Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo keter.com

Group: toufan

Discovered by ransomware.live: 2023-12-19

Estimated attack date: 2023-12-19


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse dtnt.com
  • trademarks gornitzky.com
  • hostmaster barak.net.il
MX Records
  • keter-com.mail.protection.outlook.com.
TXT Records
  • Foxit-domain-verification=c6710c5840f291bde4f284d758044f4c
  • google-site-verification=fzVrKBxpn-FFnkaC8WKyuVFKsNu4X5mstpDu7wEC3wU
  • teamviewer-sso-verification=ac9bd1403cf042a194d263a5617e161d
  • google-site-verification=F5ak0sx9_fLeG6s63RYh8zW8-OxMeBA6xZq0h6ELKkk
  • nshbjvl5e4icfkh700qq4dk5g4
  • hes=31e19a8e9f1cb1336004fa3e51a3fd77
  • atlassian-domain-verification=i2BCRr4BApPvDtqljGTZlEbCFTwRt/hcA1BUgF8kkTTEN51DLyYXA/cnm5B1xPQ0
  • v=spf1 mx include:spf.protection.outlook.com ip4:13.69.194.72 ip4:54.227.64.76 ip4:51.138.239.94 ip4:51.138.239.58 ip4:51.138.239.155 ip4:54.228.148.201 ip4:54.228.54.125 ip4:54.73.196.222" " ip4:52.27.3.114 ip4:23.251.239.100 ip4:72.47.192.191 include:_spf.salesforce.com include:spf.mandrillapp.com include:_spf.jupiter.salesmanago.pl a:production.eu01.keter.demandware.net -all
  • docusign=97175144-b492-45e9-acd1-1544f688611f
  • keter.azurewebsites.net
  • _globalsign-domain-verification=IUrJhc5AZdA_I1QNKIwoY-9TaPXDLm9CcpBeV29KuC
Cloud / SaaS Services Detected
Atlassian Salesforce Teamviewer Mandrill DocuSign