{
  "type": "URL",
  "indicator": "https://monexyit.cfd",
  "general": {
    "sections": [
      "general",
      "url_list",
      "http_scans",
      "screenshot"
    ],
    "indicator": "https://monexyit.cfd",
    "type": "url",
    "type_title": "URL",
    "validation": [],
    "base_indicator": {
      "id": 4281921112,
      "indicator": "https://monexyit.cfd",
      "type": "URL",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "69c48531dddd82e47d331f47",
          "name": "URLert Daily Threat Intel \u2014 2026-03-26",
          "description": "URLert Daily Threat Intel \u2014 2026-03-26\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 77 | Indicators: 130\nConfirmed: 26 | Likely: 49 | Domain intel: 1 | Manual: 1\nTop threats: Phishing (69), Malware Hosting (6), Dropper (1)\nDomains: 264891.xin, 861289.xin, acccat.com, adescargar.net, b-cdn.net, blockrelic.net, clck.ru, dallalla7.pro, dlpsgame.com, double-authorization-pulse.com, dpdlocals.uno, edgeone.app, ephapay.net...\n\n77 unique threats producing 130 actionable indicators. Generated by URLert automated threat intelligence.",
          "modified": "2026-04-24T22:30:01.629000",
          "created": "2026-03-26T01:00:33.299000",
          "tags": [
            "seur-impersonation",
            "account-compromise",
            "account-hijacking",
            "adult-scam",
            "adware",
            "aggressive-ads",
            "aggressive-tactics",
            "amazon-impersonation",
            "amazon-phishing",
            "android-malware",
            "anonymous-hosting",
            "apk-distribution",
            "apk-repository",
            "asset-theft",
            "austria",
            "automated-scan",
            "barclaycard-impersonation",
            "booking-com-impersonation",
            "brand-impersonation",
            "brazil",
            "cdn-hosted",
            "chatgpt-plus",
            "chatwork",
            "cloaking",
            "combosquatting",
            "content-locker",
            "cpanel-impersonation",
            "credential-harvesting",
            "credit-card-theft",
            "crypto-investment-scam",
            "cryptocurrency-phishing",
            "cryptocurrency-scam",
            "cryptocurrency-theft",
            "daily-threat-intel",
            "data-collection",
            "data-harvesting",
            "dating-scam",
            "deceptive-baiting",
            "deceptive-content",
            "deceptive-domain",
            "deceptive-practices",
            "deceptive-reward-scheme",
            "deceptive-reward-site",
            "deceptive-rewards",
            "deceptive-site",
            "deceptive-tactics",
            "deceptive-trading-platform",
            "delivery-scam",
            "direct-download",
            "domain-classification",
            "domain-redirect",
            "domain-rotation",
            "dpd-impersonation",
            "ecommerce-fraud",
            "education-ministry",
            "evasion-technique",
            "fake-bonus",
            "fake-domain",
            "fake-job-offer",
            "fake-login",
            "fake-login-page",
            "fake-recovery-service",
            "fake-store-closure",
            "fake-subscription",
            "fake-tracking-page",
            "fake-voting-scam",
            "fedex",
            "figma-abuse",
            "file-download",
            "financial-data-theft",
            "financial-information-theft",
            "financial-scam",
            "financial-services",
            "forex-scam",
            "fortnite",
            "fraud",
            "fraudulent-investment-platform",
            "fraudulent-investment-scheme",
            "free-hosting",
            "gambling-scam",
            "gaming-cheats",
            "gato-preto",
            "google-impersonation",
            "government-impersonation",
            "government-services",
            "high-risk-tld",
            "hungary",
            "information-collection",
            "information-harvesting",
            "information-stealing",
            "intelcom",
            "intelcom-impersonation",
            "investment-scam",
            "invitation-code-scam",
            "job-seeker-targeting",
            "lbank-impersonation",
            "logistics",
            "logistics-sector",
            "lookalike-domain",
            "malicious-domain",
            "malicious-redirect",
            "malicious-redirects",
            "malicious-site",
            "malvertising",
            "malware",
            "malware-delivery",
            "malware-distribution",
            "malware-dropper",
            "malware-hosting",
            "manual-entry",
            "microsoft-impersonation",
            "minecraft",
            "modified-apk",
            "moneygram-impersonation",
            "nebula-x",
            "new-domain",
            "newly-registered-domain",
            "offer-scam",
            "onlyfans",
            "openai",
            "openai-impersonation",
            "paradise-lxli-t33n-leak",
            "parking-citation-scam",
            "personal-data-theft",
            "personal-information-collection",
            "personal-information-harvesting",
            "philips",
            "phishing",
            "phishing-page",
            "phishing-site",
            "pirated-software",
            "platform-abuse",
            "pokemon-go",
            "ponzi-scheme",
            "privacy-risk",
            "recruitment-scam",
            "redirection",
            "redirector",
            "redirects",
            "reward-scam",
            "roblox",
            "roblox-impersonation",
            "scam",
            "scam-domain",
            "security-risk",
            "shopee",
            "social-aid-impersonation",
            "social-engineering",
            "spam",
            "spam-promoted",
            "steam-impersonation",
            "subdomain-abuse",
            "suspicious-domain",
            "suspicious-redirects",
            "typosquatting",
            "unrealistic-discounts",
            "unregulated-gambling",
            "unsecured-hosting",
            "unverified-app-distribution",
            "unverified-executables",
            "unverified-software",
            "unwanted-software",
            "url-shortener",
            "urlert",
            "usdt",
            "virtual-item-scam",
            "webmail-impersonation",
            "webmail-phishing"
          ],
          "references": [
            "https://urlert.com/domain/264891.xin",
            "https://urlert.com/domain/861289.xin",
            "https://urlert.com/domain/acccat.com",
            "https://urlert.com/domain/adescargar.net",
            "https://urlert.com/domain/b-cdn.net",
            "https://urlert.com/domain/blockrelic.net",
            "https://urlert.com/domain/clck.ru",
            "https://urlert.com/domain/dallalla7.pro",
            "https://urlert.com/domain/dlpsgame.com",
            "https://urlert.com/domain/double-authorization-pulse.com",
            "https://urlert.com/domain/dpdlocals.uno",
            "https://urlert.com/domain/edgeone.app",
            "https://urlert.com/domain/ephapay.net",
            "https://urlert.com/domain/ey43.com",
            "https://urlert.com/domain/fbmrandevutakip.com",
            "https://urlert.com/domain/fedexredeliveryform.com",
            "https://urlert.com/domain/figma.com",
            "https://urlert.com/domain/fortflex.live",
            "https://urlert.com/domain/fse.cc",
            "https://urlert.com/domain/gatopretoofficialstore.com"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [],
          "industries": [
            "Education",
            "Financial Services",
            "Government",
            "Hospitality",
            "Logistics / Supply Chain",
            "Media / Entertainment",
            "Retail / E-Commerce",
            "Technology"
          ],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 0,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "api",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "urlert_intel",
            "id": "386175",
            "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "domain": 40,
            "URL": 43,
            "hostname": 12
          },
          "indicator_count": 95,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 35,
          "modified_text": "36 days ago ",
          "is_modified": true,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": false,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "URL",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "https://urlert.com/domain/blockrelic.net",
        "https://urlert.com/domain/gatopretoofficialstore.com",
        "https://urlert.com/domain/adescargar.net",
        "https://urlert.com/domain/861289.xin",
        "https://urlert.com/domain/double-authorization-pulse.com",
        "https://urlert.com/domain/fbmrandevutakip.com",
        "https://urlert.com/domain/edgeone.app",
        "https://urlert.com/domain/264891.xin",
        "https://urlert.com/domain/dlpsgame.com",
        "https://urlert.com/domain/figma.com",
        "https://urlert.com/domain/fse.cc",
        "https://urlert.com/domain/dpdlocals.uno",
        "https://urlert.com/domain/acccat.com",
        "https://urlert.com/domain/clck.ru",
        "https://urlert.com/domain/fortflex.live",
        "https://urlert.com/domain/ephapay.net",
        "https://urlert.com/domain/b-cdn.net",
        "https://urlert.com/domain/ey43.com",
        "https://urlert.com/domain/dallalla7.pro",
        "https://urlert.com/domain/fedexredeliveryform.com"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": [],
          "unique_indicators": 0
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": [
            "Hospitality",
            "Financial services",
            "Education",
            "Media / entertainment",
            "Logistics / supply chain",
            "Government",
            "Retail / e-commerce",
            "Technology"
          ],
          "unique_indicators": 128
        }
      }
    },
    "false_positive": [],
    "alexa": "http://www.alexa.com/siteinfo/monexyit.cfd",
    "whois": "http://whois.domaintools.com/monexyit.cfd",
    "domain": "monexyit.cfd",
    "hostname": "Unavailable"
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "69c48531dddd82e47d331f47",
      "name": "URLert Daily Threat Intel \u2014 2026-03-26",
      "description": "URLert Daily Threat Intel \u2014 2026-03-26\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 77 | Indicators: 130\nConfirmed: 26 | Likely: 49 | Domain intel: 1 | Manual: 1\nTop threats: Phishing (69), Malware Hosting (6), Dropper (1)\nDomains: 264891.xin, 861289.xin, acccat.com, adescargar.net, b-cdn.net, blockrelic.net, clck.ru, dallalla7.pro, dlpsgame.com, double-authorization-pulse.com, dpdlocals.uno, edgeone.app, ephapay.net...\n\n77 unique threats producing 130 actionable indicators. Generated by URLert automated threat intelligence.",
      "modified": "2026-04-24T22:30:01.629000",
      "created": "2026-03-26T01:00:33.299000",
      "tags": [
        "seur-impersonation",
        "account-compromise",
        "account-hijacking",
        "adult-scam",
        "adware",
        "aggressive-ads",
        "aggressive-tactics",
        "amazon-impersonation",
        "amazon-phishing",
        "android-malware",
        "anonymous-hosting",
        "apk-distribution",
        "apk-repository",
        "asset-theft",
        "austria",
        "automated-scan",
        "barclaycard-impersonation",
        "booking-com-impersonation",
        "brand-impersonation",
        "brazil",
        "cdn-hosted",
        "chatgpt-plus",
        "chatwork",
        "cloaking",
        "combosquatting",
        "content-locker",
        "cpanel-impersonation",
        "credential-harvesting",
        "credit-card-theft",
        "crypto-investment-scam",
        "cryptocurrency-phishing",
        "cryptocurrency-scam",
        "cryptocurrency-theft",
        "daily-threat-intel",
        "data-collection",
        "data-harvesting",
        "dating-scam",
        "deceptive-baiting",
        "deceptive-content",
        "deceptive-domain",
        "deceptive-practices",
        "deceptive-reward-scheme",
        "deceptive-reward-site",
        "deceptive-rewards",
        "deceptive-site",
        "deceptive-tactics",
        "deceptive-trading-platform",
        "delivery-scam",
        "direct-download",
        "domain-classification",
        "domain-redirect",
        "domain-rotation",
        "dpd-impersonation",
        "ecommerce-fraud",
        "education-ministry",
        "evasion-technique",
        "fake-bonus",
        "fake-domain",
        "fake-job-offer",
        "fake-login",
        "fake-login-page",
        "fake-recovery-service",
        "fake-store-closure",
        "fake-subscription",
        "fake-tracking-page",
        "fake-voting-scam",
        "fedex",
        "figma-abuse",
        "file-download",
        "financial-data-theft",
        "financial-information-theft",
        "financial-scam",
        "financial-services",
        "forex-scam",
        "fortnite",
        "fraud",
        "fraudulent-investment-platform",
        "fraudulent-investment-scheme",
        "free-hosting",
        "gambling-scam",
        "gaming-cheats",
        "gato-preto",
        "google-impersonation",
        "government-impersonation",
        "government-services",
        "high-risk-tld",
        "hungary",
        "information-collection",
        "information-harvesting",
        "information-stealing",
        "intelcom",
        "intelcom-impersonation",
        "investment-scam",
        "invitation-code-scam",
        "job-seeker-targeting",
        "lbank-impersonation",
        "logistics",
        "logistics-sector",
        "lookalike-domain",
        "malicious-domain",
        "malicious-redirect",
        "malicious-redirects",
        "malicious-site",
        "malvertising",
        "malware",
        "malware-delivery",
        "malware-distribution",
        "malware-dropper",
        "malware-hosting",
        "manual-entry",
        "microsoft-impersonation",
        "minecraft",
        "modified-apk",
        "moneygram-impersonation",
        "nebula-x",
        "new-domain",
        "newly-registered-domain",
        "offer-scam",
        "onlyfans",
        "openai",
        "openai-impersonation",
        "paradise-lxli-t33n-leak",
        "parking-citation-scam",
        "personal-data-theft",
        "personal-information-collection",
        "personal-information-harvesting",
        "philips",
        "phishing",
        "phishing-page",
        "phishing-site",
        "pirated-software",
        "platform-abuse",
        "pokemon-go",
        "ponzi-scheme",
        "privacy-risk",
        "recruitment-scam",
        "redirection",
        "redirector",
        "redirects",
        "reward-scam",
        "roblox",
        "roblox-impersonation",
        "scam",
        "scam-domain",
        "security-risk",
        "shopee",
        "social-aid-impersonation",
        "social-engineering",
        "spam",
        "spam-promoted",
        "steam-impersonation",
        "subdomain-abuse",
        "suspicious-domain",
        "suspicious-redirects",
        "typosquatting",
        "unrealistic-discounts",
        "unregulated-gambling",
        "unsecured-hosting",
        "unverified-app-distribution",
        "unverified-executables",
        "unverified-software",
        "unwanted-software",
        "url-shortener",
        "urlert",
        "usdt",
        "virtual-item-scam",
        "webmail-impersonation",
        "webmail-phishing"
      ],
      "references": [
        "https://urlert.com/domain/264891.xin",
        "https://urlert.com/domain/861289.xin",
        "https://urlert.com/domain/acccat.com",
        "https://urlert.com/domain/adescargar.net",
        "https://urlert.com/domain/b-cdn.net",
        "https://urlert.com/domain/blockrelic.net",
        "https://urlert.com/domain/clck.ru",
        "https://urlert.com/domain/dallalla7.pro",
        "https://urlert.com/domain/dlpsgame.com",
        "https://urlert.com/domain/double-authorization-pulse.com",
        "https://urlert.com/domain/dpdlocals.uno",
        "https://urlert.com/domain/edgeone.app",
        "https://urlert.com/domain/ephapay.net",
        "https://urlert.com/domain/ey43.com",
        "https://urlert.com/domain/fbmrandevutakip.com",
        "https://urlert.com/domain/fedexredeliveryform.com",
        "https://urlert.com/domain/figma.com",
        "https://urlert.com/domain/fortflex.live",
        "https://urlert.com/domain/fse.cc",
        "https://urlert.com/domain/gatopretoofficialstore.com"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [],
      "industries": [
        "Education",
        "Financial Services",
        "Government",
        "Hospitality",
        "Logistics / Supply Chain",
        "Media / Entertainment",
        "Retail / E-Commerce",
        "Technology"
      ],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 0,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "api",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "urlert_intel",
        "id": "386175",
        "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "domain": 40,
        "URL": 43,
        "hostname": 12
      },
      "indicator_count": 95,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 35,
      "modified_text": "36 days ago ",
      "is_modified": true,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": false,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "URL",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "https://monexyit.cfd",
    "type": "URL"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "https://monexyit.cfd",
    "type": "URL",
    "found": false,
    "verdict": "clean",
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780224107.2490814
}