{
  "type": "URL",
  "indicator": "https://gusewin256.pro/",
  "general": {
    "sections": [
      "general",
      "url_list",
      "http_scans",
      "screenshot"
    ],
    "indicator": "https://gusewin256.pro/",
    "type": "url",
    "type_title": "URL",
    "validation": [],
    "base_indicator": {
      "id": 4291974674,
      "indicator": "https://gusewin256.pro/",
      "type": "URL",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "69cf1115225832368c9af150",
          "name": "URLert Daily Threat Intel \u2014 2026-04-03",
          "description": "URLert Daily Threat Intel \u2014 2026-04-03\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 165 | Indicators: 334\nConfirmed: 47 | Likely: 117 | Domain intel: 1\nTop threats: Phishing (148), Malware Hosting (12), Dropper (3), Scanning Host (1), RAT (1)\nDomains: 1cpmspv.top, 1drv.ms, 40gmail.com, 756193.xin, adescargar.net, adobe.com, ankergames.net, as-nfd.top, betioh.com, blogspot.com, bodyshopca.com, bv-dienstleistungen.de, ca-page.cyou, ca-pag...\n\n165 unique threats producing 334 actionable indicators. Generated by URLert automated threat intelligence.",
          "modified": "2026-05-03T00:28:39.989000",
          "created": "2026-04-03T01:00:05.191000",
          "tags": [
            "2fa-harvesting",
            "adult-app-distribution",
            "adult-content",
            "adware",
            "adware-risk",
            "agoda-impersonation",
            "ai-sweden-impersonation",
            "alaska",
            "alaska-dmv",
            "android-malware",
            "anonymous-sales",
            "apk-distribution",
            "apk-malware",
            "automated-scan",
            "blockchain-casino",
            "booking-com",
            "brand-impersonation",
            "brazil",
            "bulk-email-distribution",
            "california",
            "california-dmv-impersonation",
            "cloaking",
            "cloud-hosting",
            "cloudflare-abuse",
            "code-obfuscation",
            "combell-impersonation",
            "combosquatting",
            "compromised-government-site",
            "controlled-substances",
            "credential-harvesting",
            "credit-card-harvesting",
            "credit-card-scam",
            "credit-card-theft",
            "crypto-casino",
            "crypto-payments",
            "crypto-scam",
            "cryptocurrency-scam",
            "daily-threat-intel",
            "dao-impersonation",
            "dao-services",
            "data-harvesting",
            "deceptive-content",
            "deceptive-domain",
            "deceptive-landing-page",
            "deceptive-landing-pages",
            "deceptive-sales-tactics",
            "deceptive-site",
            "delivery-exception",
            "delivery-failure-scam",
            "delivery-scam",
            "device-access-attempt",
            "dhl",
            "digital-infrastructure-marketplace",
            "discord-impersonation",
            "discount-scam",
            "dmv",
            "document-lure",
            "document-sharing-scam",
            "docusign-impersonation",
            "domain-classification",
            "domain-squatting",
            "dpd",
            "dpd-impersonation",
            "dropper",
            "educational-content-piracy",
            "email-credentials",
            "evasion-technique",
            "facebook",
            "fake-captcha",
            "fake-checkout",
            "fake-citation",
            "fake-delivery-notice",
            "fake-delivery-notification",
            "fake-delivery-scam",
            "fake-document",
            "fake-document-preview",
            "fake-giveaway",
            "fake-income-opportunity",
            "fake-invoices",
            "fake-login",
            "fake-login-page",
            "fake-login-portal",
            "fake-online-store",
            "fake-payment-portal",
            "fake-profiles",
            "fake-security-check",
            "fake-store",
            "fake-toll",
            "fake-toll-notice",
            "fake-toll-scam",
            "fake-tracking-page",
            "fake-warning",
            "fanbox",
            "fantia-impersonation",
            "fifa",
            "file-sharing-impersonation",
            "financial-information-theft",
            "financial-institution-impersonation",
            "financial-scam",
            "fiverr",
            "foot-locker-impersonation",
            "footlocker",
            "forced-installation",
            "fraudulent",
            "fraudulent-operation",
            "gamers",
            "gibberish-domain",
            "gift-voucher-scam",
            "github-pages",
            "giveaway-scam",
            "glp-1-agonists",
            "gmail-impersonation",
            "google-docs",
            "google-impersonation",
            "google-sheets-impersonation",
            "government-impersonation",
            "government-services",
            "grayware",
            "high-abuse-domain",
            "high-risk-domain",
            "high-risk-downloads",
            "high-risk-tld",
            "high-traffic-site",
            "hospitality-targeting",
            "ic-markets-impersonation",
            "illegal-pharmacy",
            "impersonation",
            "information-gathering",
            "information-harvesting",
            "intelcom",
            "invite-code-scam",
            "ipfs-abuse",
            "israel-post",
            "law-firm-impersonation",
            "legitimate-domain-abuse",
            "legitimate-service-abuse",
            "login-page",
            "login-portal",
            "logistics",
            "logistics-delivery",
            "logistics-scam",
            "logistics-sector",
            "logistics-supply-chain",
            "louisiana-omv-impersonation",
            "malicious-domain",
            "malicious-link-shortener",
            "malicious-links",
            "malicious-redirect",
            "malicious-redirector",
            "malicious-redirects",
            "malvertising",
            "malware-delivery",
            "malware-distribution",
            "malware-hosting",
            "malware-risk",
            "maryland-mva",
            "media-markt-impersonation",
            "mediamarkt",
            "microsoft",
            "microsoft-forms-abuse",
            "microsoft-impersonation",
            "mobile-malware",
            "modified-apk-distribution",
            "nacex-impersonation",
            "ncdot",
            "nebula-x-impersonation",
            "netlify-abuse",
            "netlify-hosting",
            "new-domain",
            "newly-registered-domain",
            "nft-platform",
            "oklahoma-department-of-public-safety",
            "online-casino",
            "online-scam",
            "oxycodone",
            "package-delivery-scam",
            "payment-bypass",
            "payment-harvesting",
            "payment-information-harvesting",
            "payment-scam",
            "paypal-impersonation",
            "pennsylvania",
            "personal-data-harvesting",
            "personal-information-collection",
            "personal-information-harvesting",
            "personal-information-theft",
            "phishing",
            "phishing-infrastructure",
            "phishing-kit",
            "phishing-landing-page",
            "phishing-lure",
            "phishing-page",
            "phishing-site",
            "phone-number-collection",
            "piracy",
            "pirated-software",
            "privacy-invasion",
            "prize-scam",
            "project-proposal-scam",
            "pw-thor",
            "rapid-links-net",
            "recently-registered-domain",
            "reconnaissance",
            "redirect",
            "redirect-chain",
            "redirector",
            "refund-scam",
            "replit-abuse",
            "retail-impersonation",
            "retail-scam",
            "retail-targeting",
            "roblox",
            "roblox-impersonation",
            "rom-hosting",
            "romania",
            "roundcube-webmail",
            "sameday-impersonation",
            "scam",
            "scam-domain",
            "scam-pages",
            "scam-site",
            "scanner-evasion",
            "schylling",
            "security-bypass",
            "security-challenge-bypass",
            "serviceontario",
            "serviceontario-impersonation",
            "shein-impersonation",
            "slide-to-verify",
            "smishing",
            "social-media-impersonation",
            "software-piracy",
            "spam-distribution",
            "spam-facilitation",
            "spyware",
            "steam",
            "steam-account-theft",
            "stolen-credit-cards",
            "suspicious-domain",
            "suspicious-domain-extension",
            "suspicious-downloads",
            "targeted-attack",
            "technology-sector",
            "telegram-impersonation",
            "telegram-verification-scam",
            "tesco",
            "tesco-impersonation",
            "tiktok",
            "tiktok-impersonation",
            "tiktok-shop-impersonation",
            "tk-shop",
            "toll-scam",
            "traffic-citation-scam",
            "typosquatting",
            "unaccountable-infrastructure",
            "unauthorized-access",
            "unauthorized-content",
            "unauthorized-prescription-drugs",
            "university-brescia",
            "unrealistic-discounts",
            "unscanned-files",
            "unverified-software",
            "unwanted-programs",
            "unwanted-software",
            "urgency-scam",
            "urgency-tactics",
            "url-obscurity",
            "url-shortener",
            "url-shortener-abuse",
            "urlert",
            "video-downloader",
            "vitkac-impersonation",
            "vulnerability-scanning",
            "weebly-abuse",
            "youtube-spam"
          ],
          "references": [
            "https://urlert.com/domain/1cpmspv.top",
            "https://urlert.com/domain/1drv.ms",
            "https://urlert.com/domain/40gmail.com",
            "https://urlert.com/domain/756193.xin",
            "https://urlert.com/domain/adescargar.net",
            "https://urlert.com/domain/adobe.com",
            "https://urlert.com/domain/ankergames.net",
            "https://urlert.com/domain/as-nfd.top",
            "https://urlert.com/domain/betioh.com",
            "https://urlert.com/domain/blogspot.com",
            "https://urlert.com/domain/bodyshopca.com",
            "https://urlert.com/domain/bv-dienstleistungen.de",
            "https://urlert.com/domain/ca-page.cyou",
            "https://urlert.com/domain/ca-page.shop",
            "https://urlert.com/domain/cgod.shop",
            "https://urlert.com/domain/ckq.cc",
            "https://urlert.com/domain/com-azije.cc",
            "https://urlert.com/domain/communityitemarts.co",
            "https://urlert.com/domain/create-logo-maker.net",
            "https://urlert.com/domain/cvmr.life"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [],
          "industries": [
            "Education",
            "Financial Services",
            "Government",
            "Healthcare",
            "Hospitality",
            "Legal Services",
            "Logistics / Supply Chain",
            "Media / Entertainment",
            "Real Estate",
            "Retail / E-Commerce",
            "Technology"
          ],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 0,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "api",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "urlert_intel",
            "id": "386175",
            "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "domain": 98,
            "hostname": 55,
            "URL": 104
          },
          "indicator_count": 257,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 30,
          "modified_text": "28 days ago ",
          "is_modified": true,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": false,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "URL",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "https://urlert.com/domain/communityitemarts.co",
        "https://urlert.com/domain/adescargar.net",
        "https://urlert.com/domain/756193.xin",
        "https://urlert.com/domain/40gmail.com",
        "https://urlert.com/domain/as-nfd.top",
        "https://urlert.com/domain/ckq.cc",
        "https://urlert.com/domain/ca-page.shop",
        "https://urlert.com/domain/betioh.com",
        "https://urlert.com/domain/bodyshopca.com",
        "https://urlert.com/domain/com-azije.cc",
        "https://urlert.com/domain/adobe.com",
        "https://urlert.com/domain/1cpmspv.top",
        "https://urlert.com/domain/ca-page.cyou",
        "https://urlert.com/domain/create-logo-maker.net",
        "https://urlert.com/domain/ankergames.net",
        "https://urlert.com/domain/1drv.ms",
        "https://urlert.com/domain/cvmr.life",
        "https://urlert.com/domain/blogspot.com",
        "https://urlert.com/domain/cgod.shop",
        "https://urlert.com/domain/bv-dienstleistungen.de"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": [],
          "unique_indicators": 0
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": [
            "Education",
            "Legal services",
            "Hospitality",
            "Logistics / supply chain",
            "Real estate",
            "Financial services",
            "Media / entertainment",
            "Technology",
            "Healthcare",
            "Retail / e-commerce",
            "Government"
          ],
          "unique_indicators": 329
        }
      }
    },
    "false_positive": [],
    "alexa": "http://www.alexa.com/siteinfo/gusewin256.pro",
    "whois": "http://whois.domaintools.com/gusewin256.pro",
    "domain": "gusewin256.pro",
    "hostname": "Unavailable"
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "69cf1115225832368c9af150",
      "name": "URLert Daily Threat Intel \u2014 2026-04-03",
      "description": "URLert Daily Threat Intel \u2014 2026-04-03\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 165 | Indicators: 334\nConfirmed: 47 | Likely: 117 | Domain intel: 1\nTop threats: Phishing (148), Malware Hosting (12), Dropper (3), Scanning Host (1), RAT (1)\nDomains: 1cpmspv.top, 1drv.ms, 40gmail.com, 756193.xin, adescargar.net, adobe.com, ankergames.net, as-nfd.top, betioh.com, blogspot.com, bodyshopca.com, bv-dienstleistungen.de, ca-page.cyou, ca-pag...\n\n165 unique threats producing 334 actionable indicators. Generated by URLert automated threat intelligence.",
      "modified": "2026-05-03T00:28:39.989000",
      "created": "2026-04-03T01:00:05.191000",
      "tags": [
        "2fa-harvesting",
        "adult-app-distribution",
        "adult-content",
        "adware",
        "adware-risk",
        "agoda-impersonation",
        "ai-sweden-impersonation",
        "alaska",
        "alaska-dmv",
        "android-malware",
        "anonymous-sales",
        "apk-distribution",
        "apk-malware",
        "automated-scan",
        "blockchain-casino",
        "booking-com",
        "brand-impersonation",
        "brazil",
        "bulk-email-distribution",
        "california",
        "california-dmv-impersonation",
        "cloaking",
        "cloud-hosting",
        "cloudflare-abuse",
        "code-obfuscation",
        "combell-impersonation",
        "combosquatting",
        "compromised-government-site",
        "controlled-substances",
        "credential-harvesting",
        "credit-card-harvesting",
        "credit-card-scam",
        "credit-card-theft",
        "crypto-casino",
        "crypto-payments",
        "crypto-scam",
        "cryptocurrency-scam",
        "daily-threat-intel",
        "dao-impersonation",
        "dao-services",
        "data-harvesting",
        "deceptive-content",
        "deceptive-domain",
        "deceptive-landing-page",
        "deceptive-landing-pages",
        "deceptive-sales-tactics",
        "deceptive-site",
        "delivery-exception",
        "delivery-failure-scam",
        "delivery-scam",
        "device-access-attempt",
        "dhl",
        "digital-infrastructure-marketplace",
        "discord-impersonation",
        "discount-scam",
        "dmv",
        "document-lure",
        "document-sharing-scam",
        "docusign-impersonation",
        "domain-classification",
        "domain-squatting",
        "dpd",
        "dpd-impersonation",
        "dropper",
        "educational-content-piracy",
        "email-credentials",
        "evasion-technique",
        "facebook",
        "fake-captcha",
        "fake-checkout",
        "fake-citation",
        "fake-delivery-notice",
        "fake-delivery-notification",
        "fake-delivery-scam",
        "fake-document",
        "fake-document-preview",
        "fake-giveaway",
        "fake-income-opportunity",
        "fake-invoices",
        "fake-login",
        "fake-login-page",
        "fake-login-portal",
        "fake-online-store",
        "fake-payment-portal",
        "fake-profiles",
        "fake-security-check",
        "fake-store",
        "fake-toll",
        "fake-toll-notice",
        "fake-toll-scam",
        "fake-tracking-page",
        "fake-warning",
        "fanbox",
        "fantia-impersonation",
        "fifa",
        "file-sharing-impersonation",
        "financial-information-theft",
        "financial-institution-impersonation",
        "financial-scam",
        "fiverr",
        "foot-locker-impersonation",
        "footlocker",
        "forced-installation",
        "fraudulent",
        "fraudulent-operation",
        "gamers",
        "gibberish-domain",
        "gift-voucher-scam",
        "github-pages",
        "giveaway-scam",
        "glp-1-agonists",
        "gmail-impersonation",
        "google-docs",
        "google-impersonation",
        "google-sheets-impersonation",
        "government-impersonation",
        "government-services",
        "grayware",
        "high-abuse-domain",
        "high-risk-domain",
        "high-risk-downloads",
        "high-risk-tld",
        "high-traffic-site",
        "hospitality-targeting",
        "ic-markets-impersonation",
        "illegal-pharmacy",
        "impersonation",
        "information-gathering",
        "information-harvesting",
        "intelcom",
        "invite-code-scam",
        "ipfs-abuse",
        "israel-post",
        "law-firm-impersonation",
        "legitimate-domain-abuse",
        "legitimate-service-abuse",
        "login-page",
        "login-portal",
        "logistics",
        "logistics-delivery",
        "logistics-scam",
        "logistics-sector",
        "logistics-supply-chain",
        "louisiana-omv-impersonation",
        "malicious-domain",
        "malicious-link-shortener",
        "malicious-links",
        "malicious-redirect",
        "malicious-redirector",
        "malicious-redirects",
        "malvertising",
        "malware-delivery",
        "malware-distribution",
        "malware-hosting",
        "malware-risk",
        "maryland-mva",
        "media-markt-impersonation",
        "mediamarkt",
        "microsoft",
        "microsoft-forms-abuse",
        "microsoft-impersonation",
        "mobile-malware",
        "modified-apk-distribution",
        "nacex-impersonation",
        "ncdot",
        "nebula-x-impersonation",
        "netlify-abuse",
        "netlify-hosting",
        "new-domain",
        "newly-registered-domain",
        "nft-platform",
        "oklahoma-department-of-public-safety",
        "online-casino",
        "online-scam",
        "oxycodone",
        "package-delivery-scam",
        "payment-bypass",
        "payment-harvesting",
        "payment-information-harvesting",
        "payment-scam",
        "paypal-impersonation",
        "pennsylvania",
        "personal-data-harvesting",
        "personal-information-collection",
        "personal-information-harvesting",
        "personal-information-theft",
        "phishing",
        "phishing-infrastructure",
        "phishing-kit",
        "phishing-landing-page",
        "phishing-lure",
        "phishing-page",
        "phishing-site",
        "phone-number-collection",
        "piracy",
        "pirated-software",
        "privacy-invasion",
        "prize-scam",
        "project-proposal-scam",
        "pw-thor",
        "rapid-links-net",
        "recently-registered-domain",
        "reconnaissance",
        "redirect",
        "redirect-chain",
        "redirector",
        "refund-scam",
        "replit-abuse",
        "retail-impersonation",
        "retail-scam",
        "retail-targeting",
        "roblox",
        "roblox-impersonation",
        "rom-hosting",
        "romania",
        "roundcube-webmail",
        "sameday-impersonation",
        "scam",
        "scam-domain",
        "scam-pages",
        "scam-site",
        "scanner-evasion",
        "schylling",
        "security-bypass",
        "security-challenge-bypass",
        "serviceontario",
        "serviceontario-impersonation",
        "shein-impersonation",
        "slide-to-verify",
        "smishing",
        "social-media-impersonation",
        "software-piracy",
        "spam-distribution",
        "spam-facilitation",
        "spyware",
        "steam",
        "steam-account-theft",
        "stolen-credit-cards",
        "suspicious-domain",
        "suspicious-domain-extension",
        "suspicious-downloads",
        "targeted-attack",
        "technology-sector",
        "telegram-impersonation",
        "telegram-verification-scam",
        "tesco",
        "tesco-impersonation",
        "tiktok",
        "tiktok-impersonation",
        "tiktok-shop-impersonation",
        "tk-shop",
        "toll-scam",
        "traffic-citation-scam",
        "typosquatting",
        "unaccountable-infrastructure",
        "unauthorized-access",
        "unauthorized-content",
        "unauthorized-prescription-drugs",
        "university-brescia",
        "unrealistic-discounts",
        "unscanned-files",
        "unverified-software",
        "unwanted-programs",
        "unwanted-software",
        "urgency-scam",
        "urgency-tactics",
        "url-obscurity",
        "url-shortener",
        "url-shortener-abuse",
        "urlert",
        "video-downloader",
        "vitkac-impersonation",
        "vulnerability-scanning",
        "weebly-abuse",
        "youtube-spam"
      ],
      "references": [
        "https://urlert.com/domain/1cpmspv.top",
        "https://urlert.com/domain/1drv.ms",
        "https://urlert.com/domain/40gmail.com",
        "https://urlert.com/domain/756193.xin",
        "https://urlert.com/domain/adescargar.net",
        "https://urlert.com/domain/adobe.com",
        "https://urlert.com/domain/ankergames.net",
        "https://urlert.com/domain/as-nfd.top",
        "https://urlert.com/domain/betioh.com",
        "https://urlert.com/domain/blogspot.com",
        "https://urlert.com/domain/bodyshopca.com",
        "https://urlert.com/domain/bv-dienstleistungen.de",
        "https://urlert.com/domain/ca-page.cyou",
        "https://urlert.com/domain/ca-page.shop",
        "https://urlert.com/domain/cgod.shop",
        "https://urlert.com/domain/ckq.cc",
        "https://urlert.com/domain/com-azije.cc",
        "https://urlert.com/domain/communityitemarts.co",
        "https://urlert.com/domain/create-logo-maker.net",
        "https://urlert.com/domain/cvmr.life"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [],
      "industries": [
        "Education",
        "Financial Services",
        "Government",
        "Healthcare",
        "Hospitality",
        "Legal Services",
        "Logistics / Supply Chain",
        "Media / Entertainment",
        "Real Estate",
        "Retail / E-Commerce",
        "Technology"
      ],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 0,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "api",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "urlert_intel",
        "id": "386175",
        "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "domain": 98,
        "hostname": 55,
        "URL": 104
      },
      "indicator_count": 257,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 30,
      "modified_text": "28 days ago ",
      "is_modified": true,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": false,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "URL",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "https://gusewin256.pro/",
    "type": "URL"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "https://gusewin256.pro/",
    "type": "URL",
    "found": false,
    "verdict": "clean",
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780224501.1785953
}