Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Grand Hotel

grand-hotel.org
Group Thegentlemen
Discovered 2026-02-27
Est. attack date 2026-02-27

Description:

grand-hotel.org zoominfo.com/c/grand-hotel/369020995 The Grand Hotel was established in 1952. Supported by red columns and with golden roof tiling, the Grand Hotel stands midway up Yuanshan, much like a majestic 14-storey palace. Facing Keelung River, with Yangming Mountain to its, the hotel offers an amazing view of Songshan District to the East and Danshui to the West. The Grand Hotel, structured through western construction methods, is decorated with elegant classical Chinese details. This fusion ofEast and West makes the hotel a fine expression of Chinese art upon a foundation of modern western architecture. No matter if visitors are tourists or business men, all those who stop by and marvel at the architectural beauty of the hotel would no doubt want to reserve for themselves a wonderful stay. The hotel is equipped with 500 rooms

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations@web.com
MX Records
  • mg.grand-hotel.org.
  • gtbinspector.grand-hotel.org.
  • mailgate.grand-hotel.org.
TXT Records
  • lXXPx7cWbkR2n4Gc9GtNh60LrLVGWwRzJSBA4u9ZXxo
  • v=spf1 ip4:202.39.60.36 ip4:202.39.60.35 ip4:59.124.3.1 -all
  • v=DMARC1;p=none;sp=none;pct=100;adkim=s;aspf=s;rua=mailto:r1075812@dc.bmesrv.com;ruf=mailto:service@grand-hotel.org;rf=afrf;ri=86400;fo=0;
  • AeNir3ewQv2W9ASh0QMSOb3UFN2LSKQMz2KtXHIjqAk
  • 3lSd1H_dq797zjQLRfYpbzXQXy5sfDHBs2MLjtCvc3Y
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.