IOC Radar
DomainHighVerifiedSignal 31/100

p4q8n.top

Location
GermanyGermany
First Seen
Jan 20, 2026
Last Seen
Jun 2, 2026
Jan 20
First Seen
153d ago
Jun 2
Last Seen
21d ago
5
Reports
source reports
31%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
31%
Signal Score
31 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

11 techniques

Feed Intelligence Summary

5 reports31% confidence
5
Source reports
31%
Confidence score
Category tags
active scanc2command & controlcommunication channeldata exfiltrationdata store exposuredata thefteuropeexploitation activitygermanyindicatorinfrastructure acquisitionreconnaissanceinjection activitymalicious softwaremalwarenetworkprocess injectionresearchedt1041t1055t1071t1071.001t1095t1105t1486t1565t1573t1587.001t1590.001

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
31
SIGNAL
Signal Score
31%
Confidence
5
Reports
First seenJan 20, 2026
Last seenJun 2, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
These indicators of compromise (IOCs) were identified through LevelBlue Labs' proprietary collection and threat hunting processes, leveraging AI-driven heuristics to detect anomalous patterns, behavioral analysis of malicious activity, and cross-referenced intelligence from endpoint telemetry and external sources. The IOCs included in this pulse are associated with command and control (C2) infrastructure, facilitating malware communication, data exfiltration, and persistent threat actor operations. Use this data to enhance detection rules, block malicious infrastructure, or correlate with existing incident investigations. These indicators have been assigned a medium confidence level regarding their maliciousness. They are therefore subject to further review, and feedback is greatly appreciated.
domain rank
-1
raw
Administrative city: Phoenix Administrative country: United States Administrative email: [email protected] Administrative state: AZ Billing city: Phoenix Billing country: United States Billing email: [email protected] Billing state: AZ Create date: 2026-01-04 00:00:00 Domain name: p4q8n.top Domain registrar id: 1479.0 Domain registrar url: whois.namesilo.com Expiry date: 2027-01-04 00:00:00 Name server 1: AURORA.NS.CLOUDFLARE.COM Name server 2: CASEY.NS.CLOUDFLARE.COM Query time: 2026-02-24 08:53:35 Registrant address: 4450dc66882e5a1e Registrant city: 7a96e04d2a2490b3 Registrant company: 566bb814321610e4 Registrant country: United States Registrant email: [email protected] Registrant name: 41df6566f0a16a8b Registrant phone: ae3ea006f3cca5c3 Registrant state: e1c7c1911395a3cf Registrant zip: c692e0cb8851b160 Technical city: Phoenix Technical country: United States Technical email: [email protected] Technical state: AZ Update date: 2026-02-18 00:00:00
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 5 months ago · Last seen 21 days ago
Appeared in 5 threat reports