AF Supply
AF Supply
Group: alphv
Discovered by ransomware.live: 2023-11-02
Estimated attack date: 2023-11-02
Description:
-
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse namecheap.com
MX Records
- barracuda2.dataspindle.com.
TXT Records
- google-site-verification=aoTHGBbBkxf3dyaCth5ctjlNY1pZJVOIv9TS5uMhaYU
- apple-domain-verification=LaBlwHMrjoao0IDR
- google-site-verification=jZxcvhAp37C-CvZcQ72D55-Cr4yDKM1FqD_FKJpFUm0
- v=spf1 ip4:13.33.164.3 ip4:13.33.164.10 ip4:13.33.164.12 ip4:13.33.164.38 ip4:13.33.164.69 ip4:13.33.164.93 ip4:13.33.164.207 ip4:13.33.164.215 ip4:34.233.141.196 ip4:50.31.32.0/19 ip4:54.240.0.0/18 ip4:65.123.21.51 ip4:65.213.21.51 ip4:67.219.182.3 ip4:6" "7.219.182.10 ip4:67.219.182.40 ip4:67.219.183.10 ip4:167.89.0.0/17 ip4:168.245.0.0/17 ip4:192.237.133.10 ip4:192.254.112.0/20 ip4:198.21.0.0/21 ip4:198.37.144.0/20 ip4:199.127.232.0/22 ip4:199.255.192.0/22 ip6:2602:ff36:0:1::40 ip6:2602:ff36:0:1::41 ip4:6" "9.16.249.67 ip4:209.59.138.99 ip4:209.59.138.99 ip4:67.225.204.106 ip4:67.219.182.10 ip4:67.219.183.10 ip6:2602:ff36:0:1::10 ip6:2602:ff36:0:1::97 ip6:2602:ff36:0:2::10 ip6:2602:ff36:0:1::20 ip4:34.233.141.196 ip4:65.123.21.51 ip4:65.213.21.51 ip4:162.249" ".171.190 include:sendgrid.net include:amazonses.com ~all
- google-site-verification=ZSP7_kPHt0mjUD6RyXwgVHNiXsp3hQ3_Vy4TtywGBac
- duo_sso_verification=Lha1SnWE1tgzXl7u5nmXA6pixOyDOceQJwZZfalv0iksZ0SXtw2yL5T4zys0q1TO
Cloud / SaaS Services Detected
Apple
Amazon SES/WorkMail
SendGrid
Cisco Duo
Leak Screenshot:
