Loading...
CARD
INFO
Dominio: khidmah.com
Registrar: GoDaddy.com, LLC
Motori AV recap
- Malevolo: 0
- Sospetto: 0
- Non rilevato: 30
- Innocuo: 64
Analisi Antivirus:
Motori che NON classificano il dominio come harmless:
Analisi DNS
Certificato HTTPS
LEAKS NOTI e MALWARE
Raw data
by HudsonRock
Summary
🧠 Dispositivi infetti: 19
🌐 Utenti compromessi: 17
🧑💼 Utenti aziendali compromessi: 2
🔑 Password aziendali esposte: 9
🔑 Password users esposte: 35
🧬 Stealer family e conteggio
🏢 Utenze aziendali compromesse (link/conteggio)
🔐 Utenze users compromesse
🛡️ Antivirus rilevati
Dominio: khidmah.com
Registrar: GoDaddy.com, LLC
Motori AV recap
- Malevolo: 0
- Sospetto: 0
- Non rilevato: 30
- Innocuo: 64
Analisi Antivirus:
- Acronis: [harmless] clean
- 0xSI_f33d: [undetected] unrated
- Abusix: [harmless] clean
- ADMINUSLabs: [harmless] clean
- Axur: [undetected] unrated
- Criminal IP: [harmless] clean
- AILabs (MONITORAPP): [harmless] clean
- AlienVault: [harmless] clean
- alphaMountain.ai: [harmless] clean
- AlphaSOC: [undetected] unrated
- Antiy-AVL: [harmless] clean
- ArcSight Threat Intelligence: [undetected] unrated
- AutoShun: [undetected] unrated
- benkow.cc: [harmless] clean
- Bfore.Ai PreCrime: [undetected] unrated
- BitDefender: [harmless] clean
- Bkav: [undetected] unrated
- Blueliv: [harmless] clean
- Certego: [harmless] clean
- Chong Lua Dao: [harmless] clean
- CINS Army: [harmless] clean
- Cluster25: [undetected] unrated
- CRDF: [harmless] clean
- CSIS Security Group: [undetected] unrated
- Snort IP sample list: [harmless] clean
- CMC Threat Intelligence: [harmless] clean
- Cyan: [undetected] unrated
- Cyble: [harmless] clean
- CyRadar: [harmless] clean
- DNS8: [harmless] clean
- Dr.Web: [harmless] clean
- Ermes: [undetected] unrated
- ESET: [harmless] clean
- ESTsecurity: [harmless] clean
- EmergingThreats: [harmless] clean
- Emsisoft: [harmless] clean
- Forcepoint ThreatSeeker: [harmless] clean
- Fortinet: [harmless] clean
- G-Data: [harmless] clean
- GCP Abuse Intelligence: [undetected] unrated
- Google Safebrowsing: [harmless] clean
- GreenSnow: [harmless] clean
- Gridinsoft: [undetected] unrated
- Heimdal Security: [harmless] clean
- Hunt.io Intelligence: [undetected] unrated
- IPsum: [harmless] clean
- Juniper Networks: [harmless] clean
- Kaspersky: [harmless] clean
- Lionic: [harmless] clean
- Lumu: [undetected] unrated
- MalwarePatrol: [harmless] clean
- MalwareURL: [undetected] unrated
- Malwared: [harmless] clean
- Mimecast: [undetected] unrated
- Netcraft: [undetected] unrated
- OpenPhish: [harmless] clean
- Phishing Database: [harmless] clean
- PhishFort: [undetected] unrated
- PhishLabs: [undetected] unrated
- Phishtank: [harmless] clean
- PREBYTES: [harmless] clean
- PrecisionSec: [undetected] unrated
- Quick Heal: [harmless] clean
- Quttera: [harmless] clean
- SafeToOpen: [undetected] unrated
- Sansec eComscan: [undetected] unrated
- Scantitan: [harmless] clean
- SCUMWARE.org: [harmless] clean
- Seclookup: [harmless] clean
- SecureBrain: [undetected] unrated
- SOCRadar: [undetected] unrated
- Sophos: [harmless] clean
- Spam404: [harmless] clean
- StopForumSpam: [harmless] clean
- Sucuri SiteCheck: [harmless] clean
- ThreatHive: [harmless] clean
- Threatsourcing: [harmless] clean
- Trustwave: [harmless] clean
- Underworld: [undetected] unrated
- URLhaus: [harmless] clean
- URLQuery: [undetected] unrated
- Viettel Threat Intelligence: [harmless] clean
- VIPRE: [undetected] unrated
- VX Vault: [harmless] clean
- ViriBack: [harmless] clean
- Webroot: [harmless] clean
- Yandex Safebrowsing: [harmless] clean
- ZeroCERT: [harmless] clean
- desenmascara.me: [harmless] clean
- malwares.com URL checker: [harmless] clean
- securolytics: [harmless] clean
- Xcitium Verdict Cloud: [harmless] clean
- zvelo: [undetected] unrated
- ZeroFox: [undetected] unrated
- 0xSI_f33d: [undetected] unrated
- Abusix: [harmless] clean
- ADMINUSLabs: [harmless] clean
- Axur: [undetected] unrated
- Criminal IP: [harmless] clean
- AILabs (MONITORAPP): [harmless] clean
- AlienVault: [harmless] clean
- alphaMountain.ai: [harmless] clean
- AlphaSOC: [undetected] unrated
- Antiy-AVL: [harmless] clean
- ArcSight Threat Intelligence: [undetected] unrated
- AutoShun: [undetected] unrated
- benkow.cc: [harmless] clean
- Bfore.Ai PreCrime: [undetected] unrated
- BitDefender: [harmless] clean
- Bkav: [undetected] unrated
- Blueliv: [harmless] clean
- Certego: [harmless] clean
- Chong Lua Dao: [harmless] clean
- CINS Army: [harmless] clean
- Cluster25: [undetected] unrated
- CRDF: [harmless] clean
- CSIS Security Group: [undetected] unrated
- Snort IP sample list: [harmless] clean
- CMC Threat Intelligence: [harmless] clean
- Cyan: [undetected] unrated
- Cyble: [harmless] clean
- CyRadar: [harmless] clean
- DNS8: [harmless] clean
- Dr.Web: [harmless] clean
- Ermes: [undetected] unrated
- ESET: [harmless] clean
- ESTsecurity: [harmless] clean
- EmergingThreats: [harmless] clean
- Emsisoft: [harmless] clean
- Forcepoint ThreatSeeker: [harmless] clean
- Fortinet: [harmless] clean
- G-Data: [harmless] clean
- GCP Abuse Intelligence: [undetected] unrated
- Google Safebrowsing: [harmless] clean
- GreenSnow: [harmless] clean
- Gridinsoft: [undetected] unrated
- Heimdal Security: [harmless] clean
- Hunt.io Intelligence: [undetected] unrated
- IPsum: [harmless] clean
- Juniper Networks: [harmless] clean
- Kaspersky: [harmless] clean
- Lionic: [harmless] clean
- Lumu: [undetected] unrated
- MalwarePatrol: [harmless] clean
- MalwareURL: [undetected] unrated
- Malwared: [harmless] clean
- Mimecast: [undetected] unrated
- Netcraft: [undetected] unrated
- OpenPhish: [harmless] clean
- Phishing Database: [harmless] clean
- PhishFort: [undetected] unrated
- PhishLabs: [undetected] unrated
- Phishtank: [harmless] clean
- PREBYTES: [harmless] clean
- PrecisionSec: [undetected] unrated
- Quick Heal: [harmless] clean
- Quttera: [harmless] clean
- SafeToOpen: [undetected] unrated
- Sansec eComscan: [undetected] unrated
- Scantitan: [harmless] clean
- SCUMWARE.org: [harmless] clean
- Seclookup: [harmless] clean
- SecureBrain: [undetected] unrated
- SOCRadar: [undetected] unrated
- Sophos: [harmless] clean
- Spam404: [harmless] clean
- StopForumSpam: [harmless] clean
- Sucuri SiteCheck: [harmless] clean
- ThreatHive: [harmless] clean
- Threatsourcing: [harmless] clean
- Trustwave: [harmless] clean
- Underworld: [undetected] unrated
- URLhaus: [harmless] clean
- URLQuery: [undetected] unrated
- Viettel Threat Intelligence: [harmless] clean
- VIPRE: [undetected] unrated
- VX Vault: [harmless] clean
- ViriBack: [harmless] clean
- Webroot: [harmless] clean
- Yandex Safebrowsing: [harmless] clean
- ZeroCERT: [harmless] clean
- desenmascara.me: [harmless] clean
- malwares.com URL checker: [harmless] clean
- securolytics: [harmless] clean
- Xcitium Verdict Cloud: [harmless] clean
- zvelo: [undetected] unrated
- ZeroFox: [undetected] unrated
- 0xSI_f33d: undetected (unrated)
- Axur: undetected (unrated)
- AlphaSOC: undetected (unrated)
- ArcSight Threat Intelligence: undetected (unrated)
- AutoShun: undetected (unrated)
- Bfore.Ai PreCrime: undetected (unrated)
- Bkav: undetected (unrated)
- Cluster25: undetected (unrated)
- CSIS Security Group: undetected (unrated)
- Cyan: undetected (unrated)
- Ermes: undetected (unrated)
- GCP Abuse Intelligence: undetected (unrated)
- Gridinsoft: undetected (unrated)
- Hunt.io Intelligence: undetected (unrated)
- Lumu: undetected (unrated)
- MalwareURL: undetected (unrated)
- Mimecast: undetected (unrated)
- Netcraft: undetected (unrated)
- PhishFort: undetected (unrated)
- PhishLabs: undetected (unrated)
- PrecisionSec: undetected (unrated)
- SafeToOpen: undetected (unrated)
- Sansec eComscan: undetected (unrated)
- SecureBrain: undetected (unrated)
- SOCRadar: undetected (unrated)
- Underworld: undetected (unrated)
- URLQuery: undetected (unrated)
- VIPRE: undetected (unrated)
- zvelo: undetected (unrated)
- ZeroFox: undetected (unrated)
- Axur: undetected (unrated)
- AlphaSOC: undetected (unrated)
- ArcSight Threat Intelligence: undetected (unrated)
- AutoShun: undetected (unrated)
- Bfore.Ai PreCrime: undetected (unrated)
- Bkav: undetected (unrated)
- Cluster25: undetected (unrated)
- CSIS Security Group: undetected (unrated)
- Cyan: undetected (unrated)
- Ermes: undetected (unrated)
- GCP Abuse Intelligence: undetected (unrated)
- Gridinsoft: undetected (unrated)
- Hunt.io Intelligence: undetected (unrated)
- Lumu: undetected (unrated)
- MalwareURL: undetected (unrated)
- Mimecast: undetected (unrated)
- Netcraft: undetected (unrated)
- PhishFort: undetected (unrated)
- PhishLabs: undetected (unrated)
- PrecisionSec: undetected (unrated)
- SafeToOpen: undetected (unrated)
- Sansec eComscan: undetected (unrated)
- SecureBrain: undetected (unrated)
- SOCRadar: undetected (unrated)
- Underworld: undetected (unrated)
- URLQuery: undetected (unrated)
- VIPRE: undetected (unrated)
- zvelo: undetected (unrated)
- ZeroFox: undetected (unrated)
- Tipo: TXT, Valore: MS=ms97780255
- Tipo: NS, Valore: a1-50.akam.net
- Tipo: SOA, Valore: a1-50.akam.net
- Tipo: AAAA, Valore: 2600:1406:2e00:49::172e:d8c7
- Tipo: A, Valore: 23.212.62.196
- Tipo: TXT, Valore: stripe-verification=203fd0f5ebcfd06d10fbc190304ec2b26d011a5df4c7fa2eb21a3bbdf93b401f
- Tipo: TXT, Valore: n74ntiobs5r6r79j2urte59fdk
- Tipo: NS, Valore: a5-67.akam.net
- Tipo: NS, Valore: a4-67.akam.net
- Tipo: TXT, Valore: ycQwsjwmXrYjAIBZui+oc8kcMs2DsbKvGGsGK23VOc39jdOhW5Uu2NJoiAhhBe9dHlYH6kniGuaIzyEoxxxWOw==
- Tipo: MX, Valore: cluster5a.eu.messagelabs.com
- Tipo: TXT, Valore: 1cfl4ux.creator.cs.zohohost.com
- Tipo: TXT, Valore: v=verifydomain MS=5671559
- Tipo: NS, Valore: a14-65.akam.net
- Tipo: NS, Valore: a2-67.akam.net
- Tipo: TXT, Valore: docusign=575149ac-3ea4-45af-8646-cbaa4ab69f64
- Tipo: TXT, Valore: v=spf1 ip4:147.204.152.42 include:spf.messagelabs.com include:spf.protection.outlook.com include:spf-uae.emailsignatures365.com include:spf.my349235.mail.crm.ondemand.com include:spf.my355856.mail.crm.ondemand.com include:usermail.zohocreator.com -all
- Tipo: NS, Valore: a13-65.akam.net
- Tipo: TXT, Valore: v=verifydomain MS=3562305
- Tipo: AAAA, Valore: 2600:1406:2e00:49::172e:d8cf
- Tipo: A, Valore: 23.212.62.197
- Tipo: MX, Valore: cluster5.eu.messagelabs.com
- Tipo: TXT, Valore: dOWut/QZQJn/v+ilIIGb7T2Lqr531Eh31FFvOkwPRg2xtJb41rQAVOYyj83ej7BBM3OTtt+irxATR58awjb5sA==
- Tipo: TXT, Valore: Sendinblue-code:6d6c806f19b356c17d0349483f0a6953
- Tipo: NS, Valore: a1-50.akam.net
- Tipo: SOA, Valore: a1-50.akam.net
- Tipo: AAAA, Valore: 2600:1406:2e00:49::172e:d8c7
- Tipo: A, Valore: 23.212.62.196
- Tipo: TXT, Valore: stripe-verification=203fd0f5ebcfd06d10fbc190304ec2b26d011a5df4c7fa2eb21a3bbdf93b401f
- Tipo: TXT, Valore: n74ntiobs5r6r79j2urte59fdk
- Tipo: NS, Valore: a5-67.akam.net
- Tipo: NS, Valore: a4-67.akam.net
- Tipo: TXT, Valore: ycQwsjwmXrYjAIBZui+oc8kcMs2DsbKvGGsGK23VOc39jdOhW5Uu2NJoiAhhBe9dHlYH6kniGuaIzyEoxxxWOw==
- Tipo: MX, Valore: cluster5a.eu.messagelabs.com
- Tipo: TXT, Valore: 1cfl4ux.creator.cs.zohohost.com
- Tipo: TXT, Valore: v=verifydomain MS=5671559
- Tipo: NS, Valore: a14-65.akam.net
- Tipo: NS, Valore: a2-67.akam.net
- Tipo: TXT, Valore: docusign=575149ac-3ea4-45af-8646-cbaa4ab69f64
- Tipo: TXT, Valore: v=spf1 ip4:147.204.152.42 include:spf.messagelabs.com include:spf.protection.outlook.com include:spf-uae.emailsignatures365.com include:spf.my349235.mail.crm.ondemand.com include:spf.my355856.mail.crm.ondemand.com include:usermail.zohocreator.com -all
- Tipo: NS, Valore: a13-65.akam.net
- Tipo: TXT, Valore: v=verifydomain MS=3562305
- Tipo: AAAA, Valore: 2600:1406:2e00:49::172e:d8cf
- Tipo: A, Valore: 23.212.62.197
- Tipo: MX, Valore: cluster5.eu.messagelabs.com
- Tipo: TXT, Valore: dOWut/QZQJn/v+ilIIGb7T2Lqr531Eh31FFvOkwPRg2xtJb41rQAVOYyj83ej7BBM3OTtt+irxATR58awjb5sA==
- Tipo: TXT, Valore: Sendinblue-code:6d6c806f19b356c17d0349483f0a6953
- Emesso da: R11
- Intestato a: provis.ae
- Valido dal: 2024-12-27 07:18:17
- Valido fino al: 2025-03-27 07:18:16
- Algoritmo firma: RSA
- Versione: V3
- Serial number: 3d5bf059d6f9a4e988b81fd4ebed7261123
- Intestato a: provis.ae
- Valido dal: 2024-12-27 07:18:17
- Valido fino al: 2025-03-27 07:18:16
- Algoritmo firma: RSA
- Versione: V3
- Serial number: 3d5bf059d6f9a4e988b81fd4ebed7261123
Summary
🧠 Dispositivi infetti: 19
🌐 Utenti compromessi: 17
🧑💼 Utenti aziendali compromessi: 2
🔑 Password aziendali esposte: 9
🔑 Password users esposte: 35
🧬 Stealer family e conteggio
Lumma: 7
StealC: 4
RedLine: 3
Generic Stealer: 3
Raccoon: 2
StealC: 4
RedLine: 3
Generic Stealer: 3
Raccoon: 2
https://email.khidmah.com/owa/auth/logon.aspx: 9
-
https://sap.khidmah.com:44300/nwbc: 10
https://ehs.khidmah.com/user/login: 6
https://ehs.khidmah.com: 6
https://ehs.khidmah.com/permit/main-login-page: 4
https://sap.khidmah.com:44300/nwbc/: 3
https://••••.khidmah.com/•••••••/••••••_••••••••: 3
http://•••••••••.khidmah.com:••••: 2
https://•••••.khidmah.com/: 1
https://•••.khidmah.com:•••••/•••/••/•••/•••/•••/••••••: 1
https://••••.khidmah.com/•••••••/•••••: 1
http://••••••••.khidmah.com:••••/••••••/•••••.•••: 1
Not Found: 1
Panda Dome: 1
Panda Dome: 1