SCA-FU Central Intelligence

Access is restricted by Cloudflare Zero Trust framework.

WARNING: RESTRICTED SYSTEM

This is a classified intelligence portal. Unauthorized access is strictly prohibited. All IP addresses, device fingerprints, and access attempts are actively monitored, logged, and subject to audit by federal regulatory bodies.

SCA-FU // THREAT INTELLIGENCE PORTAL

CLEARANCE: TS//SCI
CASE 01: JONAS FLEET EXPOSURE
CASE 02: OPERATION AVALANCHE (BITGET)
CRITICAL INFRASTRUCTURE COMPROMISE (CVE-2025-2746/2747)

The Jonas ClubhouseOnline platform, servicing the world's most elite private clubs, is actively exposing an unauthenticated Remote Code Execution (RCE) vector via the Kentico 8.1 SyncServer.asmx staging endpoint. This allows hostile actors to execute arbitrary commands, dump databases, and deploy ransomware. The PLAY Ransomware Syndicate has already established an active exploitation precedent by striking Cobblestone Creek Country Club, which operates this identical, unpatched architecture.

1,505
Verified Exposed Infrastructure Nodes
100%
Unauthenticated RCE Exploit Match
42+
Global Sovereign Jurisdictions Mapped

LIVE THREAT FOOTPRINT: TRUE GEOGRAPHIC MAPPING

This map displays the complete dataset of 1,505 cryptographically verified exposed endpoints perfectly mapped to their true geographic physical locations across North America and EMEA. All artificial load-balancer routing artifacts have been stripped to reveal the true operational footprint.

TARGET ROSTER

1,505 Active Nodes

STRATEGIC EXPOSURE PORTFOLIOS (HIGH-VALUE TARGETS)

The technical scale of this vulnerability is dwarfed by the caliber of the victims. A breach of this centralized network grants access to the financial ledgers, private VIP schedules, and donor intelligence of global power brokers.

Political & Power Centers
Capitol Hill Club Washington, D.C.
The Union Club of Cleveland Cleveland, Ohio
Extortion Context: These institutions serve as private hubs for sitting politicians, corporate executives, and massive donors. Access exposes VIP physical movement schedules and highly sensitive financial affiliations, creating catastrophic political leverage for ransomware groups.
Historic Sporting Venues
Medinah Country Club Bloomingdale, Illinois
Merion Golf Club Ardmore, Pennsylvania
Extortion Context: These clubs host the U.S. Open, PGA Championships, and the Ryder Cup. They cater exclusively to ultra-high-net-worth individuals. The reputational damage of a data breach during a major championship cycle presents a massive extortion opportunity.
International Wealth Hubs
The Queen's Club London, United Kingdom
Sahara Kuwait Resort Kuwait City, Kuwait
Extortion Context: The vulnerability is not localized to North America. The exposure of EMEA and Middle Eastern elites brings the threat into the purview of international regulatory bodies (like the GDPR) and proves the architectural flaw spans their global supply chain.

Verified Data Ledger (Top Extraction Highlights)

Facility Name Physical Location Digital Footprint Exposure Status
The National Republican Club of Capitol Hill Washington, D.C. capitolhillclub.org HTTP 200 (EXPOSED)
Medinah Country Club Bloomingdale, IL medinahcc.org HTTP 200 (EXPOSED)
Merion Golf Club Ardmore, PA meriongolfclub.com HTTP 200 (EXPOSED)
The Caledonian Club London, England caledonianclub.com HTTP 200 (EXPOSED)
Arbutus Club Vancouver, BC arbutusclub.com HTTP 200 (EXPOSED)
Shaughnessy Golf & Country Club Vancouver, BC shaughnessy.org HTTP 200 (EXPOSED)
Royal Canadian Yacht Club (RCYC) Toronto, ON rcyc.ca HTTP 200 (EXPOSED)

SECURE DATA ROOM: FULL EXTRACTION LEDGER

The table above represents only the top tier of physically benchmarked targets. The complete, unredacted database of all 1,505 verified exposed Jonas ClubhouseOnline endpoints is available for immediate secure download for incident response and regulatory review.

DOWNLOAD RAW CSV SPREADSHEET DOWNLOAD MARKDOWN LEDGER
$101M+
Verified Laundered Funds (Coinsquare)
10,000
USDC Stolen (Polygon Network)
4,904
Fake Unicode Token Contracts

TACTICAL EVOLUTION & ON-CHAIN THEFT

Vector: Content Security Policy (CSP) Bypass / Lack of Subresource Integrity (SRI) on web3.bitget.com.

Incident: March 22, 2026. 10,000 USDC stolen via Deposit Address Substitution. Polygon Tx: 0x391b4a56e70c2aa99fed6ce97f8acd633dcc6666d29099b982344c1564c84733.

Status: Immediate regulatory production orders required against Coinsquare and Bitget to unmask KYC entities.

SCA-FU OSINT Engine · Restricted Intelligence · © 2026