www.bahia-principe.com
www.bahia-principe.com
Group: ransomhub
Discovered by ransomware.live: 2024-08-02
Estimated attack date: 2024-07-31
Country:
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 993
Third Party Employee Credentials: 34
External Attack Surface: 85
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mxa-004e0901.gslb.pphosted.com.
- mxb-004e0901.gslb.pphosted.com.
TXT Records
- google-site-verification=rrEgBqH6HoJjKQxL6BxSigHg-6us8ysb0ldayr-i9YU
- google-site-verification=p5vaA8bts0Qxev2hMKWa9gPMmoNuwGtBXHcFehgzau8
- atlassian-domain-verification=42bPwG67cfp6BhFaaXJUaBXk4OXaahRIUV0uXg4ZKUq6I5MtAXCy9iojLEypeWNA
- _xiptntcdq31ga4vyejoi76efd5knihs
- MS=9DEBEA7B2CB1615732F382A4C93C6911D0C3AD55
- v=spf1 ip4:147.154.189.193 mx include:spf-004e0901.pphosted.com include:spf.mandrillapp.com include:spf_c.oraclecloud.com include:_spf-dc57.sapsf.eu include:spf.protection.outlook.com include:_spf.salesforce.com -all
- MS=ms89572370
Cloud / SaaS Services Detected
Atlassian
Microsoft 365
Salesforce
Oracle Cloud
Mandrill
Proofpoint
Leak Screenshot:
