VRM.DE
VRM.DE
Group: clop
Discovered by ransomware.live: 2023-07-10
Estimated attack date: 2023-07-10
Country:
Description:
VRM Medienunternehmen - Über uns
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- No emails found.
MX Records
- mxtls.expurgate.net.
TXT Records
- canva-site-verification=F9pXH4Grt2mZWvCXucPC8w
- MS=ms31784744
- atlassian-domain-verification=gJZtD/djsqCDVJg3gCMsYX9kNvNGRi6n8Vendiq22/aGI3sXcivLcZuSnVuib28R
- v=spf1 a:smtphost1.vrm.de ip4:193.102.158.104 ip4:77.235.162.0/24 ip4:88.198.122.9 ip4:92.204.33.169 ip4:136.243.250.233 ip4:217.31.84.130 ip4:80.228.115.225 ip4:80.228.115.226 ip4:167.235.153.87 ip4:168.119.172.35 ip4:193.102.158.1" " include:agenturserver.de include:spf.mailjet.com include:_spf.expurgate.net include:amazonses.com include:_spfi.evolver.de include:spf.protection.outlook.com include:spf-de.emailsignatures365.com ~all
- yf73nf61zx2nbcbz6g5rrnc4rbmmvq32
- docusign=6c77e340-5646-4e53-8280-9e090b253c0d
- amazonses:eTJsjB8J4v76INd5dngpd+JjEzxnUV6kLEgyzUl+Ljk=
- hwnlxqns3TKK8aLWBk0N5tfyAuFgfAs938UNHSdO1Dum/Y8ie/V5q6W6fQQ6Nc4YyfG8Yk9H1Io5Skw4hsyFzw==
- apple-domain-verification=H7w5kzAwb1mnhEVn
Cloud / SaaS Services Detected
Apple
Atlassian
Amazon SES/WorkMail
Microsoft 365
Mailjet
DocuSign
Leak Screenshot:
