This cluster centers on 2957 connected domains tagged as GuLoader, NorthKorea, censys. The domains include salelegalsteroids.com, 192.210.186.208, gharnt.com, cloflart.com, id3702579photo-image-docs.com, www.almacensantangel.com, 64.95.12.162, blue-oceans.net, sixmexicos.com, baritonclick.online, 185.252.24.15, un1rw11q4u.com, ameyiando.com, niril.sbs, bursaelektriktamir.com, blankeyeo.com, umxtxhub.za.com, sunchernical.com, 18.194.67.137, servecdn.my and 2937 more. 606 of these domains have bee...
Phone Number
784-442-5040
Last reported Feb 24, 2026
Low Activity
- 1 community report from users
Campaign Intelligence
This cluster centers on 2107 connected domains tagged as GuLoader, NorthKorea, censys. The domains include storage.googleapis.com, cdn.discordapp.com, pastes.io, s3.us-east-2.amazonaws.com, dl.dropboxusercontent.com, 188.137.230.45, touchskins.io, 158.94.208.7, 74.0.32.149, 74.0.32.141, api.touchskins.io, 80.89.237.190, 188.137.254.207, api.wewpwsw.su, 188.137.229.136, 196.251.107.24, 104.194.152.180, link.storjshare.io, s3.g.s4.mega.io, 62.60.226.159 and 2087 more. 562 of these domains have bee...
This cluster centers on 2121 connected domains tagged as GuLoader, NorthKorea, censys. The domains include 59.182.90.199, 178.50.166.61, 113.168.249.76, 123.209.193.86, 113.165.6.38, 120.157.72.234, 171.235.194.253, 120.157.159.171, 37.142.77.163, 46.124.33.133, 46.124.40.3, 83.224.151.243, 88.86.246.233, 41.146.1.154, 59.182.119.128, 14.236.247.68, 120.157.72.59, 95.127.248.192, 116.110.179.199, cdn.discordapp.com and 2101 more. 576 of these domains have been flagged by threat intelligence feed...
This cluster centers on 1630 connected domains tagged as BABADEDA, pw-2026, wsh. The domains include storage.googleapis.com, cdn.discordapp.com, implementing-theft-metal-justin.trycloudflare.com, staying-heavily-meaning-blowing.trycloudflare.com, creations-venture-traditional-stainless.trycloudflare.com, arilprivate.storexyz.web.id, 206.123.145.26, 103.125.219.204, 45.87.43.154, 10cricofficial.com, justwatch.life, 195.16.44.75, advise-visual-playstation-closer.trycloudflare.com, 91.92.241.197, 6...
This cluster centers on 2141 connected domains tagged as GuLoader, NorthKorea, censys. The domains include 59.182.90.199, 91.80.129.100, 123.28.175.23, 120.61.247.2, 178.50.166.61, 113.168.249.76, 123.209.193.86, 113.165.6.38, 120.157.72.234, 171.235.194.253, 120.157.159.171, 37.142.77.163, 171.241.208.124, 120.157.229.220, 171.117.30.233, 91.80.136.9, 46.124.33.133, 46.124.40.3, 83.224.151.243, 88.86.246.233 and 2121 more. 596 of these domains have been flagged by threat intelligence feeds incl...
Details
Linked Company Activity
EQUIFAX, INC.
1 BBB complaint · Credit Cards] [Business: Equifax Impersonator] [Location: MD, USA- 21207]
BANK OF AMERICA, NATIONAL ASSOCIATION
173 BBB complaints
TRANSUNION INTERMEDIATE HOLDINGS, INC.
4 BBB complaints · Phishing] [Business: TransUnion Imposter Sc
JPMORGAN CHASE & CO.
16 BBB complaints
CAPITAL ONE FINANCIAL CORPORATION
158 BBB complaints
CITIBANK, N.A.
23 BBB complaints
Resurgent Capital Services L.P.
1 BBB complaint
WELLS FARGO & COMPANY
204 BBB complaints · Bank/Credit Card C
AMERICAN EXPRESS COMPANY
105 BBB complaints
PNC Bank N.A.
22 BBB complaints
Connected Entities
Linked Companies
company
PENTAGON FEDERAL CREDIT UNION
campaign co-membercompanyCredit Services Corporation, LLC
campaign co-membercompanyIntegrity Group Inc
campaign co-membercompanyDirect, Inc
campaign co-membercompanyThe Bureaus, Inc.
campaign co-membercompanyEVERBANK, NATIONAL ASSOCIATION
campaign co-membercompanyCheckr, Inc
campaign co-membercompanyMOUNTAIN AMERICA FEDERAL CREDIT UNION
campaign co-membercompanyFuture Financial Inc.
campaign co-membercompanyReady Capital Corporation
campaign co-membercompanyREGIONS FINANCIAL CORPORATION
campaign co-membercompanyThe Collection Agency LLC
campaign co-memberRelated Phone Numbers
phone
8553572202
campaign co-memberphone3186669555
campaign co-memberphone8009220204
campaign co-memberphone6789998212
campaign co-memberphone8889194623
campaign co-memberphone8009993355
campaign co-memberphone8007715361
campaign co-memberphone8009033637
campaign co-memberphone8884260179
campaign co-memberphone2025582508
campaign co-memberphone3025417253
campaign co-memberphone8887910954
campaign co-memberphone7656119812
campaign co-memberphone3473635189
campaign co-memberphone6095276573
campaign co-memberphone9096341137
campaign co-memberphone4122148209
campaign co-memberphone8446863816
campaign co-memberphone2013652729
campaign co-memberphone4077347620
campaign co-memberphone8004727563
campaign co-memberphone6468099698
campaign co-memberphone2028008504
campaign co-memberphone8446312193
campaign co-memberRelated Domains
domain
130.12.180.43
campaign co-memberdomainimplementing-theft-metal-justin.trycloudflare.com
campaign co-memberdomainstaying-heavily-meaning-blowing.trycloudflare.com
campaign co-memberdomaincreations-venture-traditional-stainless.trycloudflare.com
campaign co-memberdomain103.125.219.204
campaign co-memberdomain206.123.145.26
campaign co-memberdomainarilprivate.storexyz.web.id
campaign co-memberdomain14.236.182.73
campaign co-memberdomain83.224.162.132
campaign co-memberdomain123.31.81.229
campaign co-memberdomain120.157.56.105
campaign co-memberdomain113.176.132.141
campaign co-memberRelated Emails
email
diana@ierek.com
campaign co-memberemailcfjtfl@verxl.com
campaign co-memberemailcbx-df@ceszx.com
campaign co-memberemailj.thompson8822@ymail.com
campaign co-memberemailbb.adige@libero.it
campaign co-memberemailhr@teknfix.com
campaign co-memberemailpangmyiuhk@yahoo.co.jp
campaign co-memberemailmarydavis09@zoho.com
campaign co-memberemailidentity@varomoney.com
campaign co-memberemailservicename@nickname.tld
campaign co-memberemaila4084163@trbvm.com
campaign co-memberemaillegalnotice@facebookmail.com
campaign co-memberCommunity Reports
Beware of Fictive Kin, LLC crypto scams and other scams. Peacefall. Prometheans. JollySwap. Pyramid City. You'd think people wouldn't be dumb enough to invest in a pyramid scheme named "Pyramid City", but people are gullible. Fictive Kin, LLC, falsely promotes itself as a black owned business out of Brooklyn, NY. Fictive Kin, LLC is not black owned. Fictive Kin, LLC is also not a Brooklyn based business. https://web.archive.org/web/20210808200718/https://fictivekin.com/ Fictive Kin, LLC is actually registered in Delaware specifically for the purpose of evading taxes in New York and in California. Fictive Kin, LLC has run a variety of financial schemes and evades the taxes. “Pyramid City”, in May of 2021, was a scheme to collect money under the guise of building pyramid style mausoleums in the desert. No land was ever purchased, no pyramids were ever built and no taxes were paid on the money raised in this fraudulent endeavor. The images were photoshopped. https://www.itsnicethat.com/news/fictive-kin-pyramid-city-architecture-260521 https://web.archive.org/web/20210526114043/https://www.itsnicethat.com/news/fictive-kin-pyramid-city-architecture-260521 “Brooklyn-based digital engineering and design studio Fictive Kin has announced this week an ambitious new project.” “500 pyramids will be built in an attempt to revolutionise the funerary experience and introduce a new way of celebrating life at its end.” Fictive Kin, LLC runs a scam via one of their projects called Peacefall.xyz. Peacefall.xyz is acknowledged as one of Fictive Kin’s projects on Fictive Kin’s website. Additionally, Fictive Kin lists itself as the creator on the Peacefall website. On January 31, 2023, code made by someone who identifies themselves as “Pussy Drainer” in the code was posted online, exposing the wallet address used by the peaceful.xyz Web3 app. The text in the post roughly translates to “Caught a piece of unobfuscated protected Crypto phishing code... conscience bared”. https
1051 days ago3 upvotes
Share Your Experience
What's Your Exposure?
Know your risk exposure to this message with a Thorough Analysis. It returns a detailed report covering the complaint history, your data breach exposure, related scam entities, and risk signals tied to this email message. Check the box and enter your email address now.