Share this page!

🗣G_S 🔺🔂 Profile picture
Twitter logo
2 Jan, 15 tweets, 12 min read
@usbank thanks for giving me the Dec-31-9999 @ 23:59 expiration date. Weird how I that exactly where the bios is limited from dating itself pass. @dagelf @danehrlich11 @rocco_castoro @dorkingbeauty1 @RekietaMedia
I made sure you have a good picture for the beacons you’re making calls to. Because you guys look to be having a tough time! I’m here for you. Tell me if you can see them. @CISAgov, does the @FDICgov have a team or are you all colossal failures? Image
hbr.org @HarvardBiz @HarvardHBS @Harvard ya’ll related? Because you all fit the bill for being really stupid. Image
@dorkingbeauty1 uat.edu > 104.196.248.208 > list-manage.com > back to one of your pulses from 8 days ago. @Google domain
Sry
104.196.248.208 > 23.193.148.183 > 165.227.228.184 (you)
@PHomeLending you’re on deck. If this was US Bank, an actual legitimate entity, let’s peak under your hood.
I wanted to make sure everyone knows where I sourced this. Let’s take the #1st url Image
This url links to (DO NOT CLICK THESE) 199.60.103.254 (inky.com <- also interesting...) which is PHISHING WEBSITES. (@dorkingbeauty1 pulse - Kent.edu-siblings list)
@PHomeLending @CFPB this is their first listed link on their Twitter page. Let’s look at link 2 - oooo a link shortener?!
@PHomeLending this is extremely odd. You set of ow{.}ly links are all obfuscated shorteners owned by domain registrar @LibyanSpider and the WHOIS is a Canadian (supposedly) named “Ryan Holmes”. More interesting is the fact I can’t find where it leads.
@PHomeLending @FDICgov @CFPB @dorkingbeauty1
@FBIMinneapolis this is the last certificate for Planet Home Lending. This looks like byte code injection.
#1 Link = Phishing. #2 Link = Byte code injected certificate (of authority??) lol #fraud smells... Image
@PHomeLending OH NO! This is classic! Link shorteners to a website with a revoked certificate?! AND YOU HAVE MALICIOUS ANON INJECTION?! I loved how you laughed when I said I was going to audit you (@dorkingbeauty1 planethomelending.com/privacy-policy/)
Why do you have link shorteners 4 this?!
4got image. @PHomeLending you are total frauds. You are a lending company that has domains registered by proxy and obfuscated link shorteners to your privacy policy. I’m calling the cops tomorrow. Now, @CFPB since @PHomeLending is fraudulent and charged with bribery, u? Image
@CFPBMilitary @CFPB you guys are unfucking believable. You are total frauds too. @amyklobuchar our @DeptVetAffairs VA home loans are being bought by fraudulent lenders who phish their customers and inject malicious byte code into their computers.
@rocco_castoro @strongSwanNet @danehrlich11 Google/Akamai/Amazon. Thx for the @securitytrails help btw. @FBI needs to investigate this. I don’t recognize this as legitimate because it isn’t.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with 🗣G_S 🔺🔂

🗣G_S 🔺🔂 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Gl0Agent

🗣G_S 🔺🔂 Profile picture
13 Jan
I get random email this morning from anonymous mortgage company A. I cant figure out who they are. ive obfuscated the data to the best of my ability and im scared im getting played. All MY twitter activity has directly correlated to MY loan. This smells fishy. Image
I added who i believed to be the police. They should be able to help. Im scared that these guys are fraudulent. I hope the police can help. Image
I believe this is an imposter as Ive been victim to VA top level domain hijacking and this individual has not properly identified who they are. i doubt a sworn duty officer would respond like this to a report of fraud. I need help, im alone, helpless , scared and confused! Image
Read 5 tweets
🗣G_S 🔺🔂 Profile picture
13 Jan
CID Officers be getting hazed to shit to prove peoplw are getting hazed to shit. And not pulling rank on the dude whos been hazing ya for the past 30 hours is damn disciplined. christ, its getting burned.
i remember i finally got to bed and heard them tag eachother in to get dude up and haze him again. Fuck, I was up for the past 40 and this dude did 3 more hours of read ups with a mounted mk 19. then they got me up and i did a hour with the mounted 50
then i ran 8 miles.
Read 11 tweets
🗣G_S 🔺🔂 Profile picture
13 Jan
#JS is an obfuscator. #javascript #react #sqli #caretbrowsing #goingindry

#Elixir #Erlang #XML #lolWhatsXML
#favicons are #SVG with #XML payloads easily injected by malicious programs. #KHTML has been around for a very long time and this methodology of obfuscation has been in development since #NetscapeNavigator
whats a #favicon?
😉😄😆😅😌🥰😀😅😌🥰 lol dunno, sry bruh
Read 4 tweets
🗣G_S 🔺🔂 Profile picture
30 Dec 20
@dorkingbeauty1⁩ this is the CA included when PS gets run in admin. wipe, install, no internet
If you wanna come say hi!
It makes sense now when I did get it to boot in 64 bit mode, it couldn’t find [uint8]. docs.microsoft.com/en-us/openspec… because #js doesnt support it?
doc.embedded-wizard.de/uint-type?v=10…
Read 5 tweets
🗣G_S 🔺🔂 Profile picture
30 Dec 20
@dorkingbeauty1 I got orchestrator task xml files that and an unknown SID that owned my registry. I’ve never seen anything like this, but maybe I just never looked.
This @MsftSecIntel bit locker key is from a random source. I never had bitlocker on, none of my accounts have this. You are not doing your job.
@dorkingbeauty1 ¿Segoui? Was a font that I could not own no matter what. The ttf files were crazy. I have no clue what any of these are, but they always set the system time to 12/2019 and defaulted me in the pacific time zone despite being connected to the internet.
Read 9 tweets
🗣G_S 🔺🔂 Profile picture
28 Dec 20
@dorkingbeauty1 otx.alienvault.com/pulse/5fe9381d…

Absolutely none of it. nao.nerve.us was the only valid values. None of any of the. Stuff passed October 5 is mine and is malware
I want to add that this was #Pulsedive a @Google company. They breached the Veterans Affairs servers to obtain my info and impersonated a Gov Official to send me malware. Grace Chi, and Dan Sherry (@netbroom) do this.
Council Bluffs IA is a money laundering circuit because I found Albrecht Finance company and a phony bank. Google got 3bill in tax money to make 35 jobs. And That town does ~$100m in gambling revenue a year
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @Gl0Agent has new unrolls!

Check out other threads from @Gl0Agent!

Read all threads by @Gl0Agent