Substitute Teacher Service
Substitute Teacher Service
Group: cicada3301
Discovered by ransomware.live: 2025-02-09
Estimated attack date: 2025-02-08
Country:
Description:
Status: 6d 1h 50m 24s - Size Data: 210 GB
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse support.gandi.net
- c61d4bd650319338bd22a70270c4ec4e-1546121 contact.gandi.net
MX Records
- d145296a.ess.barracudanetworks.com.
- d145296b.ess.barracudanetworks.com.
TXT Records
- google-site-verification=-Euwna9V8UfviuariJqMSeYUSmKB5zJM80kqeGTIrsY
- MS=ms30400651
- aub6vklc1lehe4t8qc6mdsq2cn
- 8emj7e5379smc2utqj4gsfvu0o
- v=spf1 mx ip4:167.89.14.112 ip4:209.173.249.43 include:spf.protection.outlook.com include:spf.ess.barracudanetworks.com include:651016.spf06.hubspotemail.net include:sendgrid.net ~all
- mpn5e56p6fp0jer9uimorljlkn
- 1sjrrpo4q1in9iq1gr634fpk6h
- 7opab4o3b21d7i3qtalo8vah8d
- v=DMARC1; p=none; fo=1; rua=mailto:dmarc-reports@thesubservice.com,mailto:rua+thesubservice.com@dmarc.barracudanetworks.com; ruf=mailto:dmarc-reports@thesubservice.com,mailto:ruf+thesubservice.com@dmarc.barracudanetworks.com
- duo_sso_verification=IW2UIKDKQj1CrJJ3dXfMFOjJ5uereyyAgfl07pHwXnHHIdgm21eWwqLrOgK0hlux
Cloud / SaaS Services Detected
HubSpot
Microsoft 365
SendGrid
Cisco Duo
Leak Screenshot:
