{ "type": "URL", "indicator": "https://findzu.net", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://findzu.net", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4317810546, "indicator": "https://findzu.net", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "69e42a619c0c8949c578f81e", "name": "URLert Daily Threat Intel \u2014 2026-04-19", "description": "URLert Daily Threat Intel \u2014 2026-04-19\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 41 | Indicators: 71\nConfirmed: 14 | Likely: 25 | Domain intel: 2\nTop threats: Phishing (29), Malvertising (3), Dropper (3), Malware Hosting (2), Unknown (2)\nDomains: bitunixg.com, bunnyband.com, casajoys.com, cashboost.live, create-road.my, dahl.su, dahlmessenger.com, digital-solves.com, direct-link.net, earndailly9ja.com.ng, findzu.net, gesowin77.pro,...\n\n41 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-18T22:17:43.844000", "created": "2026-04-19T01:05:37.600000", "tags": [ "account-verification-scam", "adware", "android-malware", "anti-analysis", "app-impersonation", "automated-scan", "backend-infrastructure", "binary-options-scam", "brand-impersonation", "brazil", "browser-locking-scam", "cloaking", "communication-decryption", "communication-eavesdropping", "communication-interception", "content-gating", "costco", "counterfeit-apps", "counterfeit-cards", "counterfeit-money", "cpf", "credential-harvesting", "crypto-scam", "cryptocurrency", "cryptocurrency-scam", "daily-threat-intel", "data-exfiltration", "data-harvesting", "deceptive-content", "deceptive-domain", "deceptive-practices", "deceptive-promotion", "deposit-scam", "domain-classification", "evasive-techniques", "extortion", "fake-news", "fake-parking-ticket", "fake-platform", "fake-reward", "fake-statistics", "fake-survey", "fake-testimonials", "financial-fraud", "financial-scam", "fiverr", "fiverr-impersonation", "fraudulent", "fraudulent-sales", "gambling-scam", "get-rich-quick-scheme", "giveaway-scam", "globe-x", "google-docs-hosting", "government-impersonation", "green-energy-investment", "high-risk-tld", "high-yield-investment-program", "impersonation", "imvu", "investment-fraud", "investment-scam", "jurassic-world", "legitimate-platform-abuse", "linkvertise", "login-portal", "logistics", "malicious-downloads", "malicious-infrastructure", "malicious-redirect", "malicious-redirector", "malicious-site", "malware-delivery", "malware-distribution", "man-in-the-middle", "manitoba-government", "mitm-attacks", "new-domain", "newly-registered-domain", "payment-harvesting", "phishing", "pig-butchering", "pii-collection", "potentially-unwanted-software", "privacy-risk", "privacy-violation", "redirect-chain", "redirector", "rekonise-platform", "revanced-impersonation", "roblox", "roblox-impersonation", "scam", "scam-site", "shufersal-impersonation", "social-engineering", "social-media-engagement", "suspicious-network", "suspicious-redirects", "task-based-scam", "task-scam", "telega.me", "telegram-traffic", "telegram-traffic-interception", "third-party-telegram-client", "traffic-distribution-system", "traffic-interception", "twitter-impersonation", "typo-squatting", "typosquatting", "unauthorized-tracking", "unrealistic-returns", "unwanted-content", "unwanted-software", "urlert", "weakened-encryption", "webcam-capture", "withdrawal-scam" ], "references": [ "https://urlert.com/domain/bitunixg.com", "https://urlert.com/domain/bunnyband.com", "https://urlert.com/domain/casajoys.com", "https://urlert.com/domain/cashboost.live", "https://urlert.com/domain/create-road.my", "https://urlert.com/domain/dahl.su", "https://urlert.com/domain/dahlmessenger.com", "https://urlert.com/domain/digital-solves.com", "https://urlert.com/domain/direct-link.net", "https://urlert.com/domain/earndailly9ja.com.ng", "https://urlert.com/domain/findzu.net", "https://urlert.com/domain/gesowin77.pro", "https://urlert.com/domain/github.io", "https://urlert.com/domain/google.com", "https://urlert.com/domain/httpps-roblox.co", "https://urlert.com/domain/iqkf.com", "https://urlert.com/domain/irevenue.co", "https://urlert.com/domain/logistica-central.online", "https://urlert.com/domain/manitoba-fine-payment.cfd", "https://urlert.com/domain/mycostperks.site" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 24, "URL": 25, "hostname": 4 }, "indicator_count": 53, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "12 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "69ed6874491be5ba0e959599", "name": "URLert Daily Threat Intel \u2014 2026-04-19", "description": "URLert Daily Threat Intel \u2014 2026-04-19\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 41 | Indicators: 71\nConfirmed: 14 | Likely: 25 | Domain intel: 2\nTop threats: Phishing (29), Malvertising (3), Dropper (3), Malware Hosting (2), Unknown (2)\nDomains: bitunixg.com, bunnyband.com, casajoys.com, cashboost.live, create-road.my, dahl.su, dahlmessenger.com, digital-solves.com, direct-link.net, earndailly9ja.com.ng, findzu.net, gesowin77.pro,...\n\n41 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-18T22:17:43.844000", "created": "2026-04-26T01:20:52.086000", "tags": [ "account-verification-scam", "adware", "android-malware", "anti-analysis", "app-impersonation", "automated-scan", "backend-infrastructure", "binary-options-scam", "brand-impersonation", "brazil", "browser-locking-scam", "cloaking", "communication-decryption", "communication-eavesdropping", "communication-interception", "content-gating", "costco", "counterfeit-apps", "counterfeit-cards", "counterfeit-money", "cpf", "credential-harvesting", "crypto-scam", "cryptocurrency", "cryptocurrency-scam", "daily-threat-intel", "data-exfiltration", "data-harvesting", "deceptive-content", "deceptive-domain", "deceptive-practices", "deceptive-promotion", "deposit-scam", "domain-classification", "evasive-techniques", "extortion", "fake-news", "fake-parking-ticket", "fake-platform", "fake-reward", "fake-statistics", "fake-survey", "fake-testimonials", "financial-fraud", "financial-scam", "fiverr", "fiverr-impersonation", "fraudulent", "fraudulent-sales", "gambling-scam", "get-rich-quick-scheme", "giveaway-scam", "globe-x", "google-docs-hosting", "government-impersonation", "green-energy-investment", "high-risk-tld", "high-yield-investment-program", "impersonation", "imvu", "investment-fraud", "investment-scam", "jurassic-world", "legitimate-platform-abuse", "linkvertise", "login-portal", "logistics", "malicious-downloads", "malicious-infrastructure", "malicious-redirect", "malicious-redirector", "malicious-site", "malware-delivery", "malware-distribution", "man-in-the-middle", "manitoba-government", "mitm-attacks", "new-domain", "newly-registered-domain", "payment-harvesting", "phishing", "pig-butchering", "pii-collection", "potentially-unwanted-software", "privacy-risk", "privacy-violation", "redirect-chain", "redirector", "rekonise-platform", "revanced-impersonation", "roblox", "roblox-impersonation", "scam", "scam-site", "shufersal-impersonation", "social-engineering", "social-media-engagement", "suspicious-network", "suspicious-redirects", "task-based-scam", "task-scam", "telega.me", "telegram-traffic", "telegram-traffic-interception", "third-party-telegram-client", "traffic-distribution-system", "traffic-interception", "twitter-impersonation", "typo-squatting", "typosquatting", "unauthorized-tracking", "unrealistic-returns", "unwanted-content", "unwanted-software", "urlert", "weakened-encryption", "webcam-capture", "withdrawal-scam" ], "references": [ "https://urlert.com/domain/bitunixg.com", "https://urlert.com/domain/bunnyband.com", "https://urlert.com/domain/casajoys.com", "https://urlert.com/domain/cashboost.live", "https://urlert.com/domain/create-road.my", "https://urlert.com/domain/dahl.su", "https://urlert.com/domain/dahlmessenger.com", "https://urlert.com/domain/digital-solves.com", "https://urlert.com/domain/direct-link.net", "https://urlert.com/domain/earndailly9ja.com.ng", "https://urlert.com/domain/findzu.net", "https://urlert.com/domain/gesowin77.pro", "https://urlert.com/domain/github.io", "https://urlert.com/domain/google.com", "https://urlert.com/domain/httpps-roblox.co", "https://urlert.com/domain/iqkf.com", "https://urlert.com/domain/irevenue.co", "https://urlert.com/domain/logistica-central.online", "https://urlert.com/domain/manitoba-fine-payment.cfd", "https://urlert.com/domain/mycostperks.site" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 24, "URL": 25, "hostname": 4 }, "indicator_count": 53, "is_author": false, "is_subscribing": null, "subscriber_count": 31, "modified_text": "12 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "https://urlert.com/domain/direct-link.net", "https://urlert.com/domain/earndailly9ja.com.ng", "https://urlert.com/domain/gesowin77.pro", "https://urlert.com/domain/cashboost.live", "https://urlert.com/domain/manitoba-fine-payment.cfd", "https://urlert.com/domain/bunnyband.com", "https://urlert.com/domain/google.com", "https://urlert.com/domain/dahlmessenger.com", "https://urlert.com/domain/create-road.my", "https://urlert.com/domain/logistica-central.online", "https://urlert.com/domain/mycostperks.site", "https://urlert.com/domain/casajoys.com", "https://urlert.com/domain/dahl.su", "https://urlert.com/domain/httpps-roblox.co", "https://urlert.com/domain/digital-solves.com", "https://urlert.com/domain/irevenue.co", "https://urlert.com/domain/bitunixg.com", "https://urlert.com/domain/findzu.net", "https://urlert.com/domain/github.io", "https://urlert.com/domain/iqkf.com" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [ "Media / entertainment", "Financial services", "Government", "Logistics / supply chain", "Retail / e-commerce" ], "unique_indicators": 66 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/findzu.net", "whois": "http://whois.domaintools.com/findzu.net", "domain": "findzu.net", "hostname": "Unavailable" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "69e42a619c0c8949c578f81e", "name": "URLert Daily Threat Intel \u2014 2026-04-19", "description": "URLert Daily Threat Intel \u2014 2026-04-19\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 41 | Indicators: 71\nConfirmed: 14 | Likely: 25 | Domain intel: 2\nTop threats: Phishing (29), Malvertising (3), Dropper (3), Malware Hosting (2), Unknown (2)\nDomains: bitunixg.com, bunnyband.com, casajoys.com, cashboost.live, create-road.my, dahl.su, dahlmessenger.com, digital-solves.com, direct-link.net, earndailly9ja.com.ng, findzu.net, gesowin77.pro,...\n\n41 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-18T22:17:43.844000", "created": "2026-04-19T01:05:37.600000", "tags": [ "account-verification-scam", "adware", "android-malware", "anti-analysis", "app-impersonation", "automated-scan", "backend-infrastructure", "binary-options-scam", "brand-impersonation", "brazil", "browser-locking-scam", "cloaking", "communication-decryption", "communication-eavesdropping", "communication-interception", "content-gating", "costco", "counterfeit-apps", "counterfeit-cards", "counterfeit-money", "cpf", "credential-harvesting", "crypto-scam", "cryptocurrency", "cryptocurrency-scam", "daily-threat-intel", "data-exfiltration", "data-harvesting", "deceptive-content", "deceptive-domain", "deceptive-practices", "deceptive-promotion", "deposit-scam", "domain-classification", "evasive-techniques", "extortion", "fake-news", "fake-parking-ticket", "fake-platform", "fake-reward", "fake-statistics", "fake-survey", "fake-testimonials", "financial-fraud", "financial-scam", "fiverr", "fiverr-impersonation", "fraudulent", "fraudulent-sales", "gambling-scam", "get-rich-quick-scheme", "giveaway-scam", "globe-x", "google-docs-hosting", "government-impersonation", "green-energy-investment", "high-risk-tld", "high-yield-investment-program", "impersonation", "imvu", "investment-fraud", "investment-scam", "jurassic-world", "legitimate-platform-abuse", "linkvertise", "login-portal", "logistics", "malicious-downloads", "malicious-infrastructure", "malicious-redirect", "malicious-redirector", "malicious-site", "malware-delivery", "malware-distribution", "man-in-the-middle", "manitoba-government", "mitm-attacks", "new-domain", "newly-registered-domain", "payment-harvesting", "phishing", "pig-butchering", "pii-collection", "potentially-unwanted-software", "privacy-risk", "privacy-violation", "redirect-chain", "redirector", "rekonise-platform", "revanced-impersonation", "roblox", "roblox-impersonation", "scam", "scam-site", "shufersal-impersonation", "social-engineering", "social-media-engagement", "suspicious-network", "suspicious-redirects", "task-based-scam", "task-scam", "telega.me", "telegram-traffic", "telegram-traffic-interception", "third-party-telegram-client", "traffic-distribution-system", "traffic-interception", "twitter-impersonation", "typo-squatting", "typosquatting", "unauthorized-tracking", "unrealistic-returns", "unwanted-content", "unwanted-software", "urlert", "weakened-encryption", "webcam-capture", "withdrawal-scam" ], "references": [ "https://urlert.com/domain/bitunixg.com", "https://urlert.com/domain/bunnyband.com", "https://urlert.com/domain/casajoys.com", "https://urlert.com/domain/cashboost.live", "https://urlert.com/domain/create-road.my", "https://urlert.com/domain/dahl.su", "https://urlert.com/domain/dahlmessenger.com", "https://urlert.com/domain/digital-solves.com", "https://urlert.com/domain/direct-link.net", "https://urlert.com/domain/earndailly9ja.com.ng", "https://urlert.com/domain/findzu.net", "https://urlert.com/domain/gesowin77.pro", "https://urlert.com/domain/github.io", "https://urlert.com/domain/google.com", "https://urlert.com/domain/httpps-roblox.co", "https://urlert.com/domain/iqkf.com", "https://urlert.com/domain/irevenue.co", "https://urlert.com/domain/logistica-central.online", "https://urlert.com/domain/manitoba-fine-payment.cfd", "https://urlert.com/domain/mycostperks.site" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 1, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 24, "URL": 25, "hostname": 4 }, "indicator_count": 53, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "12 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "69ed6874491be5ba0e959599", "name": "URLert Daily Threat Intel \u2014 2026-04-19", "description": "URLert Daily Threat Intel \u2014 2026-04-19\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 41 | Indicators: 71\nConfirmed: 14 | Likely: 25 | Domain intel: 2\nTop threats: Phishing (29), Malvertising (3), Dropper (3), Malware Hosting (2), Unknown (2)\nDomains: bitunixg.com, bunnyband.com, casajoys.com, cashboost.live, create-road.my, dahl.su, dahlmessenger.com, digital-solves.com, direct-link.net, earndailly9ja.com.ng, findzu.net, gesowin77.pro,...\n\n41 unique threats producing 71 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-18T22:17:43.844000", "created": "2026-04-26T01:20:52.086000", "tags": [ "account-verification-scam", "adware", "android-malware", "anti-analysis", "app-impersonation", "automated-scan", "backend-infrastructure", "binary-options-scam", "brand-impersonation", "brazil", "browser-locking-scam", "cloaking", "communication-decryption", "communication-eavesdropping", "communication-interception", "content-gating", "costco", "counterfeit-apps", "counterfeit-cards", "counterfeit-money", "cpf", "credential-harvesting", "crypto-scam", "cryptocurrency", "cryptocurrency-scam", "daily-threat-intel", "data-exfiltration", "data-harvesting", "deceptive-content", "deceptive-domain", "deceptive-practices", "deceptive-promotion", "deposit-scam", "domain-classification", "evasive-techniques", "extortion", "fake-news", "fake-parking-ticket", "fake-platform", "fake-reward", "fake-statistics", "fake-survey", "fake-testimonials", "financial-fraud", "financial-scam", "fiverr", "fiverr-impersonation", "fraudulent", "fraudulent-sales", "gambling-scam", "get-rich-quick-scheme", "giveaway-scam", "globe-x", "google-docs-hosting", "government-impersonation", "green-energy-investment", "high-risk-tld", "high-yield-investment-program", "impersonation", "imvu", "investment-fraud", "investment-scam", "jurassic-world", "legitimate-platform-abuse", "linkvertise", "login-portal", "logistics", "malicious-downloads", "malicious-infrastructure", "malicious-redirect", "malicious-redirector", "malicious-site", "malware-delivery", "malware-distribution", "man-in-the-middle", "manitoba-government", "mitm-attacks", "new-domain", "newly-registered-domain", "payment-harvesting", "phishing", "pig-butchering", "pii-collection", "potentially-unwanted-software", "privacy-risk", "privacy-violation", "redirect-chain", "redirector", "rekonise-platform", "revanced-impersonation", "roblox", "roblox-impersonation", "scam", "scam-site", "shufersal-impersonation", "social-engineering", "social-media-engagement", "suspicious-network", "suspicious-redirects", "task-based-scam", "task-scam", "telega.me", "telegram-traffic", "telegram-traffic-interception", "third-party-telegram-client", "traffic-distribution-system", "traffic-interception", "twitter-impersonation", "typo-squatting", "typosquatting", "unauthorized-tracking", "unrealistic-returns", "unwanted-content", "unwanted-software", "urlert", "weakened-encryption", "webcam-capture", "withdrawal-scam" ], "references": [ "https://urlert.com/domain/bitunixg.com", "https://urlert.com/domain/bunnyband.com", "https://urlert.com/domain/casajoys.com", "https://urlert.com/domain/cashboost.live", "https://urlert.com/domain/create-road.my", "https://urlert.com/domain/dahl.su", "https://urlert.com/domain/dahlmessenger.com", "https://urlert.com/domain/digital-solves.com", "https://urlert.com/domain/direct-link.net", "https://urlert.com/domain/earndailly9ja.com.ng", "https://urlert.com/domain/findzu.net", "https://urlert.com/domain/gesowin77.pro", "https://urlert.com/domain/github.io", "https://urlert.com/domain/google.com", "https://urlert.com/domain/httpps-roblox.co", "https://urlert.com/domain/iqkf.com", "https://urlert.com/domain/irevenue.co", "https://urlert.com/domain/logistica-central.online", "https://urlert.com/domain/manitoba-fine-payment.cfd", "https://urlert.com/domain/mycostperks.site" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Government", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 24, "URL": 25, "hostname": 4 }, "indicator_count": 53, "is_author": false, "is_subscribing": null, "subscriber_count": 31, "modified_text": "12 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://findzu.net", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://findzu.net", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780234779.6254265 }