Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo tuvsud.com

Group: lockbit3

Discovered by ransomware.live: 2023-09-16

Estimated attack date: 2023-09-16

Description:

In 1866, our founders had a bold vision to reduce the impact of technological risks and protect people, assets and the environment. More than 150 years on, sustainability and safety continue to be the backbone of our mission and services.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • tuvsud-com.mail.protection.outlook.com.
TXT Records
  • adobe-idp-site-verification=611e43df38778310d0b41356a5b99105531093452d1df52b7e959f9397cf9865
  • \010D-TRUST=9BQHXWRSDUSQIZ9OQNOANWV
  • openatts a=dns-did; p=did:ethr:0x0cD2d0Fe0CFc4Afa69959766e1cbb4b3c926050b#controller; v=1.0;
  • D-TRUST=CU9U23G5UYMQ3NA6FAYSEVT
  • D-TRUST=ULDZZ9KMYHV2ARWMXQ3CLQE
  • k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z+FApQ6ra2VsXfbJP3HE6wAO0YTVEJt1TmeczhEd2Jiz/fcabIISgXEdSpTYJhb0ct0VJRxcg4c8c7wIDAQAB
  • D-TRUST=B92OIATHBSZMOORH8Y5GSBS
  • D-TRUST=HPKX5DORQPVIS3RJWCORGU8
  • onetrust-domain-verification=c87b0201b65f4740aae99398362d3423\010
  • asv=69f2afeef3fcad87fa3da23aeba7c611
  • 1JB6t9MhLxYvG/t39qfhlxVB9XVbizu1jUMdJlXV/n2u4BncJi8R7K8fwjAns3S3oImGqIbJrujpNMId6eQDGQ==
  • D-TRUST=5U7LX6SK7BJJI3EKEILDCW4
  • D-TRUST=TOXVE97GA3J82TLJNCC9CNK
  • cisco-ci-domain-verification=cd8e937e08a1d7c6b4ac5dd40bd9c248df3c65826139adea73e6b960a3716f7
  • apple-domain-verification=gJJEO4UDgxaLYdTY
  • v=spf1 ip4:193.30.192.0/24 ip4:40.74.4.105 ip4:37.130.215.45 " "ip4:195.82.72.17 ip4:195.82.72.32/28 " "ip4:80.82.206.0/26 ip4:185.98.184.0/24 " "ip4:52.57.65.8 ip4:164.128.128.180 " "ip4:195.154.139.184 ip4:83.167.51.229 ip4:67.69.227.51 " "ip4:213.215.157.254 ip4:185.14.244.9 ip4:185.14.245.9 ip4:185.14.246.9 ip4:185.14.247.9 " "ip4:212.24.188.50 " "ip4:180.42.15.227 ip4:198.144.160.130 ip4:164.128.169.254 " "ip4:223.135.203.141 ip4:211.1.225.17 ip4:162.43.103.146 ip4:203.167.42.23 " "ip4:133.186.35.45 ip4:133.186.35.4 ip4:133.186.35.6 ip4:133.186.35.7 " "ip4:5.189.157.130 ip4:173.249.12.22 ip4:173.249.12.23 " "include:spf.protection.outlook.com " "include:spfa.tuvsud.com " "include:spf.mailjet.com include:spf.tuevsurvey.com ~all
  • D-TRUST=MHHPPJ48GEKMMO6ML6FYJ7J
  • D-TRUST=MSVRAA76JWIF57JW6LEIZUQ
  • D-TRUST=9KN7DMVHJXPNL8KC4DPWXLC
  • D-TRUST=9BQHXWRSDUSQIZ9OQNOANWV
  • google-site-verification=rLHmsdy1EhxJ5n4tkUU4hln15erBQWMI2Mf8kOiOeGQ
  • blmils0pq4io691d0e6rojau00
  • D-TRUST=5P8XB2W3GSEC6XTAXRUIHCT
  • Sendinblue-code:cb71ce41df6894f433cbfb7f200a4ed6
  • D-TRUST=6WE94BPY4P93DKFJEVL4SGQ
  • D-TRUST=2VSZXD8YLC4HK8Q2PIHH349
  • gi7gacindkr7nhsolsjum9v29h
  • D-TRUST=NUC4NGKVQ3O738VXCNG9Q4H
  • D-TRUST=RLKV759OSZRMERQ
  • D-TRUST=WTKP8KKL99IO64WNWYW5WEN
  • D-TRUST=2GJ3X2A339KO6FABQ3IY8GQ
  • D-TRUST=4I85LRQ2J7W9X8KQWUSAS7Z
  • D-TRUST=SSO5UORUSIIA3POPQXHUNS6
  • D-TRUST=4L36CZ7IOBJZ2T4L8MZIO6S
  • D-TRUST=KG5JP25DP2U6PA5QCVHTDGX
  • D-TRUST=FNLCFFY2BGTZ7N76ALB22NT
  • ilofuatmfrqkvc0kjjbca7ukvn
  • weu-rsg-xp3-prd-2746adbf683f-cd.azurewebsites.net
  • MS=ms88985827
  • QuoVadis=8b6d39e9-023d-4c32-810e-5607e814ed09
  • QuoVadis=538a10b4-ebd6-4844-9625-8fd660ed6fef
  • MS=ms88002962
Cloud / SaaS Services Detected
Adobe Apple Microsoft 365 Cisco Mailjet OneTrust

Leak Screenshot:

Leak Screenshot