Analysis Overview
Threat Level: Likely malicious
The file http://getwave.gg was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Checks computer location settings
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Checks for any installed AV software in registry
Legitimate hosting services abused for malware hosting/C2
Network Service Discovery
Enumerates connected drives
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
NTFS ADS
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Modifies registry class
Suspicious behavior: AddClipboardFormatListener
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious behavior: GetForegroundWindowSpam
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-26 19:23
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-26 19:23
Reported
2024-08-26 19:29
Platform
win10v2004-20240802-en
Max time kernel
386s
Max time network
380s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Luau Language Server\node.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\WaveInstaller.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\WaveInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Luau Language Server\node.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\wave-luau.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
Loads dropped DLL
Checks for any installed AV software in registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\Session = "Bearer e167034d-877c-4597-a439-cd96fbae235f" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\RefreshRate | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Software\KasperskyLab | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\LastUsername | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\Session | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\ContinueOnStartUp | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\ContinueOnStartUp = "0" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\SendCurrentDocument = "1" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\TopMost | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\RedirectCompilerError = "1" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\RefreshRate = "60" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\Minimap | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\SendCurrentDocument | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\LastUsername = "dwa" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\TopMost = "0" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\UsePerformanceMode | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\FontSize | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\FontSize = "14" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Software\KasperskyLab | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\RedirectCompilerError | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\UsePerformanceMode = "0" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\Minimap = "0" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\InlayHints = "1" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\LastUsername = "wawdwasdwasda" | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\KasperskyLab\InlayHints | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Network Service Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping1720_731218730\LICENSE | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| File created | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping1720_731218730\manifest.json | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| File created | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping1720_731218730\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| File created | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping1720_731218730\manifest.fingerprint | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| File created | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping1720_731218730\_platform_specific\win_x86\widevinecdm.dll.sig | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| File created | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping1720_731218730\_platform_specific\win_x86\widevinecdm.dll | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\WaveInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4182098368-2521458979-3782681353-1000\{B64AA4CB-DCD8-4EB3-A087-AE03EFD48D46} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4182098368-2521458979-3782681353-1000\{21AF6442-F3F1-4B85-AC78-13BF92D45EA9} | C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 639338.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Luau Language Server\node.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://getwave.gg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd4a5246f8,0x7ffd4a524708,0x7ffd4a524718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1976 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2436 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5580 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6016 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 /prefetch:8
C:\Users\Admin\Downloads\WaveInstaller.exe
"C:\Users\Admin\Downloads\WaveInstaller.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1472,8409969307872383805,14450736503777358724,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\WriteDismount.mp4"
C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe
"C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe"
C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe
"C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe"
C:\Users\Admin\AppData\Local\Luau Language Server\node.exe
"C:\Users\Admin\AppData\Local\Luau Language Server\node.exe" server --process-id=1720
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd4a5246f8,0x7ffd4a524708,0x7ffd4a524718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,6770137189332668845,17154300006604048712,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1868 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x150 0x4f4
C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe" --type=gpu-process --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6672,i,12826325265547630961,2838433065170441340,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=6692 --mojo-platform-channel-handle=6664 /prefetch:2 --host-process-id=1720
C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --field-trial-handle=7100,i,12826325265547630961,2838433065170441340,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=7104 --mojo-platform-channel-handle=7096 /prefetch:3 --host-process-id=1720
C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --field-trial-handle=7640,i,12826325265547630961,2838433065170441340,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=7644 --mojo-platform-channel-handle=7636 /prefetch:8 --host-process-id=1720
C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=7760,i,12826325265547630961,2838433065170441340,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=7764 --mojo-platform-channel-handle=7756 --host-process-id=1720 /prefetch:1
C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=7776,i,12826325265547630961,2838433065170441340,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=7788 --mojo-platform-channel-handle=7768 --host-process-id=1720 /prefetch:1
C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\wave-luau.exe
"C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\wave-luau.exe" lsp "--definitions=C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\globalTypes.d.luau" "--definitions=C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\wave.d.luau" "--docs=C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\en-us.json"
C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --field-trial-handle=7896,i,12826325265547630961,2838433065170441340,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=1084 --mojo-platform-channel-handle=5080 /prefetch:8 --host-process-id=1720
C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Local\Wave\CefSharp.BrowserSubprocess.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1412,i,12826325265547630961,2838433065170441340,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --enable-logging=handle --log-file=4920 --mojo-platform-channel-handle=3216 /prefetch:8 --host-process-id=1720
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | getwave.gg | udp |
| US | 172.67.73.56:80 | getwave.gg | tcp |
| US | 172.67.73.56:80 | getwave.gg | tcp |
| US | 172.67.73.56:80 | getwave.gg | tcp |
| US | 172.67.73.56:80 | getwave.gg | tcp |
| US | 172.67.73.56:80 | getwave.gg | tcp |
| US | 172.67.73.56:80 | getwave.gg | tcp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.73.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | cdn.getwave.gg | udp |
| US | 172.67.73.56:443 | cdn.getwave.gg | tcp |
| US | 172.67.73.56:443 | cdn.getwave.gg | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.nuget.org | udp |
| US | 52.240.159.111:443 | www.nuget.org | tcp |
| US | 8.8.8.8:53 | 111.159.240.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | globalcdn.nuget.org | udp |
| US | 152.199.23.209:443 | globalcdn.nuget.org | tcp |
| US | 8.8.8.8:53 | 209.23.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.getwave.gg | udp |
| US | 172.67.73.56:443 | cdn.getwave.gg | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| GB | 23.211.237.134:443 | clientsettingscdn.roblox.com | tcp |
| US | 172.67.73.56:443 | cdn.getwave.gg | tcp |
| US | 8.8.8.8:53 | 134.237.211.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| GB | 92.123.142.17:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 17.142.123.92.in-addr.arpa | udp |
| GB | 92.123.142.17:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.142.10:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 10.142.123.92.in-addr.arpa | udp |
| GB | 92.123.142.10:443 | r.bing.com | tcp |
| GB | 92.123.142.10:443 | r.bing.com | tcp |
| GB | 92.123.142.10:443 | r.bing.com | tcp |
| GB | 92.123.142.10:443 | r.bing.com | tcp |
| GB | 92.123.142.10:443 | r.bing.com | tcp |
| GB | 92.123.142.10:443 | r.bing.com | tcp |
| GB | 92.123.142.10:443 | r.bing.com | udp |
| US | 8.8.8.8:53 | temp-mail.org | udp |
| US | 172.67.73.98:443 | temp-mail.org | tcp |
| US | 172.67.73.98:443 | temp-mail.org | tcp |
| US | 172.67.73.98:443 | temp-mail.org | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 98.73.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 92.123.143.169:80 | apps.identrust.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.0:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.paddle.com | udp |
| US | 8.8.8.8:53 | cdn4.buysellads.net | udp |
| NL | 152.42.150.143:443 | cdn4.buysellads.net | tcp |
| US | 172.66.43.196:443 | cdn.paddle.com | tcp |
| US | 8.8.8.8:53 | web2.temp-mail.org | udp |
| NL | 152.42.150.143:443 | cdn4.buysellads.net | tcp |
| US | 104.26.7.95:443 | web2.temp-mail.org | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 196.43.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.150.42.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 142.250.201.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| FR | 216.58.215.34:443 | securepubads.g.doubleclick.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| GB | 108.156.39.15:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | srv.buysellads.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | rt.marphezis.com | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| NL | 152.42.150.143:443 | srv.buysellads.com | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| GB | 108.138.217.110:443 | hb.yellowblue.io | tcp |
| US | 45.55.121.146:443 | exchange.cootlogix.com | tcp |
| US | 45.55.121.146:443 | exchange.cootlogix.com | tcp |
| US | 45.55.121.146:443 | exchange.cootlogix.com | tcp |
| US | 45.55.121.146:443 | exchange.cootlogix.com | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| GB | 18.245.189.34:443 | aax.amazon-adsystem.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | c.4dex.io | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.223.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.203.166.188.in-addr.arpa | udp |
| NL | 152.42.150.143:443 | srv.buysellads.com | tcp |
| GB | 18.245.189.34:443 | aax.amazon-adsystem.com | tcp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| FR | 142.250.179.98:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| FR | 142.250.179.97:443 | ep2.adtrafficquality.google | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.178.182.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.121.55.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.189.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.48.218.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| US | 8.8.8.8:53 | 76060d4fa57d08df82618658ff9ea984.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| FR | 142.250.179.65:443 | 76060d4fa57d08df82618658ff9ea984.safeframe.googlesyndication.com | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| US | 35.241.34.106:443 | c.4dex.io | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| FR | 142.250.178.129:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| NL | 188.166.203.175:443 | rt.marphezis.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.34.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| FR | 185.235.86.62:443 | ag.gbc.criteo.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| NL | 185.235.87.106:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 106.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 157.245.140.233:443 | sync.cootlogix.com | tcp |
| US | 8.8.8.8:53 | hb.trustedstack.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 23.36.168.202:443 | ads.pubmatic.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| GB | 23.46.72.29:443 | contextual.media.net | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| GB | 23.46.73.76:443 | eus.rubiconproject.com | tcp |
| GB | 92.123.140.90:443 | hb.trustedstack.com | tcp |
| US | 8.8.8.8:53 | eu-west-1-cs-rtb.openwebmp.com | udp |
| US | 8.8.8.8:53 | 233.140.245.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.168.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.72.46.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.73.46.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| GB | 13.224.222.56:443 | eu-west-1-cs-rtb.openwebmp.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | tcp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| GB | 92.123.140.19:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 3.209.126.202:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| FR | 149.202.238.101:443 | ssbsync.smartadserver.com | tcp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 54.235.220.110:443 | api-2-0.spot.im | tcp |
| US | 64.74.236.127:443 | b1sync.zemanta.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| DE | 168.119.72.236:443 | sync.richaudience.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 64.74.236.127:443 | b1sync.zemanta.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 168.119.72.236:443 | sync.richaudience.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 64.74.236.127:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 54.204.207.243:443 | sync.srv.stackadapt.com | tcp |
| US | 172.111.38.86:443 | tracker.open-adsyield.com | tcp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| US | 8.8.8.8:53 | 56.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.43.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.129.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.126.209.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.193.197.15.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.220.235.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.236.74.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| IE | 52.49.168.145:443 | jadserve.postrelease.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| IE | 54.194.88.89:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 172.240.45.78:443 | sync.aniview.com | tcp |
| IE | 52.208.228.214:443 | match.prod.bidr.io | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | 243.207.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.168.49.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.88.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.228.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.getwave.gg | udp |
| US | 104.26.2.170:443 | api.getwave.gg | tcp |
| US | 8.8.8.8:53 | 170.2.26.104.in-addr.arpa | udp |
| GB | 13.224.223.9:443 | c.amazon-adsystem.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 152.42.150.143:443 | srv.buysellads.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| FR | 142.250.179.98:443 | ep1.adtrafficquality.google | udp |
| US | 35.241.34.106:443 | c.4dex.io | udp |
| FR | 185.235.86.62:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.106:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | 8c9818bae3dc37aa09493397c50839e3.safeframe.googlesyndication.com | udp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| FR | 185.255.84.153:443 | visitor.omnitagjs.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 104.17.43.93:443 | gum.aidemsrv.com | udp |
| US | 67.202.105.23:443 | ssc-cms.33across.com | tcp |
| FR | 149.202.238.101:443 | ssbsync.smartadserver.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| DE | 168.119.72.236:443 | sync.richaudience.com | tcp |
| IE | 52.208.228.214:443 | match.prod.bidr.io | tcp |
| US | 54.204.207.243:443 | sync.srv.stackadapt.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| DE | 168.119.72.236:443 | sync.richaudience.com | tcp |
| US | 104.26.2.170:443 | api.getwave.gg | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 18.245.189.34:443 | aax.amazon-adsystem.com | tcp |
| GB | 108.156.39.15:443 | config.aps.amazon-adsystem.com | tcp |
| NL | 23.218.48.210:443 | secure.cdn.fastclick.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| NL | 152.42.150.143:443 | srv.buysellads.com | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| FR | 185.235.86.62:443 | ag.gbc.criteo.com | tcp |
| NL | 185.235.87.106:443 | gem.gbc.criteo.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| FR | 217.182.178.224:443 | prg.smartadserver.com | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| US | 8.8.8.8:53 | email.mail.getwave.gg | udp |
| US | 34.102.239.211:443 | email.mail.getwave.gg | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| US | 8.8.8.8:53 | 211.239.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72b2f37d5d72a6ba449d64a35395bbf1.safeframe.googlesyndication.com | udp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| US | 172.67.73.56:443 | api.getwave.gg | tcp |
| US | 172.67.73.56:443 | api.getwave.gg | tcp |
| US | 8.8.8.8:53 | api.getwave.gg | udp |
| US | 104.26.3.170:443 | api.getwave.gg | tcp |
| US | 8.8.8.8:53 | 170.3.26.104.in-addr.arpa | udp |
| GB | 92.123.142.10:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | scriptblox.com | udp |
| US | 104.26.11.174:443 | scriptblox.com | tcp |
| US | 104.26.11.174:443 | scriptblox.com | tcp |
| US | 104.26.11.174:443 | scriptblox.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 92.123.140.8:443 | tr.rbxcdn.com | tcp |
| GB | 92.123.140.8:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 174.11.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.140.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| GB | 23.208.251.114:443 | clientsettingscdn.roblox.com | tcp |
| US | 172.67.73.56:443 | api.getwave.gg | tcp |
| US | 8.8.8.8:53 | 114.251.208.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| FR | 142.250.179.67:443 | tcp | |
| US | 8.8.8.8:53 | 67.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| FR | 142.250.179.67:443 | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 983cbc1f706a155d63496ebc4d66515e |
| SHA1 | 223d0071718b80cad9239e58c5e8e64df6e2a2fe |
| SHA256 | cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c |
| SHA512 | d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd |
\??\pipe\LOCAL\crashpad_1060_DOBJBQXUUKVRTQOG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 111c361619c017b5d09a13a56938bd54 |
| SHA1 | e02b363a8ceb95751623f25025a9299a2c931e07 |
| SHA256 | d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc |
| SHA512 | fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 873ffbf530386c52baa51279d96161d6 |
| SHA1 | 52c7a7b2ad1db5e9abe56e84d1452a4d6ff5895f |
| SHA256 | 15bbebed37b8fd4578a45d9a8239d1a3e9ca315d1b91ea41f07db44b42a99d48 |
| SHA512 | e4985837af64fe2d830068475b7d34642a771aca7cfa014d34fa5ae609ebcb4d3de76c3469f85849ca3ff979c3487341769bf52bf967b69fe5122f1ac89cdf90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\Downloads\Unconfirmed 639338.crdownload
| MD5 | 215d509bc217f7878270c161763b471e |
| SHA1 | bfe0a2580d54cfa28d3ff5ef8dc754fdc73adcd9 |
| SHA256 | 984dfc64c10f96c5350d6d9216a5d7abfece1658dfc93925f7a6b0c80817c886 |
| SHA512 | 68e615dfcb1b7770ad64175438a913744c14bdd3af93b339c2b526271bdd0d23334e78d049fdae8ca9fe66672a8cf252ebf891be9ab6c46a3d8f1fb00fa8c83b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f73ee6613df7298d1e15e328360b660c |
| SHA1 | 8d56413843170cd4afe8c0bf11d221d336bcbbd0 |
| SHA256 | 27d5d8b0511fba3c39431adc307535ec986bf9af8fe86dcda20a3957ec0fc6d6 |
| SHA512 | 5351f4622a26f0ba4835e3de7ece299339229e179f689c64e45cadcf15806a1f69cdfaef0425d0c3624f8d4ddd0f26d6cf838748bef784c7452e20b5e25569b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e4c523db57f0ab39e95660d77f476bf4 |
| SHA1 | 66501b50b0ef710f1af87992a820fff105a6556f |
| SHA256 | 83e897746fdedf3993921e958fafbda9aeabf121a3378a004d67419659631f80 |
| SHA512 | 9c90735e311ad75f8f00cce709ea16761e429d0c2299845c2d06c0920cc16cc86f48ec429f5551c89b1ab28d98af4054f1cef36dee858845704b0744ef355253 |
memory/2212-100-0x0000000000540000-0x000000000078A000-memory.dmp
memory/2212-101-0x00000000099F0000-0x0000000009A28000-memory.dmp
memory/2212-102-0x00000000099D0000-0x00000000099DE000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d75870a3f3a7f281cede6cc3cb58d555 |
| SHA1 | c9d1434f5659e18d41c12235befc5a41f242438b |
| SHA256 | ba8ab5fa9b3424760a1abd29188c1cb94536dd92e47f668d4ba9c8de4999d273 |
| SHA512 | 9d057c2fc5b909f881ac17b7e790f3dd0a45413eed70828a142f14f22fc97cb9f3f8e6bcf7036ff47931de8ccccd234aa56524dc3c96960c89bc8774f6747b27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c25b203e4e3e3f51f30b127d7b1fbc76 |
| SHA1 | 688abf9b14db16009a4b859151a41653e227eea4 |
| SHA256 | dc359f7d8861e98ae338045dab705c0303141f3f845fc945d3ba12c603e112f9 |
| SHA512 | dbdba2291f2e6459b44e8b57038893daafd9154fc20736b9a32783a555e55b1229d7af4b51df10795465bc0423ab393a6cce627ab80d918539f1dde6359a8669 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d1d8926b252a09dd2f3273f229b0c50d |
| SHA1 | 4c23438e28fed1d4ee615d0b02d556a0daf7c1f8 |
| SHA256 | 254d6a35e196b440b2af68c4104575744fb85667e27dd5dfea50780963e8f057 |
| SHA512 | 8d99fa406278234266e4dd499138e9687759f4647844149548c91930143d506c5e375b6ec54ef54446c46c0e57470dfd332b4cff1ed43271830fcb65d5d3b29b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7d4f88098c35c387bd61c3165b84955c |
| SHA1 | 5b7d1f7e6e658f9d47fcea7db596a49fd81cb945 |
| SHA256 | 16f75ba9211580fb07f6007f822569158cb32b662d6d06a47bb1c36407a3edc8 |
| SHA512 | 2143aa13120a7481fefd50ee57b002a359224308607d95c0572579ffed2f8cc2539b48e49b2e29f4741e3dfbaeebdc174e84b9b22f247cda08299056c48afed6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6062cea65de46389d3c41452eb5e375c |
| SHA1 | 85b0bedba47d8de3c150c93d2b7444dc12d00d70 |
| SHA256 | 4582efb6860a3ba266ac998b43329a772e6121d7b933812e271c271ef005d41b |
| SHA512 | 53ed1b3cdd04f8d595d86acdc78fa41767597b8d5468eb47e1a72f0d4d05fdaf6bef6e61f1f98b4b97c73a2cf5793526c65872f1adfbe3d42fd38acf92b3986f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 37202315d3377b97f9bf9dd82cf5dc56 |
| SHA1 | a8ec9558663dc40dc01cccb75429efc652d9dbab |
| SHA256 | c53ea24f62870dddcbc8bcd5d3d0eb16b4323ef6c6a729e748b49a6455da2ff5 |
| SHA512 | c8cc8978a664c1987edc606a9c0f9711b09d0bba1db45c750df5892187d788f9d62eabc09d67b1dbcf5f71262e181662f1a048a55a6d9ffa9d202d3b68361593 |
memory/5760-266-0x00007FF61F930000-0x00007FF61FA28000-memory.dmp
memory/5760-267-0x00007FFD4A3B0000-0x00007FFD4A3E4000-memory.dmp
memory/5760-268-0x00007FFD3B720000-0x00007FFD3B9D6000-memory.dmp
memory/5760-269-0x00007FFD36380000-0x00007FFD37430000-memory.dmp
memory/2212-276-0x0000000005CA0000-0x0000000005D36000-memory.dmp
memory/2212-277-0x0000000005110000-0x0000000005136000-memory.dmp
memory/2212-278-0x0000000005D50000-0x0000000005D58000-memory.dmp
memory/2212-280-0x000000000BCB0000-0x000000000BD22000-memory.dmp
memory/2212-281-0x0000000005D70000-0x0000000005D7A000-memory.dmp
memory/2212-282-0x0000000005DC0000-0x0000000005DCA000-memory.dmp
C:\Users\Admin\AppData\Local\Wave\WaveBootstrapper.exe
| MD5 | 495df8a4dee554179394b33daece4d1e |
| SHA1 | 0a67a0e43b4b4e3e25a736d08de4cec22033b696 |
| SHA256 | 201263498c60fa595f394650c53a08d0b82850349123b97d41565e145ddf2f42 |
| SHA512 | ce3bef1038741f7a0f90cc131a4a1883fd84b006654024d591f5451e73166b4cae546e307c358b5b90aa0e6517bf7b6098f1f59a3ecc01598d4feb26e6b6af33 |
memory/1332-496-0x0000000000690000-0x0000000000782000-memory.dmp
memory/1332-498-0x0000000008E00000-0x0000000008F04000-memory.dmp
memory/1332-499-0x0000000009AD0000-0x0000000009AE6000-memory.dmp
memory/1332-500-0x0000000009B10000-0x0000000009B1A000-memory.dmp
memory/1332-501-0x0000000009B50000-0x0000000009B58000-memory.dmp
memory/1332-502-0x0000000009BB0000-0x0000000009BCE000-memory.dmp
C:\Users\Admin\AppData\Local\Wave\D3DCOMPILER_47.dll
| MD5 | 3b4647bcb9feb591c2c05d1a606ed988 |
| SHA1 | b42c59f96fb069fd49009dfd94550a7764e6c97c |
| SHA256 | 35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7 |
| SHA512 | 00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50 |
C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe
| MD5 | b8631bbd78d3935042e47b672c19ccc3 |
| SHA1 | cd0ea137f1544a31d2a62aaed157486dce3ecebe |
| SHA256 | 9cfda541d595dc20a55df5422001dfb58debd401df3abff21b1eee8ede28451c |
| SHA512 | 0c51d6247e39f7851538a5916b24972e845abfe429f0abdc7b532f654b4afe73dc6e1936f1b062da63bfc90273d3cbc297bf6c802e615f3711d0f180c070aa26 |
memory/1720-508-0x0000000000ED0000-0x00000000016D2000-memory.dmp
memory/1720-509-0x0000000006030000-0x00000000060E2000-memory.dmp
memory/1720-510-0x0000000006100000-0x00000000061A0000-memory.dmp
memory/1720-511-0x00000000061E0000-0x00000000061E8000-memory.dmp
C:\Users\Admin\AppData\Local\Luau Language Server\server\index.js
| MD5 | 6b1cad741d0b6374435f7e1faa93b5e7 |
| SHA1 | 7b1957e63c10f4422421245e4dc64074455fd62a |
| SHA256 | 6f17add2a8c8c2d9f592adb65d88e08558e25c15cedd82e3f013c8146b5d840f |
| SHA512 | a662fc83536eff797b8d59e2fb4a2fb7cd903be8fc4137de8470b341312534326383bb3af58991628f15f93e3bdd57621622d9d9b634fb5e6e03d4aa06977253 |
memory/1720-516-0x000000000AA50000-0x000000000AB02000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 501f15e52b4b71879e8409455cac6d18 |
| SHA1 | a622abc49bd7c08d6413f55579527cff9ecaef9e |
| SHA256 | 6ccca8b65e3ca8cbe95c52985eb153b39ccc0ea3200bfde6b01a823975c861d5 |
| SHA512 | 279a9112d0a05bfd8217dd19e6a04e3d49bc2a171af631300d1fc0f57eeebd9302713e593738d1312dd04c635d90235e27156db6bf4f56f1fe6eb30b01191836 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | 3b17cf78d84baeed134600b11da41bb6 |
| SHA1 | 5ccb7392afb801b2018c8c8eff2d83c8059ea3bb |
| SHA256 | 0f381d200647cd21ee948b30cfb9745f3b80ec2c07e6ba3962efc2d14586abc8 |
| SHA512 | f0274c90e7e390b9e0b1709791bfc06216a9074fdcb76df8b62725a1d73e2e69efb619d8ea81f0964fb3e19590e68c6d1ecc724bcf7d47e3f5c4e1ae6571d201 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | 4d580dccf08ea660d2cba80637099fd7 |
| SHA1 | 71d610912701dc78af2b4e3e78744cbca540b8d4 |
| SHA256 | 5c7fed7250740b8d0894466815497825b8ca919da57d2f917243088bc149e446 |
| SHA512 | b49635f477a88dba04289df64d5d1581017ebfd39f9d0cf795f506c6fab2a473b08b1b5a0d92f372293989fda0fbf4b76ec0d73b4f303c6dc6b42ecec3ebc963 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | b177d5a42f558fa720eb454ffb16b066 |
| SHA1 | 7af72211988dba76ef7569e69c575b80ee45eb1f |
| SHA256 | 00243693fdc20c6d1e4d67019b2c1bcb440b494f899dd923f801f321e33f5812 |
| SHA512 | c4588e2c375b4b993cb9f58c6a6e4edb886c114409fbe7da64248058c50a5706295efe1683b8520120eddb316a2411568107f351aa8cd6f521d8073ea72875c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 9564afdc4ce9037321b6a550e96bf7d7 |
| SHA1 | 6e715ac29daac3a56039480b8542373edd25a41d |
| SHA256 | 5d8ba20feadb0fe7984f65e7ba0613a19620105bbe1f94b071dfdbd921923f56 |
| SHA512 | ce8ca7d08caa27d1f01b24ec81ec2681d05584245884c736f4d1533ca62bf4a8842d683fd6b6d3c7f7f036dc997885b046dce338d8e3fcac8851335183b0eada |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | e2dae910d4ddbc77d7e6ff31714e5a31 |
| SHA1 | 2f815d163b113ee863888995601997e923034d7f |
| SHA256 | 4fbcd86f09329aa9ac09159ba18e4f2d498db01bd6b8ac8e23e7b1ef8860989a |
| SHA512 | fc7590b26f850c6e2428c6b4059d19e17f4f064c02f36744f01122aaf64578f2fafb70595feb6a636863cb51b8b076414ddeeec867ca8b86189dc3f1714c1683 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 5a1774fc7e156332437701528910aea7 |
| SHA1 | 7d5818e6d4956e248d15ba57f8c4db97a84b99ce |
| SHA256 | 1b290985250923a68bbd7ff9bc484c567f0dc1e131aef70ffa363ed7400eec33 |
| SHA512 | 7a8f0d800afc1a5599750d6148f9beaceeb30e15b8a2839c292dc503fc2427846f70c5c7309208989a658864490c4db7289b18de6d8680ae187b65ffd0bcaec3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | d74a1b7ed7f99815f1596a8d3885fa84 |
| SHA1 | 4aecbc5f6a9e0e062f7b6ce3f919293607139867 |
| SHA256 | 89dc495451f18aa87a567b4ac22b8be8d86094c052bf30aaacba0606b2664ee0 |
| SHA512 | 780b701b5bcd2bd9166e36d622c58207ee077cbc7e718f75f40792120d3a4707e29d0c942d1d4b099e2b09ea57d9aafa1e6f29c94dede36b1bff05de43c7275b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13369173805550013
| MD5 | 91e22a1a0d54103670bc45c853e33e68 |
| SHA1 | 23a472aaef16e2fc7cb12c9b5c56f0e57c265b07 |
| SHA256 | eb1fb79671d3583cc6311fc6ccfbf6036f0f17b02cfe69a46eb0bc4389b13560 |
| SHA512 | 16423aa6e077fddf05423bb68d4da85eb1532ca4c732c42a349c3e9d4f0c59432d8b3a842e661493a45c9249dd1314392285bc85920797e6be33fd5806c67619 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | 76844458bda11f9b711582d832525100 |
| SHA1 | 61ce68ca395bb0daba59744f5467866bfe9219f4 |
| SHA256 | 568dfc5e51f9344491d0375c9c9f6ad0b5798c0675bcf54d2333655f7e59874d |
| SHA512 | b687897bbfd2d044a4387628ac97ba2658959baca9308f6f198148408f8ca0c4366cf4f8ebe2ebbc845a6d327f71fc79a8605d09d03420135854038f869c7d65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | ea315d6d993f8fc05522163d5fdcf5e7 |
| SHA1 | 7155ba374675e2fa2f283a0a520e36e43b040091 |
| SHA256 | 90ffdb8381e72f45b64b82e0aab106b4dd642f139c56f5ca20ea5e7a353e1a1e |
| SHA512 | e2dc219cfebb1f5e4f5f32a18d487e68d560375c54d5ee4643125357c974a8d1ccf199f5fa98ab10d8b6e5a5f147ca255b074b9501d7c449e68d6b63291c05e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fcfa6d3aa29d45314288f5f4f02122ee |
| SHA1 | aec89210d524a522c77f2ad06f365d3ba1762696 |
| SHA256 | 5e033ff50a73238129ec2efb0eaa11fa43d51528f61749eba9ce93f5df853c12 |
| SHA512 | 293f4a7014f80dbed01c28bf35e7800e7ca237c23622b6a8d5ba6ab5d790e1e121e7db695691cf5d9f1ff0aa83818d651f3bb355622d91c9af0c78e7cac64e54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | d158c2318312e18cdf6ffb2023141154 |
| SHA1 | bd96094a2dfdf4aa146af911a5b3ab28c3f0bf73 |
| SHA256 | 334c1cc1e1fad3d5f9947658f79b67cb6c81909806c249a92d84174e113338ed |
| SHA512 | 0c9c3ed6a756b3ad653c97f2be79c16661165cac538cdcf65221c8409718e976930ee745fa1eec1a0c684001e352fcb895a045d83283a76eb467d986ee522022 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 8c7363350f9f0efe0c6d2dc1720c0c5a |
| SHA1 | 4afa48dd627b654171171e02fd55a75e769a8c6a |
| SHA256 | 0abef7e6a2af388a01e21349cc219667170fe1d270c32765702be896b35984d5 |
| SHA512 | f3aa78281316b603dc62703554e2cbae725be8fbc42e843c010a6fc93df49988072da20053cadeecfe495d87fed8d4df814a0c224fed04e9ef78d657e4b685ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 163222d42b524c22d75a948e617d5c35 |
| SHA1 | 33a8d7e28bf42c38bc40e344b836dc008d7e548e |
| SHA256 | d0269357f5cf6b36acf8ec5a0919e6e2d2d5661f552708d2ffed6b032a2f2e51 |
| SHA512 | b3ef912b359550f5604d58a3514824d6838bdd9f038e0bb4a95c2d147d9c17a30812278742520f97d80178ad7ddf2543193685a7fc81c9f156babecb6251fc51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | 6f99f32023ae3993301524ea70e6d22a |
| SHA1 | 380207e686dd9896776d727ba6dce7c95dc8dfb0 |
| SHA256 | 016234741fe790ab45f8ba94dbd6fc6fa03a22cc3ace4eb890162361bb3cf4b5 |
| SHA512 | 9824b13cfcab0cf4e1ab2259def48528977c3bcc1869a3972e67b30b099b6b9c3fbe67f8da2706df7584e41a8367c55177fec28f68a7f71cd18f1e92d783061a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | d7d9437445aa960dcea52ffe772822dc |
| SHA1 | c2bbf4ac0732d905d998c4f645fd60f95a675d02 |
| SHA256 | 4ff49903bec1197017a35995d5c5fc703caf9d496467345d783f754b723d21c1 |
| SHA512 | 335eb1ba85670550ed1e1e4e14ea4b5d14f8306125bf147a42de4def5e5f75f14c422b014414030cf30378c04f748ac875cf056adda196511a0b057b3598fe9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | fc082d30d0c75778f501ba7de9a875b8 |
| SHA1 | ccd14eb42296bc31e96b25187ca99a9ff2d4a8b1 |
| SHA256 | fcd650c73d64cbbe1423358ba4b56777cb0bbd8abd852f1660931548875b6d3a |
| SHA512 | cd897898e95de4427b7ce8beda9c6b5f2acb3788791c6df4e0c612b3345c002c0fc49e4148ce7b0bd63facfd92c9e83adc23e300a8b0ba1e06eb9b1aa176ede0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 73a0af13bb835b1cf717f2dda658a2ca |
| SHA1 | 5065c9a37d2462d36940ee17ac170fb456750cb6 |
| SHA256 | be97c5dfed159123e99fcbe8f828fd026f2f911789435e99b8d52a4f36743c9d |
| SHA512 | 798666abb8c228fdd911e004b620144dff42cdf8d6474a195b311f8f89413304476a3ebf66887239bbc7d6f06240f40c65a7c10d4535e7e0ef1fd2aa107c2c47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | 694b810efefd773a71671b31b460afa0 |
| SHA1 | 28d47448f054b9a873bbd85e580062e0ef554b5f |
| SHA256 | fe7420b97dd1981d277dc9c54201825201b705cb6ef122628bd8ca18780d8520 |
| SHA512 | 0b183f1a95c1fa8b38c62c595086b37918d2efadc9dbd6a33ef6b6a48474ad40be0af78a081496f2b303137d5fed72ef1bc42182271b67bd4cd61f7992d05033 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | 4ddf152f5cc5f35f52479d8b0ee52e72 |
| SHA1 | 14c2cc9da3fd220bed3aed096bba444e7df6edd4 |
| SHA256 | b78bab4e36da1dfe846bbd0119af4f9ebebfb72f232edd43384510163deef910 |
| SHA512 | b888623854d2ce74a37d4281ca046c9a39b26ddfa501d61c6b9821be4543ba14f236a50aa218eafac4b22eb75abac216bda7e0a07428cdf9c862310a4cc6b5c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 4afdf7f219c405773c4f8c15bec103b8 |
| SHA1 | c115f4cbc8e3d79953800b3b08a1a5daab99d495 |
| SHA256 | a90e49e1f29cca2caca4808b65b9400d2eb4033a2d46848967be3303bb3d69ff |
| SHA512 | 781b67aea5f26d6db125ffc7d5a764ed58e3a64dfd9531587fcf4db6d3db29d0ede3ff059f95d6a9d0061ce29a07963966a701ca292c9a0a971b0b2618622107 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
| MD5 | 8907380db9224498bd268fece3b4779b |
| SHA1 | 0d4d7dfe95984ad4948ba59dc1204516ccac3062 |
| SHA256 | f4700402afbbe6122e2105f241f43ec4fe83892a6256edbac7e438c7ffd97dae |
| SHA512 | 06993a7a58ac177d7e20fc7cd7b13e6a1b0167923508aa161fee122d4c62ad32c7296e11a3abab0df17f1033ed2e2dab1224b384915fe7fb6bd04c9c8704d75f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
| MD5 | 6eef716a3097113937e7a4bb6ad1e0d7 |
| SHA1 | 0d93db42e6b93dfcc3239a983822840cc8778ef1 |
| SHA256 | a0ac2acbb33bec75849b65e4981e5581eaadc8ec65c0fd5ec01ad94f6bd5f2f5 |
| SHA512 | 5b2767b421c0a83716a51e6d05fe6d1c3ad72e6d3142c9af76a2880e4b64222beea9016d169599886738bad200045e0d1c746b0b3a7f72fc10ed971cea46bb3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | 2be0a0a1fb2b99f09940b762866e29ec |
| SHA1 | 7cb52fac6de1c2cd621471649ee972753c7c0497 |
| SHA256 | 38fc454db80bfb9c2f5add2eb344cfa14584da752d63e2dd7195ed15cf2554af |
| SHA512 | b22a460aac358a93d678c5cca45931367c7b005dfb54e2a6bdb9fdb4e4251ee855b6932f2fd0a8f0fb9a6c1a535c2a8a5c493c9c6787230cee1a513a688ef84a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | b80e5cb25a52b49cb08c0cd119811747 |
| SHA1 | 6e0695fe5f1af9375714d9d56e403c2d1b14bf0e |
| SHA256 | 4017b2bc2b3450a5f5c240ced378933ceaeda13f2c6d616bec38c260a3d82d49 |
| SHA512 | 0a35f90903e690d7c1b53e46cad321507d639403e754c3c89933175b9e165a4de345fd5d53b89b9d60f894ea2d180a2398060e065cc2ece99152a84518609ee6 |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres
| MD5 | 83d04c2e177e5282ceedcd41e8b24761 |
| SHA1 | fbc9dd8d596ce4cd726ce10c8844b852b2b755df |
| SHA256 | dbcb342c9861765a6afa58f27614792556476b94cb8f0231c14ad1f8bf839710 |
| SHA512 | 9c2f7bc25d363a274836c0c4e514680e3e4ac60022928f079e7aedbf0b3fe76a1caa539586090324f501fbcfb98da1f082a2f941ebf0f9d1706629bc9820e905 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004
| MD5 | a4e164f6a15386763f5a9915b9b2abc8 |
| SHA1 | 8d499d52070f47a4084008fcb8874fb148994d4d |
| SHA256 | dad5ddc6868717a6c955e0c7627f0f93adca70d5d20733c1a98324269fa19f85 |
| SHA512 | 9ae0dc6c7638553dc8b7c99f0f0b5671901409b50c0cd7666b556a08cb979b4334cee2b10bc826a3d7ce435a84536a0e81d2fbc79104e29588c5b506da97aa0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 2577943ba25cd3fd1e5d2eec696dc9ec |
| SHA1 | c91760b01310595f221f00841f8452d2c9ed7a18 |
| SHA256 | 70f6b709bf996f1ef24d197b3de5ddf5dda13af70fd0d05d4136421b7917b98a |
| SHA512 | e164e1eb74123fb1135b78841d4fb11780163adb1b76b9a70bd562d152c866806af6abb3f060c9accbfbd77e0534d80422e473f5ce12e69ed9c722f45fd27ddb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 764ee9a9743aa447d2af32ae69edf294 |
| SHA1 | f10aaf1a890c4719a078b26c487075aaf6d6642f |
| SHA256 | 388e87636e284e7ec905bd42c1f805d5a35aa4c802f1c1449ff2dbedbd3f0229 |
| SHA512 | c4f21f6006cf29b01086bc868aa550476c33285cbdc1a2e190cef1546f65fabce251658d3bd8084e43803bdbbdd6c8189bc6eafa46f5514dc2a0060ce608313e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | f389d0b7a9f07131041fa2025c4b21c9 |
| SHA1 | 2cad4bfb4573f55c8c3aa6f145591d193bbad37c |
| SHA256 | 62857417cc58ae5895ae0ee5793177e97d341eb1eac508831e1dd9965b108434 |
| SHA512 | eb093d0a25a0207e3f24797b61ceb64eced6d7a41aeec63abea3c9ae355d19152ca8012a38a293476b5a4151bdf3e1d40cd11ddda1ae4c6baf7af6a3caaca6c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 533a15793a3f90634aa0bb17721821d0 |
| SHA1 | c0fae45e45eee7263824b0d1fde7021271c5ff4f |
| SHA256 | 2edc318ebad0a8a8aa2bb3adcce4f6414769362e04118c96b3909b17b0d019ed |
| SHA512 | e967159c78afa846f4730f8478e700ee21f6e20ba9ae1462fac500394e2b1decaeaa26da2082036c422394ceed8a3d6b3f06d2f7061b966aa396a1223490efb9 |
memory/1720-675-0x0000000006670000-0x0000000006692000-memory.dmp
memory/1720-677-0x000000000C3E0000-0x000000000C734000-memory.dmp
C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
| MD5 | 772c9fecbd0397f6cfb3d866cf3a5d7d |
| SHA1 | 6de3355d866d0627a756d0d4e29318e67650dacf |
| SHA256 | 2f88ea7e1183d320fb2b7483de2e860da13dc0c0caaf58f41a888528d78c809f |
| SHA512 | 82048bd6e50d38a863379a623b8cfda2d1553d8141923acf13f990c7245c833082523633eaa830362a12bfff300da61b3d8b3cccbe038ce2375fdfbd20dbca31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 24b768a712c167bcbf370917bd4e2048 |
| SHA1 | 55923c3a73571ed110ad005bf958902e234f640a |
| SHA256 | 1149dac605f6d230924ecb68732d98d16819fc9d7e2a7bc4b74086fed74965fe |
| SHA512 | 7b5fe1946d8b1ae141ab740b26229acdf52890548af99bf8738806a7734e03b6929bd6d53e1f0dd4ff69bfed9a3af3ba5171dea491606b629997b42018238f5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | e4cc1ece2f2425b10ae2ccc212c1dafc |
| SHA1 | 92609e6d0093693110baa23758382889bcb30da6 |
| SHA256 | 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809 |
| SHA512 | 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a33e9971ef5e9dc6d8d44b1f530d467f |
| SHA1 | f37c157f2f27a3ea9b2beadcd65c206898272053 |
| SHA256 | af6ddcf27ed98df7390869886a105173ed95e4ff20cad01df65bd30eb82a87e7 |
| SHA512 | 231a234fc78a7cf5deacf0178696e3c6c32e8af02e1a93bf5a7b108821e91d47c5c0a9a6f18667e79db22375c7f705a4afc405fa0b3cdd23e5f67b375945552d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5aa903.TMP
| MD5 | 518039f257f5066c64fd181e010e4d1f |
| SHA1 | 977a87dd57df7a428b2370361d2be20be3c4ba4d |
| SHA256 | 7ed05034a63eeaf3b32f9621c1f1db7d548c5f4e91713cc674c1553b0e2cda20 |
| SHA512 | 9429cec5161be1ce37c5c2f3a2c712a7e2415d91e361b3610dfaa2749fa529b8c9d55b13c3d98ef9dcf5b38630902393432d90fe567f319288ca11664266b904 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d63e415463658549eb45503ef02c7d26 |
| SHA1 | f221e387ff8452dc71ec79087db213e6b783eaf2 |
| SHA256 | 15813127bd66a33355c10cd98d6b8134dba797027e2cd98b3faecfd0538f38be |
| SHA512 | 93a40b3ea6063d35f9ed1378f0eec98ef170e5f957af8b2a9d52c5f7258e33c684710cc9c167a3092e87ff9cd3c288db79b9b6db9366e5a8d9c0685c40a2807c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 175308aee463a7619116da2f18abd86d |
| SHA1 | 5652bece2a484cf5e959244b183bbcdceeea7d42 |
| SHA256 | 3f6c35bffa3d9cd75debd561c2c9736df5a9233e410c30bc0b66d62e0dd34202 |
| SHA512 | 18cc76c0b830a8d4a336052cde66cd919743b8b1ee41b5e670843e281b724e7e78eb9d75ec4ca69ddcdbb38092b9e846be25c52e5db9c2a7c90bf2a820e08528 |
memory/1720-974-0x0000000006710000-0x0000000006748000-memory.dmp
memory/1720-975-0x000000000E260000-0x000000000E78C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 896d7e797548edf7b407f0e4e8a6a23c |
| SHA1 | 5d54ac9bacb8e8aa281f1e459db7f90606f62fbe |
| SHA256 | 6bd985d2a0c9ce6f2f252f423cfe562b90a74571099e4bfe82861b585722cc60 |
| SHA512 | 28629e62351ed5b40e63e93d08b4efcd348869162401043975657d6bf6f8e4164b3944228ef27834acf85b828eea6b949db7978a4d90aa5f532da93b32e8ed8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa6cc6d1c93b47dc476a6a89dd9c1fa0 |
| SHA1 | 86ffd75525fce25137b7c464536778718d826073 |
| SHA256 | feb01acc3eea1dd8f26b240a7ed839c0259698e0f9200eeef97de0dc23f9b550 |
| SHA512 | c3f239f3e3abdeb67600fc644976a7c118a92ab15ce11313ecc74fe0c04425dd2bd6d8ae364fec5cde3297db1d78d7cf6d98cd76023939c7def4e7b67bf0de47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | baeff43e79835124353e548db56480a3 |
| SHA1 | 078aa8f8b7d006ab912795ace1b724da6265ff61 |
| SHA256 | 9adca832ac632b63b939dc4fbf6fdfd66e781eba5de4ff30738bbc0667de319e |
| SHA512 | c230b693967e9c6585c82d175cf3034158dc7fa7c26287721843817fd04792b3e6e280a8a0ef5d557ad73d178555684fe07f1aed18c3465ef7c157efcb52504b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 6fb26b39d8dcf2f09ef8aebb8a5ffe23 |
| SHA1 | 578cac24c947a6d24bc05a6aa305756dd70e9ac3 |
| SHA256 | 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059 |
| SHA512 | c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8be950c217d5ca510bc17315ccae703c |
| SHA1 | ad538e7d76c861a562c2d157ba37de3f49015786 |
| SHA256 | c9fab9663c24a13cfbb1dc64ba8b87e2ce379b438537aa092eca96df1a61ac3c |
| SHA512 | 7aa009caaf653110f6f3d1e9b28f671efddbd05c4a4d3b6d95b9da16712f01c7782e850997c1a6dcfa1be2ec991288ad5f9fbe6d98fcc0705cc359018e695656 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 05434843c5acdbcbeaa0f902baade074 |
| SHA1 | c4f8ae5cd73a5c4aa3d535facfe61b2b2e2247f2 |
| SHA256 | 76fa7a141e8bff4fab8c901d33ce9fcc6d84bc30fc896d837e63f2ef38898294 |
| SHA512 | 1a51342cf41a72cf604429ad4881c974eee6eef33b441b287fcdfb7021b1b429a7133acd75a2996cd1178a0b6d86681f9810a81ecb92a41e07918687a974fe2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4bd0a1626d55f3d8a1e8897f8948a6b5 |
| SHA1 | 727a489620579682f412c78c5dd5b1f93801c617 |
| SHA256 | 47950beaf2b7072313cfd80db136277be6a02817879969f9db8fc31486d527f8 |
| SHA512 | a7b2104d6402bea428c6c5e1ddb879ddce696e35fbf7b51c426d4e1ecadfcfc7ff592972143a086e2db6618e63d1fe58547b216fc5c0abe998112ebc42535052 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 186c1aaaad6579f0a840a7954ab74e3d |
| SHA1 | 18e9fec244f55cfe80a52f5a5b15c1776600bae3 |
| SHA256 | c69a0afb3f574c12e88b137b214abf9ba6fe28db3cfb529fc9b55ad7fc32ee8a |
| SHA512 | ecfc32ed76e0dda792155cdee7ad19270fc6660f0f7e4338b011969dc5aaa018e71207a5eff61ad08c5e31f3ef17036d0617916456fa348c8931b5f0ee5b48ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | cea59157b4d80b80fa5951a69f35295b |
| SHA1 | 9be6504a73bca9310d854ca2c5a7019ae93f5395 |
| SHA256 | 01ab3106ac945e3363bc6edff3291935d8a871065e24b9c77558697e47828dab |
| SHA512 | 9f29dbd291a357a85ddd6ca3e68262e241a7d13a4dff123fbbcf92509af94175017eaf2901bab0c8f9a1a1567bf10b2a3dd767acb42408bb239ca5d820de0a7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | d89ca356105ac23ef96fb45877f9fd4e |
| SHA1 | f9d3d14d2eb8fa061dcc82b12d4441d0db341b06 |
| SHA256 | 4e8a262bb6a45c8c17bb00b4ad0bd896c6f95a7d8d3a795e6c49ac0c557322bc |
| SHA512 | 83f7261aace5aff4d780acaa12267dae69f191a45b3bbab30f02a79f26601c2c57dcef17ebc70a8c1d3904af67599ecf330047392dee6fa847a4caa91deac388 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
| MD5 | b75772f950e5125c859170d985e6e6b8 |
| SHA1 | eff4c475169ba5087a2684134740405a871a134a |
| SHA256 | 384c025e13c54af4901ac16e908d9dbe811397eddbc00c6b28d318855d73aecb |
| SHA512 | c4d3f8a5110bc6339f5cefec3e7f139185522dff53ed8bbf1528ec994bf70a61e26126c4f602d948bf4ebe9dca8f5a92f11954d92b86719141fee5807439a6a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | a85641dbbc2e737f08a83875d8e7706e |
| SHA1 | 6e4acbef413babea2733c3c689ccfd7788e2091e |
| SHA256 | c274acf372114f67c76a61b7df530b657e371997ba617b000363342c0abaf3db |
| SHA512 | 9b967a390c47d29be598ea89691f9944927ce2335bd4f296402055b9432941707e2a22672e55d5d6684adf0f2e46506749585b51c53b05631e316065af3916c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | 343de8ae671d4301ed07e950c8058296 |
| SHA1 | ca3b370c337a7751bf657e114097261bffe232f1 |
| SHA256 | c08fd74e5af904092591d5994a97d74c2cb8aa90176f8d3d4bf562ba16dd5a94 |
| SHA512 | 21987052d9576577f7fc701242f706e6fc87035b2de037b63c6aeb4e9e58e54bd875d6e16dd19a3ab11198b11e493b9609a68b6843d8266721e56d07638f5148 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 79cf88e190504192059a27b08df6586e |
| SHA1 | c588e12f71c91ca726c23d08137b6203460a98f4 |
| SHA256 | d6597f5d2359d356897f0db069f128d9e2f75cf975e72f4c900cea2e94fb329e |
| SHA512 | c1261f0f38fd31ed1b3ae25106cf51fcef5ab0fc6cff9876046a038050772c22ed8d2e819946f94c2cea5dacdcffedc4cb3f78a37f86f3f4bb15e4a87347bc6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | 86fc905f3f7ea07b64a2d005669b78ef |
| SHA1 | d5664f3fc7b3af7780c0257c483756ae524461f7 |
| SHA256 | b2805c0a9acb786315762f251743969ebf24ad2e196bc2d682c72f9651080159 |
| SHA512 | fb18f395c4a11860466d3e605eee0386a78786c7f31e83a8e088e6d09dab3b3ac7212197157b17da099cd93b06a725bb78e6196aa34f719e1b827218a1a7fa58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | 027fda066e17d3d40918a399a3a58ba4 |
| SHA1 | 073c784f979c40276e604280a5e2c175a41de934 |
| SHA256 | 6a252bb7a741b1476823aad515a7e938cab5a84d60513c75843b5bad500b3a15 |
| SHA512 | 18f7f177954d4ec1486c55c673a0092d130d0b903b2dd90e1dd902bdcbecf9ead9197103ef8732c3b7d0ded6c7d66a7854134ef4dee7fcccb3f2b1b171cbee1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | c55dbb2a5e2048f8ac7b88cafbe13ab6 |
| SHA1 | 6629572a0fd059184b4e5c57687fa414fa7283d3 |
| SHA256 | a82abfaf7dd683f673153324de1295a2a952e5b40fbbc581b5fc39603883f5cb |
| SHA512 | 61336d53f5f14636ad0552e92bafec6ab262faea08d28143dbe6f631bd6be86ed1b6b2dd5a2127cde53a1405ee4bc8384c3327521571917dc22c7fd553f108aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | bb7547dd865a669681157f6a2c939155 |
| SHA1 | f1f78266f1fba20c47f9af381cc32777444f7fd2 |
| SHA256 | 13c66db9329a6bde7bda21fcbb60d61805c444d84d0072ab309327ffc60580c9 |
| SHA512 | 0a3b7df9fad6ae7ac4899f49f3e2a5e5a18c4a1d3d3821770d6b614fc0010c6c7464c71932b6209b0a8ecb9093c6957a68cd0fd5b3183bef099850ffee859797 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
| MD5 | 8a98504241465b53cb22e8de49906ab4 |
| SHA1 | e69715a624687b4c4c5b96fd988967148c531751 |
| SHA256 | 0a939db13113cc24c67857668adbf6762cc3696a828e497a81d56eea93adb989 |
| SHA512 | db5cbf7358a09929c52bd65c2762d12f90330156fd1750a60b95001c3ae4d205c6c16a7245c20533c4177c5a8f9b1491f6932ff673ccbe6cc2cc74c6aab6fd6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | 98f7ded41df9df121c853574b3e7f15e |
| SHA1 | c33dc8e6b84300e1dd99600e453b1c1103719410 |
| SHA256 | 52dad93b12d78578fb838e07303cb9f137cc1f46a9fbdc8bf4bbf1ace762555d |
| SHA512 | de43441f031169efa3dd8ba99d9735d72f07272c159a505634a53a5cc34cedf7530cbea6aeb720e69c91c903baca27c271fa8288c97c9c4541aac74821118d50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a4ceb1dba2ddebf6af71b893d6c5f90e |
| SHA1 | 3f2e751bdbd6aa5d6101ce547849c2c4b3d34440 |
| SHA256 | 39e112de99420eea0966a00262e8ae6ae4441aab15560a01b28bd618b161616c |
| SHA512 | a101761e448f62ec14f379d5bff1c2b41d0eb48b62a849017e62128162377752f2f6a61a5f7459ce40eb0102398ac7bb62717621921d75954068dd102172d96e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d781b2eea24b353fa5b5a2139432f865 |
| SHA1 | 95fcdd64b1ee4acec6987b244233cbf6732fb4ff |
| SHA256 | 388e93d350336d0e250cf4745cae6ca0d9b8899540352578b13cd0d6565bad6a |
| SHA512 | f708e1fbfb3c05229e4ac9b5ebc90f4b4968ec92f9a406c5b4c6e449c16fa15954e589839cc4c7323e4616b378d1b6d2dd40458dac873b64ae2421ed4f50c7e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 76dc2211fe512efed3cb7cadde7cac6d |
| SHA1 | 389fb491bf0f484beab01f5f10875f3fad0d22e6 |
| SHA256 | e0cd9a823ab6defa86ba33a49945b73d4ca1b69cbfdde6c26bae660197cbb51a |
| SHA512 | 03c4ce06df3e48a5359d5cafe506266a795cbf643ae2894a6560ffe6b2c600dba836bd36e714991420a97e597a32b2d6d21979cb241215ea230fddbbc3a91361 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5088d59afa75c221545cfdae733ec1e4 |
| SHA1 | fe838243e952d3ef5f677d7ddac870b3e75cf887 |
| SHA256 | 960dc61c81e6ab676c286f4f6e86d6779afb2b6eff9ee21c1dfc8436011001cb |
| SHA512 | 4a3ce3c049330dadb677f9ca7a3f63e43123019e0d6245ff03f18d72edcf993f9a528a36ffbb73887b60aab604b46efb53391eac762a0f13862f6b8d18328192 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2206e1145d64826b9babb59c7355e2e6 |
| SHA1 | 6ee0c94bc645fcef6c79cc45193a190539cdb11e |
| SHA256 | 6cfa1bce4e196a6035bc542b9c5dc99b121d50f1c5efe777624994749a1aff27 |
| SHA512 | c076ecb305d7bebc4df8ccc5278e646f0117daa450666b131010e99bc04139dd00e8662a6b57e64eefa7b433c0ca2e745f025efd00704bf1a46541daf032b350 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | 18853466ce7c08d99085efccdab2bf21 |
| SHA1 | c51cc86b0c6935348c9f8d99bdae636854e94d68 |
| SHA256 | 25e589ba0d5e65feba82bc8b374e03e75c070ca51e54987bb3e5ad5b2e4984a8 |
| SHA512 | 7f41bf9494f53d327826ac7b7515b83d58978cdea394492d7a85e4ae3f23bc91534fec4bf7e24cb6e42371dd921e0f1a068ee121ef60a176966addf098d7f852 |
memory/1720-1550-0x0000000001D10000-0x0000000001D4E000-memory.dmp
memory/1720-1551-0x000000000BF60000-0x000000000BFC6000-memory.dmp
memory/1720-1552-0x0000000006FF0000-0x0000000006FF8000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
memory/1720-1566-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1565-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1564-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1563-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1567-0x0000000012190000-0x0000000012316000-memory.dmp
memory/1720-1568-0x000000000E230000-0x000000000E240000-memory.dmp
memory/1720-1569-0x000000000E240000-0x000000000E250000-memory.dmp
memory/1720-1576-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1575-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1574-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1578-0x0000000009850000-0x000000000989A000-memory.dmp
memory/1720-1580-0x000000000EF90000-0x000000000F0EB000-memory.dmp
memory/1720-1579-0x0000000011AB0000-0x0000000011B96000-memory.dmp
memory/1720-1577-0x00000000097D0000-0x00000000097F4000-memory.dmp
memory/1720-1573-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1586-0x000000000E240000-0x000000000E250000-memory.dmp
memory/1720-1585-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1584-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1583-0x000000000E240000-0x000000000E250000-memory.dmp
memory/1720-1582-0x000000000E240000-0x000000000E250000-memory.dmp
memory/1720-1587-0x000000000E240000-0x000000000E250000-memory.dmp
memory/1720-1581-0x000000000E230000-0x000000000E240000-memory.dmp
memory/1720-1572-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1571-0x0000000006F20000-0x0000000006F30000-memory.dmp
memory/1720-1570-0x000000000E240000-0x000000000E250000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | baed2a3ea8189f0f7ffcf17a1b3ba4c7 |
| SHA1 | d2a4e60b4b1dc6a43aeb2a377b2f6cdd44248db7 |
| SHA256 | 56c3a6c42824549a2d2ba9f28b18a907931260b54b193d99e32cb51bb4c35987 |
| SHA512 | c65e795b82e9a333a17fc02e226a85df1f30459d62f613e53c50e87c2c0a01f0394e1ca52dfa78d0e4728b1ed87c4a8cc8dcb2eb860da6783a8d9421c9918aac |
memory/7116-1609-0x0000000004BB0000-0x0000000004C9A000-memory.dmp
memory/7116-1608-0x0000000000330000-0x0000000000338000-memory.dmp
C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json
| MD5 | 200ac2bc43033ecf1547d9e90237a23c |
| SHA1 | 8fd6285b6dbab6a5ea437fa9c425762f6a010dcb |
| SHA256 | dea6bec5fcb509f0cc6c5aeea62f43d5067411ce5d31ecca5aa81230f86d7f2c |
| SHA512 | c7a83913298c9df424709b6446c09f64ed42b2cdbb592adc20a8592d79b3c2da0e212754f32ad8c7f9297fbf084a9872e140a478ef43d298fb87a85a50247d98 |
C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json~RFe5c8a36.TMP
| MD5 | 14a7f3a96082db09ccb8b9e7db6ff965 |
| SHA1 | c0b16cf759da934be6a427c57d878d65a63dd07e |
| SHA256 | ea121d538b1d0263b95bc834ea45848479ad11d8378003af9f209e4e8620fa54 |
| SHA512 | 56d473012540dcbd4ffe3898727a27a5bb1f744bfe0da7b717d71bf454d8463139aef46a4ca823a02ac6b0b61cb755d014ee2e6dccf28c87083410bab7803075 |
C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping1720_731218730\manifest.json
| MD5 | 0359d5b66d73a97ce5dc9f89ed84c458 |
| SHA1 | ce17e52eaac909dd63d16d93410de675d3e6ec0d |
| SHA256 | beeab2f8d3833839399dde15ce9085c17b304445577d21333e883d6db6d0b755 |
| SHA512 | 8fd94a098a4ab5c0fcd48c2cef2bb03328dd4d25c899bf5ed1ca561347d74a8aab8a214ba2d3180a86df72c52eb26987a44631d0ecd9edc84976c28d6c9dc16a |
C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json
| MD5 | 4e18c410d7b46269852e5351cc4bb62a |
| SHA1 | b937111ae84dff0111833ed5044f7e80cf398595 |
| SHA256 | 35ea67313fbc832ea2590dc5341b12405770b82b0103a9ed670a0b15c6ff867b |
| SHA512 | 126a6e20499eb1706e5c11c7f014c9d5bf88a3721f50849660e3ba0c56e029d733230e1fe1c1121d65bdda9f7eab5d73c9e0250a11bf3803610385ac276d909f |
memory/4792-1678-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1677-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1676-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1688-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1687-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1686-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1685-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1684-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1683-0x0000000009ED0000-0x0000000009ED1000-memory.dmp
memory/4792-1682-0x0000000009ED0000-0x0000000009ED1000-memory.dmp