{
  "type": "URL",
  "indicator": "https://netmirror.cc",
  "general": {
    "sections": [
      "general",
      "url_list",
      "http_scans",
      "screenshot"
    ],
    "indicator": "https://netmirror.cc",
    "type": "url",
    "type_title": "URL",
    "validation": [],
    "base_indicator": {
      "id": 4330583489,
      "indicator": "https://netmirror.cc",
      "type": "URL",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "69eeb5306d5f58c6044105cc",
          "name": "URLert Daily Threat Intel \u2014 2026-04-27",
          "description": "URLert Daily Threat Intel \u2014 2026-04-27\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 40 | Indicators: 78\nConfirmed: 9 | Likely: 31\nTop threats: Phishing (33), Malware Hosting (3), Dropper (3), Malvertising (1)\nDomains: 355287.com, bunnyband.com, clc.cx, confirm-details.report, cwgobal.net, dipherex.com, dratrans.com, easycash777.com, forms.gle, giveawaybot.cc, hkjhsuies.com.es, hornygiirl.com, localsexap...\n\n40 unique threats producing 78 actionable indicators. Generated by URLert automated threat intelligence.",
          "modified": "2026-05-26T20:17:24.825000",
          "created": "2026-04-27T01:00:32.645000",
          "tags": [
            "account-takeover",
            "anti-analysis",
            "app-install-malware",
            "auto-generated-domain",
            "automated-scan",
            "betting",
            "bonus-scam",
            "brand-impersonation",
            "budbee-impersonation",
            "click-through-scam",
            "coreweave-impersonation",
            "counterfeit-software",
            "credential-harvesting",
            "daily-threat-intel",
            "dating-scam",
            "deceptive-bait",
            "deceptive-captcha",
            "deceptive-landing-page",
            "deceptive-marketing",
            "deceptive-redirect",
            "deceptive-scam",
            "deceptive-software",
            "dickies",
            "discord-impersonation",
            "disposable-domain",
            "ecommerce",
            "ecuador",
            "explicit-popups",
            "fake-financial-service",
            "fake-giveaway",
            "fake-login",
            "fake-online-store",
            "fake-products",
            "fake-social-proof",
            "fake-testimonials",
            "financial-fraud",
            "financial-scam",
            "financial-service-impersonation",
            "footwear-retail",
            "fraudulent-content",
            "fraudulent-services",
            "free-games-lure",
            "gambling",
            "gambling-scam",
            "gambling-site",
            "gaming-impersonation",
            "google-forms",
            "high-risk-domain",
            "high-risk-tld",
            "identity-service-impersonation",
            "investment-scam",
            "loan-scam",
            "malicious-android-app",
            "malicious-redirect",
            "malvertising",
            "malware-delivery",
            "malware-distribution",
            "malware-risk",
            "new-domain",
            "newly-registered-domain",
            "online-scam",
            "pc-games",
            "personal-information-harvesting",
            "phishing",
            "phishing-infrastructure",
            "phishing-kit",
            "phishing-site",
            "platoboost",
            "redirect-chain",
            "redirection",
            "revanced-project",
            "roblox-impersonation",
            "roblox-users",
            "robux-scam",
            "scam",
            "scams",
            "shopee",
            "social-engineering",
            "social-proof-manipulation",
            "software-piracy",
            "steam",
            "suggestive-imagery",
            "sumup",
            "task-based-scam",
            "task-scam",
            "traffic-redirection",
            "twitter-impersonation",
            "typosquatting",
            "unauthorized-software",
            "unauthorized-streaming",
            "unwanted-programs",
            "unwanted-software",
            "url-obfuscation",
            "url-redirection",
            "urlert",
            "verify-your-connection-scam",
            "victus",
            "warez-site",
            "wixsite-abuse",
            "young-domain",
            "youtube-impersonation"
          ],
          "references": [
            "https://urlert.com/domain/355287.com",
            "https://urlert.com/domain/bunnyband.com",
            "https://urlert.com/domain/clc.cx",
            "https://urlert.com/domain/confirm-details.report",
            "https://urlert.com/domain/cwgobal.net",
            "https://urlert.com/domain/dipherex.com",
            "https://urlert.com/domain/dratrans.com",
            "https://urlert.com/domain/easycash777.com",
            "https://urlert.com/domain/forms.gle",
            "https://urlert.com/domain/giveawaybot.cc",
            "https://urlert.com/domain/hkjhsuies.com.es",
            "https://urlert.com/domain/hornygiirl.com",
            "https://urlert.com/domain/localsexapp.com",
            "https://urlert.com/domain/meusitehostgator.com.br",
            "https://urlert.com/domain/netlify.app",
            "https://urlert.com/domain/netmirror.cc",
            "https://urlert.com/domain/nowplaytoc.com",
            "https://urlert.com/domain/ovagames.com",
            "https://urlert.com/domain/platorelay.com",
            "https://urlert.com/domain/premiumcartoons.cc"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [],
          "industries": [
            "Financial Services",
            "Government",
            "Logistics / Supply Chain",
            "Media / Entertainment",
            "Retail / E-Commerce",
            "Technology"
          ],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 0,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "api",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "urlert_intel",
            "id": "386175",
            "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "domain": 23,
            "URL": 26,
            "hostname": 8
          },
          "indicator_count": 57,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 31,
          "modified_text": "4 days ago ",
          "is_modified": true,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": false,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "URL",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "https://urlert.com/domain/hkjhsuies.com.es",
        "https://urlert.com/domain/clc.cx",
        "https://urlert.com/domain/netmirror.cc",
        "https://urlert.com/domain/meusitehostgator.com.br",
        "https://urlert.com/domain/premiumcartoons.cc",
        "https://urlert.com/domain/ovagames.com",
        "https://urlert.com/domain/localsexapp.com",
        "https://urlert.com/domain/hornygiirl.com",
        "https://urlert.com/domain/netlify.app",
        "https://urlert.com/domain/nowplaytoc.com",
        "https://urlert.com/domain/giveawaybot.cc",
        "https://urlert.com/domain/cwgobal.net",
        "https://urlert.com/domain/forms.gle",
        "https://urlert.com/domain/dipherex.com",
        "https://urlert.com/domain/bunnyband.com",
        "https://urlert.com/domain/easycash777.com",
        "https://urlert.com/domain/platorelay.com",
        "https://urlert.com/domain/355287.com",
        "https://urlert.com/domain/dratrans.com",
        "https://urlert.com/domain/confirm-details.report"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": [],
          "unique_indicators": 0
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": [
            "Financial services",
            "Retail / e-commerce",
            "Technology",
            "Media / entertainment",
            "Logistics / supply chain",
            "Government"
          ],
          "unique_indicators": 72
        }
      }
    },
    "false_positive": [],
    "alexa": "http://www.alexa.com/siteinfo/netmirror.cc",
    "whois": "http://whois.domaintools.com/netmirror.cc",
    "domain": "netmirror.cc",
    "hostname": "Unavailable"
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "69eeb5306d5f58c6044105cc",
      "name": "URLert Daily Threat Intel \u2014 2026-04-27",
      "description": "URLert Daily Threat Intel \u2014 2026-04-27\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 40 | Indicators: 78\nConfirmed: 9 | Likely: 31\nTop threats: Phishing (33), Malware Hosting (3), Dropper (3), Malvertising (1)\nDomains: 355287.com, bunnyband.com, clc.cx, confirm-details.report, cwgobal.net, dipherex.com, dratrans.com, easycash777.com, forms.gle, giveawaybot.cc, hkjhsuies.com.es, hornygiirl.com, localsexap...\n\n40 unique threats producing 78 actionable indicators. Generated by URLert automated threat intelligence.",
      "modified": "2026-05-26T20:17:24.825000",
      "created": "2026-04-27T01:00:32.645000",
      "tags": [
        "account-takeover",
        "anti-analysis",
        "app-install-malware",
        "auto-generated-domain",
        "automated-scan",
        "betting",
        "bonus-scam",
        "brand-impersonation",
        "budbee-impersonation",
        "click-through-scam",
        "coreweave-impersonation",
        "counterfeit-software",
        "credential-harvesting",
        "daily-threat-intel",
        "dating-scam",
        "deceptive-bait",
        "deceptive-captcha",
        "deceptive-landing-page",
        "deceptive-marketing",
        "deceptive-redirect",
        "deceptive-scam",
        "deceptive-software",
        "dickies",
        "discord-impersonation",
        "disposable-domain",
        "ecommerce",
        "ecuador",
        "explicit-popups",
        "fake-financial-service",
        "fake-giveaway",
        "fake-login",
        "fake-online-store",
        "fake-products",
        "fake-social-proof",
        "fake-testimonials",
        "financial-fraud",
        "financial-scam",
        "financial-service-impersonation",
        "footwear-retail",
        "fraudulent-content",
        "fraudulent-services",
        "free-games-lure",
        "gambling",
        "gambling-scam",
        "gambling-site",
        "gaming-impersonation",
        "google-forms",
        "high-risk-domain",
        "high-risk-tld",
        "identity-service-impersonation",
        "investment-scam",
        "loan-scam",
        "malicious-android-app",
        "malicious-redirect",
        "malvertising",
        "malware-delivery",
        "malware-distribution",
        "malware-risk",
        "new-domain",
        "newly-registered-domain",
        "online-scam",
        "pc-games",
        "personal-information-harvesting",
        "phishing",
        "phishing-infrastructure",
        "phishing-kit",
        "phishing-site",
        "platoboost",
        "redirect-chain",
        "redirection",
        "revanced-project",
        "roblox-impersonation",
        "roblox-users",
        "robux-scam",
        "scam",
        "scams",
        "shopee",
        "social-engineering",
        "social-proof-manipulation",
        "software-piracy",
        "steam",
        "suggestive-imagery",
        "sumup",
        "task-based-scam",
        "task-scam",
        "traffic-redirection",
        "twitter-impersonation",
        "typosquatting",
        "unauthorized-software",
        "unauthorized-streaming",
        "unwanted-programs",
        "unwanted-software",
        "url-obfuscation",
        "url-redirection",
        "urlert",
        "verify-your-connection-scam",
        "victus",
        "warez-site",
        "wixsite-abuse",
        "young-domain",
        "youtube-impersonation"
      ],
      "references": [
        "https://urlert.com/domain/355287.com",
        "https://urlert.com/domain/bunnyband.com",
        "https://urlert.com/domain/clc.cx",
        "https://urlert.com/domain/confirm-details.report",
        "https://urlert.com/domain/cwgobal.net",
        "https://urlert.com/domain/dipherex.com",
        "https://urlert.com/domain/dratrans.com",
        "https://urlert.com/domain/easycash777.com",
        "https://urlert.com/domain/forms.gle",
        "https://urlert.com/domain/giveawaybot.cc",
        "https://urlert.com/domain/hkjhsuies.com.es",
        "https://urlert.com/domain/hornygiirl.com",
        "https://urlert.com/domain/localsexapp.com",
        "https://urlert.com/domain/meusitehostgator.com.br",
        "https://urlert.com/domain/netlify.app",
        "https://urlert.com/domain/netmirror.cc",
        "https://urlert.com/domain/nowplaytoc.com",
        "https://urlert.com/domain/ovagames.com",
        "https://urlert.com/domain/platorelay.com",
        "https://urlert.com/domain/premiumcartoons.cc"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [],
      "industries": [
        "Financial Services",
        "Government",
        "Logistics / Supply Chain",
        "Media / Entertainment",
        "Retail / E-Commerce",
        "Technology"
      ],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 0,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "api",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "urlert_intel",
        "id": "386175",
        "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "domain": 23,
        "URL": 26,
        "hostname": 8
      },
      "indicator_count": 57,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 31,
      "modified_text": "4 days ago ",
      "is_modified": true,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": false,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "URL",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "https://netmirror.cc",
    "type": "URL"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "https://netmirror.cc",
    "type": "URL",
    "found": false,
    "verdict": "clean",
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780255889.0778315
}