Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture
@OSINT_Tactical
Oct 17, 2022 β€’ 8 tweets β€’ 5 min read β€’ Read on X
Scrolly
🧡Thread! 1/8 : @jakecreps asked about what OSINT can be gathered using DevTools. One of my favorites is using Google Reviews to see what date a subject was in a location, file name used, upload time and date.

#OSINT #devtools #browser #sourcecode
🧡2/8 : The techniques within this thread are to be used on Google Reviews, the intelligence gathered can't be seen or obtained without using Dev Tools, the first initial work on this came from @BanPangar, whom I assisted in the final steps for the different dates understanding.
🧡3/8 : Let's start with my chosen photo which is a cup of coffee. Using exiftool, we can see the photo was taken on the 27th of September 2022 at 17h57 +2 GMT. *I will change the file name to "ilovgoogle" Image
🧡4/8 : The photo was posted on the company page, quite amazing and not really relevant but only a few seconds after posting, 12 people had already viewed the photo. Kind of strange at this time of night. But nice to be followed, even during dark hours....😎 Image
🧡5/8: Now let's get down to business on this photo, let's see what Google does. By clicking on the photo, we can see Google does read Exif/Metadata, the date of visit to the company has not been put as 18/10/22, it shows September, even though this photo was posted just mins ago Image
🧡6/8 : Now it's getting very interesting!
1. inspect element --> 2. Network --> 3. img --> 4. click on the photo --> 5. headers
Guess what!"ilovgoogle" is there, Google doesn't clean file names, imagine you don't have a name for the subject, and you get "Dave_at_work"😈 Image
🧡 7/8: Also try: 1. Go to Fetch/XHR (this technique was found by @BanPangar) --> 2. Look for files that start with V1? and double click --> 3. You will get a file in your downloads named photometa.js
--> Open the file however you wish to open it (.txt or chrome etc...) Image
🧡 8/8: To finish up, let's take a look at the photometa JS file and analyse what's in there. The first date is the date the photo was taken, second date is the upload date and time in GMT. See attached screenshot with the full info. Maybe we can make a script @GONZOs_int 😎 Image

β€’ β€’ β€’

Missing some Tweet in this thread? You can try to force a refresh
γ€€

Keep Current with πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏

πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @OSINT_Tactical

πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture
Mar 28
#OSINT Thread 🧡1/11:

⚠️ A fake French Ministry of Armed Forces website was taken down today.

was claiming to be recruiting 200,000 French people to go to fight in #Ukraine.
It also stated on the website:
*LES IMMIGRÉS SONT PRIORITAIRES (immigrants will be given priority)

Probable Motivations:
➑️ To spread #disinformation on #France sending troops to Ukraine soon
➑️ To cause general panic amongst the French population
➑️ To get the personal data of the French people who used the contact form. (salaries were put very high in order to maximise requests to join the army)
➑️ To track visitor numbers to see how many people are interested in the war in Ukraine.
➑️ To gain intelligence on the number of people interested and willing to go to fight in Ukraine

sengager-ukraine.fr
Thread 🧡2/11:
The domain name was purchased on 15 March 2024.
Only 24 hours after Macron's speech on French TV, he said on 14 March 2024: β€œIf the situation were to deteriorate, we must be ready and we will be ready”
If we look at the creation date and time, and the update date and time, it's always around 15h30. (Modifications to a WHOIS record are typically initiated by the domain owner or someone with administrative rights over the domain)
domain:
Expiry Date: 2025-03-15T15:29:04.242295Z
created: 2024-03-15T15:29:04.260955Z
last-update: 2024-03-20T15:37:23.350728Zsengager-ukraine.fr
sengager-ukraine.fr
Thread 🧡3/11:
The domain was purchased with 1API GmbH
1API GmbH
Kaiserstraße 172-174
66386 St. Ingbert, Germany
Phone: +49.6894.9396-760
Email: abuse@1api.net
CEO: Oliver Fries & Johannes Steck
Tax ID: 075/108/00766
V.A.T. ID: DE248636780 Image
Read 12 tweets
πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture
Mar 5, 2023
Hope this can help LE in TX.
-REG: SJZ-6295
-State: TX
-2021 Ram 2500 6.4L V8
-Price: $51,437 USD
-VIN: 3C6TR5EJ4MG659516
-Gary Cau***** (pkimgcdn.peekyou.com/e7012251bf0d94…)
-garycaud****@gmail.com
-Tel: +136078918**
-Adress: 170* Timberc**** Dr. Garl***

#OSINT
Read 5 tweets
πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture
Jan 31, 2023
Great OSINT Skills by @Highfivelol!
Damaging video seen by millions on Pfizer shows a Pfizer director talking about #DirectedEvolution. In a matter of hours, #JordonWalker got wiped off the www which proves the high priority of the case. threadreaderapp.com/thread/1618473…
#OSINT #Pfizer
@Highfivelol Don't know if this had been found yet. #jordonwalker is on a photo of the The Harvard Urologic Surgery Residency Program at Massachusetts General. (top right) #OSINT #Pfizer Image
Seems he travelled to Europe and Budapest before Covid broke out. Image
Read 4 tweets
πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture
Oct 22, 2022
🧡Thread 1/6: Many accounts (including OSINT people) across social media are still spreading this photo claiming the French Gov purchased thousands of electric vehicles left to rot. The below πŸ‘‡ was posted an hour ago on LinkedIn. Let’s use some #OSINT to check it out. ImageImage
🧡Thread 2/6: Let’s look closely at the photo. We can see a watermark: @greg_abandoned. Image
🧡Thread 3/6: Finding @greg_abandoned on Instagram wasn’t too difficult 😁, zooming in on plates, we can see the plates look nothing like French plates, the writing is in ChineseπŸ‡¨πŸ‡³ : instagram.com/p/CS22ZlDJIn4/
Read 6 tweets
πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture
Sep 13, 2022
🧡Thread 1/17: King Charles's Protection Officer was seen on the 09th September 2022 with a strange looking handgun according to UK Press.
#OSINT #KingCharlesIII #UK #SO14 Image
🧡2/17: UK Royalty Protection Officers usually belong to SO14: eliteukforces.info/police/SO14-ro…
We can see from the photo that the pistol grip is pointing outwards, which indicates the officer is right-handed and opted for a cross-draw type carry. Image
🧡3/17: SO14 Officers carry a Glock 17 (9mm), the handgun does not look like a G17. The daily star newspaper states " A gun was spotted poking out of the armed guard's blazer". To support the claims about officers carrying a Glock 17, read this article:theguardian.com/uk/2000/jun/16… Image
Read 17 tweets
πšƒπšŠπšŒπšπš’πšŒπšŠπš• π™Ύπš‚π™Έπ™½πšƒ π™°πš—πšŠπš•πš’πšœπš 𝕏 Profile picture
Aug 20, 2022
Deep Fakes | Testing Tools and various Software (Another thread will be created soon on Deep Fake Detection)

This is a Thread 🧡 πŸ‘‡

#AI #ArtificialIntelligence #deepfake #OSINT
1 of 7
Used Colossyan.com for the below video of my friend Ryan Shaw who is an FBI Agent.

Ryan Shaw does not exit and was fabricated by me. Everything was chosen, the moving background, the AI person, the accent, the language.
#AI #Artificial_Intelligence
2 of 7
Used deepswap.ai for the video below. The face of Obama was swapped for the face of Gen. Colin Powell. Software didn’t change the shape of Obama’s face, did some additional modifications with Veed.io, voice wasn’t changed. #AI #OSINT
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(