DURR.COM
DURR.COM
Group: clop
Discovered by ransomware.live: 2023-07-05
Estimated attack date: 2023-07-05
Description:
Dürr – Leading in Production Efficiency - EN - Dürr
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain-abuse internetx.com
MX Records
- mx1.hc116-66.eu.iphmx.com.
- mx2.hc116-66.eu.iphmx.com.
TXT Records
- YjCxW2rK1dCoa5UR32nL
- docusign=001ed9cf-720a-44a1-9a7c-23cd272adbb8
- BRWha3jNmg072XUWmcqeufjiiV4Q44mwj+nzJzekykOro318MQFMOQCXo4q37cJcAnh2Zkxj7MkRjubSHl2OQw==
- MS=ms11623340
- google-site-verification=SqRsjyN04E3-F8-AsPPMALudzwjMLOcaTZFcf-IyJuY
- o18714u4cm9i2eqpv4h9tobm6i
- sending_domain564993=a645be6ed7f2ff883ead6d98a6d4d313f0055667ecb55765c5857c22ee7ea363
- v=spf1 ip4:185.136.64.128/27 ip4:185.136.65.128/27 ip4:198.37.154.6 a:o1.mail.highbond.com include:spf.imc-hosting.com include:nets1.spf.durr.com include:_spf.senders.scnem.com include:spf.durr-group.com include:agenturserver.de include:aspmx.pardot.com -" "all
- swisssign-check=h-hIreQPbvZv0HE1q8tg28fKtaY
- teamviewer-sso-verification=68eb1d4b2bae42d9836e7e4495282f39
- pardot938713=8c1e02e6a1f24ad405952834a5ff2dbe08ea129c4cde654e1735829d81a94b2e
Cloud / SaaS Services Detected
Microsoft 365
Salesforce
Teamviewer
DocuSign
Leak Screenshot:
