Back

pornhd.com Domain Breach Exposure Report

Risk Score

High Risk

Massive event volume or critical assets compromised.

AI Findings Summary

Critical

The domain pornhd.com exhibits a high-risk score of 92, primarily driven by a significant volume of historical data breaches (over 30,000 events) and active infostealer logs (over 3,300 events). The data suggests a substantial exposure of client information, with 33,890 client-related events, alongside 127 employee-related events. The timeline indicates a surge in client-related events from March to June 2026, coinciding with an increase in employee-related events. Malware families like Redline, LummaC2, and Rhadamanthys are prominent, indicating active credential harvesting and data exfiltration activities. The primary concern is the large-scale compromise of client data, likely stemming from credential stuffing attacks facilitated by combolists, as indicated by the leak repository classification. The prevalence of infostealer malware targeting Windows operating systems suggests ongoing efforts to harvest sensitive information. Remediation should focus on strengthening authentication mechanisms, monitoring for credential stuffing attempts, and enhancing endpoint security to detect and prevent infostealer infections.

Total Events

34,017
credential exposure events

Employee Affected Events

127
account email domain = pornhd.com

Client Affected Events

33,890
service target = pornhd.com

Free Community Account

Stop stolen credentials from logging in

Own this domain? Create a free Lunar account to see full exposure data and evidence.

12-Month Events Timeline

Event volume by breach date, employee VS client

EmployeesClients
10,0006,6673,3330
peak month 9,891
Jul 25Sep 25Nov 25Jan 26Mar 26May 26Jun 26

Infostealers VS Data Breaches

Live stealer logs VS data breaches

Infostealer logs
Events3,359
Share10%
Data breaches
Events30,658
Share90%
Infostealer logs (10%)
3,359events
Data breaches (90%)
30,658events

127 compromised employee accounts pose an infrastructure risk, while 33,890 leaked client credentials create regulatory liability.

Antivirus Distribution

Security Tools on Infected Endpoints

Windows Defender17
Total AV2

Malware Families Distribution

Distribution of Active Stealer Strains

Redline827
LummaC2551
Rhadamanthys284
Vidar279
Acreed150
RisePro105
StealC61
Remus18
Raccoon13

Top Login URLs

Top exposed services found in the event results

  1. 1pornhd.com3,861
  2. 2https://www.pornhd.com2,622
  3. 3https://pornhd.com2,517
  4. 4www.pornhd.com1,789
  5. 5https://www.pornhd.com/1,706
  6. 6pornhd.com/1,160
  7. 7www.pornhd.com/860
  8. 8https://pornhd.com/250
  9. 9http://www.pornhd.com241
  10. 10http://www.pornhd.com/172

Infostealer By Geography

Shows the distribution of Infostealer-related credential exposure events across different geographic regions. The location is determined by analyzing the metadata of the infected machines associated with each event.

Bangladesh
Events197
United States
Events168
India
Events118
Germany
Events90
South Africa
Events89
Thailand
Events83
Indonesia
Events70

Country Breakdown

  1. 1Bangladesh197
  2. 2United States168
  3. 3India118
  4. 4Germany90
  5. 5South Africa89
  6. 6Thailand83
  7. 7Indonesia70
  8. 8Antigua & Barbuda66

Services Classification Distribution

Blast radius - closer to core = more critical infrastructure, size = credential volume

-
Total

Operating System Distribution

Distribution of compromised endpoint builds

Windows 10 Enterprise x64303
Windows 11224
Windows 10 Pro139
Windows 10 22H2 build 19045 (64 Bit)137
Windows 10 Pro (10.0.19045) x64109

Leak Repository Classification

Where the exposed records currently reside

0
Named breaches
30,650
Combolist pools
8
Unattributed dumps

Disclaimer: This report includes AI-generated content. AI can make mistakes, so verify important findings independently before taking action.