MULTIPLAN.COM
MULTIPLAN.COM
Group: clop
Discovered by ransomware.live: 2023-03-30
Estimated attack date: 2023-03-30
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mxb-00233801.gslb.pphosted.com.
- mxa-00233801.gslb.pphosted.com.
TXT Records
- sophos-domain-verification=189fbe3efb708f62abcff56b55a96b012319aed11014f7428b5036037460ea72
- figma-domain-verification=6e943a69871566dc08818843eecf7733308aa86937ec9d7601a985bb3d4a377e-1722076571
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
- TdHaINj3EcavDP/knH0ZKEvnTBBv0gOPN+UFsNcoxCo23entOEFxL99vYpZuco9aU3A/1Thsf8Jukj3d0gKMDA==
- openai-domain-verification=dv-L9b3Pz4rihfzdprTKHZH8Bg2
- apple-domain-verification=v51iYl54uG4m7EYh
- _inptfgf6dvqdnwkpwoe5h7ck0cei08o
- miro-verification=6594a10f0f6faa97305c191a870702866cdbcf90
- _02wrvd38qbj9zeua0ylcb8jyxoehzzd
- atlassian-sending-domain-verification=3fa4a9ef-bded-4045-a539-f4995c5e9423
- flexera-domain-verification-nqgjdrplaedwwwcq
- jamf-site-verification=C8pP_Q4DfgvAwu1hEKyyDw
- knowbe4-site-verification=610109efba80a12891ce5e62bd2c7117
- flexera-domain-verification-enguwjaedoiosdim
- google-site-verification=2Nlwh6mBFKfUQRdTD-Fi_1MNp0znR_drumazeG2KCo0
- docusign=b964fc51-b29b-4d0f-91d6-957a3112b6dd
- MS=ms59612484
- atlassian-domain-verification=QHC45FViwK3du3t/oLGzTQaNSEj46hDTcJ109ZDazMgeI2BAt2cIzcb/HCwHSIDS
- docusign=3973210d-7f08-42a2-b71c-32b82ecd9f07
- cisco-ci-domain-verification=2f447ddf3375ff73657120d6c656354d51bf0defa6e76cea191a9edd89387721
Cloud / SaaS Services Detected
Apple
Atlassian
Microsoft 365
Miro
Flexera
JamF
KnowBe4
Cisco
DocuSign
Proofpoint
Sophos
Leak Screenshot:
