Back

diply.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain diply.com experienced a significant number of data breach events (465) and active infostealer logs (76) over the reporting period, impacting 229 employees and 312 clients. The majority of data breach events were attributed to combolist sources (351), with a notable presence of Redline malware (14.5%). The timeline shows a surge in employee and client compromise events in early 2026, particularly in January and April. The primary operating system affected was Windows 11. This exposure presents a high risk due to the volume of historical data breaches and ongoing infostealer activity, suggesting potential credential stuffing attacks and widespread credential compromise. Remediation should focus on immediate credential resets for affected employees and clients, enhanced monitoring for suspicious login activity on services like diply.com/logon and diply.com/login, and a review of security controls to prevent future combolist-based attacks.

Total Events

541
credential exposure events

Employee Affected Events

229
account email domain = diply.com

Client Affected Events

312
service target = diply.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
10067330
peak month 93
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events76
Share14%
Data breaches
Events465
Share86%
Infostealer logs (14%)
76events
Data breaches (86%)
465events

229 compromised employee accounts pose an infrastructure risk, while 312 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

No Data Available

Malware Families Distribution

Distribution of Active Stealer Strains

Redline11
Acreed3
LummaC22
StealC1

Top Login URLs

Top exposed services found in the event results

  1. 1diply.com67
  2. 2https://diply.com52
  3. 3https://diply.com/logon21
  4. 4https://diply.com/login21
  5. 5https://diply.com/19
  6. 6diply.com/login17
  7. 7https://diply.com/home15
  8. 8diply.com/logon13
  9. 9diply.com/13
  10. 10https://www.diply.com11

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events19
India
Events4
China
Events4
Germany
Events4
South Korea
Events3
Netherlands
Events3
South Africa
Events2
Indonesia
Events2

Country Breakdown

  1. 1United States19
  2. 2India4
  3. 3China4
  4. 4Germany4
  5. 5South Korea3
  6. 6Netherlands3
  7. 7South Africa2
  8. 8Indonesia2

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 1134
Windows 103
Windows 7 x322
Windows Server 2012 R2 x322
Windows Server 2008 x322

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
351
Combolist pools
114
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.