Tipalti
Tipalti
Group: Alphv
Discovered by ransomware.live: 2023-12-04
Estimated attack date: 2023-12-04
Description:
Tipalti is an accounting software financial technology business that provides accounts payable, procurement and global payments automation software for businesses.
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- alt3.aspmx.l.google.com.
- alt4.aspmx.l.google.com.
- alt1.aspmx.l.google.com.
- alt2.aspmx.l.google.com.
- aspmx.l.google.com.
TXT Records
- ca3-f71e7d91521742c1b99676d8f0d252c9
- stripe-verification=1f3233afc04bd0b228f26772bfe90afaf824344e5e594938ccba296f2405469d
- have-i-been-pwned-verification=01b05b8100f7ef32b5af311184e559a6
- openai-domain-verification=dv-dr2KvMrY1HqhnTN1cVMrxDQc
- brevo-code:71307ccea172d49ac5a701c55da50f53
- google-site-verification=af3OgNtPiA8phYjPz0yD4jOoOW9vYYue5dDg4gqmahI
- status-page-domain-verification=kpzbbrwng7tm
- globalsign-domain-verification=YITx4nrNHnmnazwvqY7GPtIflZRoPTmucfVaV6QYW3
- google-site-verification=Ma9hrSJwM8bkX_hkGzEB1aSVBW1G6a_1G9NmGL1IRh8
- Dynatrace-site-verification=07c2aade-cbb4-4578-8aa7-d93b2b24edbb__a2u4u3s5onic7glhjvvpbr4ggb
- google-site-verification=s6K7d-YVMz5jBJAV-0zNmqSFirF1WTxzRpKPTcEJl0s
- MS=41121ED920BAA28C94E3AAA2648E8ED39DF1AA69
- cursor-domain-verification-vnnq3h=dRVwmr8s85EyLy5hz3oNmJEMv
- v=spf1 ip4:52.73.203.75 ip4:52.70.130.33 ip4:54.167.23.9 ip4:192.174.90.242" " ip4:63.174.23.0/24 ip4:206.210.87.0/29 ip4:206.210.87.8/29 ip4:206.210.87.16/29" " ip4:206.210.87.24/29 ip4:206.210.91.24/29 ip4:206.210.91.80/29" " ip4:206.210.87.24/29 ip4:206.210.91.24/29 ip4:206.210.91.80/29" " ip4:63.174.23.0/24 ip4:206.210.87.0/29 ip4:206.210.87.8/29 ip4:206.210.87.16/29" " ip4:192.174.81.234 ip4:147.253.209.1" " ip4:70.38.100.0/24 ip4:209.172.40.80/28 ip4:209.172.40.192/26" " ip4:199.255.192.0/22 ip4:199.127.232.0/22 ip4:54.240.0.0/18" " ip4:69.169.224.0/20 ip4:23.249.208.0/20 ip4:23.251.224.0/19 ip4:76.223.176.0/20" " ip4:54.240.64.0/19 ip4:54.240.96.0/19 ip4:52.82.172.0/22 ip4:76.223.128.0/19" " ip4:103.151.192.0/23 ip4:185.12.80.0/22 ip4:188.172.128.0/20 ip4:192.161.144.0/20" " ip4:216.198.0.0/18 ip4:185.250.239.148 ip4:185.250.239.168 ip4:185.250.239.190" " ip4:198.244.59.30 ip4:198.244.59.33 ip4:198.244.59.35 ip4:198.61.254.21" " ip4:209.61.151.236 ip4:209.61.151.249 ip4:209.61.151.251 ip4:69.72.40.93 ip4:69.72.40.94/31" " ip4:69.72.40.96/30 ip4:69.72.47.205" " include:_spf.google.com include:mktomail.com include:_spf.salesforce.com include:spf.mandrillapp.com" " include:stspg-customer.com include:docebosaas.com ~all
- 22afd0bf-515b-4dba-808b-8d1360bb6507
- _globalsign-domain-verification=SDLyxWv2CXX9Rg7NcP5Zx1zCwNWTUnKlz_xJ6ucu6Z
- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDY9qoHsoTY++Ph9pcghtWJedv+i5bD3wYGkX73mcXwmkYgXAqdUhKIGbDZH6RzSBQSjgEdbBF470Kwn6mqpi4dmBpnPDngPzLYQFihjCZDu8u9z0rmW7CNxYC0O4Gq34BHRU4gjGpHIraCC8khTZ/5lldp5yvdATYYUgS8z0zRUwIDAQAB
- google-site-verification=b1clV_viNq3_LMs6GDalYM11rRcZiktkPieeQPVIkCQ
- fastly-domain-delegation-vre08423vsv-568307-30012023
Cloud / SaaS Services Detected
Salesforce
Stripe
Marketo
Mandrill
Have I Been Pwned
Leak Screenshot:
