Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Tipalti claimed as a victim - but we'll extort Roblox, one of their affected clients, indi

Group: alphv

Discovered by ransomware.live: 2023-12-03

Estimated attack date: 2023-12-03


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • alt3.aspmx.l.google.com.
  • alt4.aspmx.l.google.com.
  • aspmx.l.google.com.
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
TXT Records
  • apple-domain-verification=2K2yyRHWOTtsNXj8
  • hcp-domain-verification=4fe724b224f8665817b970b4cf9d41432119d0a8d7df547ab9d855405ed98df0
  • v=spf1 include:_spf.google.com ip4:50.232.73.154/32 ip4:64.124.125.0/26 ip4:208.185.173.0/24 ip4:208.185.116.0/25 ip4:64.125.149.0/24 ip4:8.42.96.0/24 ip4:216.200.230.0/24 ip4:8.42.100.0/24 include:_spf_20190122.roblox.com include:mail.zendesk.com -all
  • zendeskverification.roblox.com
  • _uxcb7e2fbz2jxlndgz5ip4d9sqnjup5
  • canva-site-verification=HqTNMHwVpwjaPKTDBYBeOQ
  • docusign=f4bd74a3-5d72-4e08-beb5-e6936e0c08ee
  • MS=ms35973480
  • ZOOM_verify_lMeKFSo1Tq22CpfWknKT3A
  • docusign=87e6c56c-d05e-49fb-b9e4-44e893597e5a
  • wrike-verification=Mzc5OTIyMTo2MjJkODg0ODc4ZGMzODM1OWUzZWY4NmNkZjRmN2JkNWQwMjQ3MjliYmQ5MjIyMGI2ZDBmY2E3NzJlNzdhMDE5
  • stripe-verification=d9a22bf4ff3fa1e244325bc511ff7832423ea2312809396df010807307102d73
  • asv=3196d2e734455753221e7819d1c081d4
  • _x1vqsgw9maigoafo0bxuxi3rlobarzi
  • stripe-verification=352a73068ad6747757692cb324fa82815c5d1aac0df46122bb292ee6e7a6a504
  • slack-domain-verification=tOXc1vdAStyaHLdFO66ghB9rtuFbMcMXaT3RviGB
  • dropbox-domain-verification=ek74bxiun7me
  • docker-verification=c4c1f9b2-ec67-4e81-932a-d0901bfe3ec8
  • cursor-domain-verification-es113k=aRQcoJrZ8VAqlgehtPZpvqbNi
  • rpaii9qhgu8k5o721gogq8h4b7
  • google-site-verification=BfkEEZ1dsSAEJIS1yV2prCFgO8zboMYioG1c9VITB5Y
  • airtable-verification=76192b13c79bb96bc8dc2c6cc52931a9
  • stripe-verification=b4b0304bd523728ef00a8a9701699dc781cb2733d29108637377e5c16e2bb2e6
  • _nglrwy78ihfxn8jlvnzokktgjrh4d36
  • atlassian-domain-verification=TRNSmfCcYn22IqU1Q7y4OOU8BMHhZJru/qaj1RRP09wybG/vli6QA/GlDy5DiHlC
  • spycloud-domain-verification=92156356-5b94-4b1a-8346-16360c74b060
Cloud / SaaS Services Detected
Apple Atlassian Box Dropbox Microsoft 365 Slack Stripe Zendesk DocuSign Zoom

Leak Screenshot:

Leak Screenshot