DomainHighVerifiedSignal 67/100
joytion.com
First Seen
Mar 28, 2026
Last Seen
May 11, 2026
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
6 reports67% confidence
6
Source reports
67%
Confidence score
Category tags
indicatorinfostealermacosnetworkphantompulseresearchedshub stealert1005t1027t1036t1041t1059.002t1059.007t1082t1083t1087t1140t1204t1539t1543.001t1543.004t1552.001t1555.001t1555.003t1560t1574t1614
Activity Timeline
May 11May 11
Threat Activity Heatmap
· Peak: 2026-05-11LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
The domain **joytion.com** has been identified as a critical indicator of compromise (IOC) associated with malware activities, specifically targeting macOS systems. First observed on March
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
6
Reports
First seenMar 28, 2026
Last seenMay 11, 2026
Verified IOC
VirusTotal
Not checked
WHOIS
- description
- Command and Control domains for Malware. These domains are extracted from a number of sources, and are suspicious.
- domain rank
- -1
- raw
- Create date: 2026-03-26 00:00:00 Domain name: joytion.com Domain registrar id: 2288.0 Domain registrar url: http://www.metaregistrar.com Expiry date: 2027-03-26 00:00:00 Name server 1: kimora.ns.cloudflare.com Name server 2: gordon.ns.cloudflare.com Query time: 2026-03-27 13:26:38 Update date: 2026-03-26 00:00:00
- subdomains count
- 0
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
highFirst detected 3 months ago · Last seen 1 month ago
Appeared in 6 threat reports