{ "type": "Domain", "indicator": "streamimdb.ru", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/streamimdb.ru", "alexa": "http://www.alexa.com/siteinfo/streamimdb.ru", "indicator": "streamimdb.ru", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 4333765196, "indicator": "streamimdb.ru", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 6, "pulses": [ { "id": "69f2a9b03bbc9452cba7ab87", "name": "URLert Daily Threat Intel \u2014 2026-04-30", "description": "URLert Daily Threat Intel \u2014 2026-04-30\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 40 | Indicators: 81\nConfirmed: 8 | Likely: 31 | Domain intel: 1\nTop threats: Phishing (30), Malware Hosting (4), Dropper (4), Unknown (2)\nDomains: 2mz3me.homes, 3wvftweba.baby, apartment-16896824.com, appbitly.com, beb6.com, beyondclosetstore.com, briansclub.vc, cheetahmall.com, courtlylover.com, due-fineac.com, emailroute.net, filec...\n\n40 unique threats producing 81 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-29T21:00:00.267000", "created": "2026-04-30T01:00:32.718000", "tags": [ "+18-content", "abused-platform", "account-takeover", "aggressive-prompts", "anti-analysis", "app-distribution", "automated-scan", "bitly-impersonation", "brand-impersonation", "cacau-show", "child-exploitation", "clickbait", "content-spreading", "copenhagen-municipality", "correos", "cracked-software-distribution", "credential-harvesting", "cryptocurrency", "cryptocurrency-fraud", "cryptominer", "cvv-marketplace", "cybercriminal-infrastructure", "daily-threat-intel", "darknet-market", "data-breach", "data-collection", "dating-scam", "deceptive-domain", "deceptive-download", "deceptive-login", "deceptive-practices", "deceptive-redirect", "deceptive-tactics", "domain-classification", "domain-impersonation", "dpd-impersonation", "drugs", "evasion-tactic", "exit-scam", "fake-interface", "fake-security-challenge", "fake-shop", "fake-store", "fake-testimonials", "file-download", "financial-data-theft", "financial-information-harvesting", "financial-loss", "financial-scam", "fraud", "fraudulent-activity", "game-piracy", "geometry-dash", "government-impersonation", "hacking-services", "hostinger", "identity-theft", "ikea", "illegal-content", "imdb-impersonation", "line-impersonation", "malicious-extensions", "malware-distribution", "malware-hosting", "malware-reports", "media-entertainment", "media-impersonation", "mobile-app-distribution", "modded-apk", "nestle-dolce-gusto-impersonation", "new-domain", "newly-registered-domain", "obfuscated-url", "orico-impersonation", "payload-delivery", "payment-scam", "pennsylvania", "personal-information-collection", "personal-information-harvesting", "phishing", "phishing-site", "pirated-software", "ponzi-scheme", "predatory-lending", "pyramid-scheme", "random-domain", "recent-domain", "recruitment-scam", "redirect-chain", "registration-bonus-scam", "scam", "social-media-spam", "spotahome-impersonation", "steam", "stolen-financial-data", "subdomain-abuse", "survey-scam", "suspicious-domain", "suspicious-pricing", "suspicious-subdomain", "task-scam", "trojan", "typosquatting", "unauthorized-apk-distribution", "untrusted-source", "url-shortener", "urlert", "vortex-market", "wallet-drainer", "wifi-password-scam", "xvideos-impersonation", "youtube-lure" ], "references": [ "https://urlert.com/domain/2mz3me.homes", "https://urlert.com/domain/3wvftweba.baby", "https://urlert.com/domain/apartment-16896824.com", "https://urlert.com/domain/appbitly.com", "https://urlert.com/domain/beb6.com", "https://urlert.com/domain/beyondclosetstore.com", "https://urlert.com/domain/briansclub.vc", "https://urlert.com/domain/cheetahmall.com", "https://urlert.com/domain/courtlylover.com", "https://urlert.com/domain/due-fineac.com", "https://urlert.com/domain/emailroute.net", "https://urlert.com/domain/filecr.com", "https://urlert.com/domain/flashbot.trade", "https://urlert.com/domain/geometrydashvn.org", "https://urlert.com/domain/globalbusinespays.com", "https://urlert.com/domain/hdid749fp1.com", "https://urlert.com/domain/iaoaa.cn", "https://urlert.com/domain/is.gd", "https://urlert.com/domain/iyvct.xyz", "https://urlert.com/domain/moriloti.cfd" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Logistics / Supply Chain", "Media / Entertainment", "Real Estate", "Retail / E-Commerce", "Technology" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 24, "URL": 23, "hostname": 11 }, "indicator_count": 58, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1 day ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69f15844d001e7755ae520a1", "name": "URLert Daily Threat Intel \u2014 2026-04-29", "description": "URLert Daily Threat Intel \u2014 2026-04-29\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 51 | Indicators: 97\nConfirmed: 12 | Likely: 39\nTop threats: Phishing (39), Malvertising (4), Unknown (3), Dropper (3), Exploit Kit (1)\nDomains: 2contact.com, 597971.com, ag4.top, bookitil.com, ca-streets-transportation.cfd, carziqo.net, cisco.com, crdpro.at, ct.ws, dfyneyogasale-eu.top, dpd-ie-f.top, erivonali.cfd, giveawaybot.cc,...\n\n51 unique threats producing 97 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-29T01:47:17.327000", "created": "2026-04-29T01:00:52.556000", "tags": [ "adware", "android-malware", "automated-scan", "automatic-download", "azure-storage", "brand-impersonation", "browser-exploit-precursor", "carding-forum", "city-of-vancouver", "compromised-site", "counterfeit-software", "cpanel-impersonation", "credential-harvesting", "credit-card-fraud", "cryptocurrency-scam", "daily-threat-intel", "darknet-markets", "data-privacy-risk", "deceptive-advertising", "deceptive-content", "deceptive-domain", "deceptive-login", "deceptive-practices", "deceptive-site", "deepweb-access", "delivery-exception-scam", "delivery-scam", "dpd-impersonation", "dropper", "evasion", "evasion-tactic", "evasion-technique", "executable-download", "faceit", "fake-financial-service", "fake-giveaway", "fake-income-scheme", "fake-login-portal", "fake-prize", "financial-fraud", "financial-information-theft", "free-hosting", "game-lures", "gaming-lure", "gaming-rewards", "gift-card-scam", "google-drive-impersonation", "government-impersonation", "grayware", "high-risk", "highway-6-impersonation", "hyatt-impersonation", "illegal-goods-directory", "imdb-impersonation", "information-harvesting", "information-stealing", "intrusive-ads", "investment-scam", "localhost-redirection", "logistics-sector", "low-reputation", "malicious-infrastructure", "malicious-redirect", "malicious-redirection", "malvertising", "malware-distribution", "marktplaats", "mastercard-impersonation", "mexico", "microsoft-onedrive-impersonation", "mystery-reward-scam", "new-domain", "newly-registered-domain", "offer-wall", "onion-links", "payment-fraud", "payment-phishing", "paypal", "personal-information-harvesting", "phishing", "phishing-campaign", "phishing-site", "ponzi-scheme", "porn-spam", "recently-registered-domain", "redirect-chain", "redirect-evasion", "redirect-to-google", "replit-hosting", "roblox", "roblox-impersonation", "robux-scam", "sat-impersonation", "scam", "scam-site", "social-engineering", "steam", "stolen-credit-cards", "streaming-scam", "suspicious-domain", "suspicious-domain-extension", "suspicious-login-page", "telegram-bot-exfiltration", "traffic-distribution-system", "traffic-redirection", "typosquatting", "unwanted-software", "url-shortener", "urlert", "vanced-app", "vgen-impersonation", "vulnerability-probing", "young-domain", "youtube-spam" ], "references": [ "https://urlert.com/domain/2contact.com", "https://urlert.com/domain/597971.com", "https://urlert.com/domain/ag4.top", "https://urlert.com/domain/bookitil.com", "https://urlert.com/domain/ca-streets-transportation.cfd", "https://urlert.com/domain/carziqo.net", "https://urlert.com/domain/cisco.com", "https://urlert.com/domain/crdpro.at", "https://urlert.com/domain/ct.ws", "https://urlert.com/domain/dfyneyogasale-eu.top", "https://urlert.com/domain/dpd-ie-f.top", "https://urlert.com/domain/erivonali.cfd", "https://urlert.com/domain/giveawaybot.cc", "https://urlert.com/domain/glamourpicklessteward.com", "https://urlert.com/domain/guiasdevideojuegos.top", "https://urlert.com/domain/id62531.help", "https://urlert.com/domain/lendli.org", "https://urlert.com/domain/mnasst.me", "https://urlert.com/domain/mxiaril.com", "https://urlert.com/domain/mykioskworld.com" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Hospitality", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 28, "URL": 28, "hostname": 13 }, "indicator_count": 69, "is_author": false, "is_subscribing": null, "subscriber_count": 31, "modified_text": "2 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69fe8733746e325487f60dfc", "name": "URLert Daily Threat Intel \u2014 2026-05-09", "description": "URLert Daily Threat Intel \u2014 2026-05-09\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 37 | Indicators: 71\nConfirmed: 10 | Likely: 26 | Domain intel: 1\nTop threats: Phishing (33), Malware Hosting (2), Dropper (2)\nDomains: ankergames.net, applefmi.net, asperiores-omnis-quae.media, authorvd.com, bats-edgx.com, cisco.com, cryptowep.net, ct.ws, dpdlocaxp.cyou, echalilanx-wa.net, empatheticfiance.org, eu.cc, gam...\n\n37 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-09T01:00:35.322000", "created": "2026-05-09T01:00:35.322000", "tags": [ "adobe-impersonation", "adult-content-lure", "apple-impersonation", "automated-scam", "automated-scan", "automatic-redirection", "brand-impersonation", "compromised-site", "connect-wallet", "copyright-infringement", "cracked-software", "credential-harvesting", "crepes-and-waffles", "cryptocurrency-scam", "cryptocurrency-theft", "cryptocurrency-wallet-phishing", "daily-threat-intel", "dangerous-site", "deceptive-domain", "deceptive-marketing", "deceptive-practices", "deceptive-scam", "deceptive-tactics", "deceptive-url", "delivery-scam", "domain-classification", "dot-shop-domain", "dpd-impersonation", "e-commerce-scam", "echallan", "fake-dashboard", "fake-login-page", "fake-security-check", "fake-store", "financial-fraud", "financial-impersonation", "financial-theft", "fraudulent-activity", "fraudulent-platform", "fraudulent-site", "game-piracy", "giveaway-scam", "government-impersonation", "government-service-impersonation", "highway-6-impersonation", "imdb-impersonation", "impersonation", "information-harvesting", "information-theft", "inpost-impersonation", "investment-scam", "iptv-scam", "jumia", "logistics-supply-chain", "malicious-download", "malicious-redirect", "malware-distribution", "malware-hosting", "mfa-harvesting", "mississippi", "mobile-number-harvesting", "mobile-wallet-attack", "newly-registered-domain", "octet-stream", "payload-delivery", "phishing", "phishing-campaign", "phishing-landing-page", "phishing-page", "phishing-site", "pii-harvesting", "piracy-distribution", "publix", "recently-registered-domain", "redirect-chain", "roblox", "roblox-impersonation", "scam", "security-verification-impersonation", "server-error", "social-engineering", "social-media-phishing", "software-piracy", "spam-campaign", "streaming-scam", "survey-scam", "suspicious-domain", "suspicious-software", "tax-service-impersonation", "tiktok-pixel", "token-collection", "tracking-parameters", "unauthorized-downloads", "unauthorized-software", "url-obscuration", "urlert", "vgen-impersonation", "voting-scam", "wallet-app-bypass", "wallet-drainer", "web3", "web3-phishing", "zoom" ], "references": [ "https://urlert.com/domain/ankergames.net", "https://urlert.com/domain/applefmi.net", "https://urlert.com/domain/asperiores-omnis-quae.media", "https://urlert.com/domain/authorvd.com", "https://urlert.com/domain/bats-edgx.com", "https://urlert.com/domain/cisco.com", "https://urlert.com/domain/cryptowep.net", "https://urlert.com/domain/ct.ws", "https://urlert.com/domain/dpdlocaxp.cyou", "https://urlert.com/domain/echalilanx-wa.net", "https://urlert.com/domain/empatheticfiance.org", "https://urlert.com/domain/eu.cc", "https://urlert.com/domain/gamma.site", "https://urlert.com/domain/gov-fobke.cc", "https://urlert.com/domain/gudera.top", "https://urlert.com/domain/ibaidad.com", "https://urlert.com/domain/id85132.help", "https://urlert.com/domain/ikub.top", "https://urlert.com/domain/junatrixo.cfd", "https://urlert.com/domain/kit-mail3.com" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Hospitality", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 21, "URL": 32, "hostname": 14 }, "indicator_count": 67, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "22 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69fd35b37020f873c5185756", "name": "URLert Daily Threat Intel \u2014 2026-05-08", "description": "URLert Daily Threat Intel \u2014 2026-05-08\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 31 | Indicators: 71\nConfirmed: 7 | Likely: 24\nTop threats: Phishing (25), Malware Hosting (2), Dropper (2), Unknown (1), Malvertising (1)\nDomains: albb.mom, bqlxj.buzz, bunkrr.su, d9s3x4.com, dpdlocacj.cyou, e0e4.cfd, gekubov.top, govossb.autos, hazzy.cam, inovajud.com, it.com, kb57.vip, laeav.top, myshopify.com, nameonpoint.lol, rob...\n\n31 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-08T01:00:35.174000", "created": "2026-05-08T01:00:35.174000", "tags": [ "account-hijacking", "adobe-impersonation", "advertising-network", "apk-distribution", "automated-scan", "brand-impersonation", "camera-access-attempt", "corsair", "costco", "credential-harvesting", "cryptocurrency-scam", "daily-threat-intel", "data-harvesting", "deceptive-campaign", "deceptive-content", "deceptive-domain", "deceptive-marketing", "deceptive-pop-up", "deceptive-redirect", "deceptive-subdomain", "dpd", "e-commerce-scam", "fake-browser-update", "fake-login", "fake-prize", "fake-product-scam", "fake-security-alert", "fake-toll-charge", "fake-verification", "financial-data-harvesting", "fortnite", "fraudulent-payment", "fraudulent-platform", "gambling-scam", "gaming-scam", "generic-loading-screen", "get-rich-quick", "government-impersonation", "grayware", "high-risk-domain", "high-risk-tld", "illicit-keys", "imdb", "investment-scam", "invitation-code", "malicious-app", "malicious-campaign", "malicious-redirects", "malvertising", "malware-delivery", "malware-hosting", "malware-lure", "minnesota-department-of-public-safety", "newly-registered-domain", "non-functional-site", "olx-romania", "payment-harvesting", "payment-scam", "payment-solicitation", "phishing", "phishing-infrastructure", "phishing-site", "privacy-violation", "prize-giveaway", "prize-scam", "redirect-chain", "redirection-network", "roblox", "roblox-impersonation", "robux-scam", "scam", "session-token-theft", "shopify", "social-engineering", "spam-url", "spotify", "streaming-service", "suspicious-domain", "suspicious-infrastructure", "technical-support-scam", "texas-department-of-motor-vehicles", "traffic-redirection", "txtag", "untrusted-source", "unwanted-software", "urlert", "zalo-impersonation", "zoho-impersonation" ], "references": [ "https://urlert.com/domain/albb.mom", "https://urlert.com/domain/bqlxj.buzz", "https://urlert.com/domain/bunkrr.su", "https://urlert.com/domain/d9s3x4.com", "https://urlert.com/domain/dpdlocacj.cyou", "https://urlert.com/domain/e0e4.cfd", "https://urlert.com/domain/gekubov.top", "https://urlert.com/domain/govossb.autos", "https://urlert.com/domain/hazzy.cam", "https://urlert.com/domain/inovajud.com", "https://urlert.com/domain/it.com", "https://urlert.com/domain/kb57.vip", "https://urlert.com/domain/laeav.top", "https://urlert.com/domain/myshopify.com", "https://urlert.com/domain/nameonpoint.lol", "https://urlert.com/domain/roblox.com.ec", "https://urlert.com/domain/roblox.gf", "https://urlert.com/domain/softonic.com", "https://urlert.com/domain/streamimdb.ru", "https://urlert.com/domain/suppy.org" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce", "Technology" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 22, "hostname": 15, "URL": 29 }, "indicator_count": 66, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "23 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69fbe42d3036ddb4296481a3", "name": "URLert Daily Threat Intel \u2014 2026-05-07", "description": "URLert Daily Threat Intel \u2014 2026-05-07\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 49 | Indicators: 89\nConfirmed: 12 | Likely: 37\nTop threats: Phishing (38), Malware Hosting (5), Malvertising (3), Dropper (3)\nDomains: 5346815.help, apps.dj, bloomberginterviews.com, cfnfatprnttody.com, cineby.sc, com-long-5232054ff45.com, ct.ws, eu.cc, facebook.com, forms.gle, fut.ac, glydere.org, google.com, gvufwlo.top...\n\n49 unique threats producing 89 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-07T01:00:29.543000", "created": "2026-05-07T01:00:29.543000", "tags": [ "adult-content", "adult-content-lure", "adult-scam", "aldi-impersonation", "android-malware", "anubis", "apk-distribution", "automated-scan", "bloomberg-impersonation", "booking-com-impersonation", "brand-impersonation", "browser-locking", "clickbait-scam", "cloaking", "content-locker", "copyright-infringement", "costco", "credential-harvesting", "crepes-and-waffles", "daily-threat-intel", "data-collection", "dating-scam", "deceptive-ai-persona", "deceptive-campaigns", "deceptive-download", "deceptive-page", "deceptive-practices", "deceptive-redirect", "deceptive-scam", "deceptive-site", "disruptive-behavior", "dm", "dropper", "e-commerce-scam", "ea-sports", "education-scam", "email-harvesting", "evasion-tactic", "evasion-technique", "fake-giveaway", "fake-rewards", "fake-security-check", "fake-security-checkpoint", "fake-security-verification", "fake-store", "fake-survey", "fake-toll-charge", "fake-toll-scam", "fc26", "financial-fraud", "financial-scam", "fraud", "fraudulent-dating-services", "free-hosting", "gaming", "georgia-department-of-driver-services", "google-drive-impersonation", "google-forms-abuse", "google-impersonation", "government-impersonation", "imdb-impersonation", "information-theft", "investment-scam", "jollibee", "logistics-sector", "malicious-infrastructure", "malicious-redirect", "malicious-redirection", "malicious-redirects", "malvertising", "malware-delivery", "malware-distribution", "malware-vector", "medical-lure", "mercadolivre", "mexico-city", "microsoft", "microsoft-impersonation", "mobile-billing-scam", "modified-apk", "nacex-impersonation", "new-domain", "newly-registered-domain", "obfuscated-download", "parking-fine", "payment-information-harvesting", "payment-scam", "personal-information-harvesting", "phishing", "phishing-site", "phone-number-harvesting", "piracy", "premium-rate-sms", "premium-unlocked", "prize-scam", "proxy-detection-message", "questionnaire-scam", "random-domain", "redirect-chain", "redirects", "retail-scam", "scam", "scam-campaign", "scam-funnel", "scam-infrastructure", "scam-site", "social-engineering", "spotify-impersonation", "steam", "streaming-scam", "survey-scam", "suspicious-apk", "suspicious-domain", "suspicious-redirect", "t-mobile", "travel-scam", "typo-squatting", "typosquatting", "unofficial-app-distribution", "unrealistic-pricing", "url-shortener", "urlert", "user-manipulation", "weebly", "weebly-hosting" ], "references": [ "https://urlert.com/domain/5346815.help", "https://urlert.com/domain/apps.dj", "https://urlert.com/domain/bloomberginterviews.com", "https://urlert.com/domain/cfnfatprnttody.com", "https://urlert.com/domain/cineby.sc", "https://urlert.com/domain/com-long-5232054ff45.com", "https://urlert.com/domain/ct.ws", "https://urlert.com/domain/eu.cc", "https://urlert.com/domain/facebook.com", "https://urlert.com/domain/forms.gle", "https://urlert.com/domain/fut.ac", "https://urlert.com/domain/glydere.org", "https://urlert.com/domain/google.com", "https://urlert.com/domain/gvufwlo.top", "https://urlert.com/domain/heiut.top", "https://urlert.com/domain/humus.cam", "https://urlert.com/domain/jaexu.top", "https://urlert.com/domain/jitola.top", "https://urlert.com/domain/kluspz.com", "https://urlert.com/domain/ligshtshot.site" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Financial Services", "Government", "Healthcare", "Hospitality", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce", "Technology", "Telecommunications" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 25, "URL": 41, "hostname": 15 }, "indicator_count": 81, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "24 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69fa92ab166e2463c8c45412", "name": "URLert Daily Threat Intel \u2014 2026-05-06", "description": "URLert Daily Threat Intel \u2014 2026-05-06\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 68 | Indicators: 122\nConfirmed: 19 | Likely: 49\nTop threats: Phishing (59), Malware Hosting (6), Dropper (2), Malvertising (1)\nDomains: 2fbef.net, acztr.buzz, adescargar.net, airupcanada.shop, alphavaultcore.co.in, apmtclfntoay.com, armsdiscountshop.com, assetstel.com, bit.ly, boldpage.net, bonomadres.com, bose-danmark.com...\n\n68 unique threats producing 122 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-06T01:00:27.945000", "created": "2026-05-06T01:00:27.945000", "tags": [ "2dehands-be-impersonation", "abused-registry", "aggressive-advertising", "air-up", "app-download-scam", "apple-id-phishing", "apple-impersonation", "automated-scan", "bose-impersonation", "brand-impersonation", "cashea", "cloudflare-impersonation", "coca-cola", "costco", "counterfeit-goods", "credential-harvesting", "cryptocurrency-investment-fraud", "cryptocurrency-scam", "cyprus-gesy", "daily-threat-intel", "data-harvesting", "deceptive-content", "deceptive-domain", "deceptive-downloads", "deceptive-gateway", "deceptive-lure", "deceptive-promises", "deceptive-redirect", "deceptive-tactics", "delivery-failure-notification", "direct-download", "dmv-impersonation", "dutch", "email-harvesting", "executable-archive", "fake-captcha", "fake-ecommerce", "fake-gift-offer", "fake-giveaway", "fake-login", "fake-prize-scam", "fake-security-check", "fake-security-impersonation", "fake-store", "fake-testimonials", "fake-video-player", "file-download-portal", "financial-fraud", "financial-impersonation", "financial-information-theft", "financial-scam", "financial-sector", "financial-services", "firearms-and-ammunition", "fiverr-impersonation", "fraud", "fraudulent-activity", "fraudulent-platform", "fraudulent-service", "fraudulent-storefront", "fraudulent-streaming", "fund-password-scam", "gambling-scam", "generic-registration-form", "government-impersonation", "gpt-scam", "high-risk-hosting", "imdb", "imdb-impersonation", "impersonation-domain", "information-gathering", "information-harvesting", "investment-fraud", "investment-scam", "lead-generation-scam", "lidl", "lidl-impersonation", "loan-scam", "malicious-downloads", "malicious-redirect", "malware-distribution", "malware-download", "malware-hosting", "media-entertainment", "mercado-livre", "mexico", "modded-apps", "new-domain", "newly-created-domain", "newly-registered-domain", "passcode-harvesting", "payload-delivery", "payment-fraud", "personal-data-harvesting", "personal-information-harvesting", "peru", "phishing", "phishing-site", "platform-abuse", "prize-giveaway", "prize-scam", "questionnaire-scam", "random-domain", "recently-registered-domain", "redirect-chain", "redirects", "retail-e-commerce", "retail-impersonation", "reverb-impersonation", "sadia-impersonation", "scam", "scam-funnel", "scam-hosting", "scam-site", "serviceontario", "sms-scam", "social-engineering", "social-engineering-scam", "steam", "streaming-service-scam", "survey-scam", "suspicious-domain", "suspicious-tld", "task-based-scam", "temporary-tunneling-service", "tiendas-3b", "unauthorized-software", "unrealistic-discounts", "untrusted-source", "unwanted-programs", "unwanted-software", "url-shortener", "urlert", "viral-scam", "wallapop-impersonation" ], "references": [ "https://urlert.com/domain/2fbef.net", "https://urlert.com/domain/acztr.buzz", "https://urlert.com/domain/adescargar.net", "https://urlert.com/domain/airupcanada.shop", "https://urlert.com/domain/alphavaultcore.co.in", "https://urlert.com/domain/apmtclfntoay.com", "https://urlert.com/domain/armsdiscountshop.com", "https://urlert.com/domain/assetstel.com", "https://urlert.com/domain/bit.ly", "https://urlert.com/domain/boldpage.net", "https://urlert.com/domain/bonomadres.com", "https://urlert.com/domain/bose-danmark.com", "https://urlert.com/domain/cmaptialytod.com", "https://urlert.com/domain/deliwekmwoiq.shop", "https://urlert.com/domain/findmy.gr", "https://urlert.com/domain/fmip-uk.info", "https://urlert.com/domain/gesycmzh.cfd", "https://urlert.com/domain/gob-best.top", "https://urlert.com/domain/google.com", "https://urlert.com/domain/gov-hyusq.help" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Healthcare", "Hospitality", "Media / Entertainment", "Retail / E-Commerce", "Technology" ], "TLP": "white", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 45, "URL": 58, "hostname": 13 }, "indicator_count": 116, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "25 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://urlert.com/domain/eu.cc", "https://urlert.com/domain/bookitil.com", "https://urlert.com/domain/asperiores-omnis-quae.media", "https://urlert.com/domain/glydere.org", "https://urlert.com/domain/acztr.buzz", "https://urlert.com/domain/echalilanx-wa.net", "https://urlert.com/domain/kb57.vip", "https://urlert.com/domain/suppy.org", "https://urlert.com/domain/dpdlocacj.cyou", "https://urlert.com/domain/bit.ly", "https://urlert.com/domain/applefmi.net", "https://urlert.com/domain/assetstel.com", "https://urlert.com/domain/roblox.gf", "https://urlert.com/domain/ibaidad.com", "https://urlert.com/domain/jitola.top", "https://urlert.com/domain/gov-fobke.cc", "https://urlert.com/domain/fut.ac", "https://urlert.com/domain/beb6.com", "https://urlert.com/domain/gamma.site", "https://urlert.com/domain/beyondclosetstore.com", "https://urlert.com/domain/fmip-uk.info", "https://urlert.com/domain/crdpro.at", "https://urlert.com/domain/nameonpoint.lol", "https://urlert.com/domain/gekubov.top", "https://urlert.com/domain/briansclub.vc", "https://urlert.com/domain/3wvftweba.baby", "https://urlert.com/domain/facebook.com", "https://urlert.com/domain/2mz3me.homes", "https://urlert.com/domain/google.com", "https://urlert.com/domain/ikub.top", "https://urlert.com/domain/myshopify.com", "https://urlert.com/domain/due-fineac.com", "https://urlert.com/domain/globalbusinespays.com", "https://urlert.com/domain/armsdiscountshop.com", "https://urlert.com/domain/flashbot.trade", "https://urlert.com/domain/erivonali.cfd", "https://urlert.com/domain/cmaptialytod.com", "https://urlert.com/domain/apmtclfntoay.com", "https://urlert.com/domain/empatheticfiance.org", "https://urlert.com/domain/jaexu.top", "https://urlert.com/domain/ligshtshot.site", "https://urlert.com/domain/lendli.org", "https://urlert.com/domain/kluspz.com", "https://urlert.com/domain/geometrydashvn.org", "https://urlert.com/domain/roblox.com.ec", "https://urlert.com/domain/gov-hyusq.help", "https://urlert.com/domain/adescargar.net", "https://urlert.com/domain/glamourpicklessteward.com", "https://urlert.com/domain/bose-danmark.com", "https://urlert.com/domain/alphavaultcore.co.in", "https://urlert.com/domain/is.gd", "https://urlert.com/domain/bloomberginterviews.com", "https://urlert.com/domain/airupcanada.shop", "https://urlert.com/domain/iaoaa.cn", "https://urlert.com/domain/gesycmzh.cfd", "https://urlert.com/domain/2fbef.net", "https://urlert.com/domain/gudera.top", "https://urlert.com/domain/junatrixo.cfd", "https://urlert.com/domain/kit-mail3.com", "https://urlert.com/domain/streamimdb.ru", "https://urlert.com/domain/5346815.help", "https://urlert.com/domain/cheetahmall.com", "https://urlert.com/domain/d9s3x4.com", "https://urlert.com/domain/courtlylover.com", "https://urlert.com/domain/2contact.com", "https://urlert.com/domain/com-long-5232054ff45.com", "https://urlert.com/domain/bonomadres.com", "https://urlert.com/domain/cisco.com", "https://urlert.com/domain/inovajud.com", "https://urlert.com/domain/mxiaril.com", "https://urlert.com/domain/dfyneyogasale-eu.top", "https://urlert.com/domain/laeav.top", "https://urlert.com/domain/boldpage.net", "https://urlert.com/domain/597971.com", "https://urlert.com/domain/dpdlocaxp.cyou", "https://urlert.com/domain/appbitly.com", "https://urlert.com/domain/softonic.com", "https://urlert.com/domain/cineby.sc", "https://urlert.com/domain/hazzy.cam", "https://urlert.com/domain/forms.gle", "https://urlert.com/domain/cfnfatprnttody.com", "https://urlert.com/domain/bunkrr.su", "https://urlert.com/domain/emailroute.net", "https://urlert.com/domain/iyvct.xyz", "https://urlert.com/domain/giveawaybot.cc", "https://urlert.com/domain/id62531.help", "https://urlert.com/domain/ag4.top", "https://urlert.com/domain/moriloti.cfd", "https://urlert.com/domain/gob-best.top", "https://urlert.com/domain/hdid749fp1.com", "https://urlert.com/domain/heiut.top", "https://urlert.com/domain/bats-edgx.com", "https://urlert.com/domain/authorvd.com", "https://urlert.com/domain/albb.mom", "https://urlert.com/domain/ankergames.net", "https://urlert.com/domain/gvufwlo.top", "https://urlert.com/domain/cryptowep.net", "https://urlert.com/domain/filecr.com", "https://urlert.com/domain/guiasdevideojuegos.top", "https://urlert.com/domain/bqlxj.buzz", "https://urlert.com/domain/govossb.autos", "https://urlert.com/domain/id85132.help", "https://urlert.com/domain/apps.dj", "https://urlert.com/domain/humus.cam", "https://urlert.com/domain/mykioskworld.com", "https://urlert.com/domain/ca-streets-transportation.cfd", "https://urlert.com/domain/deliwekmwoiq.shop", "https://urlert.com/domain/apartment-16896824.com", "https://urlert.com/domain/findmy.gr", "https://urlert.com/domain/ct.ws", "https://urlert.com/domain/dpd-ie-f.top", "https://urlert.com/domain/carziqo.net", "https://urlert.com/domain/it.com", "https://urlert.com/domain/e0e4.cfd", "https://urlert.com/domain/mnasst.me" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [], "industries": [ "Retail / e-commerce", "Telecommunications", "Government", "Technology", "Logistics / supply chain", "Healthcare", "Hospitality", "Education", "Media / entertainment", "Financial services", "Real estate" ] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 6, "pulses": [ { "id": "69f2a9b03bbc9452cba7ab87", "name": "URLert Daily Threat Intel \u2014 2026-04-30", "description": "URLert Daily Threat Intel \u2014 2026-04-30\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 40 | Indicators: 81\nConfirmed: 8 | Likely: 31 | Domain intel: 1\nTop threats: Phishing (30), Malware Hosting (4), Dropper (4), Unknown (2)\nDomains: 2mz3me.homes, 3wvftweba.baby, apartment-16896824.com, appbitly.com, beb6.com, beyondclosetstore.com, briansclub.vc, cheetahmall.com, courtlylover.com, due-fineac.com, emailroute.net, filec...\n\n40 unique threats producing 81 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-29T21:00:00.267000", "created": "2026-04-30T01:00:32.718000", "tags": [ "+18-content", "abused-platform", "account-takeover", "aggressive-prompts", "anti-analysis", "app-distribution", "automated-scan", "bitly-impersonation", "brand-impersonation", "cacau-show", "child-exploitation", "clickbait", "content-spreading", "copenhagen-municipality", "correos", "cracked-software-distribution", "credential-harvesting", "cryptocurrency", "cryptocurrency-fraud", "cryptominer", "cvv-marketplace", "cybercriminal-infrastructure", "daily-threat-intel", "darknet-market", "data-breach", "data-collection", "dating-scam", "deceptive-domain", "deceptive-download", "deceptive-login", "deceptive-practices", "deceptive-redirect", "deceptive-tactics", "domain-classification", "domain-impersonation", "dpd-impersonation", "drugs", "evasion-tactic", "exit-scam", "fake-interface", "fake-security-challenge", "fake-shop", "fake-store", "fake-testimonials", "file-download", "financial-data-theft", "financial-information-harvesting", "financial-loss", "financial-scam", "fraud", "fraudulent-activity", "game-piracy", "geometry-dash", "government-impersonation", "hacking-services", "hostinger", "identity-theft", "ikea", "illegal-content", "imdb-impersonation", "line-impersonation", "malicious-extensions", "malware-distribution", "malware-hosting", "malware-reports", "media-entertainment", "media-impersonation", "mobile-app-distribution", "modded-apk", "nestle-dolce-gusto-impersonation", "new-domain", "newly-registered-domain", "obfuscated-url", "orico-impersonation", "payload-delivery", "payment-scam", "pennsylvania", "personal-information-collection", "personal-information-harvesting", "phishing", "phishing-site", "pirated-software", "ponzi-scheme", "predatory-lending", "pyramid-scheme", "random-domain", "recent-domain", "recruitment-scam", "redirect-chain", "registration-bonus-scam", "scam", "social-media-spam", "spotahome-impersonation", "steam", "stolen-financial-data", "subdomain-abuse", "survey-scam", "suspicious-domain", "suspicious-pricing", "suspicious-subdomain", "task-scam", "trojan", "typosquatting", "unauthorized-apk-distribution", "untrusted-source", "url-shortener", "urlert", "vortex-market", "wallet-drainer", "wifi-password-scam", "xvideos-impersonation", "youtube-lure" ], "references": [ "https://urlert.com/domain/2mz3me.homes", "https://urlert.com/domain/3wvftweba.baby", "https://urlert.com/domain/apartment-16896824.com", "https://urlert.com/domain/appbitly.com", "https://urlert.com/domain/beb6.com", "https://urlert.com/domain/beyondclosetstore.com", "https://urlert.com/domain/briansclub.vc", "https://urlert.com/domain/cheetahmall.com", "https://urlert.com/domain/courtlylover.com", "https://urlert.com/domain/due-fineac.com", "https://urlert.com/domain/emailroute.net", "https://urlert.com/domain/filecr.com", "https://urlert.com/domain/flashbot.trade", "https://urlert.com/domain/geometrydashvn.org", "https://urlert.com/domain/globalbusinespays.com", "https://urlert.com/domain/hdid749fp1.com", "https://urlert.com/domain/iaoaa.cn", "https://urlert.com/domain/is.gd", "https://urlert.com/domain/iyvct.xyz", "https://urlert.com/domain/moriloti.cfd" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Logistics / Supply Chain", "Media / Entertainment", "Real Estate", "Retail / E-Commerce", "Technology" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 24, "URL": 23, "hostname": 11 }, "indicator_count": 58, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1 day ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69f15844d001e7755ae520a1", "name": "URLert Daily Threat Intel \u2014 2026-04-29", "description": "URLert Daily Threat Intel \u2014 2026-04-29\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 51 | Indicators: 97\nConfirmed: 12 | Likely: 39\nTop threats: Phishing (39), Malvertising (4), Unknown (3), Dropper (3), Exploit Kit (1)\nDomains: 2contact.com, 597971.com, ag4.top, bookitil.com, ca-streets-transportation.cfd, carziqo.net, cisco.com, crdpro.at, ct.ws, dfyneyogasale-eu.top, dpd-ie-f.top, erivonali.cfd, giveawaybot.cc,...\n\n51 unique threats producing 97 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-29T01:47:17.327000", "created": "2026-04-29T01:00:52.556000", "tags": [ "adware", "android-malware", "automated-scan", "automatic-download", "azure-storage", "brand-impersonation", "browser-exploit-precursor", "carding-forum", "city-of-vancouver", "compromised-site", "counterfeit-software", "cpanel-impersonation", "credential-harvesting", "credit-card-fraud", "cryptocurrency-scam", "daily-threat-intel", "darknet-markets", "data-privacy-risk", "deceptive-advertising", "deceptive-content", "deceptive-domain", "deceptive-login", "deceptive-practices", "deceptive-site", "deepweb-access", "delivery-exception-scam", "delivery-scam", "dpd-impersonation", "dropper", "evasion", "evasion-tactic", "evasion-technique", "executable-download", "faceit", "fake-financial-service", "fake-giveaway", "fake-income-scheme", "fake-login-portal", "fake-prize", "financial-fraud", "financial-information-theft", "free-hosting", "game-lures", "gaming-lure", "gaming-rewards", "gift-card-scam", "google-drive-impersonation", "government-impersonation", "grayware", "high-risk", "highway-6-impersonation", "hyatt-impersonation", "illegal-goods-directory", "imdb-impersonation", "information-harvesting", "information-stealing", "intrusive-ads", "investment-scam", "localhost-redirection", "logistics-sector", "low-reputation", "malicious-infrastructure", "malicious-redirect", "malicious-redirection", "malvertising", "malware-distribution", "marktplaats", "mastercard-impersonation", "mexico", "microsoft-onedrive-impersonation", "mystery-reward-scam", "new-domain", "newly-registered-domain", "offer-wall", "onion-links", "payment-fraud", "payment-phishing", "paypal", "personal-information-harvesting", "phishing", "phishing-campaign", "phishing-site", "ponzi-scheme", "porn-spam", "recently-registered-domain", "redirect-chain", "redirect-evasion", "redirect-to-google", "replit-hosting", "roblox", "roblox-impersonation", "robux-scam", "sat-impersonation", "scam", "scam-site", "social-engineering", "steam", "stolen-credit-cards", "streaming-scam", "suspicious-domain", "suspicious-domain-extension", "suspicious-login-page", "telegram-bot-exfiltration", "traffic-distribution-system", "traffic-redirection", "typosquatting", "unwanted-software", "url-shortener", "urlert", "vanced-app", "vgen-impersonation", "vulnerability-probing", "young-domain", "youtube-spam" ], "references": [ "https://urlert.com/domain/2contact.com", "https://urlert.com/domain/597971.com", "https://urlert.com/domain/ag4.top", "https://urlert.com/domain/bookitil.com", "https://urlert.com/domain/ca-streets-transportation.cfd", "https://urlert.com/domain/carziqo.net", "https://urlert.com/domain/cisco.com", "https://urlert.com/domain/crdpro.at", "https://urlert.com/domain/ct.ws", "https://urlert.com/domain/dfyneyogasale-eu.top", "https://urlert.com/domain/dpd-ie-f.top", "https://urlert.com/domain/erivonali.cfd", "https://urlert.com/domain/giveawaybot.cc", "https://urlert.com/domain/glamourpicklessteward.com", "https://urlert.com/domain/guiasdevideojuegos.top", "https://urlert.com/domain/id62531.help", "https://urlert.com/domain/lendli.org", "https://urlert.com/domain/mnasst.me", "https://urlert.com/domain/mxiaril.com", "https://urlert.com/domain/mykioskworld.com" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Hospitality", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 28, "URL": 28, "hostname": 13 }, "indicator_count": 69, "is_author": false, "is_subscribing": null, "subscriber_count": 31, "modified_text": "2 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69fe8733746e325487f60dfc", "name": "URLert Daily Threat Intel \u2014 2026-05-09", "description": "URLert Daily Threat Intel \u2014 2026-05-09\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 37 | Indicators: 71\nConfirmed: 10 | Likely: 26 | Domain intel: 1\nTop threats: Phishing (33), Malware Hosting (2), Dropper (2)\nDomains: ankergames.net, applefmi.net, asperiores-omnis-quae.media, authorvd.com, bats-edgx.com, cisco.com, cryptowep.net, ct.ws, dpdlocaxp.cyou, echalilanx-wa.net, empatheticfiance.org, eu.cc, gam...\n\n37 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-09T01:00:35.322000", "created": "2026-05-09T01:00:35.322000", "tags": [ "adobe-impersonation", "adult-content-lure", "apple-impersonation", "automated-scam", "automated-scan", "automatic-redirection", "brand-impersonation", "compromised-site", "connect-wallet", "copyright-infringement", "cracked-software", "credential-harvesting", "crepes-and-waffles", "cryptocurrency-scam", "cryptocurrency-theft", "cryptocurrency-wallet-phishing", "daily-threat-intel", "dangerous-site", "deceptive-domain", "deceptive-marketing", "deceptive-practices", "deceptive-scam", "deceptive-tactics", "deceptive-url", "delivery-scam", "domain-classification", "dot-shop-domain", "dpd-impersonation", "e-commerce-scam", "echallan", "fake-dashboard", "fake-login-page", "fake-security-check", "fake-store", "financial-fraud", "financial-impersonation", "financial-theft", "fraudulent-activity", "fraudulent-platform", "fraudulent-site", "game-piracy", "giveaway-scam", "government-impersonation", "government-service-impersonation", "highway-6-impersonation", "imdb-impersonation", "impersonation", "information-harvesting", "information-theft", "inpost-impersonation", "investment-scam", "iptv-scam", "jumia", "logistics-supply-chain", "malicious-download", "malicious-redirect", "malware-distribution", "malware-hosting", "mfa-harvesting", "mississippi", "mobile-number-harvesting", "mobile-wallet-attack", "newly-registered-domain", "octet-stream", "payload-delivery", "phishing", "phishing-campaign", "phishing-landing-page", "phishing-page", "phishing-site", "pii-harvesting", "piracy-distribution", "publix", "recently-registered-domain", "redirect-chain", "roblox", "roblox-impersonation", "scam", "security-verification-impersonation", "server-error", "social-engineering", "social-media-phishing", "software-piracy", "spam-campaign", "streaming-scam", "survey-scam", "suspicious-domain", "suspicious-software", "tax-service-impersonation", "tiktok-pixel", "token-collection", "tracking-parameters", "unauthorized-downloads", "unauthorized-software", "url-obscuration", "urlert", "vgen-impersonation", "voting-scam", "wallet-app-bypass", "wallet-drainer", "web3", "web3-phishing", "zoom" ], "references": [ "https://urlert.com/domain/ankergames.net", "https://urlert.com/domain/applefmi.net", "https://urlert.com/domain/asperiores-omnis-quae.media", "https://urlert.com/domain/authorvd.com", "https://urlert.com/domain/bats-edgx.com", "https://urlert.com/domain/cisco.com", "https://urlert.com/domain/cryptowep.net", "https://urlert.com/domain/ct.ws", "https://urlert.com/domain/dpdlocaxp.cyou", "https://urlert.com/domain/echalilanx-wa.net", "https://urlert.com/domain/empatheticfiance.org", "https://urlert.com/domain/eu.cc", "https://urlert.com/domain/gamma.site", "https://urlert.com/domain/gov-fobke.cc", "https://urlert.com/domain/gudera.top", "https://urlert.com/domain/ibaidad.com", "https://urlert.com/domain/id85132.help", "https://urlert.com/domain/ikub.top", "https://urlert.com/domain/junatrixo.cfd", "https://urlert.com/domain/kit-mail3.com" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Hospitality", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 21, "URL": 32, "hostname": 14 }, "indicator_count": 67, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "22 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69fd35b37020f873c5185756", "name": "URLert Daily Threat Intel \u2014 2026-05-08", "description": "URLert Daily Threat Intel \u2014 2026-05-08\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 31 | Indicators: 71\nConfirmed: 7 | Likely: 24\nTop threats: Phishing (25), Malware Hosting (2), Dropper (2), Unknown (1), Malvertising (1)\nDomains: albb.mom, bqlxj.buzz, bunkrr.su, d9s3x4.com, dpdlocacj.cyou, e0e4.cfd, gekubov.top, govossb.autos, hazzy.cam, inovajud.com, it.com, kb57.vip, laeav.top, myshopify.com, nameonpoint.lol, rob...\n\n31 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-08T01:00:35.174000", "created": "2026-05-08T01:00:35.174000", "tags": [ "account-hijacking", "adobe-impersonation", "advertising-network", "apk-distribution", "automated-scan", "brand-impersonation", "camera-access-attempt", "corsair", "costco", "credential-harvesting", "cryptocurrency-scam", "daily-threat-intel", "data-harvesting", "deceptive-campaign", "deceptive-content", "deceptive-domain", "deceptive-marketing", "deceptive-pop-up", "deceptive-redirect", "deceptive-subdomain", "dpd", "e-commerce-scam", "fake-browser-update", "fake-login", "fake-prize", "fake-product-scam", "fake-security-alert", "fake-toll-charge", "fake-verification", "financial-data-harvesting", "fortnite", "fraudulent-payment", "fraudulent-platform", "gambling-scam", "gaming-scam", "generic-loading-screen", "get-rich-quick", "government-impersonation", "grayware", "high-risk-domain", "high-risk-tld", "illicit-keys", "imdb", "investment-scam", "invitation-code", "malicious-app", "malicious-campaign", "malicious-redirects", "malvertising", "malware-delivery", "malware-hosting", "malware-lure", "minnesota-department-of-public-safety", "newly-registered-domain", "non-functional-site", "olx-romania", "payment-harvesting", "payment-scam", "payment-solicitation", "phishing", "phishing-infrastructure", "phishing-site", "privacy-violation", "prize-giveaway", "prize-scam", "redirect-chain", "redirection-network", "roblox", "roblox-impersonation", "robux-scam", "scam", "session-token-theft", "shopify", "social-engineering", "spam-url", "spotify", "streaming-service", "suspicious-domain", "suspicious-infrastructure", "technical-support-scam", "texas-department-of-motor-vehicles", "traffic-redirection", "txtag", "untrusted-source", "unwanted-software", "urlert", "zalo-impersonation", "zoho-impersonation" ], "references": [ "https://urlert.com/domain/albb.mom", "https://urlert.com/domain/bqlxj.buzz", "https://urlert.com/domain/bunkrr.su", "https://urlert.com/domain/d9s3x4.com", "https://urlert.com/domain/dpdlocacj.cyou", "https://urlert.com/domain/e0e4.cfd", "https://urlert.com/domain/gekubov.top", "https://urlert.com/domain/govossb.autos", "https://urlert.com/domain/hazzy.cam", "https://urlert.com/domain/inovajud.com", "https://urlert.com/domain/it.com", "https://urlert.com/domain/kb57.vip", "https://urlert.com/domain/laeav.top", "https://urlert.com/domain/myshopify.com", "https://urlert.com/domain/nameonpoint.lol", "https://urlert.com/domain/roblox.com.ec", "https://urlert.com/domain/roblox.gf", "https://urlert.com/domain/softonic.com", "https://urlert.com/domain/streamimdb.ru", "https://urlert.com/domain/suppy.org" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce", "Technology" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 22, "hostname": 15, "URL": 29 }, "indicator_count": 66, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "23 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69fbe42d3036ddb4296481a3", "name": "URLert Daily Threat Intel \u2014 2026-05-07", "description": "URLert Daily Threat Intel \u2014 2026-05-07\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 49 | Indicators: 89\nConfirmed: 12 | Likely: 37\nTop threats: Phishing (38), Malware Hosting (5), Malvertising (3), Dropper (3)\nDomains: 5346815.help, apps.dj, bloomberginterviews.com, cfnfatprnttody.com, cineby.sc, com-long-5232054ff45.com, ct.ws, eu.cc, facebook.com, forms.gle, fut.ac, glydere.org, google.com, gvufwlo.top...\n\n49 unique threats producing 89 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-07T01:00:29.543000", "created": "2026-05-07T01:00:29.543000", "tags": [ "adult-content", "adult-content-lure", "adult-scam", "aldi-impersonation", "android-malware", "anubis", "apk-distribution", "automated-scan", "bloomberg-impersonation", "booking-com-impersonation", "brand-impersonation", "browser-locking", "clickbait-scam", "cloaking", "content-locker", "copyright-infringement", "costco", "credential-harvesting", "crepes-and-waffles", "daily-threat-intel", "data-collection", "dating-scam", "deceptive-ai-persona", "deceptive-campaigns", "deceptive-download", "deceptive-page", "deceptive-practices", "deceptive-redirect", "deceptive-scam", "deceptive-site", "disruptive-behavior", "dm", "dropper", "e-commerce-scam", "ea-sports", "education-scam", "email-harvesting", "evasion-tactic", "evasion-technique", "fake-giveaway", "fake-rewards", "fake-security-check", "fake-security-checkpoint", "fake-security-verification", "fake-store", "fake-survey", "fake-toll-charge", "fake-toll-scam", "fc26", "financial-fraud", "financial-scam", "fraud", "fraudulent-dating-services", "free-hosting", "gaming", "georgia-department-of-driver-services", "google-drive-impersonation", "google-forms-abuse", "google-impersonation", "government-impersonation", "imdb-impersonation", "information-theft", "investment-scam", "jollibee", "logistics-sector", "malicious-infrastructure", "malicious-redirect", "malicious-redirection", "malicious-redirects", "malvertising", "malware-delivery", "malware-distribution", "malware-vector", "medical-lure", "mercadolivre", "mexico-city", "microsoft", "microsoft-impersonation", "mobile-billing-scam", "modified-apk", "nacex-impersonation", "new-domain", "newly-registered-domain", "obfuscated-download", "parking-fine", "payment-information-harvesting", "payment-scam", "personal-information-harvesting", "phishing", "phishing-site", "phone-number-harvesting", "piracy", "premium-rate-sms", "premium-unlocked", "prize-scam", "proxy-detection-message", "questionnaire-scam", "random-domain", "redirect-chain", "redirects", "retail-scam", "scam", "scam-campaign", "scam-funnel", "scam-infrastructure", "scam-site", "social-engineering", "spotify-impersonation", "steam", "streaming-scam", "survey-scam", "suspicious-apk", "suspicious-domain", "suspicious-redirect", "t-mobile", "travel-scam", "typo-squatting", "typosquatting", "unofficial-app-distribution", "unrealistic-pricing", "url-shortener", "urlert", "user-manipulation", "weebly", "weebly-hosting" ], "references": [ "https://urlert.com/domain/5346815.help", "https://urlert.com/domain/apps.dj", "https://urlert.com/domain/bloomberginterviews.com", "https://urlert.com/domain/cfnfatprnttody.com", "https://urlert.com/domain/cineby.sc", "https://urlert.com/domain/com-long-5232054ff45.com", "https://urlert.com/domain/ct.ws", "https://urlert.com/domain/eu.cc", "https://urlert.com/domain/facebook.com", "https://urlert.com/domain/forms.gle", "https://urlert.com/domain/fut.ac", "https://urlert.com/domain/glydere.org", "https://urlert.com/domain/google.com", "https://urlert.com/domain/gvufwlo.top", "https://urlert.com/domain/heiut.top", "https://urlert.com/domain/humus.cam", "https://urlert.com/domain/jaexu.top", "https://urlert.com/domain/jitola.top", "https://urlert.com/domain/kluspz.com", "https://urlert.com/domain/ligshtshot.site" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Financial Services", "Government", "Healthcare", "Hospitality", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce", "Technology", "Telecommunications" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 25, "URL": 41, "hostname": 15 }, "indicator_count": 81, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "24 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "69fa92ab166e2463c8c45412", "name": "URLert Daily Threat Intel \u2014 2026-05-06", "description": "URLert Daily Threat Intel \u2014 2026-05-06\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 68 | Indicators: 122\nConfirmed: 19 | Likely: 49\nTop threats: Phishing (59), Malware Hosting (6), Dropper (2), Malvertising (1)\nDomains: 2fbef.net, acztr.buzz, adescargar.net, airupcanada.shop, alphavaultcore.co.in, apmtclfntoay.com, armsdiscountshop.com, assetstel.com, bit.ly, boldpage.net, bonomadres.com, bose-danmark.com...\n\n68 unique threats producing 122 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-06T01:00:27.945000", "created": "2026-05-06T01:00:27.945000", "tags": [ "2dehands-be-impersonation", "abused-registry", "aggressive-advertising", "air-up", "app-download-scam", "apple-id-phishing", "apple-impersonation", "automated-scan", "bose-impersonation", "brand-impersonation", "cashea", "cloudflare-impersonation", "coca-cola", "costco", "counterfeit-goods", "credential-harvesting", "cryptocurrency-investment-fraud", "cryptocurrency-scam", "cyprus-gesy", "daily-threat-intel", "data-harvesting", "deceptive-content", "deceptive-domain", "deceptive-downloads", "deceptive-gateway", "deceptive-lure", "deceptive-promises", "deceptive-redirect", "deceptive-tactics", "delivery-failure-notification", "direct-download", "dmv-impersonation", "dutch", "email-harvesting", "executable-archive", "fake-captcha", "fake-ecommerce", "fake-gift-offer", "fake-giveaway", "fake-login", "fake-prize-scam", "fake-security-check", "fake-security-impersonation", "fake-store", "fake-testimonials", "fake-video-player", "file-download-portal", "financial-fraud", "financial-impersonation", "financial-information-theft", "financial-scam", "financial-sector", "financial-services", "firearms-and-ammunition", "fiverr-impersonation", "fraud", "fraudulent-activity", "fraudulent-platform", "fraudulent-service", "fraudulent-storefront", "fraudulent-streaming", "fund-password-scam", "gambling-scam", "generic-registration-form", "government-impersonation", "gpt-scam", "high-risk-hosting", "imdb", "imdb-impersonation", "impersonation-domain", "information-gathering", "information-harvesting", "investment-fraud", "investment-scam", "lead-generation-scam", "lidl", "lidl-impersonation", "loan-scam", "malicious-downloads", "malicious-redirect", "malware-distribution", "malware-download", "malware-hosting", "media-entertainment", "mercado-livre", "mexico", "modded-apps", "new-domain", "newly-created-domain", "newly-registered-domain", "passcode-harvesting", "payload-delivery", "payment-fraud", "personal-data-harvesting", "personal-information-harvesting", "peru", "phishing", "phishing-site", "platform-abuse", "prize-giveaway", "prize-scam", "questionnaire-scam", "random-domain", "recently-registered-domain", "redirect-chain", "redirects", "retail-e-commerce", "retail-impersonation", "reverb-impersonation", "sadia-impersonation", "scam", "scam-funnel", "scam-hosting", "scam-site", "serviceontario", "sms-scam", "social-engineering", "social-engineering-scam", "steam", "streaming-service-scam", "survey-scam", "suspicious-domain", "suspicious-tld", "task-based-scam", "temporary-tunneling-service", "tiendas-3b", "unauthorized-software", "unrealistic-discounts", "untrusted-source", "unwanted-programs", "unwanted-software", "url-shortener", "urlert", "viral-scam", "wallapop-impersonation" ], "references": [ "https://urlert.com/domain/2fbef.net", "https://urlert.com/domain/acztr.buzz", "https://urlert.com/domain/adescargar.net", "https://urlert.com/domain/airupcanada.shop", "https://urlert.com/domain/alphavaultcore.co.in", "https://urlert.com/domain/apmtclfntoay.com", "https://urlert.com/domain/armsdiscountshop.com", "https://urlert.com/domain/assetstel.com", "https://urlert.com/domain/bit.ly", "https://urlert.com/domain/boldpage.net", "https://urlert.com/domain/bonomadres.com", "https://urlert.com/domain/bose-danmark.com", "https://urlert.com/domain/cmaptialytod.com", "https://urlert.com/domain/deliwekmwoiq.shop", "https://urlert.com/domain/findmy.gr", "https://urlert.com/domain/fmip-uk.info", "https://urlert.com/domain/gesycmzh.cfd", "https://urlert.com/domain/gob-best.top", "https://urlert.com/domain/google.com", "https://urlert.com/domain/gov-hyusq.help" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Healthcare", "Hospitality", "Media / Entertainment", "Retail / E-Commerce", "Technology" ], "TLP": "white", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 45, "URL": 58, "hostname": 13 }, "indicator_count": 116, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "25 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "streamimdb.ru", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "streamimdb.ru", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780242141.1273344 }