This cluster centers on 2957 connected domains tagged as GuLoader, NorthKorea, censys. The domains include salelegalsteroids.com, 192.210.186.208, gharnt.com, cloflart.com, id3702579photo-image-docs.com, www.almacensantangel.com, 64.95.12.162, blue-oceans.net, sixmexicos.com, baritonclick.online, 185.252.24.15, un1rw11q4u.com, ameyiando.com, niril.sbs, bursaelektriktamir.com, blankeyeo.com, umxtxhub.za.com, sunchernical.com, 18.194.67.137, servecdn.my and 2937 more. 606 of these domains have bee...
Phone Number
248-790-8770
Last reported Feb 24, 2026
Low Activity
- 1 community report from users
Campaign Intelligence
This cluster centers on 2107 connected domains tagged as GuLoader, NorthKorea, censys. The domains include storage.googleapis.com, cdn.discordapp.com, pastes.io, s3.us-east-2.amazonaws.com, dl.dropboxusercontent.com, 188.137.230.45, touchskins.io, 158.94.208.7, 74.0.32.149, 74.0.32.141, api.touchskins.io, 80.89.237.190, 188.137.254.207, api.wewpwsw.su, 188.137.229.136, 196.251.107.24, 104.194.152.180, link.storjshare.io, s3.g.s4.mega.io, 62.60.226.159 and 2087 more. 562 of these domains have bee...
This cluster centers on 2121 connected domains tagged as GuLoader, NorthKorea, censys. The domains include 59.182.90.199, 178.50.166.61, 113.168.249.76, 123.209.193.86, 113.165.6.38, 120.157.72.234, 171.235.194.253, 120.157.159.171, 37.142.77.163, 46.124.33.133, 46.124.40.3, 83.224.151.243, 88.86.246.233, 41.146.1.154, 59.182.119.128, 14.236.247.68, 120.157.72.59, 95.127.248.192, 116.110.179.199, cdn.discordapp.com and 2101 more. 576 of these domains have been flagged by threat intelligence feed...
This cluster centers on 1630 connected domains tagged as BABADEDA, pw-2026, wsh. The domains include storage.googleapis.com, cdn.discordapp.com, implementing-theft-metal-justin.trycloudflare.com, staying-heavily-meaning-blowing.trycloudflare.com, creations-venture-traditional-stainless.trycloudflare.com, arilprivate.storexyz.web.id, 206.123.145.26, 103.125.219.204, 45.87.43.154, 10cricofficial.com, justwatch.life, 195.16.44.75, advise-visual-playstation-closer.trycloudflare.com, 91.92.241.197, 6...
This cluster centers on 2141 connected domains tagged as GuLoader, NorthKorea, censys. The domains include 59.182.90.199, 91.80.129.100, 123.28.175.23, 120.61.247.2, 178.50.166.61, 113.168.249.76, 123.209.193.86, 113.165.6.38, 120.157.72.234, 171.235.194.253, 120.157.159.171, 37.142.77.163, 171.241.208.124, 120.157.229.220, 171.117.30.233, 91.80.136.9, 46.124.33.133, 46.124.40.3, 83.224.151.243, 88.86.246.233 and 2121 more. 596 of these domains have been flagged by threat intelligence feeds incl...
Details
Linked Company Activity
EQUIFAX, INC.
1 BBB complaint · Credit Cards] [Business: Equifax Impersonator] [Location: MD, USA- 21207]
BANK OF AMERICA, NATIONAL ASSOCIATION
173 BBB complaints
TRANSUNION INTERMEDIATE HOLDINGS, INC.
4 BBB complaints · Phishing] [Business: TransUnion Imposter Sc
JPMORGAN CHASE & CO.
16 BBB complaints
CAPITAL ONE FINANCIAL CORPORATION
158 BBB complaints
CITIBANK, N.A.
23 BBB complaints
Resurgent Capital Services L.P.
1 BBB complaint
WELLS FARGO & COMPANY
205 BBB complaints
AMERICAN EXPRESS COMPANY
105 BBB complaints
PNC Bank N.A.
22 BBB complaints
Connected Entities
Linked Companies
company
PENTAGON FEDERAL CREDIT UNION
campaign co-membercompanyCredit Services Corporation, LLC
campaign co-membercompanyIntegrity Group Inc
campaign co-membercompanyDirect, Inc
campaign co-membercompanyThe Bureaus, Inc.
campaign co-membercompanyEVERBANK, NATIONAL ASSOCIATION
campaign co-membercompanyCheckr, Inc
campaign co-membercompanyMOUNTAIN AMERICA FEDERAL CREDIT UNION
campaign co-membercompanyFuture Financial Inc.
campaign co-membercompanyReady Capital Corporation
campaign co-membercompanyREGIONS FINANCIAL CORPORATION
campaign co-membercompanyThe Collection Agency LLC
campaign co-memberRelated Phone Numbers
phone
8553572202
campaign co-memberphone3186669555
campaign co-memberphone8009220204
campaign co-memberphone6789998212
campaign co-memberphone8889194623
campaign co-memberphone8009993355
campaign co-memberphone8007715361
campaign co-memberphone8009033637
campaign co-memberphone8884260179
campaign co-memberphone2025582508
campaign co-memberphone3025417253
campaign co-memberphone8887910954
campaign co-memberphone7656119812
campaign co-memberphone3473635189
campaign co-memberphone6095276573
campaign co-memberphone9096341137
campaign co-memberphone4122148209
campaign co-memberphone8446863816
campaign co-memberphone2013652729
campaign co-memberphone4077347620
campaign co-memberphone8004727563
campaign co-memberphone6468099698
campaign co-memberphone2028008504
campaign co-memberphone8446312193
campaign co-memberRelated Domains
domain
130.12.180.43
campaign co-memberdomainimplementing-theft-metal-justin.trycloudflare.com
campaign co-memberdomainstaying-heavily-meaning-blowing.trycloudflare.com
campaign co-memberdomaincreations-venture-traditional-stainless.trycloudflare.com
campaign co-memberdomain103.125.219.204
campaign co-memberdomain206.123.145.26
campaign co-memberdomainarilprivate.storexyz.web.id
campaign co-memberdomain14.236.182.73
campaign co-memberdomain83.224.162.132
campaign co-memberdomain123.31.81.229
campaign co-memberdomain120.157.56.105
campaign co-memberdomain113.176.132.141
campaign co-memberRelated Emails
email
diana@ierek.com
campaign co-memberemailcfjtfl@verxl.com
campaign co-memberemailcbx-df@ceszx.com
campaign co-memberemailj.thompson8822@ymail.com
campaign co-memberemailbb.adige@libero.it
campaign co-memberemailhr@teknfix.com
campaign co-memberemailpangmyiuhk@yahoo.co.jp
campaign co-memberemailmarydavis09@zoho.com
campaign co-memberemailidentity@varomoney.com
campaign co-memberemailservicename@nickname.tld
campaign co-memberemaila4084163@trbvm.com
campaign co-memberemaillegalnotice@facebookmail.com
campaign co-memberCommunity Reports
"Influencer" @CalvinSpieth stole $9K in ETH from our project We purchased a promotion for our crypto company from a verified “influencer” on Instagram by the name of Calvin Spiethfel. Proof of Scam (Conversation):https://drive.google.com/file/d/1Rz5M3VsNEsUCHxMGP3GMdyfcgzBhPXxw/view?usp=sharing His Instagram: [https://instagram.com/calvinspieth](https://instagram.com/calvinspieth) \- IG USER ID: 40121288932 As you can see in the conversation, we send $9,000 in Ethereum across 2 separate transactions. We sent it as BSC in 2 separate transactions to a swapper, which then sent it to him:https://bscscan.com/tx/0xe6cb6c8e747b0e69b6aa06e7750bc0f0fbadaf1149181b14ef68d6e1c4baa2a9 Cross reference the dates on his transactions export https://bscscan.com/tx/0x1d9ec6803a0c82472d5608706f6ce22e6a7ba51130fa461ef1c98b497f44a9ad Cross reference the dates on his transactions exportYou can see here his ETH ADDRESS:0x48BB0E5eB3fDb610a488EC945aA49876BdaDC172 Here is an EXPORT of their transactions, with our 2 incoming transactions (Totaling $9,024.55) highlighted in yellow:https://docs.google.com/spreadsheets/d/1roeU\_ErR3PU3yTFRUn1L1yDecVF0clusRGP1OWA6vBs/edit?usp=sharing Calvin Spiethfel ETH ADDRESS:0x48BB0E5eB3fDb610a488EC945aA49876BdaDC172 As you can see from his wallet on Etherscan, he receives (And sends?) funds from Binance.https://etherscan.io/address/0x48BB0E5eB3fDb610a488EC945aA49876BdaDC172#tokentxns Please see if you can track down his account to take whatever steps necessary to prevent him from scamming others! https://instagram.com/calvinspieth - 40121288932 Personal IG: https://instagram.com/calspieth - Instagram ID 12487908770 https://instagram.com/cashcowcal - 8587387502 https://instagram.com/c6merxn - 49862433202 Influencer pages: https://www.tiktok.com/@calvinspieth/
1035 days ago4 upvotes
Share Your Experience
What's Your Exposure?
Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.