{
  "type": "Domain",
  "indicator": "solidreputation.de",
  "general": {
    "sections": [
      "general",
      "geo",
      "url_list",
      "passive_dns",
      "malware",
      "whois",
      "http_scans"
    ],
    "whois": "http://whois.domaintools.com/solidreputation.de",
    "alexa": "http://www.alexa.com/siteinfo/solidreputation.de",
    "indicator": "solidreputation.de",
    "type": "domain",
    "type_title": "Domain",
    "validation": [],
    "base_indicator": {
      "id": 4290607931,
      "indicator": "solidreputation.de",
      "type": "domain",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "69cdbfb52bc492ac92bd9ad6",
          "name": "URLert Daily Threat Intel \u2014 2026-04-02",
          "description": "URLert Daily Threat Intel \u2014 2026-04-02\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 111 | Indicators: 230\nConfirmed: 32 | Likely: 77 | Domain intel: 2\nTop threats: Phishing (100), Malvertising (3), Dropper (3), Malware Hosting (2), Unknown (2)\nDomains: 364278.xin, 37rawmbaz5051125h.cfd, 6390123.trade, 7k5v3k1.mom, acsgri.com, alert-micro.com, auto1groupcove.com, autree.org, averahealthcareers.org, ayprz8.sbs, bkngsresrvationguest.help, b...\n\n111 unique threats producing 230 actionable indicators. Generated by URLert automated threat intelligence.",
          "modified": "2026-05-01T23:21:18.418000",
          "created": "2026-04-02T01:00:37.638000",
          "tags": [
            ".xin-domain",
            "1inch-network",
            "abuse-of-legitimate-domain",
            "account-compromise",
            "account-recovery-scam",
            "adult-content-lure",
            "allegro-impersonation",
            "altec-lansing",
            "amazon",
            "anonymizing-service",
            "api-key-theft",
            "apk-distribution",
            "apple-app-store-impersonation",
            "apple-support",
            "aruba-spa",
            "auto1-group",
            "automated-scan",
            "background-check-scam",
            "booking-com",
            "brand-impersonation",
            "cdn-hosting",
            "clash-royale",
            "cloudflare",
            "combosquatting",
            "content-locker",
            "cpanel-impersonation",
            "credential-harvesting",
            "crypto-scam",
            "cryptocurrency",
            "cryptocurrency-impersonation",
            "cryptocurrency-scam",
            "currys-impersonation",
            "daily-threat-intel",
            "dao-impersonation",
            "data-collection",
            "dating-scam",
            "deceptive-content",
            "deceptive-domain",
            "deceptive-filename",
            "deceptive-practices",
            "deceptive-redirect",
            "deceptive-redirection",
            "deceptive-routing",
            "deceptive-software",
            "delivery-failure-scam",
            "delivery-scam",
            "denmark",
            "dhhs-impersonation",
            "discord-impersonation",
            "disposable-infrastructure",
            "domain-classification",
            "domain-redirection",
            "dpd",
            "dpd-impersonation",
            "easybank-impersonation",
            "ecommerce-scam",
            "email-credentials",
            "employment-scam",
            "encoded-email",
            "enterprise-certificate-bypass",
            "etsy-impersonation",
            "executable-download",
            "facebook",
            "fake-delivery-scam",
            "fake-document",
            "fake-giveaway",
            "fake-job-offer",
            "fake-login-page",
            "fake-portal",
            "fake-progress-bar",
            "fake-robux-giveaway",
            "fake-security-alerts",
            "fake-security-check",
            "fake-store",
            "fake-urgency",
            "fake-verification-page",
            "fake-video-player",
            "fake-vpn",
            "fifa",
            "financial-fraud",
            "financial-scam",
            "financial-services",
            "gaming-platform",
            "gibberish-domain",
            "gift-card-scam",
            "giveaway-scam",
            "google",
            "google-sites",
            "government-impersonation",
            "healthcare",
            "high-risk-aggregator",
            "high-risk-domain",
            "high-risk-tld",
            "hungary",
            "impersonation",
            "information-gathering",
            "intelcom-impersonation",
            "investment-fraud",
            "ios-targeting",
            "ip-grabber",
            "ip-logger",
            "ip-logging",
            "ipfs",
            "italy",
            "job-scam",
            "kleinanzeigen",
            "lidl-impersonation",
            "logistics",
            "logistics-scam",
            "logistics-sector",
            "logistics-targeting",
            "malicious-redirect",
            "malicious-redirection",
            "malicious-script",
            "malvertising",
            "malware-delivery",
            "malware-distribution",
            "malware-hosting",
            "mediemarkt",
            "microsoft-forms",
            "microsoft-impersonation",
            "microsoft-office-365",
            "microsoft-sharepoint-impersonation",
            "new-domain",
            "newly-registered-domain",
            "north-carolina",
            "north-dakota-dot",
            "offer-scam",
            "online-gambling",
            "online-gambling-impersonation",
            "package-delivery-scam",
            "parking-citation-scam",
            "payment-information-harvesting",
            "payment-information-theft",
            "payment-scam",
            "pec-webmail",
            "personal-information-collection",
            "personal-information-harvesting",
            "personal-information-theft",
            "phishing",
            "phishing-campaign",
            "phishing-gateway",
            "phishing-infrastructure",
            "phishing-kit",
            "phishing-site",
            "privacy-risk",
            "ralph-lauren",
            "random-domain",
            "red-bull",
            "redirect",
            "redirect-chain",
            "redirection",
            "retail-e-commerce",
            "retail-scam",
            "risky-tld",
            "roblox",
            "roblox-impersonation",
            "romania",
            "royal-mail",
            "scam",
            "scam-site",
            "scam-websites",
            "shortened-url",
            "skechers-impersonation",
            "social-engineering",
            "social-media-scam",
            "spectrum",
            "spotify",
            "spotify-impersonation",
            "suspicious-domain",
            "suspicious-files",
            "suspicious-redirect-target",
            "suspicious-tld",
            "targeted-phishing",
            "tech-support-scam",
            "technical-support-scam",
            "telecommunications-phishing",
            "texas-dmv",
            "tracking-service",
            "traffic-redirection",
            "trojan",
            "tx-dmv",
            "typosquatting",
            "typosquatting-domain",
            "unauthorized-application-access",
            "unauthorized-software-distribution",
            "unesco-impersonation",
            "unwanted-content",
            "unwanted-software",
            "urlert",
            "vulnerability-scanning",
            "webmail-impersonation",
            "whatsapp-engagement",
            "whatsapp-impersonation",
            "zoom"
          ],
          "references": [
            "https://urlert.com/domain/364278.xin",
            "https://urlert.com/domain/37rawmbaz5051125h.cfd",
            "https://urlert.com/domain/6390123.trade",
            "https://urlert.com/domain/7k5v3k1.mom",
            "https://urlert.com/domain/acsgri.com",
            "https://urlert.com/domain/alert-micro.com",
            "https://urlert.com/domain/auto1groupcove.com",
            "https://urlert.com/domain/autree.org",
            "https://urlert.com/domain/averahealthcareers.org",
            "https://urlert.com/domain/ayprz8.sbs",
            "https://urlert.com/domain/bkngsresrvationguest.help",
            "https://urlert.com/domain/bkshoessale-eu.top",
            "https://urlert.com/domain/c1ic.link",
            "https://urlert.com/domain/cftgm.cfd",
            "https://urlert.com/domain/clashroyalegems.store",
            "https://urlert.com/domain/cloudfront.net",
            "https://urlert.com/domain/coin-spike.com",
            "https://urlert.com/domain/comstartnow.com",
            "https://urlert.com/domain/damockup.com",
            "https://urlert.com/domain/daoaspost.top"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [],
          "industries": [
            "Automotive",
            "Financial Services",
            "Government",
            "Healthcare",
            "Hospitality",
            "Logistics / Supply Chain",
            "Media / Entertainment",
            "Retail / E-Commerce",
            "Technology",
            "Telecommunications"
          ],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 0,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "api",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "urlert_intel",
            "id": "386175",
            "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "domain": 70,
            "URL": 70,
            "hostname": 35
          },
          "indicator_count": 175,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 29,
          "modified_text": "29 days ago ",
          "is_modified": true,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": false,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "domain",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "https://urlert.com/domain/coin-spike.com",
        "https://urlert.com/domain/cftgm.cfd",
        "https://urlert.com/domain/c1ic.link",
        "https://urlert.com/domain/alert-micro.com",
        "https://urlert.com/domain/ayprz8.sbs",
        "https://urlert.com/domain/autree.org",
        "https://urlert.com/domain/clashroyalegems.store",
        "https://urlert.com/domain/averahealthcareers.org",
        "https://urlert.com/domain/7k5v3k1.mom",
        "https://urlert.com/domain/bkngsresrvationguest.help",
        "https://urlert.com/domain/364278.xin",
        "https://urlert.com/domain/bkshoessale-eu.top",
        "https://urlert.com/domain/cloudfront.net",
        "https://urlert.com/domain/acsgri.com",
        "https://urlert.com/domain/daoaspost.top",
        "https://urlert.com/domain/auto1groupcove.com",
        "https://urlert.com/domain/comstartnow.com",
        "https://urlert.com/domain/37rawmbaz5051125h.cfd",
        "https://urlert.com/domain/damockup.com",
        "https://urlert.com/domain/6390123.trade"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": []
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": [
            "Technology",
            "Retail / e-commerce",
            "Telecommunications",
            "Automotive",
            "Government",
            "Healthcare",
            "Logistics / supply chain",
            "Media / entertainment",
            "Hospitality",
            "Financial services"
          ]
        }
      }
    },
    "false_positive": []
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "69cdbfb52bc492ac92bd9ad6",
      "name": "URLert Daily Threat Intel \u2014 2026-04-02",
      "description": "URLert Daily Threat Intel \u2014 2026-04-02\n\nAutomated threat intelligence from URLert (https://urlert.com) \u2014 AI-powered URL and domain analysis.\n\nThreats: 111 | Indicators: 230\nConfirmed: 32 | Likely: 77 | Domain intel: 2\nTop threats: Phishing (100), Malvertising (3), Dropper (3), Malware Hosting (2), Unknown (2)\nDomains: 364278.xin, 37rawmbaz5051125h.cfd, 6390123.trade, 7k5v3k1.mom, acsgri.com, alert-micro.com, auto1groupcove.com, autree.org, averahealthcareers.org, ayprz8.sbs, bkngsresrvationguest.help, b...\n\n111 unique threats producing 230 actionable indicators. Generated by URLert automated threat intelligence.",
      "modified": "2026-05-01T23:21:18.418000",
      "created": "2026-04-02T01:00:37.638000",
      "tags": [
        ".xin-domain",
        "1inch-network",
        "abuse-of-legitimate-domain",
        "account-compromise",
        "account-recovery-scam",
        "adult-content-lure",
        "allegro-impersonation",
        "altec-lansing",
        "amazon",
        "anonymizing-service",
        "api-key-theft",
        "apk-distribution",
        "apple-app-store-impersonation",
        "apple-support",
        "aruba-spa",
        "auto1-group",
        "automated-scan",
        "background-check-scam",
        "booking-com",
        "brand-impersonation",
        "cdn-hosting",
        "clash-royale",
        "cloudflare",
        "combosquatting",
        "content-locker",
        "cpanel-impersonation",
        "credential-harvesting",
        "crypto-scam",
        "cryptocurrency",
        "cryptocurrency-impersonation",
        "cryptocurrency-scam",
        "currys-impersonation",
        "daily-threat-intel",
        "dao-impersonation",
        "data-collection",
        "dating-scam",
        "deceptive-content",
        "deceptive-domain",
        "deceptive-filename",
        "deceptive-practices",
        "deceptive-redirect",
        "deceptive-redirection",
        "deceptive-routing",
        "deceptive-software",
        "delivery-failure-scam",
        "delivery-scam",
        "denmark",
        "dhhs-impersonation",
        "discord-impersonation",
        "disposable-infrastructure",
        "domain-classification",
        "domain-redirection",
        "dpd",
        "dpd-impersonation",
        "easybank-impersonation",
        "ecommerce-scam",
        "email-credentials",
        "employment-scam",
        "encoded-email",
        "enterprise-certificate-bypass",
        "etsy-impersonation",
        "executable-download",
        "facebook",
        "fake-delivery-scam",
        "fake-document",
        "fake-giveaway",
        "fake-job-offer",
        "fake-login-page",
        "fake-portal",
        "fake-progress-bar",
        "fake-robux-giveaway",
        "fake-security-alerts",
        "fake-security-check",
        "fake-store",
        "fake-urgency",
        "fake-verification-page",
        "fake-video-player",
        "fake-vpn",
        "fifa",
        "financial-fraud",
        "financial-scam",
        "financial-services",
        "gaming-platform",
        "gibberish-domain",
        "gift-card-scam",
        "giveaway-scam",
        "google",
        "google-sites",
        "government-impersonation",
        "healthcare",
        "high-risk-aggregator",
        "high-risk-domain",
        "high-risk-tld",
        "hungary",
        "impersonation",
        "information-gathering",
        "intelcom-impersonation",
        "investment-fraud",
        "ios-targeting",
        "ip-grabber",
        "ip-logger",
        "ip-logging",
        "ipfs",
        "italy",
        "job-scam",
        "kleinanzeigen",
        "lidl-impersonation",
        "logistics",
        "logistics-scam",
        "logistics-sector",
        "logistics-targeting",
        "malicious-redirect",
        "malicious-redirection",
        "malicious-script",
        "malvertising",
        "malware-delivery",
        "malware-distribution",
        "malware-hosting",
        "mediemarkt",
        "microsoft-forms",
        "microsoft-impersonation",
        "microsoft-office-365",
        "microsoft-sharepoint-impersonation",
        "new-domain",
        "newly-registered-domain",
        "north-carolina",
        "north-dakota-dot",
        "offer-scam",
        "online-gambling",
        "online-gambling-impersonation",
        "package-delivery-scam",
        "parking-citation-scam",
        "payment-information-harvesting",
        "payment-information-theft",
        "payment-scam",
        "pec-webmail",
        "personal-information-collection",
        "personal-information-harvesting",
        "personal-information-theft",
        "phishing",
        "phishing-campaign",
        "phishing-gateway",
        "phishing-infrastructure",
        "phishing-kit",
        "phishing-site",
        "privacy-risk",
        "ralph-lauren",
        "random-domain",
        "red-bull",
        "redirect",
        "redirect-chain",
        "redirection",
        "retail-e-commerce",
        "retail-scam",
        "risky-tld",
        "roblox",
        "roblox-impersonation",
        "romania",
        "royal-mail",
        "scam",
        "scam-site",
        "scam-websites",
        "shortened-url",
        "skechers-impersonation",
        "social-engineering",
        "social-media-scam",
        "spectrum",
        "spotify",
        "spotify-impersonation",
        "suspicious-domain",
        "suspicious-files",
        "suspicious-redirect-target",
        "suspicious-tld",
        "targeted-phishing",
        "tech-support-scam",
        "technical-support-scam",
        "telecommunications-phishing",
        "texas-dmv",
        "tracking-service",
        "traffic-redirection",
        "trojan",
        "tx-dmv",
        "typosquatting",
        "typosquatting-domain",
        "unauthorized-application-access",
        "unauthorized-software-distribution",
        "unesco-impersonation",
        "unwanted-content",
        "unwanted-software",
        "urlert",
        "vulnerability-scanning",
        "webmail-impersonation",
        "whatsapp-engagement",
        "whatsapp-impersonation",
        "zoom"
      ],
      "references": [
        "https://urlert.com/domain/364278.xin",
        "https://urlert.com/domain/37rawmbaz5051125h.cfd",
        "https://urlert.com/domain/6390123.trade",
        "https://urlert.com/domain/7k5v3k1.mom",
        "https://urlert.com/domain/acsgri.com",
        "https://urlert.com/domain/alert-micro.com",
        "https://urlert.com/domain/auto1groupcove.com",
        "https://urlert.com/domain/autree.org",
        "https://urlert.com/domain/averahealthcareers.org",
        "https://urlert.com/domain/ayprz8.sbs",
        "https://urlert.com/domain/bkngsresrvationguest.help",
        "https://urlert.com/domain/bkshoessale-eu.top",
        "https://urlert.com/domain/c1ic.link",
        "https://urlert.com/domain/cftgm.cfd",
        "https://urlert.com/domain/clashroyalegems.store",
        "https://urlert.com/domain/cloudfront.net",
        "https://urlert.com/domain/coin-spike.com",
        "https://urlert.com/domain/comstartnow.com",
        "https://urlert.com/domain/damockup.com",
        "https://urlert.com/domain/daoaspost.top"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [],
      "industries": [
        "Automotive",
        "Financial Services",
        "Government",
        "Healthcare",
        "Hospitality",
        "Logistics / Supply Chain",
        "Media / Entertainment",
        "Retail / E-Commerce",
        "Technology",
        "Telecommunications"
      ],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 0,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "api",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "urlert_intel",
        "id": "386175",
        "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_386175/resized/80/avatar_3b9c358f36.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "domain": 70,
        "URL": 70,
        "hostname": 35
      },
      "indicator_count": 175,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 29,
      "modified_text": "29 days ago ",
      "is_modified": true,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": false,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "domain",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "solidreputation.de",
    "type": "Domain"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "solidreputation.de",
    "found": false,
    "verdict": "clean",
    "urls": [],
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780212057.5004373
}