Downtown Travel
Downtown Travel
Group: play
Discovered by ransomware.live: 2025-05-05
Estimated attack date: 2025-04-29
Description:
United States
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 14
Third Party Employee Credentials: 5
External Attack Surface: 7
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- alt3.aspmx.l.google.com.
- alt4.aspmx.l.google.com.
- aspmx.l.google.com.
- alt1.aspmx.l.google.com.
- alt2.aspmx.l.google.com.
TXT Records
- MS=60FBE8E0774B042CEE2FAFCC78FF873056A1EC7A
- v=spf1 include:spf.mandrillapp.com ip4:209.85.160.172 ip4:169.61.164.11 ip4:50.22.69.245 ip4:184.172.155.207 ip4:50.22.124.211 ip4:65.209.116.146 ip4:65.209.116.147 ip4:96.224.86.44 ip4:96.224.86.45 ip4:208.75.123.0/24 include:_spf.google.com include:spf." "constantcontact.com include:thebestagent.pro ?all
Cloud / SaaS Services Detected
Mandrill
Leak Screenshot:
