r/RBI2

Working a TCPA case against a persistent scam SEO outfit hammering my US business with 3PM daily calls from rotating numbers for several weeks. Need help building out their footprint to surface a US-jurisdictional defendant.
Surface facts:
• Trading brand: AIO Technologies
• Website: aiotechnologies.com
• Listed entity (per site footer): Tencaro Services Ltd
• Listed address: 18 Souliou Street, Strovolos, P.O. Box 23622, 1685 Nicosia, Cyprus
• Site copyright: 2023
• Call origin: Indian call center, English-speaking, US-style pitch
• Service pitched: SEO / digital marketing
• Pattern: 3PM hits daily, rotating CLI on every call, no compliance with cease-and-desist
• Target number DNC-registered for over a year
What I’m working through, and where help would short-circuit the timeline:
1. Sister brands. Cyprus shell + Indian call center + boilerplate SEO site almost certainly means 5 to 20 white-label variants on shared infrastructure. Planning to pivot on tracker IDs (GA, Pixel, AdSense), favicon hash via Shodan/Censys, reverse IP, and certificate transparency. If anyone has bandwidth and tooling to run those faster than me, or has already mapped a similar operator’s portfolio, I’d be very grateful. Sister brands with US-fronted billing entities are the real targets.
2. Tencaro Services Ltd beneficial owners. Cyprus UBO register is restricted-access. Planning to retain a Cypriot solicitor for direct access, but if anyone has Sayari Graph, OpenCorporates premium, or similar entity-linkage access and is willing to run “Tencaro Services Ltd” against the registered address, that would save me two weeks.
3. Lead vendor. They got my number from somewhere specific. GDPR DSAR going to the Cyprus entity (Article 15 + Article 14 source disclosure required). If anyone recognizes this operator’s targeting pattern from prior investigations and has a likely list broker in mind, would appreciate a pointer.
4. US gateway carrier on inbound foreign traffic. Pulling CDRs from my carrier this week to get true ANI, OCN, LRN, and STIR/SHAKEN attestation. If anyone’s navigated this with a major business carrier and has tips on the path of least resistance, would love to hear them.
5. Cross-investigation linkage. Strovolos shows up a lot in offshore-scam OSINT. Has anyone seen “Tencaro Services Ltd” or “18 Souliou Street, Strovolos” pop up in unrelated investigations? Looking for any prior reporting that ties these to a known operator group.
Pivot data anyone can work with right now:
• Domain: aiotechnologies.com (registered via privacy service)
• Entity: Tencaro Services Ltd
• Address: 18 Souliou Street, Strovolos, P.O. Box 23622, 1685 Nicosia, Cyprus
What I can trade back:
• Documented call log (numbers, times, dates) over several weeks
• CDRs once carrier returns them
• Whatever surfaces from the Cypriot UBO file pull
• GDPR DSAR response if and when it lands
• Any contract or proposal artifacts if I escalate engagement to extract them

I’m not sure if this violates the rules so if you are a moderator and are reading this and see it does violate any, please remove it. I’m not trying to doxx anyone and this is in no way to harm someone over some petty drama. (I posted this in RBI and it got removed)

I had a very close online friend, 14F, who we will call Jane. I just cut her off because I found out she had a twitter account (with quite a following) dedicated to ageplay and selling nsfw content. I will not be disclosing any more information about this, but I believe it is crucial to the story. Before I cut her off, she told me about her 36 year old online “boyfriend” who we will call John. I was uncomfortable at this, but I wasn’t sure what to do since I am a minor as well.

I continued talking to her and this helped me learn some information about him. She told me that they met on twitter and he is very much aware of her age. I know what state he lives in, his first name, his face, his age, his twitter account, but not much else. I don’t have any contact with Janes family or parents so I don’t know how to get her into a safe place, and frankly I’m afraid. What I have seen, they have done video calls and he buys her hundreds of dollars worth of stuff. How does her mom not know? I’m really not sure.

I’ve seen some of their messages and it is extremely concerning, I am just not sure what to do. I can’t go to any authority because I don’t know what city he is in, and I don’t know his last name or anything like that. Is there anyone who would be willing to help, or give me advice? Or even help me find out more information about him so I can properly report him to the police?

My friend is being harassed by someone who we believe is using a fake phone number through text now, does anyone know of any ways to trace who is behind it without getting police involved? We'd appreciate the help, thank you all.

I decided to reach back out to my ex friend, even with all the crazy stuff going on. I told her that I felt like reporting to the authorities was the right thing to do, and she told me she recently put all her accounts to private and cut off John. She said she told her mom everything out of guilt and her mom is working on a police report.

We’ve had an extremely rocky friendship the past few years and she has told a lot of lies, so I really don’t know if I buy it. She is begging me to believe her, so I guess I’ll just leave it at that and take her word for it. It’s true that she has unfollowed John and she has privated her accounts but… I still am in the process of making a report.

We’ve been on and off being friends multiple, multiple times due to our arguments and both of our mental health being poor. I’m considering being her friend again but I don’t know if it’s a good idea.