Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo UtAir

Group: arvinclub

Discovered by ransomware.live: 2021-09-09

Estimated attack date: 2021-09-09


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • mg03.utair.ru.
  • mg04.utair.ru.
  • mg05.utair.ru.
TXT Records
  • google-site-verification=GAOpvF3aayukdcsKnsq5GWrN4Dzleq-GYmOspnwLzKs
  • globalsign-domain-verification=3BvSHtxAYKyqXN1-8DSvS4zu6-ljoBLQQ8o8VD0DG9
  • v=spf1 mx ip4:91.240.25.0/24 ip4:81.222.113.200 ip4:95.181.147.116 ip4:95.181.147.117 ip4:84.201.191.5 ip4:194.186.147.104/29 ip4:81.30.56.250 ip4:217.20.81.2 ip4:90.151.66.77 ip4:89.249.25.74 ~all
  • MS=ms65783161
  • amazonses:5YvFKP3+Ox5O5JFfGqRSMfyVyqlR2n8SRXEpNbvbkAk=
  • google-site-verification=1B9NSaH58O23CgzkrdwilPot8VCgmF78kmhem-2UNro
  • google-site-verification=99n9nSpw46GljSUDHMy--gJXiofCSPjLnX7BqX3vuFQ
Cloud / SaaS Services Detected
Amazon SES/WorkMail Microsoft 365