W.E. Bowers
W.E. Bowers
Group: play
Discovered by ransomware.live: 2025-05-30
Estimated attack date: 2025-05-20
Country:
Description:
United States
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mx1-us1.ppe-hosted.com.
- mx2-us1.ppe-hosted.com.
TXT Records
- threatmate-dns-verification=TXT8c779bc4230832026fc25c566856bc55
- v=spf1 a:dispatch-us.ppe-hosted.com ip4:4.14.224.184/29 ip4:208.49.141.27/24 ip4:38.120.135.33 ip4:38.104.56.255 ip4:38.247.124.8/29 ip4:38.104.237.9 ip4:38.100.6.80/29 ip4:38.104.237.83 ip4:38.75.225.184/29 ip4:38.104.28.231 ip4:38.107.190.224/29 ip4:38." "104.237.97 ip4:38.75.225.192/29 ip4:205.182.151.57 ip4:4.7.48.238 include:spf.myconnectwise.net Include:spfa.cpmails.com include:spf.protection.outlook.com -all
- MS=B29758B51F9DE7733A20FB121EBB7008D54190F6
- Iuvcd2DbvsSbXS6S5cRp7vurkw9zJNSFvh/STiNWDDQnFFnmn9TrBRs4F+zOTbzjdtQLubl3r5SygI4t8Qo9Ww==
- apple-domain-verification=a8uyMGEKyJjs63nM
- ppe-7b8a4bed179e5a29718709c86fb319a5c9e7dc22
- wcx3cth7mzct5bkybym2hlpythpg6w8q
Cloud / SaaS Services Detected
Apple
Proofpoint Essentials
Leak Screenshot:
