Loading...
CARD
INFO
Dominio: medifarma.com.pe
Registrar: N/A
Motori AV recap
- Malevolo: 0
- Sospetto: 0
- Non rilevato: 30
- Innocuo: 64
Analisi Antivirus:
Motori che NON classificano il dominio come harmless:
Analisi DNS
Certificato HTTPS
LEAKS NOTI e MALWARE
Raw data
by HudsonRock
Summary
🧠 Dispositivi infetti: 84
🌐 Utenti compromessi: 60
🧑💼 Utenti aziendali compromessi: 24
🔑 Password aziendali esposte: 29
🔑 Password users esposte: 150
🧬 Stealer family e conteggio
🏢 Utenze aziendali compromesse (link/conteggio)
🔐 Utenze users compromesse
🛡️ Antivirus rilevati
Dominio: medifarma.com.pe
Registrar: N/A
Motori AV recap
- Malevolo: 0
- Sospetto: 0
- Non rilevato: 30
- Innocuo: 64
Analisi Antivirus:
- Acronis: [harmless] clean
- 0xSI_f33d: [undetected] unrated
- Abusix: [harmless] clean
- ADMINUSLabs: [harmless] clean
- Axur: [undetected] unrated
- Criminal IP: [harmless] clean
- AILabs (MONITORAPP): [harmless] clean
- AlienVault: [harmless] clean
- alphaMountain.ai: [harmless] clean
- AlphaSOC: [undetected] unrated
- Antiy-AVL: [harmless] clean
- ArcSight Threat Intelligence: [undetected] unrated
- AutoShun: [undetected] unrated
- benkow.cc: [harmless] clean
- Bfore.Ai PreCrime: [undetected] unrated
- BitDefender: [harmless] clean
- Bkav: [undetected] unrated
- Blueliv: [harmless] clean
- Certego: [harmless] clean
- Chong Lua Dao: [harmless] clean
- CINS Army: [harmless] clean
- Cluster25: [undetected] unrated
- CRDF: [harmless] clean
- CSIS Security Group: [undetected] unrated
- Snort IP sample list: [harmless] clean
- CMC Threat Intelligence: [harmless] clean
- Cyan: [undetected] unrated
- Cyble: [harmless] clean
- CyRadar: [harmless] clean
- DNS8: [harmless] clean
- Dr.Web: [harmless] clean
- Ermes: [undetected] unrated
- ESET: [harmless] clean
- ESTsecurity: [harmless] clean
- EmergingThreats: [harmless] clean
- Emsisoft: [harmless] clean
- Forcepoint ThreatSeeker: [harmless] clean
- Fortinet: [harmless] clean
- G-Data: [harmless] clean
- GCP Abuse Intelligence: [undetected] unrated
- Google Safebrowsing: [harmless] clean
- GreenSnow: [harmless] clean
- Gridinsoft: [undetected] unrated
- Heimdal Security: [harmless] clean
- Hunt.io Intelligence: [undetected] unrated
- IPsum: [harmless] clean
- Juniper Networks: [harmless] clean
- Kaspersky: [harmless] clean
- Lionic: [harmless] clean
- Lumu: [undetected] unrated
- MalwarePatrol: [harmless] clean
- MalwareURL: [undetected] unrated
- Malwared: [harmless] clean
- Mimecast: [undetected] unrated
- Netcraft: [undetected] unrated
- OpenPhish: [harmless] clean
- Phishing Database: [harmless] clean
- PhishFort: [undetected] unrated
- PhishLabs: [undetected] unrated
- Phishtank: [harmless] clean
- PREBYTES: [harmless] clean
- PrecisionSec: [undetected] unrated
- Quick Heal: [harmless] clean
- Quttera: [harmless] clean
- SafeToOpen: [undetected] unrated
- Sansec eComscan: [undetected] unrated
- Scantitan: [harmless] clean
- SCUMWARE.org: [harmless] clean
- Seclookup: [harmless] clean
- SecureBrain: [undetected] unrated
- SOCRadar: [undetected] unrated
- Sophos: [harmless] clean
- Spam404: [harmless] clean
- StopForumSpam: [harmless] clean
- Sucuri SiteCheck: [harmless] clean
- ThreatHive: [harmless] clean
- Threatsourcing: [harmless] clean
- Trustwave: [harmless] clean
- Underworld: [undetected] unrated
- URLhaus: [harmless] clean
- URLQuery: [undetected] unrated
- Viettel Threat Intelligence: [harmless] clean
- VIPRE: [undetected] unrated
- VX Vault: [harmless] clean
- ViriBack: [harmless] clean
- Webroot: [harmless] clean
- Yandex Safebrowsing: [harmless] clean
- ZeroCERT: [harmless] clean
- desenmascara.me: [harmless] clean
- malwares.com URL checker: [harmless] clean
- securolytics: [harmless] clean
- Xcitium Verdict Cloud: [harmless] clean
- zvelo: [undetected] unrated
- ZeroFox: [undetected] unrated
- 0xSI_f33d: [undetected] unrated
- Abusix: [harmless] clean
- ADMINUSLabs: [harmless] clean
- Axur: [undetected] unrated
- Criminal IP: [harmless] clean
- AILabs (MONITORAPP): [harmless] clean
- AlienVault: [harmless] clean
- alphaMountain.ai: [harmless] clean
- AlphaSOC: [undetected] unrated
- Antiy-AVL: [harmless] clean
- ArcSight Threat Intelligence: [undetected] unrated
- AutoShun: [undetected] unrated
- benkow.cc: [harmless] clean
- Bfore.Ai PreCrime: [undetected] unrated
- BitDefender: [harmless] clean
- Bkav: [undetected] unrated
- Blueliv: [harmless] clean
- Certego: [harmless] clean
- Chong Lua Dao: [harmless] clean
- CINS Army: [harmless] clean
- Cluster25: [undetected] unrated
- CRDF: [harmless] clean
- CSIS Security Group: [undetected] unrated
- Snort IP sample list: [harmless] clean
- CMC Threat Intelligence: [harmless] clean
- Cyan: [undetected] unrated
- Cyble: [harmless] clean
- CyRadar: [harmless] clean
- DNS8: [harmless] clean
- Dr.Web: [harmless] clean
- Ermes: [undetected] unrated
- ESET: [harmless] clean
- ESTsecurity: [harmless] clean
- EmergingThreats: [harmless] clean
- Emsisoft: [harmless] clean
- Forcepoint ThreatSeeker: [harmless] clean
- Fortinet: [harmless] clean
- G-Data: [harmless] clean
- GCP Abuse Intelligence: [undetected] unrated
- Google Safebrowsing: [harmless] clean
- GreenSnow: [harmless] clean
- Gridinsoft: [undetected] unrated
- Heimdal Security: [harmless] clean
- Hunt.io Intelligence: [undetected] unrated
- IPsum: [harmless] clean
- Juniper Networks: [harmless] clean
- Kaspersky: [harmless] clean
- Lionic: [harmless] clean
- Lumu: [undetected] unrated
- MalwarePatrol: [harmless] clean
- MalwareURL: [undetected] unrated
- Malwared: [harmless] clean
- Mimecast: [undetected] unrated
- Netcraft: [undetected] unrated
- OpenPhish: [harmless] clean
- Phishing Database: [harmless] clean
- PhishFort: [undetected] unrated
- PhishLabs: [undetected] unrated
- Phishtank: [harmless] clean
- PREBYTES: [harmless] clean
- PrecisionSec: [undetected] unrated
- Quick Heal: [harmless] clean
- Quttera: [harmless] clean
- SafeToOpen: [undetected] unrated
- Sansec eComscan: [undetected] unrated
- Scantitan: [harmless] clean
- SCUMWARE.org: [harmless] clean
- Seclookup: [harmless] clean
- SecureBrain: [undetected] unrated
- SOCRadar: [undetected] unrated
- Sophos: [harmless] clean
- Spam404: [harmless] clean
- StopForumSpam: [harmless] clean
- Sucuri SiteCheck: [harmless] clean
- ThreatHive: [harmless] clean
- Threatsourcing: [harmless] clean
- Trustwave: [harmless] clean
- Underworld: [undetected] unrated
- URLhaus: [harmless] clean
- URLQuery: [undetected] unrated
- Viettel Threat Intelligence: [harmless] clean
- VIPRE: [undetected] unrated
- VX Vault: [harmless] clean
- ViriBack: [harmless] clean
- Webroot: [harmless] clean
- Yandex Safebrowsing: [harmless] clean
- ZeroCERT: [harmless] clean
- desenmascara.me: [harmless] clean
- malwares.com URL checker: [harmless] clean
- securolytics: [harmless] clean
- Xcitium Verdict Cloud: [harmless] clean
- zvelo: [undetected] unrated
- ZeroFox: [undetected] unrated
- 0xSI_f33d: undetected (unrated)
- Axur: undetected (unrated)
- AlphaSOC: undetected (unrated)
- ArcSight Threat Intelligence: undetected (unrated)
- AutoShun: undetected (unrated)
- Bfore.Ai PreCrime: undetected (unrated)
- Bkav: undetected (unrated)
- Cluster25: undetected (unrated)
- CSIS Security Group: undetected (unrated)
- Cyan: undetected (unrated)
- Ermes: undetected (unrated)
- GCP Abuse Intelligence: undetected (unrated)
- Gridinsoft: undetected (unrated)
- Hunt.io Intelligence: undetected (unrated)
- Lumu: undetected (unrated)
- MalwareURL: undetected (unrated)
- Mimecast: undetected (unrated)
- Netcraft: undetected (unrated)
- PhishFort: undetected (unrated)
- PhishLabs: undetected (unrated)
- PrecisionSec: undetected (unrated)
- SafeToOpen: undetected (unrated)
- Sansec eComscan: undetected (unrated)
- SecureBrain: undetected (unrated)
- SOCRadar: undetected (unrated)
- Underworld: undetected (unrated)
- URLQuery: undetected (unrated)
- VIPRE: undetected (unrated)
- zvelo: undetected (unrated)
- ZeroFox: undetected (unrated)
- Axur: undetected (unrated)
- AlphaSOC: undetected (unrated)
- ArcSight Threat Intelligence: undetected (unrated)
- AutoShun: undetected (unrated)
- Bfore.Ai PreCrime: undetected (unrated)
- Bkav: undetected (unrated)
- Cluster25: undetected (unrated)
- CSIS Security Group: undetected (unrated)
- Cyan: undetected (unrated)
- Ermes: undetected (unrated)
- GCP Abuse Intelligence: undetected (unrated)
- Gridinsoft: undetected (unrated)
- Hunt.io Intelligence: undetected (unrated)
- Lumu: undetected (unrated)
- MalwareURL: undetected (unrated)
- Mimecast: undetected (unrated)
- Netcraft: undetected (unrated)
- PhishFort: undetected (unrated)
- PhishLabs: undetected (unrated)
- PrecisionSec: undetected (unrated)
- SafeToOpen: undetected (unrated)
- Sansec eComscan: undetected (unrated)
- SecureBrain: undetected (unrated)
- SOCRadar: undetected (unrated)
- Underworld: undetected (unrated)
- URLQuery: undetected (unrated)
- VIPRE: undetected (unrated)
- zvelo: undetected (unrated)
- ZeroFox: undetected (unrated)
- Tipo: SOA, Valore: NS.RCP.NET.pe
- Tipo: TXT, Valore: MS=ms77084197
- Tipo: NS, Valore: NS2.RCP.NET.pe
- Tipo: TXT, Valore: cisco-ci-domain-verification=1cce2e6cec89ac416ab70895350988c7f707f136390b578270845da895cf6230
- Tipo: NS, Valore: NS.RCP.NET.pe
- Tipo: MX, Valore: medifarma-com-pe.mail.protection.outlook.com
- Tipo: TXT, Valore: v=spf1 mx ip4:200.48.84.0/24 ip4:44.205.106.155 ip4:10.100.1.17 ip4:190.187.120.184 ip4:190.187.184.138 ip4:200.4.207.19 ip4:5.83.0.0/16 ip4:185.98.0.0/16 ip4:193.53.0.0/16 ip4:20.121.56.28 ip4:147.204.152.42 ip4:54.233.101.39 ip4:52.67.34.111 include:spf
- Tipo: TXT, Valore: MS=ms42803909
- Tipo: TXT, Valore: google-site-verification=eYSq8MeTnvK4b1k-TrFTzT6Q2v8-nbF4sm0NQA26KAU
- Tipo: TXT, Valore: apple-domain-verification=hOIgc9n1vH3gSblF
- Tipo: A, Valore: 107.21.187.63
- Tipo: TXT, Valore: MS=ms77084197
- Tipo: NS, Valore: NS2.RCP.NET.pe
- Tipo: TXT, Valore: cisco-ci-domain-verification=1cce2e6cec89ac416ab70895350988c7f707f136390b578270845da895cf6230
- Tipo: NS, Valore: NS.RCP.NET.pe
- Tipo: MX, Valore: medifarma-com-pe.mail.protection.outlook.com
- Tipo: TXT, Valore: v=spf1 mx ip4:200.48.84.0/24 ip4:44.205.106.155 ip4:10.100.1.17 ip4:190.187.120.184 ip4:190.187.184.138 ip4:200.4.207.19 ip4:5.83.0.0/16 ip4:185.98.0.0/16 ip4:193.53.0.0/16 ip4:20.121.56.28 ip4:147.204.152.42 ip4:54.233.101.39 ip4:52.67.34.111 include:spf
- Tipo: TXT, Valore: MS=ms42803909
- Tipo: TXT, Valore: google-site-verification=eYSq8MeTnvK4b1k-TrFTzT6Q2v8-nbF4sm0NQA26KAU
- Tipo: TXT, Valore: apple-domain-verification=hOIgc9n1vH3gSblF
- Tipo: A, Valore: 107.21.187.63
- Emesso da: Sectigo RSA Organization Validation Secure Server CA
- Intestato a: *.medifarma.com.pe
- Valido dal: 2025-01-13 00:00:00
- Valido fino al: 2026-01-17 23:59:59
- Algoritmo firma: RSA
- Versione: V3
- Serial number: cba941ee12df740b34879922c15e1722
- Intestato a: *.medifarma.com.pe
- Valido dal: 2025-01-13 00:00:00
- Valido fino al: 2026-01-17 23:59:59
- Algoritmo firma: RSA
- Versione: V3
- Serial number: cba941ee12df740b34879922c15e1722
Summary
🧠 Dispositivi infetti: 84
🌐 Utenti compromessi: 60
🧑💼 Utenti aziendali compromessi: 24
🔑 Password aziendali esposte: 29
🔑 Password users esposte: 150
🧬 Stealer family e conteggio
RedLine: 90
Lumma: 28
Raccoon: 16
StealC: 12
Vidar: 6
Generic Stealer: 3
UNKNOWN: 2
Lumma: 28
Raccoon: 16
StealC: 12
Vidar: 6
Generic Stealer: 3
UNKNOWN: 2
https://mail.medifarma.com.pe: 16
https://erpmif-intranet.medifarma.com.pe/login: 5
https://mail.medifarma.com.pe/: 3
https://mail.medifarma.com.pe/;jsessionid=node01w6tlzaul1qxajfcg7cn4i1n725802.node0: 1
https://mail.medifarma.com.pe/;jsessionid=node0112pijgja0p2r11bfyrz9hj92q4516.node0: 1
https://••••••.medifarma.com.pe/•••/••••.•••: 1
https://••••••.medifarma.com.pe/•••/••••/•••••.••••: 1
https://••••.medifarma.com.pe/;••••••••••=••••••••••••••••••••••••: 1
https://••••.medifarma.com.pe/;••••••••••=•••••••••••••••••••••••••••••••••.•••••: 1
https://erpmif-intranet.medifarma.com.pe/login: 5
https://mail.medifarma.com.pe/: 3
https://mail.medifarma.com.pe/;jsessionid=node01w6tlzaul1qxajfcg7cn4i1n725802.node0: 1
https://mail.medifarma.com.pe/;jsessionid=node0112pijgja0p2r11bfyrz9hj92q4516.node0: 1
https://••••••.medifarma.com.pe/•••/••••.•••: 1
https://••••••.medifarma.com.pe/•••/••••/•••••.••••: 1
https://••••.medifarma.com.pe/;••••••••••=••••••••••••••••••••••••: 1
https://••••.medifarma.com.pe/;••••••••••=•••••••••••••••••••••••••••••••••.•••••: 1
-
http://online.medifarma.com.pe/elearning/moodle/login/index.php: 58
https://online.medifarma.com.pe/elearning/moodle/login/index.php: 38
https://capacitaciones.medifarma.com.pe/login/index.php: 19
http://online.medifarma.com.pe/misboletas/login.php: 16
https://capacitaciones.medifarma.com.pe/login/forgot_password.php: 8
https://••••••.medifarma.com.pe/••••••••••/•••••.•••: 6
http://•••••••••••.medifarma.com.pe:••••: 5
https://•••••••••••.medifarma.com.pe/•••••••••.••: 5
https://•••-••••••••••.medifarma.com.pe/••••••••••/•••••: 1
http://••••••.medifarma.com.pe/•••••••••/••••••/•••••/••••••_••••••••.•••: 1
https://••••••••.medifarma.com.pe: 1
Windows Defender: 6
Not Found: 13
Avast Antivirus: 1
Not Found: 13
Avast Antivirus: 1