Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo ZOSKINHEALTH.COM

Group: clop

Discovered by ransomware.live: 2023-03-23

Estimated attack date: 2023-03-23

Description:

ZO® Skin Health


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • mxb-008f3601.gslb.pphosted.com.
  • mxa-008f3601.gslb.pphosted.com.
TXT Records
  • miro-verification=bb0092cedff14b49e6e57875c2387a1d23d3db9b
  • google-site-verification=8-o32Dx4jutABlf96HndH7pymoLnvJqf_fOGFuFv_Gk
  • brevo-code:d6eee3fb7b23b35e53bdcba3249b77b1
  • docusign=c7b0c1e9-8044-4ad0-b8e9-0cc97dc77f36
  • smartsheet-site-validation=kp4d1G23dwIKFZeQofR9p9h3nqyhiKI2
  • bec9umcj184vhgokup4vq54s9e
  • logmein-verification-code=5d1fb964-22db-4e02-8b36-4afaeed7628b
  • v=spf1 a:production.na01.zoskinhealth.demandware.net ip4:149.72.231.47 ip4:149.72.196.66 include:spf.protection.outlook.com include:_spf.salesforce.com include:_spf.psm.knowbe4.com include:spf-westus.emailsignatures365.com include:spf-008f3601.pphosted.co" "m include:sent-via.netsuite.com ~all
  • 1rn08vph4ah5b1r57ru8qj4vtu
  • logmein-verification-code=6e4ee28c-4304-45e3-95df-583e6eadc6d5
  • Foxit-domain-verification=19dbdc57f7396d669c3be5bb5e7f2854
  • google-site-verification=cDYQVczCQNrZjmNOf-VmOyLQAMZWALQCG7ku9A9yiDw
  • apple-domain-verification=lkunlQaOveC8ELeo
  • e7617cea-6a9b-4208-93cf-5bb17a767d83
  • stripe-verification=113962a1d72cda1ae582722c579939a2c3fb0c3a7b9c68ad4a399f85e211f6a7
  • ppe-6aec62e6a0b6bee2e94c7e0c95f49565a5ef5c55
Cloud / SaaS Services Detected
Apple Salesforce Stripe Miro LogMeIn KnowBe4 DocuSign

Leak Screenshot:

Leak Screenshot