Popup - https://meetfreememory.site/lander/edge_black/index.html#
Associated Email Address - [email protected]
Associated Extension:
https://microsoftedge.microsoft.com/addons/detail/refresh-all-tabs/ogppbbpcifdlnacmljfadgaloibeciii
https://chrome.google.com/webstore/detail/refresh-all-tabs/eaifphmldckmcgahebfddccefgjglkie
Encourages victims to install a cookie-stuffing browser extension disguised as a 1-click all-tab refresh button. It is made especially annoying by the use of TTS and the inability to go to another site in the same tab, as it opens up the popup in a new tab.
It definitely does more than just refresh all tabs, that much is clear from the chrome extension source code (</s>background.js<e>). Its definitely for tracking purposes, but I’m not totally sure its cookie-stuffing.
I reported both variants of the extension (Chrome and Edge), if they don't get taking down soon I might leave 1-star reviews, the Chrome extension has 5 stars right now.
(Also, if you want to get rid of the popup without closing the whole window, you can close all of the extra ones it opened up as long as you don't go onto them, and then to Ctrl-W twice quickly to get rid of the main tab)
Also, the phishing webpage is hosted on Cloudflare (your are actually being served a cached version when you go onto the pop-up link). Their abuse form says:
"Cloudflare does not tolerate the distribution of malware or serving phishing content through the service. Legitimate reports of phishing and malware URLs will be promptly acted upon."
I've reported this to Cloudflare, so hopefully they can take website down.