DomainHighVerifiedSignal 64/100

`www.xeoc.shop`

First Seen

Feb 21, 2026

Last Seen

Jun 2, 2026

Feb 21

First Seen

124d ago

Jun 2

Last Seen

23d ago

Reports

source reports

64%

Confidence

high

Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

64%

Signal Score

64 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

35 techniques

Feed Intelligence Summary

5 reports64% confidence

Source reports

64%

Confidence score

Category tags

abusech-threatfox-c2cactive scanactive scanningautomated analysisautomated attackautomated scanautomated threatbad reputationblock-or-filter-listbrute forcebrute force attackbrute force attemptbrute force attemptsc2c2 activityc2 communicationcommand & controlcommand and controlcommunication protocolcredential accesscredential stuffingdata encryptiondata exfiltrationdata store exposureddosencryptionexploitation activityftpftp brute forcehttp brute forcehttp scannerhttp scanninghttpsidentity & access exploitationindicatorinjection activityiociocslateral movementmalicious network activitymalicious softwaremalwaremalware detectionmalware distributionmalware indicatorsnetworknetwork intrusionnetwork intrusion attemptnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork trafficnovel iocnovel-iocpassword attacksport-scanningpotential malware activitypotential threat actorprecogprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedservice scansmb scanningsmtpsmtp brute forcessh attackt1016t1018t1021t1021.001t1021.002t1040t1046t1047t1053t1055t1057t1059t1059.001t1059.004t1068t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1499.002t1563t1565t1573.001t1595t1595.001t1595.002t1595.003telnet threatthreat actortor nodeunknown threat actorweb traffic

Activity Timeline

1 total obs

Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

64%

Confidence

Reports

First seenFeb 21, 2026

Last seenJun 2, 2026

Verified IOC

VirusTotal

Not checked

WHOIS

registrar: Alibaba Cloud Computing Ltd.
description: Novel IOC detected by PreCog Sweep. First seen: 2026-02-21 15:18:54 UTC
raw: Creation Date: 2021-10-13T09:03:29.0Z DNSSEC: unsigned Domain Name: XEOC.SHOP Domain Status: ok https://icann.org/epp#ok Name Server: DNS31.HICHINA.COM Name Server: DNS32.HICHINA.COM Registrant Country: CN Registrant Email: 3432650ec337c945s@ Registrant State/Province: 31728965bc67e850 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +86.95187 Registrar IANA ID: 1599 Registrar URL: https://wanwang.aliyun.com/ Registrar: Alibaba Cloud Computing Ltd. Registry Domain ID: DO6192923-GMO Registry Expiry Date: 2022-10-13T23:59:59.0Z Updated Date: 2021-12-01T04:05:24.0Z

`www.xeoc.shop`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey