DomainMediumSignal 74/100

`jiaw.shop`

Location

Ukraine

First Seen

May 19, 2025

Last Seen

Jun 6, 2026

May 19

First Seen

387d ago

Jun 6

Last Seen

4d ago

Reports

source reports

74%

Confidence

medium

Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

74%

Signal Score

74 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

88 techniques

Feed Intelligence Summary

8 reports74% confidence

Source reports

74%

Confidence score

Category tags

abuseactive scanaerospace & defenseapi callaptapt 28apt28australiabad reputationbitcoinblockchainbotnetbotnet activitybrute forcec servercivil servicescode executioncode injectioncommand and controlcommand executioncommodity contracts intermediationcommunication technologiescredential accesscredential harvestingcredential stuffingcredential theftcross-site scriptingcrypto exchangecrypto miningcrypto walletcryptocurrencycvecyber intelligencedata encryptiondata exfiltrationdata store exposuredecentralized financedefensedefense contractingdefense logisticsdefense systemsdefense technologydigital currencydistributed attackseastern europeencryptioneseteset researcheuropeeurope/asiaexploitexploitationexploitation activityextortionfancy bearfigurefirstfleet managementfrancefreight servicesgovernment technologyhasheshordeidentity & access exploitationimpactindicatorinfrastructure acquisitionreconnaissanceinhibit systeminjection activityiocsiot securityitalylateral movementlojaxmalicious softwaremalwaremaritime transportmdaemonmilitary operationsmobile carriersmobile networksnational securitynetworkoperating systemoperation roundpresspaexecparispasspassenger transportationphishingphishing attackprocess injectionpsexecpublic administrationpublic infrastructurepublic policyrail transportransom demandransomhubransomwareransomware-as-a-serviceregulatory agenciesresearchedrussiasednitsiemsocial engineeringsofacysoftware exploitationspearphishingspypress cspypress.hordespypress.mdaemonspypress.roundcubespypress.zimbrastrongsystem disruptionsystem locationt1003t1003.001t1005t1018t1020t1021.001t1027t1027.003t1033t1041t1047t1053.005t1055t1056t1057t1059t1059.001t1059.003t1059.004t1059.007t1068t1069.001t1070t1070.001t1071t1071.001t1078t1078.002t1078.004t1082t1083t1087t1105t1106t1110t1112t1114t1114.001t1119t1120t1132t1133t1134t1134.001t1134.002t1134.004t1135t1140t1187t1189t1190t1192t1199t1203t1204t1204.001t1204.002t1218t1218.011t1486t1490t1496t1497t1499.002t1499.003t1539t1547.001t1556t1562.001t1562.004t1565t1566t1566.001t1566.002t1566.003t1566.004t1569.002t1574t1574.001t1583t1587t1587.001t1588t1588.002t1590.001t1595t1608.001t1614telecom servicestelecommunicationsthreat actortipstor nodetransportation and warehousingtransportation infrastructuretransportation technologyukraineunited kingdomvanhelsingvanhelsing ransomware emulationvanhelsing ransomware simulationvulnerabilityvulnerability scanweb application attackweb exploitationwebmailwebmail server compromisewindows apixsszero-day exploitzero-day vulnerabilityzimbrazimbra exploit

Activity Timeline

1 total obs

Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Intelligence SummaryAI Generated

The domain **jiaw.shop**, originating from Ukraine, has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats. First observed on May

Threat ScoreHigh Risk

SIGNAL

Signal Score

74%

Confidence

Reports

First seenMay 19, 2025

Last seenJun 6, 2026

VirusTotal

Not checked

WHOIS

description: The full list of cybersecurity vulnerabilities, identified by researchers at the University of California, New York (UCL), has been released.. and it is expected to be published by the end of the year
domain rank: -1
raw: Create date: 2023-09-23 00:00:00 Domain name: jiaw.shop Domain registrar id: 1647 Domain registrar url: http://www.registrar.eu Expiry date: 2024-09-23 00:00:00 Name server 1: NS1.SITE-DNS.COM Name server 2: NS2.SITE-DNS.COM Name server 3: NS3.SITE-DNS.COM Query time: 2023-09-24 11:10:01 Registrant country: Netherlands Registrant state: a60153145b56f263 Update date: 2023-09-23 00:00:00
subdomains count: 0

`jiaw.shop`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy