FixVibe

// discovery / spotlight

Threat-Intel Cross-Reference

Spamhaus DBL, URLhaus — your domain's reputation, externally seen.

Il gancio

Your domain has a reputation that's tracked publicly, and sometimes you don't know it's been damaged until your transactional emails stop arriving and your customer-success team starts investigating. Threat-intel feeds — Spamhaus DBL, URLhaus, Google Safe Browsing, Microsoft SmartScreen, the various commercial reputation services — log domains observed in spam, phishing, or malware campaigns. Inclusion can come from a real compromise (your subdomain takeover got squatted and now serves phishing), from a misattribution (someone on your shared IP did something bad), or from related-name confusion (an attacker registered `support-yourapp.com` and ran a campaign that briefly tagged your real domain). Knowing your reputation status is operational hygiene; ignoring it is how email deliverability dies quietly.

Come funziona

Spamhaus DBL maintains a curated list of domains observed in spam-related abuse — phishing pages, malware download hosts, command-and-control infrastructure. Listings come from a mix of automated detection (honeypots, spam traps) and analyst review. URLhaus, run by abuse.ch, tracks URLs serving malware specifically. Both are queryable via DNS lookup or REST API. A listing means at least one trustworthy source associated your domain with abuse; the cause varies from 'you've been compromised' to 'a related domain shares your hosting' to 'someone made a mistake.'

Il raggio d'azione

Email deliverability tanks first — Gmail, Outlook, ProtonMail, and corporate spam filters consult these feeds and route listed senders to junk or block them outright. Browser warnings on Safari, Chrome, and Edge for users navigating to listed URLs (Google Safe Browsing in particular). DNS-level blocking by some resolvers (Quad9, OpenDNS, NextDNS) means listed domains simply don't resolve for users on those services. If the listing reflects actual compromise, the threat is ongoing — phishing or malware running on infrastructure you control means cleanup, secret rotation, and probably a customer notification.

// cosa controlla fixvibe

Cosa controlla FixVibe

FixVibe maps externally visible application surfaces with passive signals and safe metadata checks. Reports summarize the exposed surface and remediation priorities. For check-specific questions about exact detection heuristics, active payload details, or source-code rule patterns, contact support@fixvibe.app.

Difese a prova di bomba

If you find your domain listed: investigate the cause first. Search your subdomains for unexpected content (the takeover check we run can help). Audit recent DNS changes for entries pointing at unexpected hosts. Check your CDN and email-provider logs for unusual outbound activity. Once you've confirmed clean state (or remediated compromise), submit a removal request through the listing service's standard channel — Spamhaus and URLhaus both have well-documented delisting processes. To prevent listing in the first place: lock down your DNS with strict change controls, monitor for subdomain takeovers continuously, audit your SPF/DKIM/DMARC posture so spoofers can't impersonate you (their abuse from your domain is what gets you listed), and use a transactional email provider with reputation isolation. If you're listed without an obvious cause, check your hosting IP — shared hosting on a 'noisy neighbor' IP sometimes triggers listings.

// run it on your own app

Continua a spedire mentre FixVibe vigila per te.

FixVibe mette sotto pressione la superficie pubblica della tua app come farebbe un attaccante — senza agent, senza installazione, senza carta. Continuiamo a studiare nuovi pattern di vulnerabilità e li trasformiamo in controlli pratici e fix pronti da incollare in Cursor, Claude e Copilot.

Discovery
142
test eseguiti in questa categoria
modules
23
controlli dedicati a discovery
ogni scansione
487+
test su tutte le categorie
  • Gratis — senza carta di credito, senza installazione, senza ping su Slack
  • Incolla un URL — pensiamo noi a crawl, sonde e report
  • Risultati classificati in base alla gravità, deduplicati solo per segnalare
  • AI-ready prompts where code applies, plus operator steps for DNS/provider fixes
Esegui una scansione gratuita

// latest checks · practical fixes · ship with confidence

Threat-Intel Cross-Reference — Vulnerabilità in primo piano | FixVibe · FixVibe