{
  "type": "URL",
  "indicator": "https://docu-viewer.surge.sh/",
  "general": {
    "sections": [
      "general",
      "url_list",
      "http_scans",
      "screenshot"
    ],
    "indicator": "https://docu-viewer.surge.sh/",
    "type": "url",
    "type_title": "URL",
    "validation": [
      {
        "source": "majestic",
        "message": "Whitelisted domain surge.sh",
        "name": "Whitelisted domain"
      }
    ],
    "base_indicator": {
      "id": 4350260852,
      "indicator": "https://docu-viewer.surge.sh/",
      "type": "URL",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "69fe8733746e325487f60dfc",
          "name": "URLert Daily Threat Intel \u2014 2026-05-09",
          "description": "URLert Daily Threat Intel \u2014 2026-05-09\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 37 | Indicators: 71\nConfirmed: 10 | Likely: 26 | Domain intel: 1\nTop threats: Phishing (33), Malware Hosting (2), Dropper (2)\nDomains: ankergames.net, applefmi.net, asperiores-omnis-quae.media, authorvd.com, bats-edgx.com, cisco.com, cryptowep.net, ct.ws, dpdlocaxp.cyou, echalilanx-wa.net, empatheticfiance.org, eu.cc, gam...\n\n37 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.",
          "modified": "2026-05-09T01:00:35.322000",
          "created": "2026-05-09T01:00:35.322000",
          "tags": [
            "adobe-impersonation",
            "adult-content-lure",
            "apple-impersonation",
            "automated-scam",
            "automated-scan",
            "automatic-redirection",
            "brand-impersonation",
            "compromised-site",
            "connect-wallet",
            "copyright-infringement",
            "cracked-software",
            "credential-harvesting",
            "crepes-and-waffles",
            "cryptocurrency-scam",
            "cryptocurrency-theft",
            "cryptocurrency-wallet-phishing",
            "daily-threat-intel",
            "dangerous-site",
            "deceptive-domain",
            "deceptive-marketing",
            "deceptive-practices",
            "deceptive-scam",
            "deceptive-tactics",
            "deceptive-url",
            "delivery-scam",
            "domain-classification",
            "dot-shop-domain",
            "dpd-impersonation",
            "e-commerce-scam",
            "echallan",
            "fake-dashboard",
            "fake-login-page",
            "fake-security-check",
            "fake-store",
            "financial-fraud",
            "financial-impersonation",
            "financial-theft",
            "fraudulent-activity",
            "fraudulent-platform",
            "fraudulent-site",
            "game-piracy",
            "giveaway-scam",
            "government-impersonation",
            "government-service-impersonation",
            "highway-6-impersonation",
            "imdb-impersonation",
            "impersonation",
            "information-harvesting",
            "information-theft",
            "inpost-impersonation",
            "investment-scam",
            "iptv-scam",
            "jumia",
            "logistics-supply-chain",
            "malicious-download",
            "malicious-redirect",
            "malware-distribution",
            "malware-hosting",
            "mfa-harvesting",
            "mississippi",
            "mobile-number-harvesting",
            "mobile-wallet-attack",
            "newly-registered-domain",
            "octet-stream",
            "payload-delivery",
            "phishing",
            "phishing-campaign",
            "phishing-landing-page",
            "phishing-page",
            "phishing-site",
            "pii-harvesting",
            "piracy-distribution",
            "publix",
            "recently-registered-domain",
            "redirect-chain",
            "roblox",
            "roblox-impersonation",
            "scam",
            "security-verification-impersonation",
            "server-error",
            "social-engineering",
            "social-media-phishing",
            "software-piracy",
            "spam-campaign",
            "streaming-scam",
            "survey-scam",
            "suspicious-domain",
            "suspicious-software",
            "tax-service-impersonation",
            "tiktok-pixel",
            "token-collection",
            "tracking-parameters",
            "unauthorized-downloads",
            "unauthorized-software",
            "url-obscuration",
            "urlert",
            "vgen-impersonation",
            "voting-scam",
            "wallet-app-bypass",
            "wallet-drainer",
            "web3",
            "web3-phishing",
            "zoom"
          ],
          "references": [
            "https://urlert.com/domain/ankergames.net",
            "https://urlert.com/domain/applefmi.net",
            "https://urlert.com/domain/asperiores-omnis-quae.media",
            "https://urlert.com/domain/authorvd.com",
            "https://urlert.com/domain/bats-edgx.com",
            "https://urlert.com/domain/cisco.com",
            "https://urlert.com/domain/cryptowep.net",
            "https://urlert.com/domain/ct.ws",
            "https://urlert.com/domain/dpdlocaxp.cyou",
            "https://urlert.com/domain/echalilanx-wa.net",
            "https://urlert.com/domain/empatheticfiance.org",
            "https://urlert.com/domain/eu.cc",
            "https://urlert.com/domain/gamma.site",
            "https://urlert.com/domain/gov-fobke.cc",
            "https://urlert.com/domain/gudera.top",
            "https://urlert.com/domain/ibaidad.com",
            "https://urlert.com/domain/id85132.help",
            "https://urlert.com/domain/ikub.top",
            "https://urlert.com/domain/junatrixo.cfd",
            "https://urlert.com/domain/kit-mail3.com"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [],
          "industries": [
            "Financial Services",
            "Government",
            "Hospitality",
            "Logistics / Supply Chain",
            "Media / Entertainment",
            "Retail / E-Commerce"
          ],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 0,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "api",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "urlert_intel",
            "id": "386175",
            "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "domain": 21,
            "URL": 32,
            "hostname": 14
          },
          "indicator_count": 67,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 29,
          "modified_text": "23 days ago ",
          "is_modified": false,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": false,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "URL",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "https://urlert.com/domain/gamma.site",
        "https://urlert.com/domain/gov-fobke.cc",
        "https://urlert.com/domain/gudera.top",
        "https://urlert.com/domain/cryptowep.net",
        "https://urlert.com/domain/bats-edgx.com",
        "https://urlert.com/domain/applefmi.net",
        "https://urlert.com/domain/cisco.com",
        "https://urlert.com/domain/asperiores-omnis-quae.media",
        "https://urlert.com/domain/eu.cc",
        "https://urlert.com/domain/empatheticfiance.org",
        "https://urlert.com/domain/ct.ws",
        "https://urlert.com/domain/authorvd.com",
        "https://urlert.com/domain/junatrixo.cfd",
        "https://urlert.com/domain/ankergames.net",
        "https://urlert.com/domain/ibaidad.com",
        "https://urlert.com/domain/id85132.help",
        "https://urlert.com/domain/kit-mail3.com",
        "https://urlert.com/domain/echalilanx-wa.net",
        "https://urlert.com/domain/dpdlocaxp.cyou",
        "https://urlert.com/domain/ikub.top"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": [],
          "unique_indicators": 0
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": [
            "Media / entertainment",
            "Financial services",
            "Government",
            "Logistics / supply chain",
            "Retail / e-commerce",
            "Hospitality"
          ],
          "unique_indicators": 67
        }
      }
    },
    "false_positive": [],
    "alexa": "http://www.alexa.com/siteinfo/surge.sh",
    "whois": "http://whois.domaintools.com/surge.sh",
    "domain": "surge.sh",
    "hostname": "docu-viewer.surge.sh"
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "69fe8733746e325487f60dfc",
      "name": "URLert Daily Threat Intel \u2014 2026-05-09",
      "description": "URLert Daily Threat Intel \u2014 2026-05-09\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 37 | Indicators: 71\nConfirmed: 10 | Likely: 26 | Domain intel: 1\nTop threats: Phishing (33), Malware Hosting (2), Dropper (2)\nDomains: ankergames.net, applefmi.net, asperiores-omnis-quae.media, authorvd.com, bats-edgx.com, cisco.com, cryptowep.net, ct.ws, dpdlocaxp.cyou, echalilanx-wa.net, empatheticfiance.org, eu.cc, gam...\n\n37 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.",
      "modified": "2026-05-09T01:00:35.322000",
      "created": "2026-05-09T01:00:35.322000",
      "tags": [
        "adobe-impersonation",
        "adult-content-lure",
        "apple-impersonation",
        "automated-scam",
        "automated-scan",
        "automatic-redirection",
        "brand-impersonation",
        "compromised-site",
        "connect-wallet",
        "copyright-infringement",
        "cracked-software",
        "credential-harvesting",
        "crepes-and-waffles",
        "cryptocurrency-scam",
        "cryptocurrency-theft",
        "cryptocurrency-wallet-phishing",
        "daily-threat-intel",
        "dangerous-site",
        "deceptive-domain",
        "deceptive-marketing",
        "deceptive-practices",
        "deceptive-scam",
        "deceptive-tactics",
        "deceptive-url",
        "delivery-scam",
        "domain-classification",
        "dot-shop-domain",
        "dpd-impersonation",
        "e-commerce-scam",
        "echallan",
        "fake-dashboard",
        "fake-login-page",
        "fake-security-check",
        "fake-store",
        "financial-fraud",
        "financial-impersonation",
        "financial-theft",
        "fraudulent-activity",
        "fraudulent-platform",
        "fraudulent-site",
        "game-piracy",
        "giveaway-scam",
        "government-impersonation",
        "government-service-impersonation",
        "highway-6-impersonation",
        "imdb-impersonation",
        "impersonation",
        "information-harvesting",
        "information-theft",
        "inpost-impersonation",
        "investment-scam",
        "iptv-scam",
        "jumia",
        "logistics-supply-chain",
        "malicious-download",
        "malicious-redirect",
        "malware-distribution",
        "malware-hosting",
        "mfa-harvesting",
        "mississippi",
        "mobile-number-harvesting",
        "mobile-wallet-attack",
        "newly-registered-domain",
        "octet-stream",
        "payload-delivery",
        "phishing",
        "phishing-campaign",
        "phishing-landing-page",
        "phishing-page",
        "phishing-site",
        "pii-harvesting",
        "piracy-distribution",
        "publix",
        "recently-registered-domain",
        "redirect-chain",
        "roblox",
        "roblox-impersonation",
        "scam",
        "security-verification-impersonation",
        "server-error",
        "social-engineering",
        "social-media-phishing",
        "software-piracy",
        "spam-campaign",
        "streaming-scam",
        "survey-scam",
        "suspicious-domain",
        "suspicious-software",
        "tax-service-impersonation",
        "tiktok-pixel",
        "token-collection",
        "tracking-parameters",
        "unauthorized-downloads",
        "unauthorized-software",
        "url-obscuration",
        "urlert",
        "vgen-impersonation",
        "voting-scam",
        "wallet-app-bypass",
        "wallet-drainer",
        "web3",
        "web3-phishing",
        "zoom"
      ],
      "references": [
        "https://urlert.com/domain/ankergames.net",
        "https://urlert.com/domain/applefmi.net",
        "https://urlert.com/domain/asperiores-omnis-quae.media",
        "https://urlert.com/domain/authorvd.com",
        "https://urlert.com/domain/bats-edgx.com",
        "https://urlert.com/domain/cisco.com",
        "https://urlert.com/domain/cryptowep.net",
        "https://urlert.com/domain/ct.ws",
        "https://urlert.com/domain/dpdlocaxp.cyou",
        "https://urlert.com/domain/echalilanx-wa.net",
        "https://urlert.com/domain/empatheticfiance.org",
        "https://urlert.com/domain/eu.cc",
        "https://urlert.com/domain/gamma.site",
        "https://urlert.com/domain/gov-fobke.cc",
        "https://urlert.com/domain/gudera.top",
        "https://urlert.com/domain/ibaidad.com",
        "https://urlert.com/domain/id85132.help",
        "https://urlert.com/domain/ikub.top",
        "https://urlert.com/domain/junatrixo.cfd",
        "https://urlert.com/domain/kit-mail3.com"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [],
      "industries": [
        "Financial Services",
        "Government",
        "Hospitality",
        "Logistics / Supply Chain",
        "Media / Entertainment",
        "Retail / E-Commerce"
      ],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 0,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "api",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "urlert_intel",
        "id": "386175",
        "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "domain": 21,
        "URL": 32,
        "hostname": 14
      },
      "indicator_count": 67,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 29,
      "modified_text": "23 days ago ",
      "is_modified": false,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": false,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "URL",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "https://docu-viewer.surge.sh/",
    "type": "URL"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "https://docu-viewer.surge.sh/",
    "type": "URL",
    "found": false,
    "verdict": "clean",
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780320378.0798564
}