The analysis examines Iranian state-aligned threat actors and their infrastructure patterns during heightened geopolitical tensions. It focuses on mapping network infrastructure, ASN patterns, TLS fingerprints, and hosting clusters associated with various Iranian APT groups. The report highlights the importance of proactive infrastructure monitoring to detect and disrupt potential cyber operations. Key findings include the identification of previously unreported hosts, domains, and servers linked to Iranian operations, as well as insights into the tactics used by groups like MuddyWater and Dark Scepter. The article emphasizes the value of infrastructure intelligence in early threat detection and provides recommendations for organizations to monitor and defend against these threats.