Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo thermae.nl

Group: lockbit3

Discovered by ransomware.live: 2023-10-01

Estimated attack date: 2023-10-01

Country: NL

Description:

Wellness hotel arrangementen


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • axsse.axsmail.be.
  • backup.axsmail.be.
TXT Records
  • v=spf1 ip4:194.50.177.59 +a +mx +ip4:91.231.5.196 +include:_spf.spotler.email +include:spf.hosting.accountsoftware.nl +include:spf.twistedbytes.eu +include:spf.afas.online +ip4:52.50.86.27 +ip4:185.201.18.78 +a:amazonaws.com +ip4:45.82.188.63 +include:sp" "f.eu.exclaimer.net -all
  • duo_sso_verification=C5pFkNGqF267AfKxLFEpvOaSuogrAjA5ygs5Md1WoYD4w0qZDi861Bbejx42xJe4
  • MS=ms78876224
  • MS=1E3056CC4B99D81151FA248970FA502B079FCB9A
  • v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1g1CjgfN5b6L55rKlsAZ5y9ZEhj/yEuS9+gfKnYyPuXbDip4W9NoXe5L7LhRoo8FNNerc63+NI8PmWRuPMHVwdmVb0H0/dIzUJ0U/Ab2hxw0DT2Mo+GShpT0AaDx34D5J6M7IRW4o0Z98KI/NGCzX/v4snthRfzDMDlupnOjjlwIDAQAB
  • google-site-verification=x6X0-YhWicw0pKUivWE0T1PNk8_DRiiMvfjYzmkLJoI
Cloud / SaaS Services Detected
Microsoft 365 Cisco Duo

Leak Screenshot:

Leak Screenshot