IOC Radar
DomainMediumSignal 35/100

accountsg-secure.fr

Location
FranceFrance
First Seen
Sep 22, 2022
Last Seen
Jun 6, 2026
Sep 22
First Seen
1363d ago
Jun 6
Last Seen
10d ago
7
Reports
source reports
35%
Confidence
medium
12/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
35%
Signal Score
35 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Feed Intelligence Summary

7 reports35% confidence
7
Source reports
35%
Confidence score
Category tags
account compromiseaccount discoveryaccount profilingaccount takeoveractive scananti-phishingbad reputationbecbotnetbotnet activitybrand impersonationbrand_impersonationbrute forcebusiness email compromisebusiness_email_compromisecode issuescommand and controlcommunication protocolcommunity managementcontent sharingcredential accesscredential harvestingcredential phishingcredential stuffingcredential theftcredential_theftdata accessdata copyingdata exfiltrationdata store exposuredata transferdgadigital platformsdigital signaturedistributed attacksemail-based attackeu cyber policieseuropeexploitation activityfinancefooterfrancefraudfraud domainsfraudulent domainfraudulent websitesgithubhttp scannerhttpsidentity & access exploitationindicatorindicators of compromiseinformation theftinitial accessinjection activityiot securityjumplink injectionlink manipulationmalicious attachmentmalicious domainmalicious linkmalicious linksmalicious softwaremalicious urlsmalicious_attachmentmalwaremalware attachmentmalware deliverymalware distributionmalware distribution domainsmalware domainsmalware signingnetworkopenphishingphishing activityphishing attackphishing campaignphishing domainsphishing kitphishing-databasephishing_urlprocess injectionpullransomwarered flag domainsregional securityresearchedscams & fraudsecurity advisorysecurity awarenesssecurity operationssmssmtpsocial analyticssocial engineeringsocial mediasocial media marketingsocial media securitysocial networkingsoftware integritystarstrongt1005t1030t1036t1055t1056t1071t1071.001t1078t1105t1189t1190t1192t1204t1204.001t1486t1496t1499.002t1499.003t1552.001t1554.001t1554.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1567.001t1583t1583.001t1588t1591t1598t1598.003threat actorthreat indicatorthreat intelligencetor nodeuser engagementviewweb securityweb trafficwebsite phishing

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **accountsg-secure.fr**, originating from France, has been identified as a significant indicator of compromise (IOC) associated with multiple cyber threats. First observed on September

Threat ScoreLow Risk
35
SIGNAL
Signal Score
35%
Confidence
7
Reports
First seenSep 22, 2022
Last seenJun 6, 2026

VirusTotal

12/ 91vendors flagged
13% detection rateJun 7, 2026

WHOIS

registrar
KEY-SYSTEMS GmbH
description
LTNA Cyber provides additional enrichment for domain and URL indicators, including RIR and DNS intelligence, domain registration context, routing verification, BGP stream visibility, and GeoIP/ISP attribution. Learn more: https://ltna.com.au/cyber
domain rank
-1
raw
>>> WHOIS request date: 2023-09-21T18:52:55.719525Z <<< Expiry Date: 2023-09-18T16:09:48Z changed: 2023-05-26T10:09:39.330207Z country: DE country: FR country: US created: 2022-09-18T16:09:48Z domain: accountsg-secure.fr e-mail: [email protected] e-mail: [email protected] e-mail: [email protected] eligstatus: not identified eppstatus: active eppstatus: associated eppstatus: inactive eppstatus: pendingDelete last-update: 2023-09-17T19:56:21.005616Z nic-hdl: D157520-FRNIC nic-hdl: D157521-FRNIC nic-hdl: GI767-FRNIC reachstatus: not identified registered: 2006-07-24T00:00:00Z registrar: KEY-SYSTEMS GmbH source: FRNIC status: REDEMPTION type: ORGANIZATION
references
https://threatintel.cybsec.fr/2023IOCs4_cybsec.txt, https://dl.red.flag.domains/red.flag.domains.txt, https://www.trendmicro.com/en_us/research/23/i/cybercriminals-exploit-the-moroccan-tragedy-in-new-scam-campaign.html, https://github.com/infobloxopen/threat-intelligence/blob/main/cta_indicators/ameli_cta_20221118_iocs.csv
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 10 days ago
Appeared in 7 threat reports