THECROSBYGROUP.COM
THECROSBYGROUP.COM
Group: clop
Discovered by ransomware.live: 2023-03-23
Estimated attack date: 2023-03-23
Description:
403 Forbidden
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- us-smtp-inbound-1.mimecast.com.
- us-smtp-inbound-2.mimecast.com.
TXT Records
- "logmein-verification-code=a8b85499-493d-47a5-af1e-a133b2978b6d"
- 0ed1fe018a26014b7c00324ef3ad56540dd6cfa92f
- 6uhnb98771ffv3jn1viohufdep
- MS=ms33294650
- cisco-ci-domain-verification=74dba8ebc0e5443decca06eb0e349f61733cfd12967a8a23a3a77bf59c1cd112
- g4BxgSEd
- have-i-been-pwned-verification=5b48a95044aaa4de7fbbb174a40ebec1
- k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0L+QZLU+9r0fzW8Axwa0scyal5LTRte6qk5ZipZVaOalAsVD98pcAs71LMOTxv1ci/DQfw7kvF2znuM5mHFOLL+D6XP5YqVC6sDmBx0jHIVAWCdR/9SWyVaPc2Uqgijoh3QEJv4NUM/YfpfhiZ5A7IZaB8nf7iwyCZndfexUgxwIDAQAB
- logmein-verification-code=a8b85499-493d-47a5-af1e-a133b2978b6d
- specops-verification-code=f6cf2f14-ec39-44c8-aea3-28f7b5bd76de
- v=spf1 include:us._netblocks.mimecast.com include:_u.thecrosbygroup.com._spf.dmarcly.com ~all
- "MS=ms33294650"
- "cisco-ci-domain-verification=74dba8ebc0e5443decca06eb0e349f61733cfd12967a8a23a3a77bf59c1cd112"
- "g4BxgSEd"
- "k=rsa
Cloud / SaaS Services Detected
Microsoft 365
LogMeIn
Cisco
Mimecast
Have I Been Pwned
Leak Screenshot:
