This cluster centers on 2957 connected domains tagged as GuLoader, NorthKorea, censys. The domains include salelegalsteroids.com, 192.210.186.208, gharnt.com, cloflart.com, id3702579photo-image-docs.com, www.almacensantangel.com, 64.95.12.162, blue-oceans.net, sixmexicos.com, baritonclick.online, 185.252.24.15, un1rw11q4u.com, ameyiando.com, niril.sbs, bursaelektriktamir.com, blankeyeo.com, umxtxhub.za.com, sunchernical.com, 18.194.67.137, servecdn.my and 2937 more. 606 of these domains have bee...
Phone Number
202-303-2310
Last reported Feb 24, 2026
Low Activity
- 1 community report from users
Campaign Intelligence
This cluster centers on 2107 connected domains tagged as GuLoader, NorthKorea, censys. The domains include storage.googleapis.com, cdn.discordapp.com, pastes.io, s3.us-east-2.amazonaws.com, dl.dropboxusercontent.com, 188.137.230.45, touchskins.io, 158.94.208.7, 74.0.32.149, 74.0.32.141, api.touchskins.io, 80.89.237.190, 188.137.254.207, api.wewpwsw.su, 188.137.229.136, 196.251.107.24, 104.194.152.180, link.storjshare.io, s3.g.s4.mega.io, 62.60.226.159 and 2087 more. 562 of these domains have bee...
This cluster centers on 2121 connected domains tagged as GuLoader, NorthKorea, censys. The domains include 59.182.90.199, 178.50.166.61, 113.168.249.76, 123.209.193.86, 113.165.6.38, 120.157.72.234, 171.235.194.253, 120.157.159.171, 37.142.77.163, 46.124.33.133, 46.124.40.3, 83.224.151.243, 88.86.246.233, 41.146.1.154, 59.182.119.128, 14.236.247.68, 120.157.72.59, 95.127.248.192, 116.110.179.199, cdn.discordapp.com and 2101 more. 576 of these domains have been flagged by threat intelligence feed...
This cluster centers on 1630 connected domains tagged as BABADEDA, pw-2026, wsh. The domains include storage.googleapis.com, cdn.discordapp.com, implementing-theft-metal-justin.trycloudflare.com, staying-heavily-meaning-blowing.trycloudflare.com, creations-venture-traditional-stainless.trycloudflare.com, arilprivate.storexyz.web.id, 206.123.145.26, 103.125.219.204, 45.87.43.154, 10cricofficial.com, justwatch.life, 195.16.44.75, advise-visual-playstation-closer.trycloudflare.com, 91.92.241.197, 6...
This cluster centers on 2141 connected domains tagged as GuLoader, NorthKorea, censys. The domains include 59.182.90.199, 91.80.129.100, 123.28.175.23, 120.61.247.2, 178.50.166.61, 113.168.249.76, 123.209.193.86, 113.165.6.38, 120.157.72.234, 171.235.194.253, 120.157.159.171, 37.142.77.163, 171.241.208.124, 120.157.229.220, 171.117.30.233, 91.80.136.9, 46.124.33.133, 46.124.40.3, 83.224.151.243, 88.86.246.233 and 2121 more. 596 of these domains have been flagged by threat intelligence feeds incl...
Details
Linked Company Activity
EQUIFAX, INC.
1 BBB complaint · Credit Cards] [Business: Equifax Impersonator] [Location: MD, USA- 21207]
BANK OF AMERICA, NATIONAL ASSOCIATION
173 BBB complaints
TRANSUNION INTERMEDIATE HOLDINGS, INC.
4 BBB complaints · Phishing] [Business: TransUnion Imposter Sc
JPMORGAN CHASE & CO.
16 BBB complaints
CAPITAL ONE FINANCIAL CORPORATION
158 BBB complaints
CITIBANK, N.A.
23 BBB complaints
Resurgent Capital Services L.P.
1 BBB complaint
WELLS FARGO & COMPANY
204 BBB complaints · Bank/Credit Card C
AMERICAN EXPRESS COMPANY
105 BBB complaints
PNC Bank N.A.
22 BBB complaints
Connected Entities
Linked Companies
company
PENTAGON FEDERAL CREDIT UNION
campaign co-membercompanyCredit Services Corporation, LLC
campaign co-membercompanyIntegrity Group Inc
campaign co-membercompanyDirect, Inc
campaign co-membercompanyThe Bureaus, Inc.
campaign co-membercompanyEVERBANK, NATIONAL ASSOCIATION
campaign co-membercompanyCheckr, Inc
campaign co-membercompanyMOUNTAIN AMERICA FEDERAL CREDIT UNION
campaign co-membercompanyFuture Financial Inc.
campaign co-membercompanyReady Capital Corporation
campaign co-membercompanyREGIONS FINANCIAL CORPORATION
campaign co-membercompanyThe Collection Agency LLC
campaign co-memberRelated Phone Numbers
phone
8553572202
campaign co-memberphone3186669555
campaign co-memberphone8009220204
campaign co-memberphone6789998212
campaign co-memberphone8889194623
campaign co-memberphone8009993355
campaign co-memberphone8007715361
campaign co-memberphone8009033637
campaign co-memberphone8884260179
campaign co-memberphone2025582508
campaign co-memberphone3025417253
campaign co-memberphone8887910954
campaign co-memberphone7656119812
campaign co-memberphone3473635189
campaign co-memberphone6095276573
campaign co-memberphone9096341137
campaign co-memberphone4122148209
campaign co-memberphone8446863816
campaign co-memberphone2013652729
campaign co-memberphone4077347620
campaign co-memberphone8004727563
campaign co-memberphone6468099698
campaign co-memberphone2028008504
campaign co-memberphone8446312193
campaign co-memberRelated Domains
domain
130.12.180.43
campaign co-memberdomainimplementing-theft-metal-justin.trycloudflare.com
campaign co-memberdomainstaying-heavily-meaning-blowing.trycloudflare.com
campaign co-memberdomaincreations-venture-traditional-stainless.trycloudflare.com
campaign co-memberdomain103.125.219.204
campaign co-memberdomain206.123.145.26
campaign co-memberdomainarilprivate.storexyz.web.id
campaign co-memberdomain14.236.182.73
campaign co-memberdomain83.224.162.132
campaign co-memberdomain123.31.81.229
campaign co-memberdomain120.157.56.105
campaign co-memberdomain113.176.132.141
campaign co-memberRelated Emails
email
diana@ierek.com
campaign co-memberemailcfjtfl@verxl.com
campaign co-memberemailcbx-df@ceszx.com
campaign co-memberemailj.thompson8822@ymail.com
campaign co-memberemailbb.adige@libero.it
campaign co-memberemailhr@teknfix.com
campaign co-memberemailpangmyiuhk@yahoo.co.jp
campaign co-memberemailmarydavis09@zoho.com
campaign co-memberemailidentity@varomoney.com
campaign co-memberemailservicename@nickname.tld
campaign co-memberemaila4084163@trbvm.com
campaign co-memberemaillegalnotice@facebookmail.com
campaign co-memberCommunity Reports
Crypto addresses affiliated with the Linus Tech Tips channel(s) hijacker's scam crypto websites For any blockchain analysts and trackers out there **The wallet addresses associated with the crypto scam sites as follows** tesla-ltt\[DOT\]com \[[wayback machine archived copy](https://web.archive.org/web/20230323114342/https://tesla-ltt.com/)\] advertised in the description box and live chat area of Linus's "TechQuickie" and "TechLinked" YouTube channels: BTC: [189HwG4M5kQE5pUYfnSUpdxrKpxxBf66N7](https://www.blockchain.com/explorer/addresses/btc/189HwG4M5kQE5pUYfnSUpdxrKpxxBf66N7) ETH: [0x962aacdF60B3A9DF82243abD6Ae8e271aECEC70d](https://etherscan.io/address/0x962aacdF60B3A9DF82243abD6Ae8e271aECEC70d) DOGE: [D6Yp1ycwJR77b2Eur89TEtEtPmvRMcv6b3](https://dogechain.info/address/D6Yp1ycwJR77b2Eur89TEtEtPmvRMcv6b3) tesla-online\[DOT\]net \[[wayback machine archived copy](https://web.archive.org/web/20230323102427/https://tesla-online.net/)\] advertised in the description box and live chat area of "Linus Tech Tips" main YouTube channel: BTC: [16dnhXKyvmDnMGL8peMgT91u6xzJy46Z81](https://www.blockchain.com/explorer/addresses/btc/16dnhXKyvmDnMGL8peMgT91u6xzJy46Z81) ETH: [0x47B82218254657E9CB099Ce99FdA789d8B925971](https://etherscan.io/address/0x47B82218254657E9CB099Ce99FdA789d8B925971) DOGE: [DUAZvRULbEMZmJjpNujqadXpCHndG9vwrr](https://dogechain.info/address/DUAZvRULbEMZmJjpNujqadXpCHndG9vwrr) (do not send crypto to these addresses, these are the addresses as posted on the scam crypto web pages affiliated with the multiple Linus Tech Tips Media Group YouTube channel hijack, and are for educational and analyst purposes only.)
1147 days ago5 upvotes
Share Your Experience
What's Your Exposure?
Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.