Click to jump to signature section
| Source: https://link.edgepilot.com/s/1b4c2fcb/nQHbBC0YQUOfuyi9X74dgg?u=https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.com | SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering |
| Source: https://pub-cb72f4af1674441897427b55eaf679a1.r2.dev/index-Fe241Y01.js | Avira URL Cloud: Label: malware |
| Source: https://link.edgepilot.com/s/628e49d0/xBf-ILWZZEOn58j6bKGnyg?u=https://link.mail.beehiiv.com/ss/c/u001.IdwPaOvIlhDi-zC5gdYhuzQReOKZ8beCGggIMbinGLHRSnFW5n6G8NWsyM0iyJsUxx_bZoWoyApWbHFHuphnkziQS0fB2C484sZmJID4XGTle5IENmCoaua6z_PNVgbbE8H6X_qYkTKFDQ_UDY2kAm40IwgmbJZUjk-5OlANc1fK6FVqkM2fzZ7c47OOv1A1iG-FMzJ4gb49gBGd9n7StXAiRA6V9Pg-7_fiyfJqS1R5nXR3q3H9OLzhmsMIddj4/4cx/9IfeGGdeR_Keg4lUqF34Iw/h6/h001.bz9wbCmyxcOZzSBO-dOdBx-zxnTs9d78FeUbFe0t0Dg | HTTP Parser: https://link.mail.beehiiv.com/ss/c/u001.IdwPaOvIlhDi-zC5gdYhuzQReOKZ8beCGggIMbinGLHRSnFW5n6G8NWsyM0iyJsUxx_bZoWoyApWbHFHuphnkziQS0fB2C484sZmJID4XGTle5IENmCoaua6z_PNVgbbE8H6X_qYkTKFDQ_UDY2kAm40IwgmbJZUjk-5OlANc1fK6FVqkM2fzZ7c47OOv1A1iG-FMzJ4gb49gBGd9n7StXAiRA6V9Pg-7_fiyfJqS1R5nXR3q3H9OLzhmsMIddj4/4cx/9IfeGGdeR_Keg4lUqF34Iw/h6/h001.bz9wbCmyxcOZzSBO-dOdBx-zxnTs9d78FeUbFe0t0Dg |
| Source: https://link.edgepilot.com/s/1b4c2fcb/nQHbBC0YQUOfuyi9X74dgg?u=https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.com | HTTP Parser: https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.com |
| Source: https://link.edgepilot.com/s/1b4c2fcb/nQHbBC0YQUOfuyi9X74dgg?u=https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.com | HTTP Parser: Base64 decoded: https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.com |
| Source: https://link.edgepilot.com/s/1b4c2fcb/nQHbBC0YQUOfuyi9X74dgg?u=https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.com | HTTP Parser: No favicon |
| Source: https://link.edgepilot.com/s/628e49d0/xBf-ILWZZEOn58j6bKGnyg?u=https://link.mail.beehiiv.com/ss/c/u001.IdwPaOvIlhDi-zC5gdYhuzQReOKZ8beCGggIMbinGLHRSnFW5n6G8NWsyM0iyJsUxx_bZoWoyApWbHFHuphnkziQS0fB2C484sZmJID4XGTle5IENmCoaua6z_PNVgbbE8H6X_qYkTKFDQ_UDY2kAm40IwgmbJZUjk-5OlANc1fK6FVqkM2fzZ7c47OOv1A1iG-FMzJ4gb49gBGd9n7StXAiRA6V9Pg-7_fiyfJqS1R5nXR3q3H9OLzhmsMIddj4/4cx/9IfeGGdeR_Keg4lUqF34Iw/h6/h001.bz9wbCmyxcOZzSBO-dOdBx-zxnTs9d78FeUbFe0t0Dg | HTTP Parser: No favicon |
| Source: https://galvistylist.com/?utm_source=andys-newsletter-024aef.beehiiv.com&utm_medium=newsletter&utm_campaign=basic-method-classes&_bhlid=2e1c33352022233d6cd65765c0149d967d02f9bf | HTTP Parser: No favicon |
| Source: https://b-ina.com/UtEeYAz.html | HTTP Parser: No favicon |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | HTTP traffic: Redirect from: link.edgepilot.com to https://url.usb.m.mimecastprotect.com/s/szgccm7wwmt5092lsbiwsrg4fz?domain=link.edgepilot.com |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | HTTP traffic: Redirect from: link.edgepilot.com to https://link.mail.beehiiv.com/ss/c/u001.idwpaovilhdi-zc5gdyhuzqreokz8becgggimbinglhrsnfw5n6g8nwsym0iyjsuxx_bzowoyapwbhfhuphnkziqs0fb2c484szmjid4xgtle5ienmcoaua6z_pnvgbbe8h6x_qyktkfdq_udy2kam40iwgmbjzujk-5olanc1fk6fvqkm2fzz7c47oov1a1ig-fmzj4gb49gbgd9n7stxaira6v9pg-7_fiyfjqs1r5nxr3q3h9olzhmsmiddj4/4cx/9ifeggder_keg4luqf34iw/h6/h001.bz9wbcmyxcozzsbo-dodbx-zxnts9d78feubfe0t0dg |
| Source: C:\Program Files\Google\Chrome\Application\chrome.exe | HTTP traffic: Redirect from: link.mail.beehiiv.com to https://galvistylist.com?utm_source=andys-newsletter-024aef.beehiiv.com&utm_medium=newsletter&utm_campaign=basic-method-classes&_bhlid=2e1c33352022233d6cd65765c0149d967d02f9bf |
| Source: unknown | TCP traffic detected without corresponding DNS query: 173.222.162.32 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: global traffic | HTTP traffic detected: GET /s/1b4c2fcb/nQHbBC0YQUOfuyi9X74dgg?u=https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.com HTTP/1.1Host: link.edgepilot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /css/app.css?v=1 HTTP/1.1Host: link.edgepilot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://link.edgepilot.com/s/1b4c2fcb/nQHbBC0YQUOfuyi9X74dgg?u=https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://link.edgepilot.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://link.edgepilot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://link.edgepilot.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://link.edgepilot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /jquery-3.2.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://link.edgepilot.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://link.edgepilot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /jquery-3.2.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: link.edgepilot.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://link.edgepilot.com/s/1b4c2fcb/nQHbBC0YQUOfuyi9X74dgg?u=https://url.usb.m.mimecastprotect.com/s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: link.edgepilot.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /s/sZGCCm7Wwmt5092LsBiWSRG4Fz?domain=link.edgepilot.com HTTP/1.1Host: url.usb.m.mimecastprotect.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://link.edgepilot.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /r/sBfQWSYAXouYmS9rdYlqLvU6wofRFdf4OHr4pPhd95TDW6Pwzmx9PlWLBz0Do9vz2dRXZvRGRGotu-MjOriDghiyP6sP2arfHrnD7La0-B9QrzB4wmtT2jCEF6WoI0XFfO5y3hctlqtIuuoPkEHspZWgwWvzvqNHwLbrKE4Rq9d5MzgbALrsXm4gfu4fi-dk5wBulpJa-tm3A3TuuKPTMWniE4M4FC__5arBc6CdbDrphhqc8cYSBUsV_IOqXm9OyL7cL0t5nzjZ5s8RfJZ_VlWLNXzmeVQ934jwNBhZQ58N6Orcr_TSOl1uU08koJBOuD8a1Gx9RTodpH_6k8zLtmbCQhxZn3-snFcPs4aW2vgkRyREnjtaFCrIAyGE_t_YO_KaM6Te1NUob1jj6-9wTyq1KIihjeE72IMTAC18JLZXCX-UdZxnvEpS3A_hhUC7KK0Vy72-rwfU5BVmRF6KY77Ifm7tbHdct2PA7D8OL06pF1J-ivMYD5q469y-IbqUHNeb4LnrLN2iXiweJ7_rwzFpWAH52MJK2D7RF-N1iSHemjLOOCc1rj1vrXdZIw4FJHgdxqhgqSdnzRVa0GeRpqJxRvYyb_cyBkpoF7Y1CU7O_PZ6QJdmkMUlUsyxXZSGh3DnF_HNCEQpOQF-gSMhZywatZRPzzQOimQcGKrkkgtYF8s79bYBsVjr1ccbnMoE9eTkr0GxcgH1-F5Pl2l8dpkXvNjBRzRd8ZnCMk349pfelvhZbcEeA_DYjuzTt__9mfPWMzfVGSZ9qt4p7_ZBRbbcjkmYQtbJ0Tf4xepaPG5o1NaSqWIyLqLi5pEiZxDypc560RZmEMAFvFgqnmMNnZL7-CDVQV44lOoNDWJKmomu8AneiVMcgkq9uOqGfap3I7nOfgccsW1EPcM_XFPi1BvLswLmmJc9gZ-tq0wpqVyvyXP_ZZt__s4B9NpGMfaJetnL82IAj5darwrhoIIpVgX73weWhKU-KgdXoUulJ3xvgKM1nDNXKbMtnFchu26f2D9hFzHduoB4dq1xp9uyPXHZnGYyMSKPqWcp63_nIxJ2mKbiLnrKhe_sQLN6qTa_GZ-USawI1MfoCiiccyfnmEGDGgyza2b3N6yFg-EVOKb7zIRCSYDMfP-uMamv8eFohHqSKwvb2ax0Q67M9NJeouxHmgJ72y6u5AFes18JntusX_7IL2Ym245Jm-fGVTKwSVS0qD0WuvQr9fRU87HJiXjsrsqV7eWf3TpKsVHeMhhoLoxxwPAUQErfdbl3xKwqwK7RoIxg1jPps24SUFxNMYzB3K3oBYo28QnGMGLG1aVzwhmOrJWzYaJXKS0lOSH201weaNWQ3mJAg1LyOJrTWJ3-7AirsIK7wox-sV0lr2Ez1stBN2M0lKFF42tVE8CCnbodqMpu43UbIOFs90PrO0WXiSVYA4Sw3JYcjIISt4X8FEYQ1GpCh5aUs8HLs5BucDFaPRFPzNDuiEOJZYvOPdV1PdDdeix35zIt8SuMU76frHKDOwU0XGrHYDAvJ2VHGNvcHHfNWFrbP2h6mGq9vjOtgWybmXFK816ASln9dIyfuAj9pgHtj1GplLnYKXyk_46DU1osVilVYnmDE6w8tiwxKqThyK5PZy3imlV1dDMBFkjyLTouevtSwRyXHLHqwOH_oK1ewrCgstOFYtx1Q8k_JIEoqlpiKwSW01DASVD5PbQElEs_o3dXaBHHVzWRXzcMHcPayCiN6yr6CaMQnsV3Ex-OIRHWB6_VV6mkxMOq1rrK1uV6fyEO8yxJPenhMzKlXCWyrrXOg84wdKXVrhOicK8RhQUguPJ0aCvrjemrxzZXX-FSkIOLfrSeeu9hVbTu6DKniS4R1U3OlMdphFo3xVGUm_eMjcik1BV6eokPPfKvN04F2-Fxwvwxhafxp8838Z9VLGaQKrX6ulzm9MMBbDHAsT6EAZ7TLNhanqfwzdvPxLOeWFG74KGgNcLI6hu0GY7iV-Nlq69cttIvYH_A9xjvs3EWsAWWxzoiuAzay1E5tWPfi82mwAZNlZN8uhCg4Rr2vZjM9fsuITsAUQtR7J9ePwOlh1EAZcaIZ2pXJeroQeWbG7ewmbukBGZ6h3-lgoBf5NNbMbm0MaJjtUNx7k1RRfGPVgmy4xLzworTolUCWXiWRF-rC9GhY6wWijb1XYGDM6imzGnJ7x3cjMJ3nWCZPQIqQfWGzduK0O99OkYkrT9XOT0K_Wmg11nd5o-RI7DkiltSlJVdp3pB9721C74qaTt6QZPxF7FlCNyjecJNtKYx7m_WaPuvZqX549B853Bj0PnM6ZggpoIaBZV9OX1dV3OO-uIFy-XCS16JGSGeVyxV1QjS6Xh1E8-QD6jwF4PN992qlgP4sFd2e3Le00Drj0nex4pQXBiVzM9DHcJN3J8BJDeUN5RC9puZX-Fer3vCOH5NRqGjmEzPO |
Edit tour
chrome.exe (PID: 3744 cmdline: 
