Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo gaylord.org

Group: safepay

Discovered by ransomware.live: 2025-01-22

Estimated attack date: 2024-12-19


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • usb-smtp-inbound-2.mimecast.com.
  • usb-smtp-inbound-1.mimecast.com.
TXT Records
  • fhx1rqm5kwfd1txvpd0mw5l42qt4yp81
  • e2ma-verification=wojgb
  • 0ed1fe018a72d8009491d547159037f3c375741691
  • cisco-ci-domain-verification=45fef0eaf0c8af558ca9834cb04a1fed1c6849b2a8aa4bf9403c7db6d3697e04
  • MS=1BA8C199020D2F60A279D56A12FB58A88B8C4D41
  • apple-domain-verification=EAtUizEMex85aoA5
  • MS=ms68408049
  • google-site-verification=KR_R_079m4nZqN-C4MffLHSDuNEn6aABKzyu9lYj4KU
  • v=spf1 include:usb._netblocks.mimecast.com mx a ptr ip4:12.188.176.128/25 include:spf.prod.cadienttalent.com include:_spf.ultipro.com exists:%{i}.spf.hc1986-95.iphmx.com include:_spf.e2ma.net include:20963474.spf02.hubspotemail.net include:_spf01.mykronos" ".com ~all
Cloud / SaaS Services Detected
Apple HubSpot Microsoft 365 Cisco Mimecast

Leak Screenshot:

Leak Screenshot