Back

gotporn.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain `gotporn.com` exhibits a high-risk score of 96, primarily driven by a significant volume of historical data breaches (89%) and active infostealer logs (11%) observed between July 2025 and June 2026. A total of 59,126 events were recorded, impacting 113 employees and 59,013 clients. The data breach and infostealer activity peaked in March and April 2026, with notable increases in employee compromise during these months. Malware families such as Redline, LummaC2, and Vidar are frequently associated with these events, indicating a strong likelihood of credential harvesting and potential further compromise. The primary source of leaked data appears to be combolist sources, suggesting compromised credentials are being widely distributed. Given the high volume of client data breaches and the prevalence of infostealer malware targeting credentials, the primary risk is widespread account compromise and potential financial or identity fraud affecting both clients and employees. Remediation efforts should focus on immediate credential rotation for all affected users, enhanced monitoring for suspicious login activity, and implementing stronger authentication mechanisms like multi-factor authentication. Investigating the root cause of the data breaches and infostealer infections is critical to prevent recurrence, with a particular focus on the identified malware families and the combolist sources.

Total Events

59,126
credential exposure events

Employee Affected Events

113
account email domain = gotporn.com

Client Affected Events

59,013
service target = gotporn.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
20,00013,3336,6670
peak month 17,628
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events6,511
Share11%
Data breaches
Events52,615
Share89%
Infostealer logs (11%)
6,511events
Data breaches (89%)
52,615events

113 compromised employee accounts pose an infrastructure risk, while 59,013 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender43
Windows Defender McAfee1

Malware Families Distribution

Distribution of Active Stealer Strains

Redline1,374
LummaC2990
Vidar745
Rhadamanthys435
Acreed363
RisePro192
StealC170
Raccoon51
Remus29

Top Login URLs

Top exposed services found in the event results

  1. 1gotporn.com7,676
  2. 2https://www.gotporn.com5,485
  3. 3https://gotporn.com4,875
  4. 4www.gotporn.com3,890
  5. 5https://www.gotporn.com/2,236
  6. 6gotporn.com/1,251
  7. 7www.gotporn.com/939
  8. 8http://www.gotporn.com507
  9. 9www.gotporn.com/blonde-milf-seduces-girl-and-bbc-ass-anal--street-racers-get-more-than-they/video-6405551463
  10. 10gotporn.com/blonde-milf-seduces-girl-and-bbc-ass-anal--street-racers-get-more-than-they/video-6405551398

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

United States
Events350
India
Events249
Brazil
Events208
Egypt
Events194
Spain
Events183
Germany
Events174
Algeria
Events141
Bangladesh
Events139

Country Breakdown

  1. 1United States350
  2. 2India249
  3. 3Brazil208
  4. 4Egypt194
  5. 5Spain183
  6. 6Germany174
  7. 7Algeria141
  8. 8Bangladesh139

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

Citrix7

Operating System Distribution

Distribution of compromised endpoint builds

Windows 10 Enterprise x64543
Windows 10 Pro371
Windows 11354
Windows 11 Pro317
Windows 10 Pro (10.0.19045) x64241

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
52,608
Combolist pools
7
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.