EMSBILLING.COM
EMSBILLING.COM
Group: clop
Discovered by ransomware.live: 2023-07-26
Estimated attack date: 2023-07-26
Description:
Just a moment...
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- trustandsafety support.aws.com
- 304df892-8472-4d38-88ca-0c3fd200fd75 identity-protect.org
MX Records
- us-smtp-inbound-2.mimecast.com.
- us-smtp-inbound-1.mimecast.com.
TXT Records
- v=spf1 include:spf.protection.outlook.com include:us._netblocks.mimecast.com include:_spf.atlassian.net include:spf.myconnectwise.net include:spf.constantcontact.com include:_spf.salesforce.com include:_spf.intacct.com ip4:23.21.109.197 ip4:23.21.109.212 " "ip4:147.160.167.0/26 ~all
- v=verifydomain MS=6706628
- ZOOM_verify_ITJw6KjlTQGyk7YwaDtCWw
- _0u8gn5czjfxxp2d2vo9qb6hprpyg8o7
- atlassian-domain-verification=YyGmAk9A2LAA7phBHyqyB49OVDagH+jh6SxH5Rk0scPG86bcjJzer2jM28+UwWXF
- google-site-verification=HqPEzyH-T-VLiey_qbNaz7q9sikjn-M9aXnbrbRtAoE
- google-site-verification=TTZVYdM5anJEuIhYu-b4J3zJ4AKVlumAa0_L21fsf1I
- intacct-esk=F6F6B1D04224A563E0533606690A124C
- smartsheet-site-validation=AqTqy4hFpvM_c853w4KVNIIRarD0H377
Cloud / SaaS Services Detected
Atlassian
Microsoft 365
Salesforce
Mimecast
Zoom
Leak Screenshot:
