DomainHighVerifiedSignal 24/100

`beatsaler.com`

Location

France

First Seen

Jan 2, 2024

Last Seen

May 22, 2026

Jan 2

First Seen

906d ago

May 22

Last Seen

35d ago

Reports

source reports

24%

Confidence

high

1/91

VirusTotal

detections

Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

24%

Signal Score

24 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

76 techniques

Feed Intelligence Summary

6 reports24% confidence

Source reports

24%

Confidence score

Category tags

#potentialus-origin_falseflag_obfuscation.cc.chaaaaabuseacceptaccess attaccess controlaccount discoveryaccount profilingaccount securityaccount takeoveracintactiveactive relatedactive scanactive threatad tevdagaddressaddress rangeadloadafricaafrinicagentaigakamaialertsalexaalexa topalienvault_ransomwareall ipv4all octoseekall scoreblueall searchallocation typeamericaamerica asnamerica flagamerica unitedanalytics naand chinaandroidapi abuseapnicaposterappleapple attackapple centerapple dnsapple engineeringapple iosapple phoneapple scriptapple serverapple supportarinartemisas1680 cellcomascii textasiaasia pacificasnoneasnone unitedassembly commonassembly nameasyncratatomattackauthentication bypassauthentication flawauthentihashauthorityav detectionsbackdoorbad reputationbad trafficbahamutbankbank securitybankingbehavbelizebell southbgpbgp ipblacklist httpblacklist httpsbloat-ablogblooredbodybody headbody lengthbotbotnetbotnet activitybrazil as16625brianbrian sabeybrontokbrowse scanbrute forcebrute force passwordsbugzillabundledbuttonsc2:prioritywirreles.comca idcamscanadacanada unknowncanvascapturecc nochi2chinachromecidrcins activecisco umbrellacitycivil servicescivil societyck idck matrixck techniquesclasscleanerclickclick-based attackclr versioncmdcms brute forcecnamecnapple istcnapple publiccobalt strikecode executioncode signingcom laudecommandcommand & controlcommand and controlcommand executioncommunication protocolcommunication technologiescommunity managementconduitconfigcontactcontacted urlscontent sharingcontent typecontrol panelcorecorporate espionagecount blacklistcountrycreation datecredential accesscredential brutingcredential harvestingcredential stuffingcredential theftcredit card servicescrlf linecryptocurrencycryptocurrency threatscryptographycryptojackingcybercyber harassmentcyber stalkingcyber threatcyber threatsdapatodarknet servicedata accessdata breachdata collectiondata copyingdata encryptiondata exfiltrationdata misusedata store exposuredata transferdata uploadddosddos attacksdecodedecryptdefense evasiondeletedelete cdetails moduledetection listdgadga domainsdigital certificatedigital platformsdigital signaturedistributed attacksdnsdns attackdockdocument moveddomaindonedot netdotnet_encrypteddownldrdownloaderdraiedropdropperdrwebdynamic dnsdynamicloadere-signature securityec oidee fcelectronic health recordself collectionelf executableelf malwareelf wgetboatelf32emailemotetencpkencryptencryptionendpoints allengineeringenter scenter soudcetdientity lpl141entriesentropy chi2erroret cinset infoet toret trojaneuropeeurope/asiaevasionexcludeexclude suggesexecutable fileexitexpirationexpiration dateexploitexploitation activityextortionextrextr dataextra dataextraction dataextri dataextri includefactoryfailedfailurefakedout threatfalcon sandboxfalsefalse informationfareitfastlyfastly errorfe fffearff d5ff e1filefilesfiles domainfiles relatedfinal urlfinancefinancial crimesfinancial institutionfinancial servicesfinancial technologyfind sfirstfloxiffor privacyformatfoundfoundryframingfrancefri novfusioncoreg1 validitygeneratorgenericgermanygobrutgoogle safegovernment technologygp practicegraphgroupguardguidhandlehappywifehappylifehashes fileshawkeyeheader targetheaders nelhealth care and social assistancehealth information technologyhealthcare information systemshellhello sslheodoheurhighhistoricalhistorical sslhospital managementhosthostnamehostname addhostname enumerationhrefhtmlhttp attackhttp attackerhttp responsehttp scannerhttp spammerhttpshybridianaicedidicefogicloudicmp trafficid loggedidentity & access exploitationidentity searchids detectionsiframeilike searchincludeinclude reviewindicatorinfoinformation gatheringinformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinjection activityinput validation bypassinstallintelinternal nameinternet of thingsiobitiocsiocs kbiosiot botnetiot securityiot/ics attackipv4ipv4 addipv4 addressipv6irsisrael unknownissuer criteriaist cait infrastructurejapanjeffrey reimerjekylljs userjson datajul jankey algorithmkey identifierkeybasekeygenkgs0kls0known torkrakenla postalcodelacniclaunchlearnlenovo tabletlevel 3limitedlinuxlinuxgafgyt febllwnloaderidlocalloki botlpl141lumenlumen adminlumen controllumen ipmachine intelmacosmagic pe32mail spammermalicious activitymalicious downloadmalicious hostmalicious linksmalicious sitemalicious softwaremalicious urlmalicious url repositorymalvertizingmalwaremalware distributionmalware hostingmalware signingmalware sitemalware_win_zgratmarkusmcafeemedia centermedical servicesmediummetametadata analysismetrometro t-mobilemetrobymillionmiraimirai botnetmisc attackmitmmitremitre attmitre attkmobilemobile carriersmobile devicemobile networksmobile securitymobile threatmon sepmonitoringmovedmozillams windowsmsiemultiple_versionsmusicmydoommysql brute forcenamename serversname tacticsname verdictnamed pipenanjingnation-state activitynetherlandsnetworknetwork namenetwork scanningnetwormnextnext associatednircmdno datano expirationnode tcpnode trafficnoname057north americanuancenumbernymaimoccamyocomodo caopen portsopenurl coperating systemoperating system securityoracleoriginal nameotx logootx scorebluepalantir foundrypandapassive dnspasswordpastepatcherpath traversalpatient carepattern matchpayment processingpcappdb pathpdf reportpegasuspersonal dataphishingphishing attackphishing intelligencephishing sitepixelrzplatform interferencepleasepointpoland unknownponypoor reputationportpragmapredatorpresent augpresent julpresent junpresent novpresent octpresent sepprivacy adminprivacy incprivacy techprobeprocess injectionproductprotocol-devipsexecpublic administrationpublic bgppublic infrastructurepublic keypublic policypulse pulsespulse submitpulse usepulsespulses nonepulses otxpushqbotquasarqwestransomransomwareratelread creconnaissancerecord typerecord valuered teamredacted forredline stealerrefreshregszregulatory agenciesrelated tagsrelayremoteremote accessremote servicesreputation damagereputation ipreputation manipulationresearchedresource hijackingresults decreverse dnsreviewreview excluderipe nccrndhexrole titlerootroot carsdsrticon neutralruntime processrussiarva entrysabeysafe sitesamplessandboxscalaxyscams & fraudscan endpointsscriptscript domainsscript urlssea psearcsearchsearchbox0secrisksecure serversecurity policyserverserver responseserver rsaserversserviceserving ipsessionidshowshow techniqueshowingsimplesingaporesitesizeslcc2smallsmear campaignsocial analyticssocial engineeringsocial mediasocial media abusesocial media marketingsocial media securitysocial networkingsoftware developmentsoftware exploitationsoftware integritysourcespainspamspammerspanspawnsspeakez securusspyrixkeyloggerspywaressdeepssh attackssh on serverssl certificatessl hostnamestalking tacticsstatestatusstatus codesstealerstixstop xstrangestreamstreams sizestringssubidsubmitsubmit quasarsuggessummarysurveillance campaignsuspsvg scalableswrortsystem disruptionsystem information discoverysysvt1001t1003t1005t1016t1021t1021.001t1027t1030t1045t1055t1057t1059t1059.001t1059.007t1060t1063t1064t1069t1069.001t1071t1071.001t1071.003t1071.004t1078t1083t1105t1110t1110.001t1110.002t1113t1133t1147t1155t1189t1190t1203t1204.001t1204.002t1210t1480t1480 executiont1486t1490t1496t1497t1499.001t1499.002t1499.003t1534t1539t1554.001t1554.003t1555t1557t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1568t1569.002t1573t1573.001t1583t1583.005t1584t1587.001t1589t1589.001t1590.001t1592t1595t1595.003t1598t1598.003tag counttaggingtcp includeteamteam alexateams apitelecom servicestelecommunicationstelefonica detemptextthreatthreat actorthreat actor groupthreat analyzerthreat intelligencethreat networkthreat preventionthreat reportthreats ettiggretinbatitletitle addedtld counttls handshaketofseetompctoolstop destinationtop sourcetor knowntor nodetor relayroutertrackertraffictrid windowstrojantrojan malwaretrojandroppertsara brashearsttl valuetulachtwittertypetype nametypelib idunicode textunionuniqueunisunitedunited kingdomunited statesunknown nsunknown soaunknown urlsunruyunsafeuny inuuueurlsurls httpurls httpsurls showuser engagementuser executionutc entryutc googleutc gzy6fm95cs5v3 serialvalidverdictversion idvhashviewviprevirtoolvirustotal apivirutvulnerability scanw32.bloat-awacatacwannacrywealth managementweb application attackweb application exploitationweb crawlerweb crawlingweb securityweb trafficwebkit bugzillawhoiswhois lookupwhois recordwhois serverwhois sslcertwhois whoiswin32 exewin32 malwarewin32mydoom febwindirwindows malwarewindows ntworkaposterwormwritewrite cxoboxor obfuscationxportxtratyandexyara detectionsyara rulezbotzeuszpevdo

Activity Timeline

1 total obs

May 22May 22

Threat Activity Heatmap

· Peak: 2026-05-22

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

The domain **beatsaler.com** has emerged as a significant indicator of compromise (IOC) linked to a variety of cyber threats originating from France. First observed on January

Threat ScoreLow Risk

SIGNAL

Signal Score

24%

Confidence

Reports

First seenJan 2, 2024

Last seenMay 22, 2026

Verified IOC

VirusTotal

1/ 91vendors flagged

1% detection rateJun 14, 2026

WHOIS

registrar: NOM-IQ Ltd dba Com Laude
domain rank: -1
raw: Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Email: [email protected] Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Creation Date: 2013-04-09T08:15:53Z DNSSEC: Unsigned Delegation DNSSEC: unsigned Domain Name: BEATSALER.COM Domain Name: beatsaler.com Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited Domain Status: clientDeleteProhibited https://www.icann.org/epp#clientDeleteProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Domain Status: clientUpdateProhibited https://www.icann.org/epp#clientUpdateProhibited Name Server: A.NS.APPLE.COM Name Server: B.NS.APPLE.COM Name Server: C.NS.APPLE.COM Name Server: D.NS.APPLE.COM Name Server: a.ns.apple.com Name Server: b.ns.apple.com Name Server: c.ns.apple.com Name Server: d.ns.apple.com Registrant City: 1f8f4166599d23ee Registrant Country: US Registrant Email: [email protected] Registrant Fax Ext: 1f8f4166599d23ee Registrant Fax: 1f8f4166599d23ee Registrant Name: 1f8f4166599d23ee Registrant Organization: 75a585107ec1f318 Registrant Phone Ext: 1f8f4166599d23ee Registrant Phone: 1f8f4166599d23ee Registrant Postal Code: 1f8f4166599d23ee Registrant State/Province: b1952dfc047df18a Registrant Street: 1f8f4166599d23ee Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +44.2074218250 Registrar Abuse Contact Phone: +442074218250 Registrar IANA ID: 470 Registrar Registration Expiration Date: 2024-04-09T00:00:00Z Registrar URL: http://www.comlaude.com Registrar URL: https://www.comlaude.com Registrar WHOIS Server: whois.comlaude.com Registrar: NOM-IQ Ltd dba Com Laude Registrar: Nom-iq Ltd. dba COM LAUDE Registry Admin ID: REDACTED FOR PRIVACY Registry Domain ID: 1792450495_DOMAIN_COM-VRSN Registry Expiry Date: 2024-04-09T08:15:53Z Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Email: [email protected] Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2022-04-11T04:27:09Z Updated Date: 2023-11-08T22:10:13Z
subdomains count: 1

`beatsaler.com`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey