How Ali Alexander tried to hide his digital footprint after the Riot Capitol

How Ali Alexander tried to hide his digital footprint after the Riot Capitol


A few days after supporters of former President Donald Trump stormed the Capitol on January 6, Ali Alexander, one of the main organizers of the rally that day, appeared to be busy, trying to hide his ties to dozens and dozens of websites. who called Robades the 2020 election.

The Alexander-linked domains that drove Stop the Steal, which the Daily Dot reviewed, including those he publicly published as himself, were mixed up as a result of the riot to hide the property. But the hacked documents show that they go back to Ali and an anonymization service of the web hosting company Epik.

In the face of the failed insurgency, sparked by weeks of false allegations of widespread electoral fraud in the 2020 presidential election, Alexander had positioned himself as the de facto leader of the movement with his “Stop the Steal” campaign.

At a Dec. 19 rally in Arizona in which he spoke, Alexander made clear his intentions for Jan. 6: he and his legion of supporters would do whatever it takes to prevent Congress from certifying the election votes for the victory. president Joe Biden.

According to the Washington Post and Daily Beast, Alexander was already working with far-right Republican lawmakers to plan the Jan. 6 rally.

“We’ll convince them not to certify the Jan. 6 vote by marching hundreds of thousands, if not millions of patriots, to sit their ass in DC and close this city, right?” Alexander said that December day. “And if we then have to explore options …”

Alexander has been a major secondary channel in Republican politics for nearly two decades. He also pleaded guilty to felony criminal mischief under a previous name, when he was known as Ali Akbar. He has been friends with far-right agents such as Laura Loomer and Jacob Wohl. He also has links to Roger Stone, who is being investigated for his role in fomenting the Capitol Revolt. At the time of the Capitol riots, Alexander had nearly a quarter of a million Twitter followers.

The night before the riot, Alexander was filmed singing “Victory or Death” to an enthusiastic crowd. He had also been christened as the official coordinator of the January 6 event and was filmed on a rooftop during the brilliant rally about his success.

By the time the dust finally settled on January 6, Alexander had already seemed to be beginning an effort to overshadow his ties to the movement. With five dead, hundreds injured and extensive damage to the Capitol, the conspiracy theorist would face permanent suspensions through social media before finally hiding.

As national outrage over the riot intensified, work seemed to take place behind the scenes. On January 15, just nine days after the failed uprising, Alexander, or someone who worked with him, took steps to anonymize his personal information in the registries of more than 100 domains. Almost half of these domains are directly related to Stop the Steal. Domains like,, and revolted after the riot.

Alexander had chosen to entrust his web addresses to the domain registration company Epik, which offers a domain privacy feature known as “Anonymize.” The decision would, in theory, prevent the public from discovering which domains it owned.

However, on September 13, the collective pirate Anonymous announced which had ruined the data of a decade of Epik, a company known for hosting extremist websites. Although the company initially claimed to be unaware of a breach, Epik CEO Rob Monster later said in a strange four-hour video conference that hackers had obtained a backup of their data.

Published online in a torrent, the 180 gigabyte data cache included, among other things, domain registrations and account credentials, as well as personal data of people who had registered some of the most famous far-right domains of Internet.

Analysis of the data using the Daily Dot made it possible to link an email linked to Alexander to 122 separate domains. On January 15, the far-right figure received an email from a ProtonMail address thanking him for creating an Anonymize account.

“Dear Ali A,” the email begins. “Thank you for registering with us. Your new account has been set up, and you can now sign in to our customer area using the details below. ”

By searching for the ProtonMail address used to register the account through the hacked data, the Daily Dot was able to locate Alexander’s Anonymize profile. The data includes Alexander’s username and abbreviated password, as well as a phone number and address. The address appears to be that of a UPS store in Texas. He Fort Worth Star-Telegram previously linked this UPS address to Alexander.

The Daily Dot made repeated attempts to reach Alexander by the phone number and email address found in the breach, but received no response for press time.

The account creation date that appears in Alexander’s account information, January 15, coincides with the date of the email that says you signed up for the Anonymize service.

Alexander’s account was assigned a unique identifier that would replace his real name with public domain registrars. The Daily Dot does not reveal Alexander’s identification.

other anonymous data


Anonymize provides all its users with an email address based on the five digits of its unique identifier. These numbers appear in Alexander’s web presence.

If you check the Anonymize email address for the violation, you discover all the domains that the far right figure seems to have tried to hide. If Epik hacking hadn’t been so expansive, it’s possible that some of the domains would have been difficult, even impossible, to link to Alexander just with the Anonymize email address.

However, many of the domains do little to hide their true owner. Among the domains listed is, the main website where Alexander solicits donations as “the most degraded man in the world.”

A postal address on the website also matches the one seen on Alexander’s Anonymize profile.

Other domains include similar topics surrounding Alexander’s alleged persecution, such as And while many of the domains may be sold or empty, others host operational websites.

The domain, for example, is dedicated to stating that the president suffers from Parkinson’s disease. Alexander, who publicly acknowledged ownership of the domain after launching it last year, offers a plethora of products on the site that include branded hats, t-shirts and fanny packs.

Although Alexander has removed his name from the website, viewing’s current domain registrar confirms that the account holder’s email matches Alexander’s anonymized address.

ali alexander web hosting for

Who is

Numerous domains also refer to Alexander’s religious beliefs, including,, and

But aside from a handful of politically linked sites, such as and, a significant portion of Alexander’s owned domains were tied to the Stop the Steal movement. The Daily Dot was able to obtain a list of 57 such domains.

All were anonymized following the Capitol riot.

other worded domains


Alexander, according to law enforcement sources speaking to him Washington PosT, was investigated by the FBI following Jan. 6. So far no charges have been filed against him.

Interestingly, the address linked to Alexander also chose to register the domain only one day after registering with the Epik domain privacy service.

Despite negative attention to Alexander, the far-right figure in February told his followers he was still committed to ending “this whole system.”

“I’ve been licking my wounds, but I’ve been plotting,” Alexander said. “I have been planning. I’ve been plotting. ”

Alexander’s future plans remain unclear. At the moment, Alexander is feeding his crusade by charging his followers $ 500 a year to read his personal blog.