What are the results, did the code work?
2 Likes
Ive turned off the bot until monday.
Ill switch it back on during the peak scam period and really mess with them.
In the mean time lets make a list of domains to nuke all at once.
3 Likes
Didnt need the code for that specific domain as it was using an iframe
you only need the code for the mask domains (the ones that have the background image of paypal/microsoft/etcâŚ)
3 Likes
Yea, Norton refund scammers tend to use these domains btw.
3 Likes
Added to the list, will be DOSed on monday during peak scam times.
3 Likes
another bs.e24.help code 63338
2 Likes
bs.e24.help appears to have been shut down 
2 Likes
https://control.ctrl10.pw
https://sup2.13001.ru/
https://control.ctrl02.ru/
https://sup2.12001.ru/
https://sup2.supos911.org/
https://sup2.supos123.org/
https://os911.org/
3 Likes
rncare.live Code: 09876)
2 Likes
Added.
3 Likes
All 131 scammer domains I have found are currently experiencing âhigh CPU usageâ right at the most inconvenient time. They can change the port all they want, it wont make any difference.
3 Likes
Another site from a tech support scammer this morning which auto-downloaded a screen connect.exe file,
https://lijw1.top/Guest.aspx/?Session=b2de62aa-d60d-4bb8-abc1-782d864f4eee
3 Likes
kphelp.info you can add, I didnât see it on the list.
3 Likes
kphelp.info is a mask domain that hangs when you enter a code (that means ive already taken out the master server).
lijw1.top has been added to the list of servers experiencing high CPU usage.
3 Likes
2 Likes
some of the backend domains have been changed on these, ive gone through and have taken them down again
3 Likes