DomainMediumSignal 95/100

`sqwas.shapelie.com`

Location

Turkey

First Seen

Mar 18, 2026

Last Seen

May 22, 2026

Mar 18

First Seen

99d ago

May 22

Last Seen

34d ago

Reports

source reports

95%

Confidence

medium

Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

95%

Signal Score

95 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

44 techniques

Feed Intelligence Summary

11 reports95% confidence

Source reports

95%

Confidence score

Category tags

abuseaccessalienvault_ransomwareana luizaaptariaasiabad reputationbodybrute forcec2 servercastleratchlg urlcivil servicescode executioncode injectioncommand & controlcommand executioncommercial surveillancecontactcorunacredential harvestingcredential stuffingdarksworddata encryptiondata exfiltrationdata store exposuredescubre cmoel troyanoelectronic health recordsencryptionescalationeuropeeurope/asiaexploitexploit chainexploitation activityextortionfake claude codefigureghostbladeghostknifeghostsabergoogle discovergopixgopix hagovernment technologygtighealth care and social assistancehealth information technologyhealthcare information systemshospital managementidentity & access exploitationiframeimagenindicatoringress tool transferinjection activityiosios exploitationlifeloaderlookmalaysiamalicious linksmalicious softwaremalwaremalware family: ghostblademalware family: ghostknifemalware family: ghostsabermanual-collectionmedical servicesmedium-riskmetadata analysismobilemobile exploitationmobile securitymobile threatnation-statenation-state activitynetworknextolhar digitaloperating systemoperation ghostmailpars defensepassword storepatchedpatient carephishingphishing attackprocess injectionpublic administrationpublic infrastructurepublic policyransomwareratregulatory agenciesresearchedrussiasaudi arabiascams & fraudsocial engineeringsocial media securitystate-sponsoredstrongsystem disruptiont1005t1021.001t1027t1027.002t1033t1036t1041t1047t1055t1056.001t1057t1059t1059.007t1064t1068t1069.001t1071t1071.001t1078t1083t1095t1105t1113t1120t1123t1176t1189t1190t1203t1204.001t1210t1213t1486t1490t1547t1562.004t1565t1566t1566.001t1566.002t1566.003t1566.004t1584.006t1588.006t1636 protectedta0027 initialta0030 defensetcnicas t1456threat actortitletor nodetrojan malwareturkeytype osintukraineunc6353unc6748unk_nightowluser datavulnerability scanwatering holeweb securityzero-click exploitzero-day exploitationzero-day vulnerability

Activity Timeline

1 total obs

May 22May 22

Threat Activity Heatmap

· Peak: 2026-05-22

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

95%

Confidence

Reports

First seenMar 18, 2026

Last seenMay 22, 2026

VirusTotal

Not checked

WHOIS

registrar: Global Domain Group LLC
raw: Creation Date: 2020-03-27T14:10:39Z DNSSEC: unsigned Domain Name: SHAPELIE.COM Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS1.H110.HVOSTING.UA Name Server: NS2.H110.HVOSTING.UA Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1 (805) 394-3992 Registrar IANA ID: 3956 Registrar URL: http://www.globaldomaingroup.com Registrar WHOIS Server: whois.globaldomaingroup.com Registrar: Global Domain Group LLC Registry Domain ID: 2507961898_DOMAIN_COM-VRSN Registry Expiry Date: 2027-03-27T14:10:39Z Updated Date: 2024-01-25T10:53:02Z

`sqwas.shapelie.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey