Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo WKKELLOGG.COM

Group: Clop

Discovered by ransomware.live: 2025-02-27

Estimated attack date: 2025-02-27

Description:

[AI generated] WKKELLOGG.COM appears to be a domain name that may not be directly related to the original Kellogg Corporation. It is advisable to tread with caution when associating a domain with an established brand. The original Kellogg, founded by W.K. Kellogg, is a multinational food manufacturing company known for cereal and convenience foods, including cookies, crackers, and toaster pastries.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • wkkellogg-com.mail.protection.outlook.com.
TXT Records
  • google-site-verification=_mlGKpcLMSG1im6ALJ_cMg0DpsuwVWjI56TOsmxkjvs
  • identrust_validate=QqzAxfKpgftys9ocoG/CUbW4lGUjFfSopBxVd1iHXt/L
  • atlassian-domain-verification=aTqmzP/hDMsUNFnt2Re49Hjm6tzzJc6f0vzO1cb6rQFVIiMW41OSaAw/3pfym8Cg
  • bv-domain-verification=0fe4a718ee2cc5aab5d0e5b669d9c61f5a1aadf4bae916383701ff78704486f3
  • MS=ms44890521
  • successfactors-site-verification=M2U5MzljNjc4NGYwMjRkNWU1OTEyZTc5NDgxNGJhODNhZTZlNGI5ODc1NTU4Y2FlZjU0ZTg5YzViZTZiZjJiOA==
  • v=spf1 ip4:52.207.191.216 ip4:52.22.167.63 ip4:146.71.89.252 ip4:146.71.88.252 ip4:34.236.80.122 ip4:199.91.140.8/29 ip4:199.91.136.8/29 include:spf.protection.outlook.com include:_spf-dc4.sapsf.com include:spf.mtasv.net include:spfa.navexglobal.com -all
  • apple-domain-verification=QESbCQPPMKcTKDb8
  • onetrust-domain-verification=8f6c68dc259c4b48a6838ac59d0b59fd
  • onetrust-domain-verification=535fbef2d31d460d9dd572cf70766d52
Cloud / SaaS Services Detected
Apple Atlassian Microsoft 365 Bing Webmaster OneTrust

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.