2W1F

BUSTED! Susie the hypocritical mouthy native - Joyce and Kingsway Safeway Vancouver BC.

Note all audio files have already been shared publicly elsewhere and these links are due to expire Sept 10 2016. The truth is already out there.

Audio evidence and text file: https://www.sendspace.com/file/z45j9t

Text copy:

Sept 3 2016.

Susie the native street lady attacks DJ Reptoid.

Audio file name: CR investigation - Sept 3 2016 - Original - Susie ATTACKS DJ Reptoid - Susie the native street lady I occasionally run into while shopping claims my website is infected with a pile of viruses and to 'get rid of it' WTF.mp3

It's proof that Susie gets off on spinning lies and greatly dislikes being caught on record.

Susie attacks me for doing research into her false claims proving she's 100% completely wrong in front of her little white haired street lady friend where they sit at the table outside Safeway all day talking BS about everyone around them, including her blatant anti-Chinese racism that many people are tired of hearing from her. (Worth getting on recording one day as well, although less likely now if I were to attempt to do so - someone else can do it easily though) This is a 70% Chinese neighbourhood she lives in too and she pokes fun of them when they are only 3 meters away from her in front of the Safeway store. If management ever catches her she's gone!

She makes personal attacks rather than discussing the data itself. She attacks my dishonourable double-crossing past mate's choices in personal lifestyle which Susie formerly fully supported. (The "collar" comment). Which is true when polar opposites are both spoken so strongly?

She REFUSES all supporting evidence when it's offered to her. ("I don't want your fucking report to give to Steve, fuck off!")

She makes wild claims that she's an authority figure (a medical doctor? BULLSHIT!) and therefor disproves all factual technical research proving she's full of shit and/or this supposed "Steve" character doesn't know what he's doing.

She presents zero evidence for her claims and defends and protects her invisible 'source' providing zero contact leads for further investigation or contact, just vague references to a male named Steve who might be somewhere in the area one day and to walk around asking for him (someone I don't even remember ever meeting).

Note I stood within arm's reach of her for 2 minutes and she refused to even greet me. I had to address her before her or her friend would even look at me. Psychologically speaking, that's a dead giveaway of avoidance and concealment after a previous wild claim last meeting.

At the end... I might as well state what her dying husband told me days before he died, that she 'talks shit about everyone behind their backs' and 'likes to fuck with people' as a personal hobby of hers. I've watched her do it too many times and that's why I called her bluff and busted her wide open.

Anyone who talks shit about me or LIES about me deserves being caught and getting everything I do in response exposing their total failure, corruption, lack of honour and waste of oxygen (more candles that won't be missed when they extinguish themselves).

Note: Magick is not 'illegal' in ANY common wealth country on Earth - In fact, Paganism is a protected global religion. I know where my power is, and ignorance does not grant anyone any immunity. So mote it be and so it is.



Previous live audio special report: https://www.sendspace.com/file/1h59c4

Technical report from friend about CR website and streaming services: https://www.sendspace.com/file/xtg1v5



Text copy of technical report:

LIVE RADIO Chaotic Resonance professional investigation reports - Response 1 - 8 30 2016

Remote professional technician reviews Chaotic Resonance (com) website after crazy wild complaint from only one person after a year: And this pro-hacker is a long time personal friend and can be trusted IMPLICITLY. (More to come from other global reporters)

-------

Here is the cookie from my radiostream.com stored on my computer. Notice the created date. I believe I have cleared my cookies since then. Weird.

Name: PHPSESSID
Content: d7airo58k65d7b459a5rlra634
Domain: myradiostream.com
Path: /
Send for: Any kind of connection
Accessible to script: Yes
Created: Friday, September 11, 2015 at 8:05:42 PM
Expires: When the browsing session ends

Means nothing, probably, but this is just one more of the small niggling unproven things about my interactions with you that seem to be just out of place to signal to me that I'm being watched.

Then, I deleted it to get a fresh visit of the site. BECAUSE, whenever I visit http://myradiostream.com/djreptoid , on my laptop, NO WEBSITE LOADS, and an mp3 playlist file (djreptoid.m3u) downloads to my computer. Which, I thought was weird, if someone's claiming they got a virus from the website -- implies they actually got a displaying page.

So I deleted the cookie from myradiostream.com, and tried again. No change. No page loads, but the mp3 playlist file (djreptoid.m3u) downloads to my computer. Which is sweet, because that's all I need.

Contents of djreptoid.m3u downloaded August 29th 2016: http://s35.myradiostream.com:5308/;listen.mp3

Contents of DJReptoid.m3u (notice capitalization changes) downloaded on and before August 14th 2016: http://s35.myradiostream.com:5308/

Ghostery Analysis of myradiostream.com (their homepage, not your radio station URL, the latter which cannot be analyzed on my laptop because the script blocking software is expecting website code to analyze; not a m3u file to be downloaded.):

Amazon Associates -- Advertising, Affiliate Marketing
Clicky -- Analytics
DoubleClick -- Advertising
Facebook Connect -- Widgets, Social
Facebook Social Plugins -- Widgets, Social
Google Analytics -- Analytics, Analytics
Google+ Platform -- Widgets, Social
StumbleUpon Widgets -- Widgets
Twitter Button -- Widgets, Social
Twitter Syndication -- Widgets

ScriptSafe additionally detected a resource loaded from YouTube.

VirusTotal Analysis of http://www.1111webdesign.com/DJReptoid/ :

https://www.virustotal.com/en/url/63df9af2da68db43984dd071343e5b7d92e414a7fbe2088a2e4dff96814d538e/analysis/

http://chaoticresonance.com/

https://www.virustotal.com/en/url/072d7698107fe3da2dce27680e4b45c2395154d11f662a991710ca04d5a0c62d/analysis/1472533716/

http://myradiostream.com/djreptoid

https://www.virustotal.com/en/url/3196d816ecccfc3779dcc1f70c18d19c7f21c5219aed595ae0c352c2cb478dc2/analysis/1472530149/

All clean. Ran URLs through some alternate "url online scanning services" -- first page Google Results. Nothing.

Okay, let's take a look at mobile versions:

http://myradiostream.com/mobile/djreptoid

Ghostery Analysis: BidVertiser -- Advertising

Suspicious! Because I've had issues of fake anti-virus software and obvious scams displayed on this page. Fake JavaScript Popups to the effect of "YOUR DEVICE HAS BEEN INFECTED WITH 4 MALWARES. CLICK "OK" BELOW TO DOWNLOAD OUR ANTI-VIRUS SOFTWARE AND GIVE US YOUR CREDIT CARD DETAILS! HURRY! YOU ONLY HAVE 3 MINUTES BEFORE RANSOMEWARE ENCRYPTS YOUR HARDDRIVE FOREVER AND THROWS AWAY THE KEY!!!"

Of course, total horseshit, and I dismissed them with a laugh. It's a harmless Javascript popup with a panicky message to social engineer people into THINKING they're in trouble -- in order to get them to do something foolish like click links to scam artist's phishing websites to buy fake anti-virus software and give out their credit card details (the REAL PRIZE).

Source code revealed: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=388962&bid=1564574

Content dump of above URL:
var dec_pid = 388962; var dec_bid = 1564574; document.write('');

Of course, because I was viewing this page from my laptop, and not a mobile device, the code did not execute as intended.

Wait a moment, myWOT extension icon is displaying yellow (caution):

MyWOT REPORT of (bdv.bidvertiser.com) https://www.mywot.com/en/scorecard/bdv.bidvertiser.com

USER REPORTS:

"12-06-2014
blog comment/trackback spammers for pirated software and/or "game hacks". possible malware/pups.

Sometimes the spammers require completion of a "survey" or "offer" to obtain the download link - often there is no download link, only bogus surveys/offers designed to give repeated commissions to the spammer per each attempt."

"22-12-2009
Malicious Website! -
This site includes Malware -"

What does Virustotal say about http://bdv.bidvertiser.com/?

https://www.virustotal.com/en/url/c5269620ca2b75c9bb0a97fb8ca65791103f1375bffc9ca3316930eadcf5f2ec/analysis/1472537270/

At first glance, clean, but take a look at the comments section:

USER posted reports:

"MALICIOUS DOMAIN: MALICIOUS REDIRECTION (PUA as HTML) (RBN 170)
DOMAIN:
http://internetdo.com/
https://www.virustotal.com/de/url/7053a08f1ee1404b6b2a9e963f09fd60eed927728fa6498d137128d8bd126ff7/analysis/1388934257/
SPECIFIC LINK:
http://internetdo.com/2014/01/reports-millions-of-snapchat-usernames-phone-numbers-leaked/
https://www.virustotal.com/de/url/dc9e72e20dced1c12f94750c70112eaa108bafc625c18a696571dbb2644596b0/analysis/1388932937/
HTML = PUA
https://www.virustotal.com/de/file/890a410a9b772245d228d96fbccd15fbeb7f3b384ad2605f9198a442e8e1be61/analysis/1388933443/
http_inspect: SIMPLE REQUEST
http_inspect: UNKNOWN METHOD
https://urlquery.net/report.php?id=8703868
REFERENCE: http://jsunpack.jeek.org/?report=b68af5b8aaab25e4d8e668c55ed3619e3d354b40
REDIRECTS TO MALICIOUS SITE (URL):
DOMAIN:
http://olafnyu.advidwebsite.com/
https://www.virustotal.com/de/url/5ed8ea843a5e04eae90f73925ef9665560cdab1a9dfd417371be5d54bd96bf16/analysis/1388934808/
MALICIOUS LINK:
http://olafnyu.advidwebsite.com/ncd/index.php?uri=oklm.com/vdd/1154870/same_silky_panties_on_wife...she_likes_them.html&id=39475&f=1
https://www.virustotal.com/de/url/181bdd3c8b1a480f40123d18993a024ad7d52b0ca73ff6113264a7449cceee59/analysis/
https://urlquery.net/report.php?id=8704038
--->
http://us-st.xhamster.com/
https://www.virustotal.com/de/url/54464a87b6fc44e52eea5e5a014f2b373b5ab64a94fdfd92c450e46d41c6027c/analysis/1388936555/
OTHER URLs (DOMAINS) INVOLVED:
http://bdv.bidvertiser.com/
https://www.virustotal.com/de/url/c5269620ca2b75c9bb0a97fb8ca65791103f1375bffc9ca3316930eadcf5f2ec/analysis/1388935993/
http://cdn.hyperpromote.com/slclib800x440.js
https://www.virustotal.com/de/url/62cd1d9ce7051354066da0403d619aa5b3a4dc7e5ea686df462b32d319f64df1/analysis/
SEE: http://wepawet.iseclab.org/view.php?hash=ffea84259e6aa6d057826f92fd960e03&t=1388932891&type=js"

Also http://bdv.bidvertiser.com/ has 7 downvotes as malicious.

I strongly suspect this is the source of your problems.

So, in short, to get your stream to work on a mobile device, you have to visit http://myradiostream.com/djreptoid FIRST, which first tells the server to whitelist your IP address for streaming (by oversight), and then redirects the user to the malware/phishing ads encoded into http://myradiostream.com/mobile/djreptoid as well as displaying a message:

"Not Available!
Sorry, mobile support is not available on this account.

Are you the account owner?
Upgrade to a Webcaster Plus account to enable this option, log in for details."

In simple words: says one thing, but does a few others instead. SLOPPY SLOPPY CODE!

Now, a smart savvy Internet user will laugh at the obvious ridiculous ploy to phish for credit card information from the phishing ads, and just close out of the page, and fire up their favorite streaming software now that their mobile IP address has been greenlighted (by mistake) by the streaming server.

Tell STEVE he got boonswaggled by a harmless (in and of itself) JAVASCRIPT POPUP with a fake message of alarm to dupe rubes, and that NO, HE DOES NOT HAVE VIRUSES -- UNLESS HE WAS STUPID ENOUGH to fall for the social engineering trap and download the fake anti-virus software (which, itself, is probably chock full of trojans and auto-installing rootkits).

Since there was some mention of "Crap Cleaner" finding stuff, I want to check a few more things...

*firing up Spybot Search & Destroy*

Oh shit, that's right, I have a 500GB hard drive 70% full and this scan is going to take 2 hours. I'll have to get back to you later on those results.

Let's review my sorta' okay system security:

I have Comodo Internet Security Premium (it's free) with HIPS (Host Intrusion Prevention System). Antivirus, Firewall, HIPS. The HIPS basically whitelists processes on your computer -- and if something "new" starts to run, it asks you for confirmation to let it run. It also auto-sandboxes all "new" programs by default, which is a double edged sword: if it's a desirable program you intentionally installed and you don't whitelist it, and relaunch, the HIPS will ERASE whatever the program does upon exit -- including saved files it makes.

I also have Spybot: Search and Destroy (it's free -- but the free version has no automatic updates or scans). It's anti-spyware. It scans abysmally slow (read: thorough), BUT it has this really NEAT feature called "Immunize". It basically locks down commonly exploited routes -- immunizing your computer with a single click. In other words, if malware somehow managed to get through Comodo's HIPS, it wouldn't be able to use commonly exploited routes on this machine to stealth-install or communicate.

I invite you to point Steve at these software titles.

Is Steve trying to use a tablet/phone to get to your website? That may be his trouble. A combination of sloppy server coding, and an unsavvy user.

Okay Spybot results are in, and nothing from your websites, but that may just because my computer is somewhat armored against exploits in the first place.

-------

End.