DomainMediumSignal 62/100
ywh6522.lol
Location
United StatesFirst Seen
Dec 22, 2025
Last Seen
Jun 6, 2026
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
7 reports62% confidence
7
Source reports
62%
Confidence score
Category tags
brute forcecompromised infrastructurecredential harvestingcredential stuffingdgaeuropeidentity & access exploitationindicatormalicious domain disseminationmalwaremalware hostingnetworknorth americaphishphishingphishing attackpolandpolcertresearchedsocial engineeringt1105t1566t1566.001t1566.002t1566.003t1588t1588.002united states
Activity Timeline
Jun 6Jun 6
Threat Activity Heatmap
· Peak: 2026-06-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
7
Reports
First seenDec 22, 2025
Last seenJun 6, 2026
VirusTotal
Not checked
WHOIS
- registrar
- NameSilo, LLC
- creation date
- 2025-12-20T08:16:10
- expiration date
- 2026-12-20T23:59:59
- updated date
- 2026-01-05T12:54:40
- name servers
- CHELSEA.NS.CLOUDFLARE.COM, DAMIETE.NS.CLOUDFLARE.COM
- country
- US
- org
- See PrivacyGuardian.org
- status
- client hold https://www.icann.org/epp#client hold, client transfer prohibited https://www.icann.org/epp#client transfer prohibited, clientHold https://icann.org/epp#clientHold, clientTransferProhibited https://icann.org/epp#clientTransferProhibited, serverHold https://icann.org/epp#serverHold
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 months ago · Last seen 4 days ago
Appeared in 7 threat reports