{
  "type": "URL",
  "indicator": "https://ncdmv.due-otscs.com/pay",
  "general": {
    "sections": [
      "general",
      "url_list",
      "http_scans",
      "screenshot"
    ],
    "indicator": "https://ncdmv.due-otscs.com/pay",
    "type": "url",
    "type_title": "URL",
    "validation": [],
    "base_indicator": {
      "id": 4338876420,
      "indicator": "https://ncdmv.due-otscs.com/pay",
      "type": "URL",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "69f54caa7cb0e300ef3662ab",
          "name": "URLert Daily Threat Intel \u2014 2026-05-02",
          "description": "URLert Daily Threat Intel \u2014 2026-05-02\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 30 | Indicators: 69\nConfirmed: 6 | Likely: 24\nTop threats: Phishing (26), Dropper (2), Malvertising (1), Malware Hosting (1)\nDomains: bakecaincountrie.com, computacentersolutions.dad, deliwekahh.shop, due-otscs.com, eargmose-csoaad.xyz, google.com, gov-zhngf.help, govtgn.cam, govtxid.shop, govyhvc.cam, gywcf.top, itidokp...\n\n30 unique threats producing 69 actionable indicators. Generated by URLert automated threat intelligence.",
          "modified": "2026-06-01T00:48:26.753000",
          "created": "2026-05-02T01:00:26.753000",
          "tags": [
            "automated-scan",
            "brand-impersonation",
            "browser-lock",
            "cloudflare-impersonation",
            "computacenter-impersonation",
            "counterfeit-goods",
            "credential-harvesting",
            "cryptocurrency-scam",
            "daily-threat-intel",
            "data-harvesting",
            "dating-affiliate-scheme",
            "deception",
            "deceptive-campaign",
            "deceptive-content",
            "deceptive-domain",
            "deceptive-landing-page",
            "deceptive-practices",
            "deceptive-tactic",
            "deceptive-warning",
            "delivery-scam",
            "dpd-impersonation",
            "explicit-content",
            "extortion",
            "fake-delivery-alert",
            "fake-legal-notice",
            "fake-login",
            "fake-payment-proofs",
            "fake-security-challenge",
            "fake-security-page",
            "fake-store",
            "fake-video-player",
            "financial-scam",
            "financial-services",
            "fraudulent-scheme",
            "fraudulent-site",
            "get-rich-quick-scheme",
            "government-impersonation",
            "high-risk-tld",
            "holiday-scam",
            "identity-theft",
            "information-harvesting",
            "information-stealing",
            "intimidation-tactics",
            "link-shortener",
            "login-harvesting",
            "malicious-activity",
            "malicious-form",
            "malware-delivery",
            "malware-distribution",
            "meta-impersonation",
            "mobile-number-harvesting",
            "ncdmv",
            "office-365",
            "payment-harvesting",
            "payment-information-theft",
            "phishing",
            "phishing-page",
            "phone-number-harvesting",
            "random-domain",
            "redirect-chain",
            "redirects",
            "registration-scam",
            "retail-scam",
            "roblox",
            "scam",
            "scam-infrastructure",
            "scareware",
            "security-issues",
            "shadow-reporting",
            "social-engineering",
            "suspicious-domain",
            "task-to-earn",
            "tech-support-scam",
            "toll-scam",
            "urlert",
            "usps-impersonation",
            "vpn-scam"
          ],
          "references": [
            "https://urlert.com/domain/bakecaincountrie.com",
            "https://urlert.com/domain/computacentersolutions.dad",
            "https://urlert.com/domain/deliwekahh.shop",
            "https://urlert.com/domain/due-otscs.com",
            "https://urlert.com/domain/eargmose-csoaad.xyz",
            "https://urlert.com/domain/google.com",
            "https://urlert.com/domain/gov-zhngf.help",
            "https://urlert.com/domain/govtgn.cam",
            "https://urlert.com/domain/govtxid.shop",
            "https://urlert.com/domain/govyhvc.cam",
            "https://urlert.com/domain/gywcf.top",
            "https://urlert.com/domain/itidokpo.xyz",
            "https://urlert.com/domain/kiocusdt.com",
            "https://urlert.com/domain/ln.run",
            "https://urlert.com/domain/lovable.app",
            "https://urlert.com/domain/macyslxeur.com",
            "https://urlert.com/domain/mmfsbers.cyou",
            "https://urlert.com/domain/modelbuilddepot.com",
            "https://urlert.com/domain/oundhertobeconsist.org",
            "https://urlert.com/domain/php.lat"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [],
          "industries": [
            "Financial Services",
            "Government",
            "Logistics / Supply Chain",
            "Media / Entertainment",
            "Retail / E-Commerce",
            "Technology",
            "Telecommunications"
          ],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 1,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "api",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "urlert_intel",
            "id": "386175",
            "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "domain": 23,
            "URL": 24,
            "hostname": 12
          },
          "indicator_count": 59,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 30,
          "modified_text": "8 hours ago ",
          "is_modified": true,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": false,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "URL",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "https://urlert.com/domain/macyslxeur.com",
        "https://urlert.com/domain/modelbuilddepot.com",
        "https://urlert.com/domain/due-otscs.com",
        "https://urlert.com/domain/eargmose-csoaad.xyz",
        "https://urlert.com/domain/google.com",
        "https://urlert.com/domain/govtgn.cam",
        "https://urlert.com/domain/ln.run",
        "https://urlert.com/domain/mmfsbers.cyou",
        "https://urlert.com/domain/lovable.app",
        "https://urlert.com/domain/govyhvc.cam",
        "https://urlert.com/domain/gywcf.top",
        "https://urlert.com/domain/kiocusdt.com",
        "https://urlert.com/domain/gov-zhngf.help",
        "https://urlert.com/domain/computacentersolutions.dad",
        "https://urlert.com/domain/oundhertobeconsist.org",
        "https://urlert.com/domain/govtxid.shop",
        "https://urlert.com/domain/deliwekahh.shop",
        "https://urlert.com/domain/itidokpo.xyz",
        "https://urlert.com/domain/php.lat",
        "https://urlert.com/domain/bakecaincountrie.com"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": [],
          "unique_indicators": 0
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": [
            "Technology",
            "Telecommunications",
            "Financial services",
            "Logistics / supply chain",
            "Media / entertainment",
            "Retail / e-commerce",
            "Government"
          ],
          "unique_indicators": 65
        }
      }
    },
    "false_positive": [],
    "alexa": "http://www.alexa.com/siteinfo/due-otscs.com",
    "whois": "http://whois.domaintools.com/due-otscs.com",
    "domain": "due-otscs.com",
    "hostname": "ncdmv.due-otscs.com"
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "69f54caa7cb0e300ef3662ab",
      "name": "URLert Daily Threat Intel \u2014 2026-05-02",
      "description": "URLert Daily Threat Intel \u2014 2026-05-02\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 30 | Indicators: 69\nConfirmed: 6 | Likely: 24\nTop threats: Phishing (26), Dropper (2), Malvertising (1), Malware Hosting (1)\nDomains: bakecaincountrie.com, computacentersolutions.dad, deliwekahh.shop, due-otscs.com, eargmose-csoaad.xyz, google.com, gov-zhngf.help, govtgn.cam, govtxid.shop, govyhvc.cam, gywcf.top, itidokp...\n\n30 unique threats producing 69 actionable indicators. Generated by URLert automated threat intelligence.",
      "modified": "2026-06-01T00:48:26.753000",
      "created": "2026-05-02T01:00:26.753000",
      "tags": [
        "automated-scan",
        "brand-impersonation",
        "browser-lock",
        "cloudflare-impersonation",
        "computacenter-impersonation",
        "counterfeit-goods",
        "credential-harvesting",
        "cryptocurrency-scam",
        "daily-threat-intel",
        "data-harvesting",
        "dating-affiliate-scheme",
        "deception",
        "deceptive-campaign",
        "deceptive-content",
        "deceptive-domain",
        "deceptive-landing-page",
        "deceptive-practices",
        "deceptive-tactic",
        "deceptive-warning",
        "delivery-scam",
        "dpd-impersonation",
        "explicit-content",
        "extortion",
        "fake-delivery-alert",
        "fake-legal-notice",
        "fake-login",
        "fake-payment-proofs",
        "fake-security-challenge",
        "fake-security-page",
        "fake-store",
        "fake-video-player",
        "financial-scam",
        "financial-services",
        "fraudulent-scheme",
        "fraudulent-site",
        "get-rich-quick-scheme",
        "government-impersonation",
        "high-risk-tld",
        "holiday-scam",
        "identity-theft",
        "information-harvesting",
        "information-stealing",
        "intimidation-tactics",
        "link-shortener",
        "login-harvesting",
        "malicious-activity",
        "malicious-form",
        "malware-delivery",
        "malware-distribution",
        "meta-impersonation",
        "mobile-number-harvesting",
        "ncdmv",
        "office-365",
        "payment-harvesting",
        "payment-information-theft",
        "phishing",
        "phishing-page",
        "phone-number-harvesting",
        "random-domain",
        "redirect-chain",
        "redirects",
        "registration-scam",
        "retail-scam",
        "roblox",
        "scam",
        "scam-infrastructure",
        "scareware",
        "security-issues",
        "shadow-reporting",
        "social-engineering",
        "suspicious-domain",
        "task-to-earn",
        "tech-support-scam",
        "toll-scam",
        "urlert",
        "usps-impersonation",
        "vpn-scam"
      ],
      "references": [
        "https://urlert.com/domain/bakecaincountrie.com",
        "https://urlert.com/domain/computacentersolutions.dad",
        "https://urlert.com/domain/deliwekahh.shop",
        "https://urlert.com/domain/due-otscs.com",
        "https://urlert.com/domain/eargmose-csoaad.xyz",
        "https://urlert.com/domain/google.com",
        "https://urlert.com/domain/gov-zhngf.help",
        "https://urlert.com/domain/govtgn.cam",
        "https://urlert.com/domain/govtxid.shop",
        "https://urlert.com/domain/govyhvc.cam",
        "https://urlert.com/domain/gywcf.top",
        "https://urlert.com/domain/itidokpo.xyz",
        "https://urlert.com/domain/kiocusdt.com",
        "https://urlert.com/domain/ln.run",
        "https://urlert.com/domain/lovable.app",
        "https://urlert.com/domain/macyslxeur.com",
        "https://urlert.com/domain/mmfsbers.cyou",
        "https://urlert.com/domain/modelbuilddepot.com",
        "https://urlert.com/domain/oundhertobeconsist.org",
        "https://urlert.com/domain/php.lat"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [],
      "industries": [
        "Financial Services",
        "Government",
        "Logistics / Supply Chain",
        "Media / Entertainment",
        "Retail / E-Commerce",
        "Technology",
        "Telecommunications"
      ],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 1,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "api",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "urlert_intel",
        "id": "386175",
        "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "domain": 23,
        "URL": 24,
        "hostname": 12
      },
      "indicator_count": 59,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 30,
      "modified_text": "8 hours ago ",
      "is_modified": true,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": false,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "URL",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "https://ncdmv.due-otscs.com/pay",
    "type": "URL"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "https://ncdmv.due-otscs.com/pay",
    "type": "URL",
    "found": false,
    "verdict": "clean",
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780306883.8265867
}