IOC Radar
DomainMediumSignal 39/100

test.heo-systems.net

First Seen
Jan 28, 2024
Last Seen
Mar 9, 2026
Jan 28
First Seen
870d ago
Mar 9
Last Seen
99d ago
8
Reports
source reports
39%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
39%
Signal Score
39 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

24 techniques

Feed Intelligence Summary

8 reports39% confidence
8
Source reports
39%
Confidence score
Category tags
attachment basedbecbec attackbotnetbrand abusebrand impersonationbusiness email compromisecommand and controlcredential harvestingcredential phishingcredential theftcredential_harvestingdata exfiltrationdistributed attacksfraudindicatorinfrastructure acquisitionreconnaissancelink injectionlink manipulationmalicious softwaremalicious websitemalicious_urlmalwaremalware deliverymalware distributionmalware phishingnetflixnetflix phishing campaignnetworkphishingphishing attackphishing-databaseprocess injectionresearchedscamsocial engineeringspearphishingt1055t1071t1071.001t1078t1189t1192t1204.002t1486t1496t1499.002t1499.003t1534t1539t1552.001t1565t1566t1566.001t1566.002t1566.003t1566.004t1587.001t1590.001t1598t1598.003threat_intelligenceurls

Activity Timeline

1 total obs
Mar 9Mar 9

Threat Activity Heatmap

· Peak: 2026-03-09
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

The domain **test.heo-systems.net** has emerged as a significant indicator of compromise (IOC) associated with multiple cyber threats, including botnet activity, malware distribution, and phishing campaigns. First observed on January

Threat ScoreLow Risk
39
SIGNAL
Signal Score
39%
Confidence
8
Reports
First seenJan 28, 2024
Last seenMar 9, 2026

VirusTotal

Not checked

WHOIS

registrar
NameCheap, Inc.
description
This page stores Netflix phishing page IOCs. Legitimate website for the brand is https://www.netflix.com/ NOLA defense is tracking newly observed phishing websites. Follow us on twitter https://twitter.com/noladefense
raw
Creation Date: 2023-01-18T07:35:56Z DNSSEC: unsigned Domain Name: HEO-SYSTEMS.NET Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: APOLLO.NS.CLOUDFLARE.COM Name Server: NAYA.NS.CLOUDFLARE.COM Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.6613102107 Registrar IANA ID: 1068 Registrar URL: http://www.namecheap.com Registrar WHOIS Server: whois.namecheap.com Registrar: NameCheap, Inc. Registry Domain ID: 2752165614_DOMAIN_NET-VRSN Registry Expiry Date: 2026-01-18T07:35:56Z Updated Date: 2025-01-08T14:49:13Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 3 months ago
Appeared in 8 threat reports