Tech Suppoat Numbers 7-29-19

844-516-4604

Link: https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/


855-546-0530

Link: https://rebootviewport.ga/Call-Windows-Support_CH18555460530/


844-490-7730

Link: https://ubixquery.ga/Call-Windows-Support_CH18444907730/


865-507-2445

Link: http://prnauth770.tk/u1616188&clickid=176283147195921369&keyword124rqfdsd24355rjbvqwEWRRWEFSD54544345756544/3124124124/CH_fsds4rwew4422434dsds32sHelp/


BobRTC Direct Dial numbers:

https://bobrtc.live/phonebook/dial/18444907730

https://bobrtc.live/phonebook/dial/18555460530

https://bobrtc.live/phonebook/dial/18445164604

844-389-1184

Link: https://techsuppoertingxx.tk/Call-Windows-Support_CH18443891184/


888-735-3552

Link: http://165.22.160.47/malware-win-chx/?phone=+1-(888)-735-3552&


844-516-4159

Link: http://www.freeeditor.club/1ffuiuluiiiuiuusdfdsfnmnjhhkjd/


800-745-0043

Link: http://jailaxmimataki.s3-website-us-west-2.amazonaws.com/


877-378-8921

Link: http://rabbitshot.ml/dasdadasdawe212321sdsAx/


@JoeHimself5#101833

DATA, ALL FILES AND ENUMERATION BEING UPLOADED CURRENTLY

PRELIM DATA BELOW, THE SERVER WILL NOT RESPOND TO SPECIFIC QUERIES

Initial Attack: LOCATION ATTACK AT A LIBRARY WA STATE

https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/

SC: Tech-Support-Scam-Page1-A7292019-A hosted at ImgBB — ImgBB

DL Link to beep: mavisviewxx.gq/Call-Windows-Support_CH18445164604/beep.mp3

SC: Image of actual downloaded file from directory

Tech-Support-Scam-Page1-A7292019-B hosted at ImgBB — ImgBB

SC: Image of file and source directory

Tech-Support-Scam-Page1-A7292019-C hosted at ImgBB — ImgBB

SC: Comparitor of file in web directory vs file downloaded from the link to the file: Left, downloaded 0 file, RIGHT, actual file in directory, 12KB.

Tech-Support-Scam-Page1-A7292019-D hosted at ImgBB — ImgBB

TC: https://www.threatcrowd.org/domain.php?domain=mavisviewxx.gq
TCSC: https://ibb.co/F7KV9NM
TCSC: https://ibb.co/1LBRPw2

Serving IP: 104.18.32.244
TC: https://www.threatcrowd.org/ip.php?ip=104.18.33.244
TCSC: https://ibb.co/xMRn1C7
https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/
https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/style.css
https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/3.png
https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/btns.png
https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/cur.png
https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/win_logo.jpg

Extra linked files used in operation of page
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
https://code.jquery.com/jquery-2.2.4.min.js
https://mavisviewxx.gq/Call-Windows-Support_CH18445164604/beep.mp3

@JoeHimself5#101833

https://www.youtube.com/watch?v=poo2xaEhrHE

@FLAGRUM#101887 SUBORINATE DATA

All IP addresses being used to resolve and serve!

104.18.32.244

104.18.33.244

2606:4700:30::6812:20f4

2606:4700:30::6812:21f4

seen this address before

Organisation:

Equatorial Guinea Domains B.V.

Dominio GQ administrator

P.O. Box 11774

1001 GT Amsterdam

Netherlands

Phone: +31 20 5315725

Fax: +31 20 5315721

E-mail: abuse: [email protected], copyright infringement: [email protected]

Domain Nameservers:

HAL.NS.CLOUDFLARE.COM

MAYA.NS.CLOUDFLARE.COM

CLOUDFLARE IS ABUSE! So is freenom

@JoeHimself5#101833

All files zipped and uploaded to major security providers

BLACK LISTING HAS BEGUN ON ALL FRONTS I CAN REACH

Keep putting them up, eventually, prison or worse.

@JoeHimself5#101833

Current low scope of bot net of malware involved. That is just the start of the entire map.
https://ibb.co/KDFkgv4

855-494-2474

Link: https://ndhshdlajshd36.xyz/2474askjdkjasdhsd1nk2/Call-Support1/


844-516-4681

Link: http://newdomainxls009.site/ntr1/12345/1sdafgdfvsdert44bdsbfj2342x/


800-745-0043 still active!

The voicemail from 800-745-0043. Maybe someone can translate? I thought I heard “chutiya” in there somewhere lol.

https://youtu.be/_rKXVOaYh1E

844-490-7730 is active again for now…