Onclusive
Onclusive
Group: play
Discovered by ransomware.live: 2024-02-15
Estimated attack date: 2024-01-30
Country:
Description:
United States
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 15
Third Party Employee Credentials: 1
External Attack Surface: 3
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- trustandsafety support.aws.com
- a9b1709f-39e9-465b-8f1e-2d66de3142d1 identity-protect.org
MX Records
- alt3.aspmx.l.google.com.
- alt4.aspmx.l.google.com.
- alt1.aspmx.l.google.com.
- alt2.aspmx.l.google.com.
- aspmx.l.google.com.
TXT Records
- new-relic-domain-verification=0fca30a974ed4ff9bd61d3a5d6fc1fdf
- pardot187632=8e0c0553a35beea93f1848980eef441b2186a6b69dd20aa8394b1685c9cacbc5
- v=spf1 include:_spf.onclusive_com._d.easydmarc.pro include:spf.protection.outlook.com include:_spf.salesforce.com include:sendgrid.net ip4:54.75.1.75 ip4:54.228.11.161 ~all
- MS=ms74961014
- Probely=ddcf0d6c-91c9-403f-9a23-1e45d27a7f80
- apple-domain-verification=ZJ4gZJeSly9O8hSg
- atlassian-domain-verification=U5IeydfNJQGIVNumVBVrK2W2/bdg9t4UOpu6T8s/Ld1Lr0DdMRMnQotkRymKzY00
- facebook-domain-verification=tziv2dv9c6rm80r71j7f64xfx24cqt
- google-site-verification=R7hhvGlgd0VFTqHS24iq0aQmGMRj6WEDyY1l-77zdak
- google-site-verification=ZRmj1yAuLgvAtWFrpZsfmg-upgDWzCz5qIQ1PBw_bPg
- mongodb-site-verification=7n9F4qFBCmbMNbilw7iYAfwh5pbQT06a
Cloud / SaaS Services Detected
Apple
Atlassian
Microsoft 365
Salesforce
SendGrid
Leak Screenshot:
