{ "type": "URL", "indicator": "https://vip.carziqo.net/", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://vip.carziqo.net/", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 4154239643, "indicator": "https://vip.carziqo.net/", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "6a1b88213571f42965ccfdf9", "name": "URLert Daily Threat Intel \u2014 2026-05-31", "description": "URLert Daily Threat Intel \u2014 2026-05-31\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 29 | Indicators: 59\nConfirmed: 7 | Likely: 22\nTop threats: Phishing (18), Dropper (3), Malware Hosting (3), Malvertising (3), Unknown (2)\nDomains: activated.win, apkmody.com, asst2game.ru, blockimmobilien.de, blogspot.com, carziqo.net, cine97.com, clientoffice.rest, coldcoupons.com, einzzcookie.org, fafda.to, festivephantasyofholiday...\n\n29 unique threats producing 59 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-31T01:00:17.582000", "created": "2026-05-31T01:00:17.582000", "tags": [ "access-denied", "adult-content", "android-malware", "antivirus-bypass", "automated-download", "automated-scan", "blogspot", "brand-impersonation", "bypass-security", "citadele", "content-locking", "credential-harvesting", "credit-card-harvesting", "daily-threat-intel", "data-harvesting", "deceptive-activity", "deceptive-commerce", "deceptive-content", "deceptive-domain", "deceptive-site", "deceptive-subdomain", "deceptive-tactics", "evasive-site", "fake-browser-verification", "fake-business", "fake-login-form", "fake-product", "fake-promises", "fake-promotion", "fake-rewards", "fake-store", "fake-support-chat", "financial-fraud", "fraudulent-ad-revenue", "fraudulent-content", "freelancer-targeting", "giveaway-scam", "google-docs", "google-sites", "hidden-destination", "hotel-booking-scam", "instagram-impersonation", "investment-scam", "lead-generation", "link-shortener", "malicious-download", "malicious-network", "malicious-redirect", "malicious-redirection", "malware-delivery", "malware-distribution", "malware-hosting", "microsoft-outlook", "modded-apps", "new-domain", "newly-registered-domain", "nintendo-impersonation", "olx-impersonation", "payment-card-harvesting", "payment-fraud", "phishing", "phishing-infrastructure", "phone-number-harvesting", "pirated-software-lure", "redirects", "retail-scam", "roblox", "scam", "scam-distribution", "scam-domain", "scam-gateway", "scam-template", "security-disabling", "shopping-scam", "snapchat", "social-engineering", "software-piracy", "streaming-scam", "survey-scam", "suspicious-domain", "telegram-engagement", "tiktok-impersonation", "traffic-distribution-system", "traffic-redirection", "unauthorized-software", "unwanted-software", "urlert" ], "references": [ "https://urlert.com/domain/activated.win", "https://urlert.com/domain/apkmody.com", "https://urlert.com/domain/asst2game.ru", "https://urlert.com/domain/blockimmobilien.de", "https://urlert.com/domain/blogspot.com", "https://urlert.com/domain/carziqo.net", "https://urlert.com/domain/cine97.com", "https://urlert.com/domain/clientoffice.rest", "https://urlert.com/domain/coldcoupons.com", "https://urlert.com/domain/einzzcookie.org", "https://urlert.com/domain/fafda.to", "https://urlert.com/domain/festivephantasyofholidayprizes.xyz", "https://urlert.com/domain/framer.app", "https://urlert.com/domain/google.com", "https://urlert.com/domain/jrffhfll.shop", "https://urlert.com/domain/kkinstagram.com", "https://urlert.com/domain/lamp222memory866.com", "https://urlert.com/domain/linkinsfw.xyz", "https://urlert.com/domain/lockr.to", "https://urlert.com/domain/qsend.info" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Hospitality", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 12, "URL": 26, "domain": 14 }, "indicator_count": 52, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "1 day ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6a0d07aedd22f3c27c789cbb", "name": "URLert Daily Threat Intel \u2014 2026-05-20", "description": "URLert Daily Threat Intel \u2014 2026-05-20\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 31 | Indicators: 59\nConfirmed: 4 | Likely: 27\nTop threats: Phishing (23), Malware Hosting (4), Malvertising (2), Dropper (1), Unknown (1)\nDomains: 5853639.com, admlnn.site, agenciatributarias.buzz, andhufn.com, asubne.icu, carziqo.net, cdmxsk.lat, ctcc-cloud.com, czsofts.com, drscoin.net, forms.gle, gshsuplementos.com, guiasdevideoju...\n\n31 unique threats producing 59 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-20T01:00:30.517000", "created": "2026-05-20T01:00:30.517000", "tags": [ "abused-platform", "affiliate-marketing-scam", "agencia-tributaria", "app-store-impersonation", "automated-scan", "binghamton-university", "booking-com", "booking-com-impersonation", "brand-impersonation", "brazil", "clickbait", "colima", "colima-government", "credential-harvesting", "daily-threat-intel", "data-harvesting", "deceptive-content", "deceptive-domain", "deceptive-incentives", "deceptive-interface", "deceptive-subdomain", "delivery-failure-scam", "drogasil-impersonation", "email-credentials", "evasion-technique", "fake-business", "fake-business-profile", "fake-landing-page", "fake-rewards", "fake-security-verification", "fake-session-timeout", "fake-streaming-service", "file-sharing-impersonation", "financial-scam", "financial-sector", "fraudulent-investments", "gambling-scam", "game-cracks", "gaming-scam", "generic-registration-form", "gov.br-impersonation", "government-impersonation", "inpost-impersonation", "instagram-impersonation", "investment-scam", "link-cloaking", "link-shortener", "malicious-landing-page", "malicious-software-distribution", "malicious-url", "malware-bundling", "malware-distribution", "mdm-payload", "mexico", "misleading-ads", "mobile-security-bypass", "netflix-impersonation", "new-domain", "newly-registered-domain", "office365", "passive-income-scam", "payload-delivery", "personal-information-harvesting", "phishing", "phishing-site", "pirated-software", "redirect", "redirect-chain", "scam", "scam-funnel", "seur-impersonation", "social-engineering", "software-piracy", "suspicious-activity", "suspicious-domain", "suspicious-files", "task-scam", "traffic-redirection", "transient-threat", "unauthorized-access", "unwanted-software", "urlert", "vehicle-rental-scheme" ], "references": [ "https://urlert.com/domain/5853639.com", "https://urlert.com/domain/admlnn.site", "https://urlert.com/domain/agenciatributarias.buzz", "https://urlert.com/domain/andhufn.com", "https://urlert.com/domain/asubne.icu", "https://urlert.com/domain/carziqo.net", "https://urlert.com/domain/cdmxsk.lat", "https://urlert.com/domain/ctcc-cloud.com", "https://urlert.com/domain/czsofts.com", "https://urlert.com/domain/drscoin.net", "https://urlert.com/domain/forms.gle", "https://urlert.com/domain/gshsuplementos.com", "https://urlert.com/domain/guiasdevideojuegos.top", "https://urlert.com/domain/ireviewstay.com", "https://urlert.com/domain/ln.run", "https://urlert.com/domain/mx208.com", "https://urlert.com/domain/novaluxia.ph", "https://urlert.com/domain/ope842272.pro", "https://urlert.com/domain/pagosysvs.lat", "https://urlert.com/domain/ritma.com.my" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Financial Services", "Government", "Hospitality", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce", "Technology" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 20, "URL": 30, "hostname": 9 }, "indicator_count": 59, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "12 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "https://urlert.com/domain/jrffhfll.shop", "https://urlert.com/domain/clientoffice.rest", "https://urlert.com/domain/carziqo.net", "https://urlert.com/domain/5853639.com", "https://urlert.com/domain/cdmxsk.lat", "https://urlert.com/domain/blockimmobilien.de", "https://urlert.com/domain/asubne.icu", "https://urlert.com/domain/framer.app", "https://urlert.com/domain/gshsuplementos.com", "https://urlert.com/domain/ireviewstay.com", "https://urlert.com/domain/kkinstagram.com", "https://urlert.com/domain/forms.gle", "https://urlert.com/domain/ope842272.pro", "https://urlert.com/domain/admlnn.site", "https://urlert.com/domain/qsend.info", "https://urlert.com/domain/linkinsfw.xyz", "https://urlert.com/domain/fafda.to", "https://urlert.com/domain/blogspot.com", "https://urlert.com/domain/asst2game.ru", "https://urlert.com/domain/guiasdevideojuegos.top", "https://urlert.com/domain/lockr.to", "https://urlert.com/domain/ritma.com.my", "https://urlert.com/domain/cine97.com", "https://urlert.com/domain/coldcoupons.com", "https://urlert.com/domain/mx208.com", "https://urlert.com/domain/lamp222memory866.com", "https://urlert.com/domain/ctcc-cloud.com", "https://urlert.com/domain/ln.run", "https://urlert.com/domain/agenciatributarias.buzz", "https://urlert.com/domain/google.com", "https://urlert.com/domain/czsofts.com", "https://urlert.com/domain/apkmody.com", "https://urlert.com/domain/festivephantasyofholidayprizes.xyz", "https://urlert.com/domain/pagosysvs.lat", "https://urlert.com/domain/andhufn.com", "https://urlert.com/domain/einzzcookie.org", "https://urlert.com/domain/drscoin.net", "https://urlert.com/domain/novaluxia.ph", "https://urlert.com/domain/activated.win" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [], "industries": [ "Logistics / supply chain", "Technology", "Media / entertainment", "Education", "Government", "Financial services", "Hospitality", "Retail / e-commerce" ], "unique_indicators": 109 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/carziqo.net", "whois": "http://whois.domaintools.com/carziqo.net", "domain": "carziqo.net", "hostname": "vip.carziqo.net" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "6a1b88213571f42965ccfdf9", "name": "URLert Daily Threat Intel \u2014 2026-05-31", "description": "URLert Daily Threat Intel \u2014 2026-05-31\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 29 | Indicators: 59\nConfirmed: 7 | Likely: 22\nTop threats: Phishing (18), Dropper (3), Malware Hosting (3), Malvertising (3), Unknown (2)\nDomains: activated.win, apkmody.com, asst2game.ru, blockimmobilien.de, blogspot.com, carziqo.net, cine97.com, clientoffice.rest, coldcoupons.com, einzzcookie.org, fafda.to, festivephantasyofholiday...\n\n29 unique threats producing 59 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-31T01:00:17.582000", "created": "2026-05-31T01:00:17.582000", "tags": [ "access-denied", "adult-content", "android-malware", "antivirus-bypass", "automated-download", "automated-scan", "blogspot", "brand-impersonation", "bypass-security", "citadele", "content-locking", "credential-harvesting", "credit-card-harvesting", "daily-threat-intel", "data-harvesting", "deceptive-activity", "deceptive-commerce", "deceptive-content", "deceptive-domain", "deceptive-site", "deceptive-subdomain", "deceptive-tactics", "evasive-site", "fake-browser-verification", "fake-business", "fake-login-form", "fake-product", "fake-promises", "fake-promotion", "fake-rewards", "fake-store", "fake-support-chat", "financial-fraud", "fraudulent-ad-revenue", "fraudulent-content", "freelancer-targeting", "giveaway-scam", "google-docs", "google-sites", "hidden-destination", "hotel-booking-scam", "instagram-impersonation", "investment-scam", "lead-generation", "link-shortener", "malicious-download", "malicious-network", "malicious-redirect", "malicious-redirection", "malware-delivery", "malware-distribution", "malware-hosting", "microsoft-outlook", "modded-apps", "new-domain", "newly-registered-domain", "nintendo-impersonation", "olx-impersonation", "payment-card-harvesting", "payment-fraud", "phishing", "phishing-infrastructure", "phone-number-harvesting", "pirated-software-lure", "redirects", "retail-scam", "roblox", "scam", "scam-distribution", "scam-domain", "scam-gateway", "scam-template", "security-disabling", "shopping-scam", "snapchat", "social-engineering", "software-piracy", "streaming-scam", "survey-scam", "suspicious-domain", "telegram-engagement", "tiktok-impersonation", "traffic-distribution-system", "traffic-redirection", "unauthorized-software", "unwanted-software", "urlert" ], "references": [ "https://urlert.com/domain/activated.win", "https://urlert.com/domain/apkmody.com", "https://urlert.com/domain/asst2game.ru", "https://urlert.com/domain/blockimmobilien.de", "https://urlert.com/domain/blogspot.com", "https://urlert.com/domain/carziqo.net", "https://urlert.com/domain/cine97.com", "https://urlert.com/domain/clientoffice.rest", "https://urlert.com/domain/coldcoupons.com", "https://urlert.com/domain/einzzcookie.org", "https://urlert.com/domain/fafda.to", "https://urlert.com/domain/festivephantasyofholidayprizes.xyz", "https://urlert.com/domain/framer.app", "https://urlert.com/domain/google.com", "https://urlert.com/domain/jrffhfll.shop", "https://urlert.com/domain/kkinstagram.com", "https://urlert.com/domain/lamp222memory866.com", "https://urlert.com/domain/linkinsfw.xyz", "https://urlert.com/domain/lockr.to", "https://urlert.com/domain/qsend.info" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Financial Services", "Hospitality", "Media / Entertainment", "Retail / E-Commerce" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "hostname": 12, "URL": 26, "domain": 14 }, "indicator_count": 52, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "1 day ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "6a0d07aedd22f3c27c789cbb", "name": "URLert Daily Threat Intel \u2014 2026-05-20", "description": "URLert Daily Threat Intel \u2014 2026-05-20\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 31 | Indicators: 59\nConfirmed: 4 | Likely: 27\nTop threats: Phishing (23), Malware Hosting (4), Malvertising (2), Dropper (1), Unknown (1)\nDomains: 5853639.com, admlnn.site, agenciatributarias.buzz, andhufn.com, asubne.icu, carziqo.net, cdmxsk.lat, ctcc-cloud.com, czsofts.com, drscoin.net, forms.gle, gshsuplementos.com, guiasdevideoju...\n\n31 unique threats producing 59 actionable indicators. Generated by URLert automated threat intelligence.", "modified": "2026-05-20T01:00:30.517000", "created": "2026-05-20T01:00:30.517000", "tags": [ "abused-platform", "affiliate-marketing-scam", "agencia-tributaria", "app-store-impersonation", "automated-scan", "binghamton-university", "booking-com", "booking-com-impersonation", "brand-impersonation", "brazil", "clickbait", "colima", "colima-government", "credential-harvesting", "daily-threat-intel", "data-harvesting", "deceptive-content", "deceptive-domain", "deceptive-incentives", "deceptive-interface", "deceptive-subdomain", "delivery-failure-scam", "drogasil-impersonation", "email-credentials", "evasion-technique", "fake-business", "fake-business-profile", "fake-landing-page", "fake-rewards", "fake-security-verification", "fake-session-timeout", "fake-streaming-service", "file-sharing-impersonation", "financial-scam", "financial-sector", "fraudulent-investments", "gambling-scam", "game-cracks", "gaming-scam", "generic-registration-form", "gov.br-impersonation", "government-impersonation", "inpost-impersonation", "instagram-impersonation", "investment-scam", "link-cloaking", "link-shortener", "malicious-landing-page", "malicious-software-distribution", "malicious-url", "malware-bundling", "malware-distribution", "mdm-payload", "mexico", "misleading-ads", "mobile-security-bypass", "netflix-impersonation", "new-domain", "newly-registered-domain", "office365", "passive-income-scam", "payload-delivery", "personal-information-harvesting", "phishing", "phishing-site", "pirated-software", "redirect", "redirect-chain", "scam", "scam-funnel", "seur-impersonation", "social-engineering", "software-piracy", "suspicious-activity", "suspicious-domain", "suspicious-files", "task-scam", "traffic-redirection", "transient-threat", "unauthorized-access", "unwanted-software", "urlert", "vehicle-rental-scheme" ], "references": [ "https://urlert.com/domain/5853639.com", "https://urlert.com/domain/admlnn.site", "https://urlert.com/domain/agenciatributarias.buzz", "https://urlert.com/domain/andhufn.com", "https://urlert.com/domain/asubne.icu", "https://urlert.com/domain/carziqo.net", "https://urlert.com/domain/cdmxsk.lat", "https://urlert.com/domain/ctcc-cloud.com", "https://urlert.com/domain/czsofts.com", "https://urlert.com/domain/drscoin.net", "https://urlert.com/domain/forms.gle", "https://urlert.com/domain/gshsuplementos.com", "https://urlert.com/domain/guiasdevideojuegos.top", "https://urlert.com/domain/ireviewstay.com", "https://urlert.com/domain/ln.run", "https://urlert.com/domain/mx208.com", "https://urlert.com/domain/novaluxia.ph", "https://urlert.com/domain/ope842272.pro", "https://urlert.com/domain/pagosysvs.lat", "https://urlert.com/domain/ritma.com.my" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [ "Education", "Financial Services", "Government", "Hospitality", "Logistics / Supply Chain", "Media / Entertainment", "Retail / E-Commerce", "Technology" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "urlert_intel", "id": "386175", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 20, "URL": 30, "hostname": 9 }, "indicator_count": 59, "is_author": false, "is_subscribing": null, "subscriber_count": 29, "modified_text": "12 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://vip.carziqo.net/", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://vip.carziqo.net/", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780284883.1574724 }