fisglobal.com
fisglobal.com
Group: dispossessor
Discovered by ransomware.live: 2024-04-19
Estimated attack date: 2021-05-03
Description:
fisglobal.com
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 140
Compromised Users: 13412
Third Party Employee Credentials: 129
External Attack Surface: 117
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abusecomplaints markmonitor.com
- whoisrequest markmonitor.com
MX Records
- mxa-00501504.gslb.pphosted.com.
- mxb-00501504.gslb.pphosted.com.
TXT Records
- google-site-verification=QlkMAeZJwm-mKdKGiLQGgZeNKvhhFF2nAR1GM0epunc
- miro-verification=004b9e33268f446e084034e4d007c96e18f77148
- 5Pd/6th5o+ohipB0pCvsCW4ofb8BEGPeadM6DE+oVF3t9eiOtk/Zx7DoBBRkCMJkzf3vUmy9M5gydFhsSzrRIg==
- VISA=9BBA3DF419AB0FAC46414CB544734983
- atlassian-domain-verification=lWqk2Papan9spic2SFJxjB2v34a4s73VKPOuL58Tfe46mXQHwYQ5dcDRz6HTevrt
- docusign=90361457-6c2b-4d2b-b9ba-fb99bf4507bd
- atlassian-domain-verification=002KzJS547R82f+62ulkE4mXe5SdpLpkm9pTPe7zerwTfVa5WznPq8ESCSbfIQEu
- DwCDv4bM/YFonPSwixN0MFChc6lwlBvb37LxoYwNjJ/Jhu0107GRevoknIaQMBw0tKkkrAJo+GeNjy8kv9zwfA==
- v=spf1 exists:%{i}._spf.fisglobal.com include:_spf.salesforce.com a:c.spf.service-now.com include:mktomail.com include:mail.zendesk.com include:docebosaas.com ip4:204.239.0.224/27 ip4:198.207.147.224/27 -all
- amazonses:URt34xWxVoGUwshAh69YYdh7kF5Bu0GJSKEHqCDoGK8=
- atlassian-domain-verification=eH1Hfd7qVvVame5tLWuUXRXMoLen2aLXjg/knMbnDa7kW6pHTeoidhLdZkUgCxBU
- adobe-sign-verification=6ee75f40e1170d4d769bf588c9937407
- MS=ms48300075
- amazonses:CHWvu2o0qeo6L56OpAkBHfxtdBQmT2qxZqpRP7+iRCs=
- VISA=" "440D193BFF270173A308C90B3A555E4F
- infoblox-domain-mastery=88b123de318bbc896803f69e2a1cfdd6d243edb03261a5fa4bc646ae1ba69b7725
- canva-site-verification=wkxw4S-Q3Vr96EmDfPIiRA
- flexera-domain-verification-bsgeggcuzeduxsil
- ZOOM_verify_TeH6MUbRy4dqaJTKvbjNWp
- apple-domain-verification=7G7Z8sfHEETroH0P
- stripe-verification=01EB7E38FD508F79F31926C6304B3B70186E5692B6CD015A72057DCDC74F057D
- _pki-validation.fisglobal.com
- smartsheet-site-validation=l5FHJOYlgaMlpk3ZLHXy0UZMifgVEwvt
- reachdesk-verification=KdYQ0DzQxO12iENTheiqkvZq8oVzYh7XYJgMAQPszFRopxuJ1mEa1mG20MkwBi0g
- VISA=16A5E0C46D6EBA21E68303AF0C55F338
- google-site-verification=7rvgtz--Dp26dhXxUe2OTHaI7MHAEO_EpW-Jb9lW6yY
- pendo-domain-verification=bd68db90-9978-4e22-b966-624659f1b365
- flexera-domain-verification-yfgugquvfgfrdnyv
- google-site-verification=anibFbFpK5BRvahSH0HN9iTyAmH2qhy0CN436qpn2DE
- cisco-ci-domain-verification=67827a88c1a3defea7e207519c1c18803f7dffc22b117354e25f545f9207d5de
- mongodb-site-verification=NGwuIzvjUPkNcdl6FhqmTTtHzjx4i9Im
- flexera-domain-verification-efzpmbqjbzrzvpds
- asv=3c4b3c392a28c7f3b3e8bf068680eb92
- mongodb-site-verification=k5dFVWeVZm0CGdLRwDgutEzlQLnSbj2P
- VISA=" "119AE3710AB97D6FE7CA4CF70EB32C5E
- google-site-verification=HSwIqW3axWgS9ayZf8YdSE_0nZ52AfamZiJ_T-Sb0QE
- docker-verification=8e970979-373c-419d-9aea-423c975fd316
- anthropic-domain-verification-txhdd5=YDlx4p7gwRZJSFo8WqoI6yq3z
- reachdesk-verification=ycVUI50nFkItzPulsiGOkuxeAe0t5mnKLZ6Kn4YYAi6sxwnC3TTys29Jpi1Zk1cP
- google-site-verification=swQLn7PzRjLpTlr4FFRso4bq0oltCzeNu4FIVYaY9cU
- Dynatrace-site-verification=7f30f0b4-beb2-406b-9baa-aeeb4f1d6d3f__u4vvn34b2e7pvo0p9500lssf1s
- google-site-verification=ZZ8Xn36Bh3kcQIoSKKwNP4Q0wBqehvvteln2JU_mBdc
- postman-domain-verification=4a0faa8d684fdfd232271fe1463e44daee1e642ed9fbe716049ef7a1a2782ca4fea7370145b05cffd7ed0ab02460b43de1c529cc03b14e3ce5ef7c52a37c73f0
- google-site-verification=msfemOpjVRQntBrwWaj8GJShQrRaaXXwh9vxBp614eY
- docker-verification=8d5ea8cf-7416-4d03-9ac5-82a9d2342795
- VISA=" "8BED940B308EEFFFC9595908B5CC8F45
- yahoo-verification-key=W2YeNuF3qipB6ps3b3RGhJHwN2DHqsOgEztEf+q5jJg=
- pexip-ms-tenant-domain-verification=85049b16-b4ee-46a2-9832-2378ff813cb6
Cloud / SaaS Services Detected
Apple
Atlassian
Amazon SES/WorkMail
Microsoft 365
Salesforce
Stripe
Zendesk
Marketo
Miro
Flexera
Cisco
DocuSign
ServiceNow
Zoom
Leak Screenshot:
