Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Arnold Clark

Group: play

Discovered by ransomware.live: 2023-01-16

Estimated attack date: 2023-01-16


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse comlaude.com
  • arnoldclark.com-Registrant anonymised.email
  • arnoldclark.com-Admin anonymised.email
  • arnoldclark.com-Tech anonymised.email
MX Records
  • eu-smtp-inbound-2.mimecast.com.
  • eu-smtp-inbound-1.mimecast.com.
TXT Records
  • android-enroll=https://ivanticsa.arnoldclark.com/rtc/s000576pl/MDM/api/v1/enroll/AndroidEnroll
  • onetrust-domain-verification=a0f76f07525e45a396eaa44a7cb91eec
  • l8nlt0k0rrq0xpjlprnlpydm1171rqvl
  • nitro-verification-code=MTkzNzExODA2NzA1MDQ2Mjg0NA==
  • google-site-verification=ycIYAI6jFv_fAU6mIRZhZnHY71FrO7dJ1cP_w1Qe8FQ
  • A0R0N14617
  • v=spf1 ip4:168.245.32.184 ip4:198.21.7.174 include:dcmailrelay.zellis.com include:_spf.createsend.com include:eu._netblocks.mimecast.com include:authsmtp.com include:spf.protection.outlook.com include:smtp.groovehq.com include:spf.mandrillapp.com -all
  • MS=ms99845006
  • pf6qnyx2t029dk9bgkccrzd6kjmg4m4b
  • iOS-enroll=https://ivanticsa.arnoldclark.com/rtc/s000576pl/MDM/api/v1/enroll/IosEnroll
  • apple-domain-verification=IAhEKB4FWJFTe3gF
  • mandrill_verify.JLivwdFGNMr7BuHTAOq6SA
  • google-site-verification=8e1R4sHdRDMLoOUqY3ffNheqioxYEughRKy3tZ6ndy0
  • atlassian-domain-verification=p76a3kFckLrUozy2K3o6zRaCGKcrHHuGozLOOXMhaaR/JxV2A/6O2itn1KGgsG0X
  • apple-domain-verification=ZYEWnSe10Rd-AdSSL5EF48S5KYE3WFG0ALa-NGA4D6E
  • teamviewer-sso-verification=aaa33000f1094194a10b35fea2b8ff57
  • adobe-sign-verification=d763666072ba9fdfcc7edac090c4d253
Cloud / SaaS Services Detected
Apple Atlassian Mailchimp Microsoft 365 Teamviewer Mandrill OneTrust Mimecast