIGNAL
Signal Score
52%
Confidence
8
Reports
First seenDec 1, 2025
Last seenApr 30, 2026
GeolocationJO
CountryJordan
LocationAl Fayşalīyah, AM
ASNAS9038
OrgNETS
Coords31.9522, 35.9390

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 91.186.228.0 - 91.186.255.255 netname: JO-NETS descr: ORG-NETS1-RIPE country: JO admin-c: UC1399-RIPE tech-c: UC1399-RIPE status: ASSIGNED PA mnt-by: MNT-JO-BATELCO mnt-lower: MNT-JO-BATELCO mnt-routes: MNT-JO-BATELCO created: 2012-04-02T14:42:39Z last-modified: 2014-06-18T13:58:30Z source: RIPE person: Umniah Company address: Amman Jordan phone: +92665005000 nic-hdl: UC1399-RIPE mnt-by: MNT-UMNIAH-JO created: 2014-06-18T13:41:38Z last-modified: 2014-06-18T13:41:38Z source: RIPE route: 91.186.247.0/24 origin: as9038 mnt-by: MNT-JO-WI-TRIBE mnt-by: BATELCO-JORDAN mnt-by: AS9038-MNT mnt-by: MNT-UMNIAH-JO mnt-by: MNT-JO-BATELCO mnt-by: Umniah created: 2018-12-16T06:55:20Z last-modified: 2018-12-16T06:55:20Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 6 months ago · Last seen 1 month ago
Appeared in 8 threat reports