Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo footballticketnet.com

Group: Funksec

Discovered by ransomware.live: 2025-02-18

Estimated attack date: 2025-02-18

Country: IL

Description:

[AI generated] Footballticketnet.com is an online marketplace that allows customers to buy tickets to football matches across the globe. Launched in 2007, it prides itself on providing secure transactions and often hard-to-get tickets. The platform offers a wide range of events, from the English Premier League to the UEFA Champions League. Known for its good customer service and positive reviews, they offer a 100% money-back guarantee if they are unable to supply the tickets sold.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 158

Third Party Employee Credentials: 1

External Attack Surface: 20


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse scip.es
  • footballticketnet.com whoisprivacycontact.com
MX Records
  • mail.footballticketnet.com.
TXT Records
  • google-site-verification=lgKB3Ectl-yqIsa-8esZ6FeEgshAEkkqB8eqe6MnjOA
  • v=spf1 a mx ip4:95.211.249.222 ip4:3.74.196.39 ip4:88.198.15.182 ip4:95.211.214.81 ip4:188.40.64.98 ip4:185.62.57.123 ip4:138.201.128.207 ip6:2a01:4f8:172:2c13:0:0:0:2 ip6:2a01:4f8:172:2c13::2 ip6:2a01:4f8:221:5df:0:0:0:2 include:_spf.smtprelay.snel.com i" "nclude:_spf.mark" "eting.footballticketnet.com a:mailserver.footballticketnet.com -all
  • Nxs Internet - http://www.nxs.nl
  • facebook-domain-verification=lq1rk47cg2f467w963u1hf7zkohad9
  • google-gws-recovery-domain-verification=63132264
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.