hxxps://getwave[.]gg[.]com

Analysis

max time kernel
240s
max time network
285s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
03/07/2024, 16:33 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://getwave.gg.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
3796	msedge.exe
3796	msedge.exe
2284	msedge.exe
2284	msedge.exe
1920	msedge.exe
1920	msedge.exe
2096	identity_helper.exe
2096	identity_helper.exe
3768	msedge.exe
3768	msedge.exe
3768	msedge.exe
3768	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe
2284	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2284 wrote to memory of 4012	2284	msedge.exe	79
PID 2284 wrote to memory of 4012	2284	msedge.exe	79
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 1620	2284	msedge.exe	80
PID 2284 wrote to memory of 3796	2284	msedge.exe	81
PID 2284 wrote to memory of 3796	2284	msedge.exe	81
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82
PID 2284 wrote to memory of 1468	2284	msedge.exe	82

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://getwave.gg.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0x100,0x110,0x7ff8c10c3cb8,0x7ff8c10c3cc8,0x7ff8c10c3cd8
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1928 /prefetch:2
  2⤵
  PID:1620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8
  2⤵
  PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4584 /prefetch:1
  2⤵
  PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
  2⤵
  PID:3316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5636 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
  2⤵
  PID:992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:1380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:4148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,6339812250285992435,11087709102671280311,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4836 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3768

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4228

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3220

Network

DNS

getwave.gg.com

msedge.exe

Remote address:

8.8.8.8:53

Request

getwave.gg.com

IN A

Response

getwave.gg.com

IN CNAME

www.gg.com

www.gg.com

IN CNAME

www.gg.com.cy-isp.com

www.gg.com.cy-isp.com

IN CNAME

cl-3249f890.gcdn.co

cl-3249f890.gcdn.co

IN A

93.123.11.62
DNS

getwave.gg.com

msedge.exe

Remote address:

8.8.8.8:53

Request

getwave.gg.com

IN A

Response

getwave.gg.com

IN CNAME

www.gg.com

www.gg.com

IN CNAME

www.gg.com.cy-isp.com

www.gg.com.cy-isp.com

IN CNAME

cl-3249f890.gcdn.co

cl-3249f890.gcdn.co

IN A

93.123.17.254
DNS

ocsp.digicert.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ocsp.digicert.com

IN A

Response

ocsp.digicert.com

IN CNAME

ocsp.edge.digicert.com

ocsp.edge.digicert.com

IN CNAME

fp2e7a.wpc.2be4.phicdn.net

fp2e7a.wpc.2be4.phicdn.net

IN CNAME

fp2e7a.wpc.phicdn.net

fp2e7a.wpc.phicdn.net

IN A

192.229.221.95
DNS

254.17.123.93.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

254.17.123.93.in-addr.arpa

IN PTR

Response
DNS

getwave.gg

msedge.exe

Remote address:

8.8.8.8:53

Request

getwave.gg

IN A

Response

getwave.gg

IN A

104.26.3.170

getwave.gg

IN A

172.67.73.56

getwave.gg

IN A

104.26.2.170
DNS

172.214.232.199.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

80.90.14.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.90.14.23.in-addr.arpa

IN PTR

Response

80.90.14.23.in-addr.arpa

IN PTR

a23-14-90-80deploystaticakamaitechnologiescom
DNS

194.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.61.62.23.in-addr.arpa

IN PTR

Response

194.61.62.23.in-addr.arpa

IN PTR

a23-62-61-194deploystaticakamaitechnologiescom
DNS

ctldl.windowsupdate.com

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

ctldl.windowsupdate.com.delivery.microsoft.com

ctldl.windowsupdate.com.delivery.microsoft.com

IN CNAME

wu-b-net.trafficmanager.net

wu-b-net.trafficmanager.net

IN CNAME

bg.microsoft.map.fastly.net

bg.microsoft.map.fastly.net

IN A

199.232.214.172

bg.microsoft.map.fastly.net

IN A

199.232.210.172
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response
GET

https://www.bing.com/qbox?query=gh&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=7013837bd43d4611b742d326387a36fc&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=gh&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=7013837bd43d4611b742d326387a36fc&oit=1&cp=2&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 451
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d6dd51e41bc93b7d58b1abb4cb3
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-SUmsVS0YDd4oj7Ej98JgVSefg8h3mPqLSpMD1aJCy04='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:49 GMT
set-cookie: MUID=2287F3BF025462C1099CE70E03BB6311; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:49 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2287F3BF025462C1099CE70E03BB6311; expires=Mon, 28-Jul-2025 16:33:49 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=1F9FD677C8146DFF1C48C2C6C9FB6C1C; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:49 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:49 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:49 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=13A43BC1BD3542B6939F26954653C550&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:49 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:49 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:49 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=1F9FD677C8146DFF1C48C2C6C9FB6C1C; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024429.12597c19
GET

https://www.bing.com/qbox?query=g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=4f07dd90c9ce45fdb98abfa163aa1a91&oit=1&cp=1&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=4f07dd90c9ce45fdb98abfa163aa1a91&oit=1&cp=1&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 447
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d6ebc8641ed9dfce47d05fd4774
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-v1k7YDQ4Aq6MUsI3pBwMVA2AH4IBBq1qlCFYk/W+eGA='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:50 GMT
set-cookie: MUID=022A8ECACDED635635199A7BCCAE623D; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=022A8ECACDED635635199A7BCCAE623D; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=3232E916A4E3696133BDFDA7A5A0682F; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=679AF198D89C4601B043D710B53B2AAD&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=3232E916A4E3696133BDFDA7A5A0682F; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024430.12597d01
GET

https://www.bing.com/qbox?query=g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=ac2512859aa44cd8b67b8af7c436a053&oit=1&cp=1&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=ac2512859aa44cd8b67b8af7c436a053&oit=1&cp=1&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 447
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d6e6d994235a614ea2ba6668e0f
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-Gn1weNv2NoF9ajIK8OeXhZeUkVHT7F3DAZfDcdTsjQ4='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:50 GMT
set-cookie: MUID=2526CDF1CA646F082D9ED940CBAB6E0C; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2526CDF1CA646F082D9ED940CBAB6E0C; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=3639ECBE924162B20506F80F938E63BA; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=AD62522F2F07482791487E3E6F03BC7A&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=3639ECBE924162B20506F80F938E63BA; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024430.12597d9e
GET

https://www.bing.com/qbox?query=ge&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=69dc936668f048a98d096d4d698149d5&oit=1&cp=2&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=ge&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=69dc936668f048a98d096d4d698149d5&oit=1&cp=2&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 500
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d6e48cb4149a0e73ff3f5790ec3
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-9G7XfR/g02LpcYLEJgka8Ck/beyadXX7tCvni8VOPso='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:50 GMT
set-cookie: MUID=1321B914800A62CD2437ADA581C76356; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=1321B914800A62CD2437ADA581C76356; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=3E916ED94A2568C6019A7A684BE86957; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=D1DD8C59D97B4640BB3807B40A7CA295&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:50 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=3E916ED94A2568C6019A7A684BE86957; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024430.12597dd5
GET

https://www.bing.com/qbox?query=get&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=15cca9a14ee34e0c93ff352d115d404a&oit=1&cp=3&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=get&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=15cca9a14ee34e0c93ff352d115d404a&oit=1&cp=3&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 480
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d6f10104602b7270b96e715fae2
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-qZa/Mc0kaFBAMzyzp/ifJ++TBa/b3c75+ee5hP1txuM='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:51 GMT
set-cookie: MUID=01C41BEB48F1673C0F7F0F5A494B66CD; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=01C41BEB48F1673C0F7F0F5A494B66CD; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=2528EB85E8386B743D75FF34E9826AC6; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=1ABD180C250143448A0C44E901DB41BD&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=2528EB85E8386B743D75FF34E9826AC6; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024431.12597ec2
GET

https://www.bing.com/qbox?query=getw&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=cf06eb7366364ae6881413cc75cff973&oit=1&cp=4&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=getw&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=cf06eb7366364ae6881413cc75cff973&oit=1&cp=4&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 347
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d6f6dc44c5ebfdd1f376398f63a
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-WPnSZyROXfE/Xi3DcFL50yFQytnvlbjj/fUWk0eddVo='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:51 GMT
set-cookie: MUID=287F47465F596F7E270253F75E716E2A; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=287F47465F596F7E270253F75E716E2A; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=12F20CBC515B61943209180D507360E3; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=CCC8829BBCD24648A4D610C9A72C3DF2&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=12F20CBC515B61943209180D507360E3; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024431.1259805b
GET

https://www.bing.com/qbox?query=getwa&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=bf4de1bbb489498dbaca6e3f990b04db&oit=1&cp=5&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=getwa&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=bf4de1bbb489498dbaca6e3f990b04db&oit=1&cp=5&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 292
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d6f480a42f38414980afe63adbc
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-5YCTD+seAwib0qXuy6l5R/ddhktYrLq+OcBKMPmDtT8='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:51 GMT
set-cookie: MUID=33A50F912D9C6CCA2CE31B202C496DB2; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=33A50F912D9C6CCA2CE31B202C496DB2; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=0DEDE80845A6622D0FDCFCB94473631E; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=9A0222ADA8494F6F957EA2260A1BA8BF&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=0DEDE80845A6622D0FDCFCB94473631E; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024431.125980c5
GET

https://www.bing.com/qbox?query=getwav&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=27152ba5ea474fc69abd3f42a7b52aa8&oit=1&cp=6&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=getwav&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=27152ba5ea474fc69abd3f42a7b52aa8&oit=1&cp=6&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 253
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d6f748d48ebb21f90df03a1fdf6
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-jVw8OB0Ga+L8TO9xPVwOER9mleTBYyxhWC2hfa7ASGU='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:52 GMT
set-cookie: MUID=2D538FA0C4996BC2180C9B11C5A96A06; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=2D538FA0C4996BC2180C9B11C5A96A06; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=3E16C5A59F466EE01D9CD1149E766F75; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=158B34E56D3142AE82AF1FA482ADF138&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:51 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=3E16C5A59F466EE01D9CD1149E766F75; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024431.12598119
GET

https://www.bing.com/qbox?query=getwave&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=4444bc6f88c1458eaa63adfce29a652c&oit=1&cp=7&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=getwave&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=4444bc6f88c1458eaa63adfce29a652c&oit=1&cp=7&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 252
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d70bf3045dd8751ec2cc20f1170
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-DBbqEMGeqsAqZg5veI7SCB6Ft7mgvohWqMbr8kDq0/M='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:52 GMT
set-cookie: MUID=39D46402047E6FED17C270B305F36E04; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=39D46402047E6FED17C270B305F36E04; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=13E301DAB5EE6D241CA0156BB4636C8F; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=0022D405A3954C0B9CD1970D953596B0&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=13E301DAB5EE6D241CA0156BB4636C8F; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024432.12598371
GET

https://www.bing.com/qbox?query=getwave.&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=31272c9c42774a27828e7c87f7ad53d4&oit=1&cp=8&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=getwave.&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=31272c9c42774a27828e7c87f7ad53d4&oit=1&cp=8&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 210
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d70097743f3a63b7e7585f9e7b3
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-Kq2zHcZXqGjXVuEz2+CDeLYiAhPXQ2A39gvrAOoH9AM='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:53 GMT
set-cookie: MUID=18BD5119FD646A5D0B5345A8FC186BF6; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=18BD5119FD646A5D0B5345A8FC186BF6; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=36BAB9D28D3F61562712AD638C4360AC; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=A0315B461ADF4AC08CC610A601D017DA&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:52 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=36BAB9D28D3F61562712AD638C4360AC; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024432.12598400
GET

https://www.bing.com/qbox?query=getwave.g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=47b43114e99e4c9e9ec07cea87fca273&oit=1&cp=9&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=getwave.g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=47b43114e99e4c9e9ec07cea87fca273&oit=1&cp=9&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 198
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d71c1614afdb76d9e5448bd4424
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-r156FUKiGFRIdMXEZQTV+nAj6jp1iO6c6dz6RfAH9g8='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:53 GMT
set-cookie: MUID=3BF5A94317FE69FA3CFEBDF216B56842; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=3BF5A94317FE69FA3CFEBDF216B56842; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=0061EDFCF297616C1727F94DF3DC6063; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=F1BB6F6A0BB2429085851BDBFAE55280&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=0061EDFCF297616C1727F94DF3DC6063; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024433.1259859e
GET

https://www.bing.com/qbox?query=getwave.gg&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=2263dfa3f1cb4ba18ecd59e3129f0524&oit=3&cp=10&pgcl=4

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=getwave.gg&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=2263dfa3f1cb4ba18ecd59e3129f0524&oit=3&cp=10&pgcl=4 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 194
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-eventid: 66857d71e3224b979391ca69a48422af
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-sthmyu6YHiGkBBgaoNPWae3ofyU68cHk6qv+hcE2HaM='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Wed, 03 Jul 2024 16:33:53 GMT
set-cookie: MUID=017963CB74FF67AA2BA8777A75DB66B8; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=017963CB74FF67AA2BA8777A75DB66B8; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=2707735C319264950D1967ED30B66579; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=270B0F6BA1854CFE98C08F8613F22B28&dmnchg=1; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240703; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 28-Jul-2025 16:33:53 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=2707735C319264950D1967ED30B66579; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1720024433.12598643
GET

http://getwave.gg/

msedge.exe

Remote address:

104.26.3.170:80

Request

GET / HTTP/1.1
Host: getwave.gg
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: s-maxage=31536000, stale-while-revalidate
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-nextjs-cache: HIT
x-powered-by: Next.js
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFLuKvRzhsE%2FPjqzR%2FlXPySsJwHi7xdBFakxOjej0pZ1TdQI7Zr84YyWqWwXcl8mYj9tEwWDh%2F7nyhTq5orfLGgRrTR6X4Guq%2Fdeavb%2BJ8%2BNk2f3j8um4%2BIDQ3k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a68ed688a1-LHR
Content-Encoding: gzip
GET

http://getwave.gg/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/media/c9a5bc6a7c948fb0-s.p.woff2 HTTP/1.1
Host: getwave.gg
Connection: keep-alive
Origin: http://getwave.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: font/woff2
Content-Length: 46552
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
etag: W/"b5d8-1905a34bea7"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
CF-Cache-Status: HIT
Age: 266228
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkVlCI2qkLFH6OzJ4Caug%2FaiX2ZYnmeEFnMGVOR4PJiPclC6VcXA60GJFjhRV%2F%2FFPLafc2%2Bi4C4h56GQKKfzEIr5txNGFtrx9F5723jfHYv8uJumPH0ZHhRaMtk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89d847a8d9a188a1-LHR
GET

http://getwave.gg/_next/static/chunks/53c13509-1b8c1da7a4cf00ea.js

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/chunks/53c13509-1b8c1da7a4cf00ea.js HTTP/1.1
Host: getwave.gg
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 616
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Content-Encoding: gzip
etag: W/"476-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 266408
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4HbsEUqb6v%2Fip2ckSrpfb4a%2FsqCie2y%2FFT4DfWocVVlYWwpsQNLd5y6H5g5yFX49Zvz7jACqLKEfvs%2BQjb0hG%2FN%2FlspLUiPd7jETJScEVcw1atvl0qJlYIYOO24%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a909e288a1-LHR
GET

http://getwave.gg/_next/static/chunks/webpack-df6ce5ece02cb4cb.js

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/chunks/webpack-df6ce5ece02cb4cb.js HTTP/1.1
Host: getwave.gg
Connection: keep-alive
Origin: http://getwave.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1683
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Content-Encoding: gzip
etag: W/"df7-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 266228
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BgNNdMFfROFF4NHEj1qlOJGXTjrAo6ruLHXAqZMjxIBRTO%2FNuTMSTSQ4ozIot74nPOBjfUr6A49Le27e3NmNcNgasR3IXXTcdelrgzKjd0lVoUliShf24A1BGc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a8da479492-LHR
GET

http://getwave.gg/_next/static/chunks/8e1d74a4-866f4535ab67bc1e.js

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/chunks/8e1d74a4-866f4535ab67bc1e.js HTTP/1.1
Host: getwave.gg
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 879
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Content-Encoding: gzip
etag: W/"72b-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 266408
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3v%2B6Gek0AprVhJRjClFo3HahbS0rrLtqVJssB3%2Bc62cn%2F0453Jt2hVrlxBvTWv%2FXB4cggl%2FpQ0LT0lTHOwoNb2FB2RPYxvuouSywARO3HqJXdAVUTZch1HdgstI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a91aa39492-LHR
GET

http://getwave.gg/_next/static/css/5e498ac1b4449483.css

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/css/5e498ac1b4449483.css HTTP/1.1
Host: getwave.gg
Connection: keep-alive
Origin: http://getwave.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: text/css,*/*;q=0.1
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 4025
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Content-Encoding: gzip
etag: W/"39b8-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 20276
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Rem1Q99J%2B0AvM%2FJB0b4vL7O%2B36rhDcZ5vj%2BxHZ6%2BfkGdhK9fCDnfum2%2FWbjEGgafmTsH4HMEVM5GTXUa8BSyL3MKAd1eqRnw8D80%2FGpUa2bCxGmQpn4t3fH%2FyI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a8f8409439-LHR
GET

http://getwave.gg/_next/static/chunks/974-706c97b0dbd4bf9a.js

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/chunks/974-706c97b0dbd4bf9a.js HTTP/1.1
Host: getwave.gg
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Content-Encoding: gzip
etag: W/"12fa4-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 266227
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cv2PFkhn3Em0Z2MJ260noqaPkOW5rCXd4GCdRU%2Bko4D%2F4WJEECa9TxMiUJY5bOpamT2RTPAF2%2B6Ait029W7QlNnN%2FvKz9V%2B%2FBIOzHzNmN6weZbBw9FWSNhbQnv0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a9389f9439-LHR
GET

http://getwave.gg/fonts/ZonaPro-Regular.woff2

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /fonts/ZonaPro-Regular.woff2 HTTP/1.1
Host: getwave.gg
Connection: keep-alive
Origin: http://getwave.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/_next/static/css/5e498ac1b4449483.css
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-powered-by: Next.js
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMDkU8f%2FaicvzDd8I48kMyVA9KF9P324mYPuYrRBqn5vNaoRa5VCcukdjUlh7NpU85bHCE40J5L8acLJdCudKkKW4QG6gVSyjGuI6RwUs84zOvfoQF5A%2BjTp69w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a9b9449439-LHR
Content-Encoding: gzip
GET

http://getwave.gg/_next/static/chunks/fd9d1056-a0a12fe8bfe57583.js

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/chunks/fd9d1056-a0a12fe8bfe57583.js HTTP/1.1
Host: getwave.gg
Connection: keep-alive
Origin: http://getwave.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Content-Encoding: gzip
etag: W/"2a09e-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 2506
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XjtOqddZ6b47LWYdQak43GvBA40fp0MUKnyh9EJpG1cdvN3dNlnZflkh%2FQi3KqpEVxezIKJeyoGwCXmnGIfl7z7iuh0ccM6pqicIIqlvXeAxHVjBDW%2B10%2FDn1k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a8fe27539f-LHR
GET

http://getwave.gg/images/background-landing.jpg

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /images/background-landing.jpg HTTP/1.1
Host: getwave.gg
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://getwave.gg/_next/static/css/5e498ac1b4449483.css
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: image/jpeg
Content-Length: 58053
Connection: keep-alive
Cache-Control: public, max-age=14400
Cf-Bgj: h2pri
etag: W/"e2c5-19037d14cec"
last-modified: Thu, 20 Jun 2024 22:43:01 GMT
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FOPjP1DHiVLXj2pnBZNbmXF4xB3HLZ4OXgvu7LO%2BLmFM6RY8PokuNm6AIh6a9ej%2ByTWVVozMQrILttuxkuDLfpS3XVonIjTTsgg76B%2BgVLFW9Mq128WFsHL6q74%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89d847a97ee7539f-LHR
GET

http://getwave.gg/fonts/ZonaPro-Regular.woff

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /fonts/ZonaPro-Regular.woff HTTP/1.1
Host: getwave.gg
Connection: keep-alive
Origin: http://getwave.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/_next/static/css/5e498ac1b4449483.css
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-powered-by: Next.js
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXgVVXe%2FcziAKMQxk1jNztZL6rPxpme6RbseDj9v31C%2BWn9hZct6QW%2FflE9fwcxIYMZgf81QktrmaYdOCdBKXnxuB59hh65ijFJM4xVWwKcti1NxVBjPfDHg%2B7g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847ac4ab7539f-LHR
Content-Encoding: gzip
GET

http://getwave.gg/favicon.ico

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /favicon.ico HTTP/1.1
Host: getwave.gg
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:55 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=14400, must-revalidate
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-nextjs-cache: HIT
CF-Cache-Status: EXPIRED
Last-Modified: Wed, 03 Jul 2024 15:57:28 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4ODwv0cJ7ugwHBwUl2erVdui3Et%2B29u5s51EC%2FyJWcbb3bDAhf1hNRJz5IfKnu9SiNuUKitnxigdJs0gWiPFTjI4LqpNlRQC6ewG%2BZl8GNGQbxQVxmw53Poq7U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847ae5cd8539f-LHR
Content-Encoding: gzip
GET

http://getwave.gg/_next/static/chunks/69-b595780f5a3ddd5b.js

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/chunks/69-b595780f5a3ddd5b.js HTTP/1.1
Host: getwave.gg
Connection: keep-alive
Origin: http://getwave.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Content-Encoding: gzip
etag: W/"1b7dc-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 95963
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NV8%2FAbQY6q%2FUgw%2B1qniW2sxtANcYypgbFsI1%2F9p3A4IK49gaCpInwjX%2B4%2BTrJZXHSnt7d7YIhE2vX%2FFpZhIPWwSxLw%2F9KX5t00RkwcCNp1bNjRnc0O4x9NxpI34%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a8f9ce638e-LHR
GET

http://getwave.gg/_next/static/chunks/main-app-b7f1bdc16594b59c.js

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/chunks/main-app-b7f1bdc16594b59c.js HTTP/1.1
Host: getwave.gg
Connection: keep-alive
Origin: http://getwave.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
etag: W/"1ce-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 266228
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXIOCCa5Sql0zLNmv77w9Iw0l7oKLdYoSgcLWFXOnNb3%2BZ8gY8%2FrKV6zx8IvxpfuLS8wRYWCSuXvtV%2BZ9sxLO6DPN0lTuVcj9YICLFfjfXMpFyTj8Z1LOmynH20%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a8fead79bb-LHR
Content-Encoding: gzip
GET

http://getwave.gg/_next/static/chunks/app/page-922ee09813d10b66.js

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/static/chunks/app/page-922ee09813d10b66.js HTTP/1.1
Host: getwave.gg
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: */*
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 3813
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Content-Encoding: gzip
etag: W/"277e-1905a34beab"
last-modified: Thu, 27 Jun 2024 14:58:44 GMT
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 266408
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWAGNpag0Ts%2FgY75zFG%2BtXaV6hvNLk8ydjjuPPE9mzaPEn2cysy%2BOvD76r33vw%2Fe4nIDIJ%2F3wFjrDRHOcR%2B1kwoWxz7%2Bf%2B3Nb%2Bb95SqOTIYKqn0tiSb04tWoxHw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a94f1c79bb-LHR
GET

http://getwave.gg/_next/image?url=%2Fimages%2Ftest.jpg&w=750&q=75

msedge.exe

Remote address:

104.26.3.170:80

Request

GET /_next/image?url=%2Fimages%2Ftest.jpg&w=750&q=75 HTTP/1.1
Host: getwave.gg
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://getwave.gg/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 03 Jul 2024 16:33:54 GMT
Content-Type: image/webp
Content-Length: 28966
Connection: keep-alive
Cache-Control: public, max-age=60, must-revalidate
content-disposition: inline; filename="test.webp"
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
etag: eg0g0Vspa4niJhiYuSokaV2-pFwnu5hplTqalNwBuqc=
vary: Accept
x-nextjs-cache: STALE
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWTfakzYmQu6jtIa6RMogRjAI9PTByxt1ddVMOZkY7T7ZSBCxxj25e2ElMhFBUCAWcSlSkcUfsqJAm1H%2FtBFzhXmqlXUe1ORQrCDnedfjoZzJWCjwHC4z6b6S3s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89d847a9af9c79bb-LHR

93.123.17.254:443

getwave.gg.com

tls

msedge.exe

747 B
219 B
5
5
93.123.17.254:443

getwave.gg.com

tls

msedge.exe

747 B
219 B
5
5
23.62.61.194:443

www.bing.com

tls, http2

msedge.exe

1.7kB
5.2kB
12
14
23.62.61.194:443

https://www.bing.com/qbox?query=getwave.gg&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=2263dfa3f1cb4ba18ecd59e3129f0524&oit=3&cp=10&pgcl=4

tls, http2

msedge.exe

4.9kB
30.8kB
50
63

HTTP Request

GET https://www.bing.com/qbox?query=gh&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=7013837bd43d4611b742d326387a36fc&oit=1&cp=2&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=4f07dd90c9ce45fdb98abfa163aa1a91&oit=1&cp=1&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=ac2512859aa44cd8b67b8af7c436a053&oit=1&cp=1&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=ge&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=69dc936668f048a98d096d4d698149d5&oit=1&cp=2&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=get&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=15cca9a14ee34e0c93ff352d115d404a&oit=1&cp=3&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=getw&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=cf06eb7366364ae6881413cc75cff973&oit=1&cp=4&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=getwa&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=bf4de1bbb489498dbaca6e3f990b04db&oit=1&cp=5&pgcl=4

HTTP Request

GET https://www.bing.com/qbox?query=getwav&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=27152ba5ea474fc69abd3f42a7b52aa8&oit=1&cp=6&pgcl=4

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=getwave&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=4444bc6f88c1458eaa63adfce29a652c&oit=1&cp=7&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=getwave.&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=31272c9c42774a27828e7c87f7ad53d4&oit=1&cp=8&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=getwave.g&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=47b43114e99e4c9e9ec07cea87fca273&oit=1&cp=9&pgcl=4

HTTP Response

200

HTTP Request

GET https://www.bing.com/qbox?query=getwave.gg&language=en-US&pt=EdgBox&cvid=e358d37d98f445af9765f5dcd26d6174&ig=2263dfa3f1cb4ba18ecd59e3129f0524&oit=3&cp=10&pgcl=4

HTTP Response

200
104.26.3.170:80

http://getwave.gg/_next/static/chunks/53c13509-1b8c1da7a4cf00ea.js

http

msedge.exe

2.8kB
57.9kB
34
55

HTTP Request

GET http://getwave.gg/

HTTP Response

200

HTTP Request

GET http://getwave.gg/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2

HTTP Response

200

HTTP Request

GET http://getwave.gg/_next/static/chunks/53c13509-1b8c1da7a4cf00ea.js

HTTP Response

200
104.26.3.170:80

http://getwave.gg/_next/static/chunks/8e1d74a4-866f4535ab67bc1e.js

http

msedge.exe

1.3kB
4.6kB
12
12

HTTP Request

GET http://getwave.gg/_next/static/chunks/webpack-df6ce5ece02cb4cb.js

HTTP Response

200

HTTP Request

GET http://getwave.gg/_next/static/chunks/8e1d74a4-866f4535ab67bc1e.js

HTTP Response

200
104.26.3.170:80

http://getwave.gg/fonts/ZonaPro-Regular.woff2

http

msedge.exe

2.2kB
33.4kB
22
31

HTTP Request

GET http://getwave.gg/_next/static/css/5e498ac1b4449483.css

HTTP Response

200

HTTP Request

GET http://getwave.gg/_next/static/chunks/974-706c97b0dbd4bf9a.js

HTTP Response

200

HTTP Request

GET http://getwave.gg/fonts/ZonaPro-Regular.woff2

HTTP Response

404
104.26.3.170:80

http://getwave.gg/favicon.ico

http

msedge.exe

5.8kB
206.4kB
92
168

HTTP Request

GET http://getwave.gg/_next/static/chunks/fd9d1056-a0a12fe8bfe57583.js

HTTP Response

200

HTTP Request

GET http://getwave.gg/images/background-landing.jpg

HTTP Response

200

HTTP Request

GET http://getwave.gg/fonts/ZonaPro-Regular.woff

HTTP Response

404

HTTP Request

GET http://getwave.gg/favicon.ico

HTTP Response

200
104.26.3.170:80

http://getwave.gg/_next/static/chunks/69-b595780f5a3ddd5b.js

http

msedge.exe

1.4kB
31.2kB
21
31

HTTP Request

GET http://getwave.gg/_next/static/chunks/69-b595780f5a3ddd5b.js

HTTP Response

200
104.26.3.170:80

http://getwave.gg/_next/image?url=%2Fimages%2Ftest.jpg&w=750&q=75

http

msedge.exe

2.6kB
38.1kB
30
39

HTTP Request

GET http://getwave.gg/_next/static/chunks/main-app-b7f1bdc16594b59c.js

HTTP Response

200

HTTP Request

GET http://getwave.gg/_next/static/chunks/app/page-922ee09813d10b66.js

HTTP Response

200

HTTP Request

GET http://getwave.gg/_next/image?url=%2Fimages%2Ftest.jpg&w=750&q=75

HTTP Response

200

8.8.8.8:53

getwave.gg.com

dns

msedge.exe

385 B
864 B
6
6

DNS Request

getwave.gg.com

DNS Response

93.123.11.62

DNS Request

getwave.gg.com

DNS Response

93.123.17.254

DNS Request

ocsp.digicert.com

DNS Response

192.229.221.95

DNS Request

254.17.123.93.in-addr.arpa

DNS Request

getwave.gg

DNS Response

104.26.3.170

172.67.73.56

104.26.2.170

DNS Request

172.214.232.199.in-addr.arpa
8.8.8.8:53

80.90.14.23.in-addr.arpa

dns

282 B
663 B
4
4

DNS Request

80.90.14.23.in-addr.arpa

DNS Request

194.61.62.23.in-addr.arpa

DNS Request

ctldl.windowsupdate.com

DNS Response

199.232.214.172

199.232.210.172

DNS Request

14.227.111.52.in-addr.arpa
224.0.0.251:5353

msedge.exe

510 B
8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e4bf11ed97b6b312e938ca216cf30e

SHA1
ff6b0b475e552dc08a2c81c9eb9230821d3c8290

SHA256
296db8c9361efb62e23be1935fd172cfe9fbcd89a424f34f347ec3cc5ca5afad

SHA512
ce1a05df2619af419ed3058dcbd7254c7159d333356d9f1d5e2591c19e17ab0ac9b6d3e625e36246ad187256bee75b7011370220ef127c4f1171879014d0dd76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
23da8c216a7633c78c347cc80603cd99

SHA1
a378873c9d3484e0c57c1cb6c6895f34fee0ea61

SHA256
03dbdb03799f9e37c38f6d9d498ad09f7f0f9901430ff69d95aa26cae87504d3

SHA512
d34ae684e8462e3f2aba2260f2649dee01b4e2138b50283513c8c19c47faf039701854e1a9cbf21d7a20c28a6306f953b58ffb9144ead067f5f73650a759ff17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
2eae8f371a663acacf22fc5ac5a82b50

SHA1
8f4b770bdde953efe4daae7a65a8a6f2d06e8e60

SHA256
9c0a6be5b1429d78e0cf7555cec5166cb2e61a8f19214e091c74de8d7d9f713f

SHA512
d815ed1ee208bcabc54a5489ffa90ee6fe00fb247bea8179a9714721daf2ddd23c743e7cbefa00e76ba1f2fd0cd5580903843f120b5cec7be3ead8fbaee627af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
180B

MD5
00a455d9d155394bfb4b52258c97c5e5

SHA1
2761d0c955353e1982a588a3df78f2744cfaa9df

SHA256
45a13c77403533b12fbeeeb580e1c32400ca17a32e15caa8c8e6a180ece27fed

SHA512
9553f8553332afbb1b4d5229bbf58aed7a51571ab45cbf01852b36c437811befcbc86f80ec422f222963fa7dabb04b0c9ae72e9d4ff2eeb1e58cde894fbe234f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
89a9d68fed26df43abdbeeb3aaba904f

SHA1
36f0487c57b4f28788696fb1c5c3a5826fe4911c

SHA256
ecafb417805c7b0a09eb04a466df91e9b976711fc296169663d2a3ab8de1571e

SHA512
b7e642616b6c3f30b1aeea83cbeef4d0ff28d01b03e6027d6fbf9a81c6792597431f6ba4e72a6ce7e71c9874d44a473d46073f17e93268612be4f22b54b896f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3201f96727793b7e6c12725742b99228

SHA1
7c412a84021efa12591943612acc727dabeb5626

SHA256
d4c18b034d3c8c4067421d13531d3bd9cd38d6627b2257bba647006c2ee1eb11

SHA512
91c053878f0db07aa53c424b12c35d605b8f404feb1a15368c3b1abc4ace718be7e13c48720f788bd4a8d9125b8bae8a55a9c3e12c7ea46ac3e4c68876bc9dd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
014852c6dc711933daf47d6bad0fcb61

SHA1
0a274170a4acfb2838801aa0f9dfebb712fd96e9

SHA256
cd00bdfb5949f0406ebbe0edbce9bac86bd7452aad54fe650d6b520d26cc67b7

SHA512
e9fca8d3401f8f843002cc6d6fa6e8f4c5adb75b046c10c2cc82db6902159fbf3e6d52057742e95a91b081f5ec7c603b2b50748c7918513a4b32af3757af5fd0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
50b9a5acb59b6b3e087945b292efc56c

SHA1
24721a11066bb1bae738ebf00793c1dbb4a9968d

SHA256
da0647d636e9407a9cab450001490484cf866a8b77b7268d8d5d7d67f5bf24d4

SHA512
e55d4eebb121399ce93543551b45813bad004deb4bfda01b21da2e8152f5f0f0f99eecbea1013ee126497b07fb6390caed6e7f68cf9afeeecda02ebe31e32ffa

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

MITRE ATT&CK Enterprise v15

Replay Monitor