NATIONSBENEFITS.COM
NATIONSBENEFITS.COM
Group: clop
Discovered by ransomware.live: 2023-03-23
Estimated attack date: 2023-03-23
Description:
Innovative Healthcare Management Solutions - NationsBenefits
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- registrar-abuse cloudflare.com
MX Records
- mxb-00780202.gslb.pphosted.com.
- mxa-00780202.gslb.pphosted.com.
TXT Records
- proxy-ssl.webflow.com
- o11d4u5hm6ugjp990r9agn6llq
- v=spf1 ip4:148.163.157.118 include:res.cisco.com include:spf.protection.outlook.com include:mail.zendesk.com include:spf-00780202.pphosted.com ip4:149.72.57.192 ip4:149.72.57.195 ip4:149.72.57.22 ip4:167.89.81.51 -all
- dropbox-domain-verification=pxh6k2ma2s5i
- MS=ms36345552
- status-page-domain-verification=51hhddvmsklb
- k88r9qd2v0fomtuo6s5futt8jk
- qskjjv9etkbqa1kbdl0jrf3h45
- slack-domain-verification=nBxfP2OfGeHOKT4Lfe4QuLvfgwopkfBPr1NmRurQ
- pardot1024793=8f7aa5d4abc2bbf05756f83557852e350aaabc53f94a785413bf33b67bc090af
- v9v3rj15fnfgkulqbqvvoa6nd
- apple-domain-verification=H9mf5ZMj00rvm9Qc
- h8g88p1n4getv9oec47g2d6lk9
- atptib13ddt14pg57hbpc6nm01
- google-site-verification=-_P-P6ASq4CrlbkPXIdTgqAjFnPoE3oda6QSxxI8ay0
- lv4g3mmil3pg5bhi1ealfvohsa
- t760va4kf32t35r97jp0mv2p6q
- h6l6rtceq97aso2af2ssb6k8v6
- wrike-verification=NDI4Mjk3NTpkODFlYTE4Njg1YzkwNGUxN2U2OGMxNDNmMTYzNjdhMDQ2MDliMDY4YzI0NDU2M2FjNmIyZjE1NTlhMTQxMDY5
- jetbrains-domain-verification=6u0xdzsb7nyzwe00czjc727yg
- 2k48s6hglhaegldrreqkdd7vl4
- sending_domain1024793=feb3b6d924c41e43e4f5480a66ec56ed77366b996155dfd4ba4f3988cfdfe076
- atlassian-domain-verification=UUtFMQB1kVM59DaEcSn8Vq238F7GAReKL/m8J/6bvQEHyKuUMC3TnyZvke5diie8
- 636q1rvmgca1od3p1dmuje1bil
- teamviewer-sso-verification=d48fa97ee3d540689046516713f3d8b0
- p1hqg2nu2q2rmu3cp313a8d0vt
- ftlnvdtn5rvftqv677fb6p3vmk
- nationsbenefitscom.azurewebsites.net
Cloud / SaaS Services Detected
Apple
Atlassian
Box
Dropbox
Microsoft 365
Salesforce
Slack
Zendesk
Teamviewer
Proofpoint
Leak Screenshot:
