General question for the group. Does anyone know where the link for yesterday’s fake DECLAS info came from? It’s like it just materialized out of nowhere.
The origin of the link will be key to knowing when DECLAS happens, and even then I imagine a fake one will be made available.
Please be careful out there, and provide a link to the location (e.g., John Solomon’s Twitter) where the user can pick up a fresh copy of the link directly from the source.
ThankQ!
I looked at it and it was all old info we have seen before.
Didn’t see anything malicious. At least Malware bytes found nothing.
Sorry, I had it but deleted it after I found out it was a fraud. I do think it came from a thread, last night, that was posted beyond the trees.
are you speaking of the *.ee/kagbabe link ? “linktree” is a social site. @kagbabe is a username.
I used this to verify if it’s a phishing site: https://checkphish.ai and it came back clean.
https://checkphish.ai/insights/url/1610756732556/ba9357968e674ba733c114c16822cbebd17ccfa406ea22827b1c65523721306f?back=null
(for all i know, that phish checking site could be a phishing site)
there are other checkers and they also came back clean checking this “linktr ee”
still troubled me. https://checkphish.ai has additional checks.
I checked DOM -I’m not too sure what I am looking at or how it works but... https://checkphish.ai/dom/1610756732556/ba9357968e674ba733c114c16822cbebd17ccfa406ea22827b1c65523721306f?back=null
notice the http\www sites (ads\porn\adult finder etc) and redirects.
“paid outbrain com” is noted.
see: https://www.qwant.com/?q=paid.outbrain.com&t
and this for a description and where it might be hiding. https://www.2-spyware.com/remove-outbrain.html
I ran spyware removers\malwarebytes and found no instances of any on my PC.
I emptied temp folders; browser cache\history to the beginning of time; checked for any rogue extensions = nada.
I am now doing a scan for any file changes done today.(see ya in a couple of dats:)
I am staying away from that site.