Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Air Miles España, S.A

travelclub.es

Group Everest
Discovered 2025-11-24 20:11 UTC
Est. attack date 2025-11-24
Country ES

Description:

[AI generated] N/A

Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 22465

Third Party Employee Credentials: 1


External Attack Surface: 100


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • correo4.travelclub.es.
  • aspmx.l.google.com. Google Workspace
  • alt1.aspmx.l.google.com. Google Workspace
  • alt2.aspmx.l.google.com. Google Workspace
  • aspmx2.googlemail.com. Google Workspace
  • aspmx3.googlemail.com. Google Workspace
  • aspmx4.googlemail.com. Google Workspace
  • aspmx5.googlemail.com. Google Workspace
  • mail.travelclub.es.
  • correo2.travelclub.es.
  • correo5.travelclub.es.
TXT Records
  • globalsign-domain-verification=a4e4a246a019d56e56efabf7e49f5e7d
  • globalsign-domain-verification=519F1CE090E19D2CBD0980F48EC02A68
  • facebook-domain-verification=vc4pah9y8oac42do131cvki4omtkhz
  • anthropic-domain-verification-9czwrb=zgIJmnKaZgvkbRyydx6eaprEB
  • globalsign-domain-verification=5FA5D0F1C83C97CCFF508A697F7082D7
  • amazonses:3Tj0yZEuJQToMlMcMJUe26LWlP4mK0VFDMAQspZR3oQ=
  • uocoqn24mgvc43o4jr2qoniac
  • infoblox-domain-mastery=209514450154abd2f24a55ac7fb58ed2283c232afe54524e954682f496ff565353
  • google-site-verification=BpJZxejbRZIo0vQvJ3vgFBiMa8swybS_rRzmTEXZ878
  • v=spf1 ip4:213.27.194.19 ip4:213.27.194.39 ip4:213.27.194.42 ip4:213.27.194.34 include:_spf.google.com include:_spf.inbenta.com ~all
  • MS=ms42053348
  • MS=20A04D620F614C509A5706B97116A857D5802BE2
  • google-site-verification=-k-3dRHSdnkb8xELT9E9zbABp2fDA0mYAbSV7uu9K3c
  • globalsign-domain-verification=AAF086978133014C6F87ACF79D233702
  • _globalsign-domain-verification=mH9DwYepysIhXA8FOgyqhjL2kV-MITtNXi4yIXHO92
  • atlassian-domain-verification=ZNhBmMeXaMkxaX4EpJyDn8GS9BQkTs21Wz3b/x861bhYhUIPYLTYyO4OBBpFdMav
  • globalsign-domain-verification=47B85E48F3031EEDB239F6F6088E060F
  • ulghbk9ovau02dg9jj253vpfvd
  • globalsign-domain-verification=93bf67e51fee3813e816ced0db362bab
  • globalsign-domain-verification=C7085A1BAB13AC3FDE4077F3DE021FBF
  • google-site-verification=46Pdhlqwi-locJ1f0IrCm8uRzRoDim1smUyuWiqvEig
  • sentinelone-domain-verification=54GweyVLgTXY1A9BBj4DFLbDj2OLO1P2IMCrPTNUMXM
  • MS=ms66024016
  • globalsign-domain-verification=FFEFBAE8B2D8F85EFFC5F5E9928E0AF6
  • _globalsign-domain-verification=5w6jX6CKA8be9v0nvFkwFh7b0-yG4A6LePjnMPoX0W
  • globalsign-domain-verification=ee4739022cd214eb3081dcd00508ce9d
  • globalsign-domain-verification=4C838ECB0F88E4E2520DA49C53C7AE39
  • fl7olpe8pdfhqtiplkpgbnfsou
  • google-site-verification=glQSmtf81aUxWle8nfsOwlNIbOE27TTvpNL67WhsIFM
  • ks0jdhd10vehn0av31skbiv0d1
  • yahoo-verification-key=7Cbx0HbSNV32EGwvb9mVzQ/IKDVTQ8+Wh2oPR80onzg=
  • globalsign-domain-verification=0AAE4DEA8B07B2E268CF63FB4A901F44
Cloud / SaaS Services Detected
Atlassian Amazon SES/WorkMail Global Sign Microsoft 365 Anthropic

Leak Screenshot:

Leak Screenshot