IOC Radar
DomainMediumSignal 84/100

m.en-id.me

First Seen
Apr 17, 2026
Last Seen
Apr 28, 2026
Apr 17
First Seen
58d ago
Apr 28
Last Seen
46d ago
7
Reports
source reports
84%
Confidence
medium
14/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
84%
Signal Score
84 / 100
IDS Rule
No
Threat Context
Tags

Feed Intelligence Summary

7 reports84% confidence
7
Source reports
84%
Confidence score
Category tags
indicatormalwaremanual-collectionmedium-risknetworkresearchedtype osint

Activity Timeline

1 total obs
Apr 28Apr 28

Threat Activity Heatmap

· Peak: 2026-04-28
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This IOC, `m.en-id.me`, has been identified with a high threat score of 83.83, suggesting a significant risk of malicious activity. Its association with various subdomains mimicking legitimate Apple services, such as `appleid.apple.com.en-id.me` and `icloud.com.en-id.me`, strongly indicates a highly sophisticated phishing or credential harvesting operation. If successfully exploited, this threat could lead to unauthorized access to sensitive user accounts, potentially resulting in data exfiltrat…

Threat ScoreHigh Risk
84
SIGNAL
Signal Score
84%
Confidence
7
Reports
First seenApr 17, 2026
Last seenApr 28, 2026

VirusTotal

14/ 91vendors flagged
15% detection rateJun 3, 2026

WHOIS

registrar
SAV.COM, LLC
description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
Admin City: CHICAGO Admin City: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Country: US Admin Organization: REDACTED FOR PRIVACY Admin Postal Code: 60616 Admin Postal Code: REDACTED FOR PRIVACY Admin State/Province: ILLINOIS Admin State/Province: REDACTED FOR PRIVACY Creation Date: 2023-03-13T18:30:02Z DNSSEC: unsigned Domain Name: EN-ID.ME Domain Name: en-id.me Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: CARLA.NS.CLOUDFLARE.COM Name Server: GUY.NS.CLOUDFLARE.COM Name Server: carla.ns.cloudflare.com Name Server: guy.ns.cloudflare.com Registrant City: 1f8f4166599d23ee Registrant City: 91a6c5da6fa7dc44 Registrant Country: US Registrant Email: b00d8f8a41d31966s@ Registrant Email: f651612a2f356ad3s@ Registrant Fax Ext: 1f8f4166599d23ee Registrant Fax Ext: 3432650ec337c945 Registrant Fax: 1f8f4166599d23ee Registrant Fax: 3432650ec337c945 Registrant Name: 1f8f4166599d23ee Registrant Organization: 1f8f4166599d23ee Registrant Organization: caffdf4bc1326d1b Registrant Phone Ext: 1f8f4166599d23ee Registrant Phone Ext: 3432650ec337c945 Registrant Phone: 1f8f4166599d23ee Registrant Phone: 4fa7c550eae201f5 Registrant Postal Code: 1f8f4166599d23ee Registrant Postal Code: f18b596cc563b84d Registrant State/Province: 13fa94b6b7ed0291 Registrant State/Province: 9ec338f97a19bef0 Registrant Street: 1f8f4166599d23ee Registrant Street: 22a0a390c4ab5b14 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: +1.8885808790 Registrar IANA ID: 609 Registrar Registration Expiration Date: 2024-03-13T18:30:02Z Registrar URL: http://Sav.com Registrar URL: https://www.sav.com/ Registrar WHOIS Server: whois-service.virtualcloud.co Registrar: SAV.COM, LLC Registrar: Sav.com, LLC Registry Admin ID: N2C7SJC2Q Registry Admin ID: REDACTED FOR PRIVACY Registry Domain ID: 17d1dd7a53624b068b3c4700b766b562-DONUTS Registry Expiry Date: 2024-03-13T18:30:02Z Registry Registrant ID: N2C7SJC2Q Registry Registrant ID: REDACTED FOR PRIVACY Registry Tech ID: N2C7SJC2Q Registry Tech ID: REDACTED FOR PRIVACY Tech City: CHICAGO Tech City: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Country: US Tech Organization: REDACTED FOR PRIVACY Tech Postal Code: 60616 Tech Postal Code: REDACTED FOR PRIVACY Tech State/Province: ILLINOIS Tech State/Province: REDACTED FOR PRIVACY Updated Date: 2023-06-05T17:40:14Z Updated Date: 2023-08-01T15:38:52Z

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 7 threat reports