IOC Radar
DomainHighVerifiedSignal 24/100

apple.pr

Location
FranceFrance
First Seen
Feb 9, 2024
Last Seen
May 22, 2026
Feb 9
First Seen
867d ago
May 22
Last Seen
34d ago
6
Reports
source reports
24%
Confidence
high
0/91
VirusTotal
detections
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
24%
Signal Score
24 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

89 techniques

Feed Intelligence Summary

6 reports24% confidence
6
Source reports
24%
Confidence score
Category tags
aaaaabuseacceptaccess controlaccount discoveryaccount profilingaccount securityaccount takeoveracintactiveactive relatedactive scanactive threatad tevdagadd indicatoradded activeaddressadloadafricaafrinicagentagent teslaaigakamaialerts idsalexaalexa topalienvault_ransomwareall octoseekall scoreblueall searchall t8americaamerica asnamerica malwareand chinaandroidandroid10api abuseapnicaposterappleapple attackapple engineeringapple iosapple phoneapple scriptarinarkei stealerartemisas1680 cellcomascii textasiaasia pacificasnone unitedassembly commonassembly nameasyncratattackattacks saaustraliaauthentication bypassauthentication flawauthentihashauthorityavtratazorultbackdoorbad reputationbahamutbandit stealerbankbank securitybehavbell southblacklist httpblacklist httpsbloat-ablogbodybody lengthbofabotbotnetbotnet activitybrashears lesbrashears pornbrazilbrianbrian sabeybrontokbrowse scanbrute forcebrute force passwordsbundledbuttonsca idcamscanadacanada unknowncanvascapturecc nochi2chinachromecidrcins activecisco umbrellacityck idck matrixclasscleanerclickclick-based attackclr versioncmdcnamecnapple istcnapple publiccnc beaconco sheriffcobalt strikecode executioncode signingcom laudecommand & controlcommand and controlcommand executioncommunication protocolcommunity managementcomspecconduitconfigcontactcontacted urlscontent sharingcontrol panelcontroversial techcookiecorecorporate espionagecostcpccount blacklistcountrycreation datecredential accesscredential harvestingcredential stuffingcredential theftcryptocurrencycryptocurrency threatscryptographycryptojackingcybercyber harassmentcyber stalkingcyber threatcyber threatsdailydapatodarkdarknet servicedata accessdata analysisdata breachdata copyingdata encryptiondata exfiltrationdata mining softwaredata misusedata store exposuredata transferdata uploaddays agoddosddos attacksdecodedecryptdefense evasiondetails moduledetection listdgadga domainsdicator roledicators japandigital certificatedigital platformsdigital signaturediri typedishdistributed attacksdjvudnsdns attackdom hosdomaindonedot netdotnet_encrypteddouglas countydownldrdownloaderdraiedron aewdropdropperdynamic dnsdynamicloadere-signature securityec oidelectronic health recordself collectionelf executableelf wgetboatemailemotetencpkencryptencryptionendpoints allengineeringenter senter scenter soenter soudcetdienter soufenter sourceentriesentropy chi2erroret cinset torethical hackingeuropeeurope/asiaevasionexcludeexclude dataexclude suggesexclude suggestexclude toosrouexcluded dataexcludel suggesexecutable fileexitexpirationexpiration dateexploitexploitation activityextortionextr dataextr extractextr pleaseextraextra dataextra pleaseextrac dataextractextraction dataextraction failextreextre dataextre pleaseextriextri dataextri includefactoryfailedfakedout threatfalcon sandboxfalsefalse informationfanecfareitfearfilefileh filehfilepath httpsfilesfiles domainfiles relatedfinal urlfinancefinancial crimesfinancial institutionfinancial servicesfind sfind suggefirmipfirstfloxifflubotfolderfor privacyformatfoundryfoundry createdfoundry techfoundry twitterframingfrancefree pornfri novfusioncoreg1 validitygeneratorgenericgermanygoogle safegovernment usegp practicegraphgreengroupguardguidhappywifehappylifeharmfulhashes fileshawkeyeheader targetheaders nelhealth care and social assistancehealth information technologyhealthcare information systemshellheodoheurhighhigh priorityhistoricalhistorical sslhospital managementhosthostnamehostname addhostname datahostname enumerationhtmlhttp attackhttp attackerhttp responsehttp scannerhttp spammerhttpshybridhybrid analysisianaic excludedicefogicloudid loggedidentity & access exploitationidentity searchidn1iframeilike searchincludeinclude datainclude failedinclude outroovinclude reviewincludec reviewincluded iocsincluded reviewindiaindicatorindicators hongindicators showinfoinformation gatheringinformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinjection activityinput validation bypassinstallintelinternal nameinternet of thingsiobitiocsiocs kbiosiot botnetiot securityiot/ics attackipv4ipv4 addressipv6irelandisrael unknownissuer criteriaist cait infrastructurejapanjeffrey reimerjekylljs userjson datajul alljul jankey algorithmkey identifierkeybasekeygenkeyloggerkgs0khtmlkls0known torkongkrakenlacniclearn morelenovo tabletlimitedlinuxllwnlocalloki botlovelynn brashearsmachine intelmafiamagic pe32mail spammermalicious activitymalicious downloadmalicious hostmalicious linksmalicious sitemalicious softwaremalicious urlmalicious url repositorymalvertizingmalwaremalware distributionmalware hostingmalware signingmalware sitemalware_win_zgratmanaiv addmazemedia centermedical servicesmediummetametadata analysismetrometro t-mobilemetrobymillionmiraimirai botnetmisc attackmitremitre attmitre att&ck frameworkmitre attkmobilemobile devicemobile securitymobile threatmon sepmonitoringmonths agomost relevantmovedmozillams windowsmsiemultiple_versionsnamename serversname verdictnanjingnetherlandsnetworknetwork scanningnetwormnextnext associatednircmdnjratno datano entdino entrieno expirationnode tcpnode trafficnoname057north americanuancenumbernymaimobjectoccamyoceaniaocomodo caoctoseek publicofficeopen portsopen threatoperating system securityoracleoriginal nameotx scoreblueous upackingpalantir foundrypassive dnspasswordpastepatcherpath traversalpatient carepattern matchpcappdf reportpegasuspegasus attackspersonal dataphishingphishing attackphishing intelligencephishing sitepixelrzplatform interferencepleaseplease subplease subrpointponypoor reputationpornporn videospornhub httpspornhub pagepredatorpresent augpresent junpresent seppriority alertsprivacyprivacy adminprivacy incprivacy techprobeprocess injectionproductprotocol-devipsexecpublic keypulsepulse datapulse pulsespulse submitpulse usepulsespulses hostnamepulses otxpulses urlqakbotqbotquackbotquasarqwestransomransomexxransomwareratelreconnaissancerecord typerecord valuered teamredacted forredline stealerrefreshrefts0regszrelated pulsesrelated tagsrelayremoteremote accessremote servicesreport externalreport spamreputation damagereputation ipreputation manipulationresearchedresource hijackingreviewreview datareview excludereview icreview iocsreview lacereview loccripe nccrole titlerootroot carticon neutralrun keysruntime processrussiarva entrysa victimsabeysafe sitesamplessandboxsc datasc typescalaxyscams & fraudscanscan endpointsscriptscript domainsscript urlsse extrase extractionse reviewsearchsearchbox0searchtsarsecrisksecure serversecurity policyserverserver responseserver rsaserversserviceserving ipshowshow techniqueshowingsimplesingaporesitesizeslcc2smallsmear campaignsocial analyticssocial engineeringsocial mediasocial media abusesocial media marketingsocial media securitysocial networkingsoftware developmentsoftware exploitationsoftware integritysourcesouth americaspainspamspammerspanspeakez securusspicespyrixkeyloggerspywaressdeepssh on serverssl certificatessl hostnamestalking tacticsstartupstatestatusstatus codesstatus nostealerstixstopstop datastop xstrangestreamstreams sizestringssubidsubmitsubmit quasarsuggessugges datasuggestsuggest datasummarysurveillance campaignsvg scalableswedenswrortsystem disruptionsystem information discoverysysvt1003t1005t1016t1021t1027t1030t1035t1036t1041t1043t1045t1051t1053t1055t1056t1057t1059t1059.001t1059.007t1060t1064t1065t1068t1071t1071.001t1071.003t1071.004t1078t1080t1082t1083t1085t1105t1106t1110t1114t1119t1123t1125t1129t1133t1140t1143t1155t1179t1189t1190t1203t1204.001t1204.002t1210t1486t1490t1496t1497t1499.001t1499.002t1499.003t1506t1534t1539t1546t1554.001t1554.003t1555t1564t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1569.002t1573t1583t1583.005t1584t1586t1587t1587.001t1588t1589t1589.001t1590.001t1592t1595t1595.003t1598tag counttaggingteamteam alexateams apitelefonica detemptextthreatthreat actorthreat actor groupthreat analyzerthreat intelligencethreat networkthreat preventionthreat reportthreats ettiggretinbatitletitle addedtld counttmobiletofseetompctoolstop tsarator knowntor nodetor relayroutertrackertraffictrid windowstrojantrojan malwaretsaratsara brashearstsara lynnttl valuetulachtwittertyp datatyp hosttypetype filehtype indicatortype nametype notypelib idtypestypes ofu extractioukraineunicode textunionunisunitedunited statesuniyunknown nsunknown urlsunruyunsafeuny inuuueur extractionurior exiragurlsurls httpurls httpsurls showursnifuser engagementuser executionuserosandroidutc entryv3 serialvalidverdictversion idvhashvideosviewvirtoolvirutw32.bloat-awacatacwannacrywatch tsaraweb application attackweb application exploitationweb crawlerweb crawlingweb securityweb trafficwhitewhite keyloggerwhois lookupwhois recordwhois sslcertwhois whoiswin32 exewin32 malwarewindirwindows malwarewindows ntwinverworkaposterwormwritewrite cxoboxportxtratyandexyears agozbotzeuszpevdo

Activity Timeline

1 total obs
May 22May 22

Threat Activity Heatmap

· Peak: 2026-05-22
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The domain **apple.pr** has emerged as a significant indicator of compromise (IOC) linked to multiple cyber threats originating from France. First observed on February

Threat ScoreLow Risk
24
SIGNAL
Signal Score
24%
Confidence
6
Reports
First seenFeb 9, 2024
Last seenMay 22, 2026
Verified IOC

VirusTotal

0/ 91vendors flagged
0% detection rateJun 14, 2026

WHOIS

registrar
Nom-iq Ltd. dba COM LAUDE
domain rank
-1
raw
Admin City: Cupertino Admin Country: US Admin Email: [email protected] Admin Organization: Apple Inc. Admin Postal Code: 95014 Admin State/Province: California Creation Date: 2006-03-28T18:02:23Z DNSSEC: unsigned Domain Name: apple.pr Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: a.ns.apple.com Name Server: b.ns.apple.com Name Server: c.ns.apple.com Name Server: d.ns.apple.com Registrant City: 6e647328c43f68d6 Registrant Country: US Registrant Email: [email protected] Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 3432650ec337c945 Registrant Name: 1f33d7151e7ebf55 Registrant Organization: 75a585107ec1f318 Registrant Phone Ext: 3432650ec337c945 Registrant Phone: dbee8d11827af9c0 Registrant Postal Code: b266953d1b1dcd7c Registrant State/Province: 77ab92f1911d7c5f Registrant Street: 1af7cbf12a96dbeb Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +44.2074218250 Registrar IANA ID: 470 Registrar URL: http://www.comlaude.com Registrar WHOIS Server: whois.comlaude.com Registrar: Nom-iq Ltd. dba COM LAUDE Registry Admin ID: 958f5dfd2ddc442695743a1f6a5852aa-DONUTS Registry Domain ID: 32720fa638a04c0591230532cdf4a5d4-DONUTS Registry Expiry Date: 2025-03-28T00:00:00Z Registry Registrant ID: f84006e143d64185b3902f787a448307-DONUTS Registry Tech ID: 59773ce1047c4dce9426fae8eebded82-DONUTS Tech City: Cupertino Tech Country: US Tech Email: [email protected] Tech Organization: Apple Inc. Tech Postal Code: 95014 Updated Date: 2024-03-03T23:05:40Z
subdomains count
3

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 years ago · Last seen 1 month ago
Appeared in 6 threat reports