Edit tour

Windows Analysis Report
http://ynlyce.com

Overview

General Information

Sample URL:http://ynlyce.com
Analysis ID:1644311
Infos:

Detection

Score:56
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Creates files inside the system directory
Deletes files inside the Windows folder
Detected suspicious crossdomain redirect

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64
  • chrome.exe (PID: 5840 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 2588 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2056,i,2299731630484019641,637105831372448406,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2088 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 6628 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ynlyce.com" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: http://ynlyce.comAvira URL Cloud: detection malicious, Label: phishing
Source: https://arvest.click/login/css/MyFontsWebfontsKit.cssAvira URL Cloud: Label: malware
Source: https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_NewYearPlan.pngAvira URL Cloud: Label: malware
Source: https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Consumer.pngAvira URL Cloud: Label: malware
Source: https://arvest.click/login/css/layout2.cssAvira URL Cloud: Label: malware
Source: https://arvest.click/login/css/arvest-logo.pngAvira URL Cloud: Label: malware
Source: https://ynlyce.com/Avira URL Cloud: Label: phishing
Source: https://arvest.click/login/css/login-arrow-icon.pngAvira URL Cloud: Label: malware
Source: https://arvest.click/login/css/Small_Business_Checking_2_mainnav.pngAvira URL Cloud: Label: malware
Source: https://arvest.click/login/Avira URL Cloud: Label: malware
Source: https://arvest.click/login/css/2024_ACC_3X_Holiday_Rewards_Main%20Nav.pngAvira URL Cloud: Label: malware
Source: https://arvest.click/login/css/FDIC-new-logo.pngAvira URL Cloud: Label: malware
Source: https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Mortgage.pngAvira URL Cloud: Label: malware
Source: https://arvest.click/login/css/bootstrap_custom.cssAvira URL Cloud: Label: malware
Source: unknownHTTPS traffic detected: 142.250.65.228:443 -> 192.168.2.6:49702 version: TLS 1.2
Source: unknownHTTPS traffic detected: 91.212.166.88:443 -> 192.168.2.6:49705 version: TLS 1.2
Source: unknownHTTPS traffic detected: 91.212.166.119:443 -> 192.168.2.6:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 91.212.166.119:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 91.212.166.119:443 -> 192.168.2.6:49717 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: ynlyce.com to https://arvest.click/login/
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknownTCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknownTCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknownTCP traffic detected without corresponding DNS query: 20.42.65.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.33.40.135
Source: unknownTCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.215
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: ynlyce.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/ HTTP/1.1Host: arvest.clickConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/MyFontsWebfontsKit.css HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/bootstrap_custom.css HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/layout2.css HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/2024_ACC_3X_Holiday_Rewards_Main%20Nav.png HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/arvest-logo.png HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/Small_Business_Checking_2_mainnav.png HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Consumer.png HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/arvest-logo.png HTTP/1.1Host: arvest.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/2024_ACC_3X_Holiday_Rewards_Main%20Nav.png HTTP/1.1Host: arvest.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Mortgage.png HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/Small_Business_Checking_2_mainnav.png HTTP/1.1Host: arvest.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/FDIC-new-logo.png HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Consumer.png HTTP/1.1Host: arvest.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_NewYearPlan.png HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/FDIC-new-logo.png HTTP/1.1Host: arvest.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/login-arrow-icon.png HTTP/1.1Host: arvest.clickConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://arvest.click/login/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Mortgage.png HTTP/1.1Host: arvest.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/login-arrow-icon.png HTTP/1.1Host: arvest.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_NewYearPlan.png HTTP/1.1Host: arvest.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: ynlyce.com
Source: global trafficDNS traffic detected: DNS query: arvest.click
Source: global trafficDNS traffic detected: DNS query: e2c53.gcp.gvt2.com
Source: global trafficDNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://cv.iptc.org/newscodes/digitalsourcetype/trainedAlgorithmicMedia
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://ocsp.digicert.com0A
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://ocsp.digicert.com0X
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://pki-crl.symauth.com/ca_7a5c3a0c73117406add19312bc1bc23f/LatestCRL.crl07
Source: chromecache_69.4.dr, chromecache_80.4.drString found in binary or memory: http://pki-ocsp.symauth.com0
Source: chromecache_70.4.drString found in binary or memory: http://www.myfonts.com/fonts/bitstream/futura/bold/
Source: chromecache_70.4.drString found in binary or memory: http://www.myfonts.com/fonts/bitstream/futura/book/
Source: chromecache_70.4.drString found in binary or memory: http://www.myfonts.com/fonts/bitstream/futura/medium/
Source: chromecache_70.4.drString found in binary or memory: http://www.myfonts.com/viewlicense?type=web&buildid=2546231
Source: chromecache_81.4.drString found in binary or memory: https://applink.bakerhillsolutions.net/ArvestPublicMR/B2BApp.aspx
Source: chromecache_81.4.drString found in binary or memory: https://arvest.cardmanager.com/
Source: chromecache_81.4.drString found in binary or memory: https://ecash.arvest.com/CorporateBankingWeb/Core/Signin.aspx
Source: chromecache_81.4.drString found in binary or memory: https://homeloan.arvest.com/login
Source: chromecache_81.4.drString found in binary or memory: https://locations.arvest.com/
Source: chromecache_81.4.drString found in binary or memory: https://mymortgage.arvest.com/sign-up
Source: chromecache_81.4.drString found in binary or memory: https://orderpoint.deluxe.com/personal-checks/welcome.htm
Source: chromecache_81.4.drString found in binary or memory: https://rdc.arvest.com/ArvestBankDefault.aspx
Source: chromecache_81.4.drString found in binary or memory: https://sso.arvest.com/idp/startSSO.ping?PartnerSpId=urn%3Abki%3Aservicingdigital%3Arwa%3Aarvest&amp
Source: chromecache_81.4.drString found in binary or memory: https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=/Centre/?arvest&arvest
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49686 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 49681 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49681
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownHTTPS traffic detected: 142.250.65.228:443 -> 192.168.2.6:49702 version: TLS 1.2
Source: unknownHTTPS traffic detected: 91.212.166.88:443 -> 192.168.2.6:49705 version: TLS 1.2
Source: unknownHTTPS traffic detected: 91.212.166.119:443 -> 192.168.2.6:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 91.212.166.119:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 91.212.166.119:443 -> 192.168.2.6:49717 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir5840_2024653378Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir5840_2024653378Jump to behavior
Source: classification engineClassification label: mal56.win@24/32@22/4
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2056,i,2299731630484019641,637105831372448406,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2088 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ynlyce.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2056,i,2299731630484019641,637105831372448406,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2088 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1644311 URL: http://ynlyce.com Startdate: 20/03/2025 Architecture: WINDOWS Score: 56 15 e2c53.gcp.gvt2.com 2->15 25 Antivirus detection for URL or domain 2->25 27 Antivirus / Scanner detection for submitted sample 2->27 7 chrome.exe 2 2->7         started        10 chrome.exe 2->10         started        signatures3 process4 dnsIp5 17 192.168.2.6, 138, 443, 49182 unknown unknown 7->17 12 chrome.exe 7->12         started        process6 dnsIp7 19 arvest.click 91.212.166.119, 443, 49706, 49707 MOBILY-ASEtihadEtisalatCompanyMobilySA United Kingdom 12->19 21 ynlyce.com 91.212.166.88, 443, 49703, 49704 MOBILY-ASEtihadEtisalatCompanyMobilySA United Kingdom 12->21 23 4 other IPs or domains 12->23

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
http://ynlyce.com100%Avira URL Cloudphishing
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://arvest.click/login/css/MyFontsWebfontsKit.css100%Avira URL Cloudmalware
https://arvest.cardmanager.com/0%Avira URL Cloudsafe
https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_NewYearPlan.png100%Avira URL Cloudmalware
http://cv.iptc.org/newscodes/digitalsourcetype/trainedAlgorithmicMedia0%Avira URL Cloudsafe
https://homeloan.arvest.com/login0%Avira URL Cloudsafe
https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Consumer.png100%Avira URL Cloudmalware
https://arvest.click/login/css/layout2.css100%Avira URL Cloudmalware
https://sso.arvest.com/idp/startSSO.ping?PartnerSpId=urn%3Abki%3Aservicingdigital%3Arwa%3Aarvest&amp0%Avira URL Cloudsafe
https://ecash.arvest.com/CorporateBankingWeb/Core/Signin.aspx0%Avira URL Cloudsafe
https://applink.bakerhillsolutions.net/ArvestPublicMR/B2BApp.aspx0%Avira URL Cloudsafe
https://arvest.click/login/css/arvest-logo.png100%Avira URL Cloudmalware
https://mymortgage.arvest.com/sign-up0%Avira URL Cloudsafe
https://rdc.arvest.com/ArvestBankDefault.aspx0%Avira URL Cloudsafe
https://ynlyce.com/100%Avira URL Cloudphishing
https://arvest.click/login/css/login-arrow-icon.png100%Avira URL Cloudmalware
https://arvest.click/login/css/Small_Business_Checking_2_mainnav.png100%Avira URL Cloudmalware
https://arvest.click/login/100%Avira URL Cloudmalware
https://arvest.click/login/css/2024_ACC_3X_Holiday_Rewards_Main%20Nav.png100%Avira URL Cloudmalware
https://arvest.click/login/css/FDIC-new-logo.png100%Avira URL Cloudmalware
https://locations.arvest.com/0%Avira URL Cloudsafe
https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Mortgage.png100%Avira URL Cloudmalware
https://arvest.click/login/css/bootstrap_custom.css100%Avira URL Cloudmalware

Download Network PCAP: filteredfull

NameIPActiveMaliciousAntivirus DetectionReputation
e2c53.gcp.gvt2.com
35.217.93.191
truefalse
    high
    ynlyce.com
    91.212.166.88
    truefalse
      unknown
      arvest.click
      91.212.166.119
      truefalse
        unknown
        beacons-handoff.gcp.gvt2.com
        142.251.116.94
        truefalse
          high
          www.google.com
          142.250.65.228
          truefalse
            high
            beacons.gcp.gvt2.com
            unknown
            unknownfalse
              high
              NameMaliciousAntivirus DetectionReputation
              https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Consumer.pngtrue
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/layout2.csstrue
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/MyFontsWebfontsKit.csstrue
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_NewYearPlan.pngtrue
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/arvest-logo.pngtrue
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/login-arrow-icon.pngfalse
              • Avira URL Cloud: malware
              unknown
              https://ynlyce.com/true
              • Avira URL Cloud: phishing
              unknown
              https://arvest.click/login/css/2024_ACC_3X_Holiday_Rewards_Main%20Nav.pngfalse
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/Small_Business_Checking_2_mainnav.pngfalse
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/FDIC-new-logo.pngfalse
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/false
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Mortgage.pngfalse
              • Avira URL Cloud: malware
              unknown
              https://arvest.click/login/css/bootstrap_custom.cssfalse
              • Avira URL Cloud: malware
              unknown
              NameSourceMaliciousAntivirus DetectionReputation
              http://pki-crl.symauth.com/ca_7a5c3a0c73117406add19312bc1bc23f/LatestCRL.crl07chromecache_69.4.dr, chromecache_80.4.drfalse
                high
                http://cv.iptc.org/newscodes/digitalsourcetype/trainedAlgorithmicMediachromecache_69.4.dr, chromecache_80.4.drfalse
                • Avira URL Cloud: safe
                unknown
                https://ecash.arvest.com/CorporateBankingWeb/Core/Signin.aspxchromecache_81.4.drfalse
                • Avira URL Cloud: safe
                unknown
                https://sso.arvest.com/idp/startSSO.ping?PartnerSpId=urn%3Abki%3Aservicingdigital%3Arwa%3Aarvest&ampchromecache_81.4.drfalse
                • Avira URL Cloud: safe
                unknown
                https://orderpoint.deluxe.com/personal-checks/welcome.htmchromecache_81.4.drfalse
                  high
                  https://arvest.cardmanager.com/chromecache_81.4.drfalse
                  • Avira URL Cloud: safe
                  unknown
                  https://homeloan.arvest.com/loginchromecache_81.4.drfalse
                  • Avira URL Cloud: safe
                  unknown
                  https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=/Centre/?arvest&arvestchromecache_81.4.drfalse
                    high
                    http://www.myfonts.com/fonts/bitstream/futura/medium/chromecache_70.4.drfalse
                      high
                      http://www.myfonts.com/fonts/bitstream/futura/book/chromecache_70.4.drfalse
                        high
                        https://applink.bakerhillsolutions.net/ArvestPublicMR/B2BApp.aspxchromecache_81.4.drfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://mymortgage.arvest.com/sign-upchromecache_81.4.drfalse
                        • Avira URL Cloud: safe
                        unknown
                        https://rdc.arvest.com/ArvestBankDefault.aspxchromecache_81.4.drfalse
                        • Avira URL Cloud: safe
                        unknown
                        http://pki-ocsp.symauth.com0chromecache_69.4.dr, chromecache_80.4.drfalse
                          high
                          http://www.myfonts.com/fonts/bitstream/futura/bold/chromecache_70.4.drfalse
                            high
                            http://www.myfonts.com/viewlicense?type=web&buildid=2546231chromecache_70.4.drfalse
                              high
                              https://locations.arvest.com/chromecache_81.4.drfalse
                              • Avira URL Cloud: safe
                              unknown
                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs
                              IPDomainCountryFlagASNASN NameMalicious
                              91.212.166.88
                              ynlyce.comUnited Kingdom
                              35819MOBILY-ASEtihadEtisalatCompanyMobilySAfalse
                              142.250.65.228
                              www.google.comUnited States
                              15169GOOGLEUSfalse
                              91.212.166.119
                              arvest.clickUnited Kingdom
                              35819MOBILY-ASEtihadEtisalatCompanyMobilySAfalse
                              IP
                              192.168.2.6
                              Joe Sandbox version:42.0.0 Malachite
                              Analysis ID:1644311
                              Start date and time:2025-03-20 13:38:58 +01:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 3m 7s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:browseurl.jbs
                              Sample URL:http://ynlyce.com
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:15
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal56.win@24/32@22/4
                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe, TextInputHost.exe
                              • Excluded IPs from analysis (whitelisted): 142.250.80.35, 142.250.80.46, 172.253.115.84, 142.251.40.238, 142.251.41.14, 199.232.210.172, 142.250.80.78, 142.251.40.206, 142.251.32.110, 199.232.214.172, 142.251.40.227, 142.251.35.174, 192.178.155.84, 142.250.64.110, 184.31.69.3, 20.109.210.53
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, accounts.google.com, redirector.gvt1.com, slscr.update.microsoft.com, update.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, fe3cr.delivery.mp.microsoft.com
                              • Not all processes where analyzed, report is missing behavior information
                              • Report size getting too big, too many NtOpenFile calls found.
                              • VT rate limit hit for: http://ynlyce.com
                              No simulations
                              No context
                              No context
                              No context
                              No context
                              No context
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 38 x 16, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):437
                              Entropy (8bit):7.301920754808577
                              Encrypted:false
                              SSDEEP:12:6v/7s/NTBmRIahtoLsncnUuesWqU8zaAPtsj2EyX39eBzaQDUQhTec:5GRIahtoacnTe3qU8OASj2bX39eBJVh3
                              MD5:A1DA7C1767B0E724DAEE1C3EF5464222
                              SHA1:3A166572760D23E3FEF34BAD4FD3B41DC9714B01
                              SHA-256:F058EDFA0CBD7A48A750657262FAB23056F86733A582C09EBE357E3EE5F92EBA
                              SHA-512:580966E0EA787C697AD1011346784794AE7C1291A2E49040457C52441760917A5CB374995BC457849C0E9EBF2F41FC1CEF49642C37318B66AB3B2DCD772B78C1
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR...&.........z.......sBIT....|.d....lIDATH..U.q.0.\2..L. t.....A..#.\*.].W.%P.....t..l.6....\xdg....eY.".....$..h..h..*..q.V./.2O?...DN...O...P.a.VpH."....F.s.......opp.....g(.N.}..]..{......W..@b.....*U."s..d...l..'y.{.$..&6...ZI.M.#..%.z.B..".L.H...a.j.V....Qn..p...K..X3..*....A!t.......^.^....T........!..x.I..7.2.....T*|..D..?.w.w......SvD.Y.9.$3...._..-GR.../...q..`[$v....F..w.3.a4t./..x.;......IEND.B`.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (7960), with CRLF line terminators
                              Category:downloaded
                              Size (bytes):31484
                              Entropy (8bit):5.07758748858107
                              Encrypted:false
                              SSDEEP:768:Njr6KZt/VQoTkTBmTR8chcdJa43TaTC4b1RskYKxe6HZdZ9H3lbOkx:Nxrzx
                              MD5:2813B7ACCA19AC5662C7E24834F3B7D0
                              SHA1:2AE12C06218EA60AAD500FFAB0D224BBDCF5A392
                              SHA-256:ACEF8EACD3E56B92CE009215839581D09B67D9C2380523D92A0F40A09E4F2F9E
                              SHA-512:B6AF2B170E66EA9B62CA1BA46A76139693A9D85DF49774A9533337FBC0649F3F123D807C508F3D76911927C110830EC70179B6879B3FA649A16E8C51181D78FC
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/layout2.css
                              Preview:*{-webkit-tap-highlight-color: rgba(0,0,0,0)}.iosPhone,.iosPhone a{color: #cc0000}a:hover{text-decoration: underline}h1,h2,h3{font-family: FuturaBT-Book}h2{font-size: 1.7rem;margin: 8px 0}h3{font-size: 1.7rem;margin: 6px 0}h2.sub-header{margin: 0;padding: 11px 0;font-size: 1.7rem;line-height: 1.2;color: #00457c;font-family: FuturaBT-Medium}h2.sub-header.two-line{line-height: 22px;padding: 15px 0}img{vertical-align: baseline}table td{vertical-align: top}caption{text-align: left;font-weight: bold}a[type="application/pdf"]{background: url(/images/tiny/file_pdf.png) no-repeat right 0 rgba(0,0,0,0);background-clip: border-box;padding-right: 18px;padding-top: 2px}.tel{white-space: nowrap;color: inherit}.linkreg{color: #1A6AC0;font-size: 75%;left: 1px;position: relative;vertical-align: super}.FuturaBT-Book{font-family: FuturaBT-Book !important}.FuturaBT-Bold{font-family: FuturaBT-Bold}.FuturaBT-Medium,.icon-button-row,.pag-menu,.bank-landing-content p{font-family: FuturaBT-Medium}.container-m
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 217 x 234, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):64027
                              Entropy (8bit):7.982826499272069
                              Encrypted:false
                              SSDEEP:1536:TGc1raBcKE4HBDuE9Ma7zfzrTn+Va51rTyfat:nrMcKE4BCQ/77zP+I51rGfat
                              MD5:2A9E091041F9B263B3C01479E26937A9
                              SHA1:BCD81AC3ADBF7BB7B3E26E78D1E80843F66F7620
                              SHA-256:DF334B281323563E41794CB5FA8D849C0A2BD29BE192B97AEDAD8DA5D8B2F9B3
                              SHA-512:3037A75EF57FEF41C78334C1D8A1125FA066BE8532F2E754FDC7247D5C9B875252AE5D1E7A38B3F7D8A25659C106EE3DC04C7DE812F9CCB72CF09532DB4E8F6A
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR............./P.u....pHYs...........~... .IDATx..g.dw...;9V.7...s ..a.......].....*X..W........l.0.8@_.Kk....Y.%9..06;w...7..:..C......Y.B~....s..s..<..p..$...f.E..A9?M..ae,4E".`.~..n......F7R.?s..J..."...".g-I N.$Q............K.."0.....1q.s<.h8!i].D..]..}L4tH.4GG...[.Z.'.B....mvy..oQ..r......^.Q.LS....%....Q.W......;......QD7R.zu4Y..)....+.k.....m~Bbf)e......C...%....A."..1C.q.yD....Q..]...?..~..1.O!|..(.G..\...........>._z.s........Z....y;.|e...|J.P....I.............9s.y..O!...9...c.2...[.)W'..*..-..f.......b:...,s.uH...0v.(N...Y...t..:dM.K7..#..=..i..$..US.$Q`.Elv|......Q.(..E..Z.[/...m~D..R..S=u..W.I......#Z.M|..&J..O.XE.Lf./.1.X.r....#..g..mv?.........6..v..?bu....$=.E....,R.P.M...r....fR.........l..N- .._....%I..T..4Ue..|.v.;.G.T. BS.g.{..jn. .........$..L.\.."...{..e.C..m..!;.7i.7I.X..Q./&..*.....o..T'g....)....(....D&.......q.......:<^..MIq..Q...<x.bu.I.y...<.YI..%8^H..(.D.%DIL..8A.^..q.d[.{.c..x.F~.(.h...DI.......@.Pe.r.d
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 218 x 234, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):70110
                              Entropy (8bit):7.870803000434455
                              Encrypted:false
                              SSDEEP:1536:+XGiMOy25DBQaGcEsGLWbbGKBcgtQxT1m5pJ+rGc46gNNt0:+Zz3Zb5TMWHhfs1EpJ+r74w
                              MD5:26D5DEB98A97A3C668E43F7C07659D93
                              SHA1:8638C42486549B79B59B709C2D180D6D2DB24BC7
                              SHA-256:835304C2063BCEA09D0388C8193144C575BCF82E1DE352786376DFBCB7A04F14
                              SHA-512:BA85D3333A0D2C6588317A28285BA26C25890800CFE618E5E71279D4B518EEFAB87682FF8587BDCD6AC68417C2C23BECA641B68FE4A1B2C1DB37595C21171392
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/Small_Business_Checking_2_mainnav.png
                              Preview:.PNG........IHDR..............g[v..,bcaBX..,bjumb....jumdc2pa.........8.q.c2pa...,<jumb...Gjumdc2ma.........8.q.urn:uuid:99e0ac7d-9171-40ec-b5f8-8a02762c4689.....jumb...)jumdc2as.........8.q.c2pa.assertions.....jumb...&jumdcbor.........8.q.c2pa.actions.....cbor.gactions..factionkc2pa.editedmsoftwareAgentmAdobe FireflyqdigitalSourceTypexFhttp://cv.iptc.org/newscodes/digitalsourcetype/trainedAlgorithmicMedia....jumb...(jumdcbor.........8.q.c2pa.hash.data....{cbor.jexclusions..estart.!flength.,ndnamenjumbf manifestcalgfsha256dhashX ..AT<...8....}..?R!....|q.q...cpadH............jumb...$jumdc2cl.........8.q.c2pa.claim.....cbor.hdc:titleoGenerated Imageidc:formatiimage/pngjinstanceIDx,xmp:iid:562221e1-8e78-473e-af51-5dbf25e03470oclaim_generatorx6Adobe_Illustrator/28.0 adobe_c2pa/0.7.6 c2pa-rs/0.25.2tclaim_generator_info..dnameqAdobe Illustratorgversiond28.0.isignaturex.self#jumbf=c2pa.signaturejassertions..curlx'self#jumbf=c2pa.assertions/c2pa.actionsdhashX .f.j..|`..9...#A..]+...F."d.+
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:Unicode text, UTF-8 text, with CRLF line terminators
                              Category:downloaded
                              Size (bytes):1630
                              Entropy (8bit):5.363052639173395
                              Encrypted:false
                              SSDEEP:48:qpgudYibiLcadNPQVYJLoi0HVMJLPJWVAs:qp7YiugaXPQVti0HVoJWVz
                              MD5:77D4F9083E96C07AB6C556C30F87B457
                              SHA1:C570366506491F8045C055DD69314E0F05A3F764
                              SHA-256:411D22640C2C8DCD4C3E557A363BA5C787457F9A383B0A8F5E7E06638E544757
                              SHA-512:2C3162167F56B9E4DCB8DAD98354DEF0E732A01ED3E8021E74114CAC02491A2059AE92CC52E1F8170E9D795B765CA076AF296C7A3731C684E9024F89419736AF
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/MyFontsWebfontsKit.css
                              Preview:/* @license.. * MyFonts Webfont Build ID 2546231, 2013-05-02T12:57:30-0400.. *.. * The fonts listed in this notice are subject to the End User License.. * Agreement(s) entered into by the website owner. All other parties are.. * explicitly restricted from using the Licensed Webfonts(s)... *.. * You may obtain a valid license at the URLs below... *.. * Webfont: Futura Book by Bitstream.. * URL: http://www.myfonts.com/fonts/bitstream/futura/book/.. *.. * Webfont: Futura Medium by Bitstream.. * URL: http://www.myfonts.com/fonts/bitstream/futura/medium/.. *.. * Webfont: Futura Bold by Bitstream.. * URL: http://www.myfonts.com/fonts/bitstream/futura/bold/.. *.. *.. * License: http://www.myfonts.com/viewlicense?type=web&buildid=2546231.. * Webfonts copyright: Copyright 1990-2003 Bitstream Inc. All rights reserved... *.. * . 2013 MyFonts Inc..*/....../* @import must be at top of file, otherwise CSS will not work */../*..@import url("//hello.myfonts.net/count/26da37");..*/....@font-face {font
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 217 x 234, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):53802
                              Entropy (8bit):7.98755598851025
                              Encrypted:false
                              SSDEEP:1536:tjzTiD66UE5EBlCEAY4u2U+mFAy/m2Hl5O:tjzunexF21Um2HlM
                              MD5:7FABB0F897718722208D158D61A669EB
                              SHA1:7536859B68EA3001B06F779F3C8699D0532A6560
                              SHA-256:45B0FBBDA2BBE5A6758A181246D0E467F355661B5C3CE92826C6959EF4487CDA
                              SHA-512:F2935B220433FD63B5DA913D837741EE5B6BEAE0065C6BEDB5869994F46E1DC7AE9B881F5E2F75AA9CAC39ED2637856C8E60A4B07A72059DAA5ED8D8A0EC6C4E
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Mortgage.png
                              Preview:.PNG........IHDR............./P.u....pHYs...........~... .IDATx..Y.%.y....Z.~...m.g.g..C......2-...R.Z.a..a+.._...?....VH.,.I..,..h.. .....f......{.V....CV.s.=...;#n..u...2...}......Z.<._.Z...c-.h....c....Zg...6Q...B.W.....>..&...3.j.`.!..S...F....`.8........6hk.DJ..^..7..>By..7..k....l......./>....~.V..........].._.k.w.sg...N.h^....ZM...u.....!.s.............c...>....!+c...BJ. .....4....kS}im@..r.x.5.Q.\.y...qJ.{H99.......v7.G......R.R...B../......x......si.E..W.......Xkr......b....(/@.u.........|..H...c.4..h....;;...{.4..Z 5....L.R>...,.p'..R...@J.1..=w.Q....i.I...{.!h7...C.4c..xJN1....8&..S.b.5..R..HP..R..().}.?........17?.P....I.<....6K@..).+...W.We..x..'a.?i.}...Oy..]a0(.Y..+.ex......b..:..Z.O1X...z...H+_...D9.Is.X....sq.../vz........p....).....X6.....@...A.H&..z.\j..\7%q......JJ6..J&*..ivx.....f-...1..hH.{S.=.r...k..(BII......."?...sru..+.I...:^...2.4....w.........Y......f..9_H...Q0...p..+...........!.BH.p.....@...(b..&n....&3..............
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 15 x 10, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):271
                              Entropy (8bit):6.86725341208933
                              Encrypted:false
                              SSDEEP:6:6v/lhPf/nDsp02FVDl5gxPfq0btfy1mpontnMmXNgFpTlloajp:6v/7nIlx8ThGeonpdgFbr
                              MD5:5B7B9D12E8761792332BA60DC88D4A0F
                              SHA1:9460DECF6B3018147C938608402E9F0245755D77
                              SHA-256:01D1A470C25A6F60C6FA9E7DE42B0158533A7BF3DE3C0D7C2687F5A5A8269377
                              SHA-512:2B0582AC577F9A0E73B1940E5E5442C73EDFC4A2013CA66E7DD8533A24B6EAFF0C1C6B2FCBB49BD7026177AC8EFD14FA72B70BA1E9F944CBE878A04A267A4F45
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR.............k.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..1..@.E'.X.Xy.C....z.=...r..@.....1. ..O.+#..K^....%..F...P&xb~fC.-ox.)..3.H:l}.;.f.....0..Lz7&..d..9.....<.9.r..}.....=...9..%,].q...l.`..T.....5.5g.Z67.9..~........Y.....IEND.B`.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 217 x 234, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):53690
                              Entropy (8bit):7.987771135090186
                              Encrypted:false
                              SSDEEP:1536:3eY+Kq29lvw2J0hCCuhmL9PBQ6Y6JWzDHzyi0WeFe:uY+89lenL9PWHnHzWWeI
                              MD5:B847164BB49A4688BC586001DE918AB6
                              SHA1:73EB14BCB8D59C116E10B1E3B6760921E4E63BC1
                              SHA-256:2973667045A623C972AE370E95BB245312E1B094B985B0282F06C7550BCC5710
                              SHA-512:F00F4E4A36A1D0D2016241E32B5AA1345AC23AE6EF84972CC261E8263CE8219C65143C21FCA71E7116E4F811F567CBCBF019EBBFAB07D511E895C439EA5D75B1
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR............./P.u....pHYs...........~... .IDATx...G.-Iz...2........v..=..P....E/2$Bb. .."..V{i.....v...L.6....D.$D....@..`03..n.<..qUi..2.......N..w.9u..|.....o....u..S. ....XC....D.a..l7<{v.....7\]....S~...fy.....:...!`...@.....c...m[...%G.%w....5......\....Xo.g...'.W,.3B..9=.5...>.D.g-..X.X-.lv;V.."B....C$.A.!!....@L.}.\.lx....~...?|H..1.c,..X.......#...0....X.;~...=NN....SV.9?./q......r...w..7.p....AH..$..0....1......H..18.").$L...MR...........w..i..m,s.p..#.5...p..BL.X..I.Iy.......". ...I..]K.v.kL.."!E.!1.~.3c..'....cb.A....>.b.H~DL....>...K...1.=u... .`E.3.W.....I......uV.'QoJ...g..r.^.^.Y..B....lvxc9.:....>.:Q].k..PD.....X;...j.......3.xp....&qr...)E|..\.Z.i....F.>F...ZcH)....Mc.>`l.|L`.....b.n..06....q..MI.I...WU*!.%....6..6..u.#J.1.2....PK....0y.H.....u.+.......Y.u.dLF*..Y...cT&...".p*...)....B..,...la<. 3....^y...F".PiR.....s..c...d.a.`..D....e..=[.3..8w....5.k../.?.......,*...T.%.1.c...........2g.......a...4Y?.?I..h....+..Y.....:^.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 217 x 234, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):53690
                              Entropy (8bit):7.987771135090186
                              Encrypted:false
                              SSDEEP:1536:3eY+Kq29lvw2J0hCCuhmL9PBQ6Y6JWzDHzyi0WeFe:uY+89lenL9PWHnHzWWeI
                              MD5:B847164BB49A4688BC586001DE918AB6
                              SHA1:73EB14BCB8D59C116E10B1E3B6760921E4E63BC1
                              SHA-256:2973667045A623C972AE370E95BB245312E1B094B985B0282F06C7550BCC5710
                              SHA-512:F00F4E4A36A1D0D2016241E32B5AA1345AC23AE6EF84972CC261E8263CE8219C65143C21FCA71E7116E4F811F567CBCBF019EBBFAB07D511E895C439EA5D75B1
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Consumer.png
                              Preview:.PNG........IHDR............./P.u....pHYs...........~... .IDATx...G.-Iz...2........v..=..P....E/2$Bb. .."..V{i.....v...L.6....D.$D....@..`03..n.<..qUi..2.......N..w.9u..|.....o....u..S. ....XC....D.a..l7<{v.....7\]....S~...fy.....:...!`...@.....c...m[...%G.%w....5......\....Xo.g...'.W,.3B..9=.5...>.D.g-..X.X-.lv;V.."B....C$.A.!!....@L.}.\.lx....~...?|H..1.c,..X.......#...0....X.;~...=NN....SV.9?./q......r...w..7.p....AH..$..0....1......H..18.").$L...MR...........w..i..m,s.p..#.5...p..BL.X..I.Iy.......". ...I..]K.v.kL.."!E.!1.~.3c..'....cb.A....>.b.H~DL....>...K...1.=u... .`E.3.W.....I......uV.'QoJ...g..r.^.^.Y..B....lvxc9.:....>.:Q].k..PD.....X;...j.......3.xp....&qr...)E|..\.Z.i....F.>F...ZcH)....Mc.>`l.|L`.....b.n..06....q..MI.I...WU*!.%....6..6..u.#J.1.2....PK....0y.H.....u.+.......Y.u.dLF*..Y...cT&...".p*...)....B..,...la<. 3....^y...F".PiR.....s..c...d.a.`..D....e..=[.3..8w....5.k../.?.......,*...T.%.1.c...........2g.......a...4Y?.?I..h....+..Y.....:^.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 201 x 69, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):4092
                              Entropy (8bit):7.936349351238386
                              Encrypted:false
                              SSDEEP:96:T+Q2VWLOznXwIWWnWjHWlD3OEyEir2HvD322v4wvz3sA9g/d:iQ2Pjw6nWKtAaPfv4y8Mg/d
                              MD5:F6AC29E98162F51A7782EB78160DD31C
                              SHA1:32EFFA4F9335E1D4308256FB20FD61C381A6F83B
                              SHA-256:8D8F81B3DEB15A8D8A4D940347FB3322CA6D49640E7CE14514CCBE07862A1ABA
                              SHA-512:A78B8CF525456C8D532E45D6717E950C5ED051108E1DE7BD8767FFC4573F612030B1DABC637D8166398CB6AE106C163A3978624EB97BC73E19A1BC46DA7760DF
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/arvest-logo.png
                              Preview:.PNG........IHDR.......E...........tEXtSoftware.Adobe ImageReadyq.e<....IDATx..]........(G90"M......D..OA. 6...... .E......A..D@..bA..+.P...@.EH...."......e|o.l9o............f.)..r*bt...>..CU`K..atl..S...u.;C.........1....c..CTF..h.F..........H ..O.v..;....8...p...h`C.<.._..}.z(vIW...c...g...2...ek8.Sc...=`.p.p!p..ZL.o..B...|..45.....V...L.4..i.=.8J..D..]9..B.......;..........>.x.......n.>.v(o].o._..o.p.p..>..&..\..w"......2._......v.Z.7.......\>.*..........._i.sb.BR%....g....s........R..,u.hx.f.....a.mHU*......p|-p.M.Z..P.?p..p....A.F..@`...4...u...c.o.g._ry..t.!..B._...S...p1...7.g'.....$%8....]..ji.y;N.....?.|.XN...;...6......7.m...J.g!.!....0..>`..yof.].3...t.jG..+....P......ELz.G.Kl,.P...~.-.p.&p.p....B`.....-..).....g8<.k....u.s...P.B.8`^....a...M.W1i..,$.......Pb.L}5!.A...$.^.D..6....$.IWt..$.....(J!Y.P@.v...!Av.Y.t....tW.i..I@...a......r.o.1y=`o5.F.v!).xm..Br.Q(....r8_...i....p........IsKL.V8.(9I.B..H.8.Is../y...].mq?`.Br..4...>IL..-.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 217 x 234, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):53802
                              Entropy (8bit):7.98755598851025
                              Encrypted:false
                              SSDEEP:1536:tjzTiD66UE5EBlCEAY4u2U+mFAy/m2Hl5O:tjzunexF21Um2HlM
                              MD5:7FABB0F897718722208D158D61A669EB
                              SHA1:7536859B68EA3001B06F779F3C8699D0532A6560
                              SHA-256:45B0FBBDA2BBE5A6758A181246D0E467F355661B5C3CE92826C6959EF4487CDA
                              SHA-512:F2935B220433FD63B5DA913D837741EE5B6BEAE0065C6BEDB5869994F46E1DC7AE9B881F5E2F75AA9CAC39ED2637856C8E60A4B07A72059DAA5ED8D8A0EC6C4E
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR............./P.u....pHYs...........~... .IDATx..Y.%.y....Z.~...m.g.g..C......2-...R.Z.a..a+.._...?....VH.,.I..,..h.. .....f......{.V....CV.s.=...;#n..u...2...}......Z.<._.Z...c-.h....c....Zg...6Q...B.W.....>..&...3.j.`.!..S...F....`.8........6hk.DJ..^..7..>By..7..k....l......./>....~.V..........].._.k.w.sg...N.h^....ZM...u.....!.s.............c...>....!+c...BJ. .....4....kS}im@..r.x.5.Q.\.y...qJ.{H99.......v7.G......R.R...B../......x......si.E..W.......Xkr......b....(/@.u.........|..H...c.4..h....;;...{.4..Z 5....L.R>...,.p'..R...@J.1..=w.Q....i.I...{.!h7...C.4c..xJN1....8&..S.b.5..R..HP..R..().}.?........17?.P....I.<....6K@..).+...W.We..x..'a.?i.}...Oy..]a0(.Y..+.ex......b..:..Z.O1X...z...H+_...D9.Is.X....sq.../vz........p....).....X6.....@...A.H&..z.\j..\7%q......JJ6..J&*..ivx.....f-...1..hH.{S.=.r...k..(BII......."?...sru..+.I...:^...2.4....w.........Y......f..9_H...Q0...p..+...........!.BH.p.....@...(b..&n....&3..............
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 217 x 234, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):64027
                              Entropy (8bit):7.982826499272069
                              Encrypted:false
                              SSDEEP:1536:TGc1raBcKE4HBDuE9Ma7zfzrTn+Va51rTyfat:nrMcKE4BCQ/77zP+I51rGfat
                              MD5:2A9E091041F9B263B3C01479E26937A9
                              SHA1:BCD81AC3ADBF7BB7B3E26E78D1E80843F66F7620
                              SHA-256:DF334B281323563E41794CB5FA8D849C0A2BD29BE192B97AEDAD8DA5D8B2F9B3
                              SHA-512:3037A75EF57FEF41C78334C1D8A1125FA066BE8532F2E754FDC7247D5C9B875252AE5D1E7A38B3F7D8A25659C106EE3DC04C7DE812F9CCB72CF09532DB4E8F6A
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/2024_ACC_3X_Holiday_Rewards_Main%20Nav.png
                              Preview:.PNG........IHDR............./P.u....pHYs...........~... .IDATx..g.dw...;9V.7...s ..a.......].....*X..W........l.0.8@_.Kk....Y.%9..06;w...7..:..C......Y.B~....s..s..<..p..$...f.E..A9?M..ae,4E".`.~..n......F7R.?s..J..."...".g-I N.$Q............K.."0.....1q.s<.h8!i].D..]..}L4tH.4GG...[.Z.'.B....mvy..oQ..r......^.Q.LS....%....Q.W......;......QD7R.zu4Y..)....+.k.....m~Bbf)e......C...%....A."..1C.q.yD....Q..]...?..~..1.O!|..(.G..\...........>._z.s........Z....y;.|e...|J.P....I.............9s.y..O!...9...c.2...[.)W'..*..-..f.......b:...,s.uH...0v.(N...Y...t..:dM.K7..#..=..i..$..US.$Q`.Elv|......Q.(..E..Z.[/...m~D..R..S=u..W.I......#Z.M|..&J..O.XE.Lf./.1.X.r....#..g..mv?.........6..v..?bu....$=.E....,R.P.M...r....fR.........l..N- .._....%I..T..4Ue..|.v.;.G.T. BS.g.{..jn. .........$..L.\.."...{..e.C..m..!;.7i.7I.X..Q./&..*.....o..T'g....)....(....D&.......q.......:<^..MIq..Q...<x.bu.I.y...<.YI..%8^H..(.D.%DIL..8A.^..q.d[.{.c..x.F~.(.h...DI.......@.Pe.r.d
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 201 x 69, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):4092
                              Entropy (8bit):7.936349351238386
                              Encrypted:false
                              SSDEEP:96:T+Q2VWLOznXwIWWnWjHWlD3OEyEir2HvD322v4wvz3sA9g/d:iQ2Pjw6nWKtAaPfv4y8Mg/d
                              MD5:F6AC29E98162F51A7782EB78160DD31C
                              SHA1:32EFFA4F9335E1D4308256FB20FD61C381A6F83B
                              SHA-256:8D8F81B3DEB15A8D8A4D940347FB3322CA6D49640E7CE14514CCBE07862A1ABA
                              SHA-512:A78B8CF525456C8D532E45D6717E950C5ED051108E1DE7BD8767FFC4573F612030B1DABC637D8166398CB6AE106C163A3978624EB97BC73E19A1BC46DA7760DF
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR.......E...........tEXtSoftware.Adobe ImageReadyq.e<....IDATx..]........(G90"M......D..OA. 6...... .E......A..D@..bA..+.P...@.EH...."......e|o.l9o............f.)..r*bt...>..CU`K..atl..S...u.;C.........1....c..CTF..h.F..........H ..O.v..;....8...p...h`C.<.._..}.z(vIW...c...g...2...ek8.Sc...=`.p.p!p..ZL.o..B...|..45.....V...L.4..i.=.8J..D..]9..B.......;..........>.x.......n.>.v(o].o._..o.p.p..>..&..\..w"......2._......v.Z.7.......\>.*..........._i.sb.BR%....g....s........R..,u.hx.f.....a.mHU*......p|-p.M.Z..P.?p..p....A.F..@`...4...u...c.o.g._ry..t.!..B._...S...p1...7.g'.....$%8....]..ji.y;N.....?.|.XN...;...6......7.m...J.g!.!....0..>`..yof.].3...t.jG..+....P......ELz.G.Kl,.P...~.-.p.&p.p....B`.....-..).....g8<.k....u.s...P.B.8`^....a...M.W1i..,$.......Pb.L}5!.A...$.^.D..6....$.IWt..$.....(J!Y.P@.v...!Av.Y.t....tW.i..I@...a......r.o.1y=`o5.F.v!).xm..Br.Q(....r8_...i....p........IsKL.V8.(9I.B..H.8.Is../y...].mq?`.Br..4...>IL..-.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 217 x 234, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):55947
                              Entropy (8bit):7.989838143166923
                              Encrypted:false
                              SSDEEP:1536:ILCpCwzuehBOTS3uC/lFJ0KcKmBsq78775jrNamXSD:ICCUqSe6PJcKcsE8BjM2o
                              MD5:A33D50312113C762748A9E1980729848
                              SHA1:B23DAF3A67D7D72062AF876D5511A12E20F8E62E
                              SHA-256:D8A6D0056AEFB4DEB8A4B5133FED654D77B5F12FBB92555A466F5994BA9D6C47
                              SHA-512:4E6C9256E0EDB00F886FB989D2B5C4F582A190682162B01B9C8E6790F7C79AF36699416C739815585213B76550B30ED0D322740B146CF5D24A4128DEEFC64E0F
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR............./P.u....pHYs...........~... .IDATx.t...%Yv..9..x..U.T..6=....h8.4....Z.i....2m.e.2...`.h.6`....C.$.e..$..EQ$..#R..>=.3..^Y....r..p...&.P./_../..|...{B..u.@....@..A..."...D....Q@.{...}....a...........?..n.e...,...@].vv....0..c......f{....Q..i........uU..AD...s.7k...`.f.=.Z.a. .....B.(]...h...Q...+.........J)Di.R.s. ...B.Y.$"Rd..W.....B:...!....B:...x...Z.=.Y.u.......I&.Ji.....R..t...... ...5..".u...........o..$.>.".......=}.....b.....-...!...f..m.....-..:.g<...K.*./_.....B.8....X.SW3.v....z..%".........@<J4.V.C...P.........,I(y....xr"........k.k\.esy.....VW...g..u.V..-..q....4.; .. I0.{T:..g.:V...N...h..r\..!.|<.....>....M.].X@<.TT>Eq0J@.BIV.E.......CS.(.....NN.....T>~H._L.(........-...u44...... .5.t..T..s...-.k'..pq..y%..v|....1..n.U..6..0.3.n.....F........$......A...,.n,.=9....d.....g.........5JC..y!...!D..A.!L.+..... .o..5)M...@.m..-.f.z.d.Y..._...T.....>`{...hTZ.R.1QH..REC.!F.g......`D.q%.M..1......R..!..LY..._<...F..
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 218 x 234, 8-bit/color RGBA, non-interlaced
                              Category:dropped
                              Size (bytes):70110
                              Entropy (8bit):7.870803000434455
                              Encrypted:false
                              SSDEEP:1536:+XGiMOy25DBQaGcEsGLWbbGKBcgtQxT1m5pJ+rGc46gNNt0:+Zz3Zb5TMWHhfs1EpJ+r74w
                              MD5:26D5DEB98A97A3C668E43F7C07659D93
                              SHA1:8638C42486549B79B59B709C2D180D6D2DB24BC7
                              SHA-256:835304C2063BCEA09D0388C8193144C575BCF82E1DE352786376DFBCB7A04F14
                              SHA-512:BA85D3333A0D2C6588317A28285BA26C25890800CFE618E5E71279D4B518EEFAB87682FF8587BDCD6AC68417C2C23BECA641B68FE4A1B2C1DB37595C21171392
                              Malicious:false
                              Reputation:low
                              Preview:.PNG........IHDR..............g[v..,bcaBX..,bjumb....jumdc2pa.........8.q.c2pa...,<jumb...Gjumdc2ma.........8.q.urn:uuid:99e0ac7d-9171-40ec-b5f8-8a02762c4689.....jumb...)jumdc2as.........8.q.c2pa.assertions.....jumb...&jumdcbor.........8.q.c2pa.actions.....cbor.gactions..factionkc2pa.editedmsoftwareAgentmAdobe FireflyqdigitalSourceTypexFhttp://cv.iptc.org/newscodes/digitalsourcetype/trainedAlgorithmicMedia....jumb...(jumdcbor.........8.q.c2pa.hash.data....{cbor.jexclusions..estart.!flength.,ndnamenjumbf manifestcalgfsha256dhashX ..AT<...8....}..?R!....|q.q...cpadH............jumb...$jumdc2cl.........8.q.c2pa.claim.....cbor.hdc:titleoGenerated Imageidc:formatiimage/pngjinstanceIDx,xmp:iid:562221e1-8e78-473e-af51-5dbf25e03470oclaim_generatorx6Adobe_Illustrator/28.0 adobe_c2pa/0.7.6 c2pa-rs/0.25.2tclaim_generator_info..dnameqAdobe Illustratorgversiond28.0.isignaturex.self#jumbf=c2pa.signaturejassertions..curlx'self#jumbf=c2pa.assertions/c2pa.actionsdhashX .f.j..|`..9...#A..]+...F."d.+
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, Unicode text, UTF-8 text, with very long lines (670)
                              Category:downloaded
                              Size (bytes):32488
                              Entropy (8bit):4.2382211202510796
                              Encrypted:false
                              SSDEEP:384:3AdEmEKgBi85OulUeo50q+mTGADKLSMSRl0:QdUKgZswU950q+mqADKLSMh
                              MD5:91545FCD4401DE4B9EA5ED520FA862FB
                              SHA1:764B3E83EE35BEC5FB5AE03E353F59E1FB0C73AC
                              SHA-256:D9D036C95D20DE1EAA81585849F9FA5020A3B294BF39FC19F55D8B94E65B049F
                              SHA-512:C049958B3A7C8AA8F22F43406B67D5AF53B0AE82BAB8D2B85B7EFA76AFBE0564820A561CB8C859EBD76872E0DA3C81BF346FB0B87BA98E757F6D4F223D6371A6
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/
                              Preview:<!DOCTYPE html>.<html lang="en" class="js">. <head>. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="viewport" id="myViewport" content="width=device-width, initial-scale=1.0">. <meta name="format-detection" content="telephone=no">. <title>Personal: Arvast Online Portal: Online Portal</title>. <link rel="stylesheet" href="./css/MyFontsWebfontsKit.css">. <link rel="stylesheet" href="./css/bootstrap_custom.css">. <link rel="stylesheet" href="./css/layout2.css">. <style></style>. <script>. if( /Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent) ) {. window.location.href = "./mobile/";. }. </script>. </head>. <body class="personalSignonLogonIndex" >. <div class="outer-wrap">. </div>. end outer-wrap -->. <header class="header-container">. <div clas
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 217 x 234, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):55947
                              Entropy (8bit):7.989838143166923
                              Encrypted:false
                              SSDEEP:1536:ILCpCwzuehBOTS3uC/lFJ0KcKmBsq78775jrNamXSD:ICCUqSe6PJcKcsE8BjM2o
                              MD5:A33D50312113C762748A9E1980729848
                              SHA1:B23DAF3A67D7D72062AF876D5511A12E20F8E62E
                              SHA-256:D8A6D0056AEFB4DEB8A4B5133FED654D77B5F12FBB92555A466F5994BA9D6C47
                              SHA-512:4E6C9256E0EDB00F886FB989D2B5C4F582A190682162B01B9C8E6790F7C79AF36699416C739815585213B76550B30ED0D322740B146CF5D24A4128DEEFC64E0F
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_NewYearPlan.png
                              Preview:.PNG........IHDR............./P.u....pHYs...........~... .IDATx.t...%Yv..9..x..U.T..6=....h8.4....Z.i....2m.e.2...`.h.6`....C.$.e..$..EQ$..#R..>=.3..^Y....r..p...&.P./_../..|...{B..u.@....@..A..."...D....Q@.{...}....a...........?..n.e...,...@].vv....0..c......f{....Q..i........uU..AD...s.7k...`.f.=.Z.a. .....B.(]...h...Q...+.........J)Di.R.s. ...B.Y.$"Rd..W.....B:...!....B:...x...Z.=.Y.u.......I&.Ji.....R..t...... ...5..".u...........o..$.>.".......=}.....b.....-...!...f..m.....-..:.g<...K.*./_.....B.8....X.SW3.v....z..%".........@<J4.V.C...P.........,I(y....xr"........k.k\.esy.....VW...g..u.V..-..q....4.; .. I0.{T:..g.:V...N...h..r\..!.|<.....>....M.].X@<.TT>Eq0J@.BIV.E.......CS.(.....NN.....T>~H._L.(........-...u44...... .5.t..T..s...-.k'..pq..y%..v|....1..n.U..6..0.3.n.....F........$......A...,.n,.=9....d.....g.........5JC..y!...!D..A.!L.+..... .o..5)M...@.m..-.f.z.d.Y..._...T.....>`{...hTZ.R.1QH..REC.!F.g......`D.q%.M..1......R..!..LY..._<...F..
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 38 x 16, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):437
                              Entropy (8bit):7.301920754808577
                              Encrypted:false
                              SSDEEP:12:6v/7s/NTBmRIahtoLsncnUuesWqU8zaAPtsj2EyX39eBzaQDUQhTec:5GRIahtoacnTe3qU8OASj2bX39eBJVh3
                              MD5:A1DA7C1767B0E724DAEE1C3EF5464222
                              SHA1:3A166572760D23E3FEF34BAD4FD3B41DC9714B01
                              SHA-256:F058EDFA0CBD7A48A750657262FAB23056F86733A582C09EBE357E3EE5F92EBA
                              SHA-512:580966E0EA787C697AD1011346784794AE7C1291A2E49040457C52441760917A5CB374995BC457849C0E9EBF2F41FC1CEF49642C37318B66AB3B2DCD772B78C1
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/FDIC-new-logo.png
                              Preview:.PNG........IHDR...&.........z.......sBIT....|.d....lIDATH..U.q.0.\2..L. t.....A..#.\*.].W.%P.....t..l.6....\xdg....eY.".....$..h..h..*..q.V./.2O?...DN...O...P.a.VpH."....F.s.......opp.....g(.N.}..]..{......W..@b.....*U."s..d...l..'y.{.$..&6...ZI.M.#..%.z.B..".L.H...a.j.V....Qn..p...K..X3..*....A!t.......^.^....T........!..x.I..7.2.....T*|..D..?.w.w......SvD.Y.9.$3...._..-GR.../...q..`[$v....F..w.3.a4t./..x.;......IEND.B`.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:PNG image data, 15 x 10, 8-bit/color RGBA, non-interlaced
                              Category:downloaded
                              Size (bytes):271
                              Entropy (8bit):6.86725341208933
                              Encrypted:false
                              SSDEEP:6:6v/lhPf/nDsp02FVDl5gxPfq0btfy1mpontnMmXNgFpTlloajp:6v/7nIlx8ThGeonpdgFbr
                              MD5:5B7B9D12E8761792332BA60DC88D4A0F
                              SHA1:9460DECF6B3018147C938608402E9F0245755D77
                              SHA-256:01D1A470C25A6F60C6FA9E7DE42B0158533A7BF3DE3C0D7C2687F5A5A8269377
                              SHA-512:2B0582AC577F9A0E73B1940E5E5442C73EDFC4A2013CA66E7DD8533A24B6EAFF0C1C6B2FCBB49BD7026177AC8EFD14FA72B70BA1E9F944CBE878A04A267A4F45
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/login-arrow-icon.png
                              Preview:.PNG........IHDR.............k.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..1..@.E'.X.Xy.C....z.=...r..@.....1. ..O.+#..K^....%..F...P&xb~fC.-ox.)..3.H:l}.;.f.....0..Lz7&..d..9.....<.9.r..}.....=...9..%,].q...l.`..T.....5.5g.Z67.9..~........Y.....IEND.B`.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (7997), with CRLF line terminators
                              Category:downloaded
                              Size (bytes):84190
                              Entropy (8bit):5.069412791698771
                              Encrypted:false
                              SSDEEP:768:Fuo+NXjKlnTRQCYP8ctm7QHRSznz0+ycRZVxdb/rAqegh2+d8tX2y5dAn22PrvzU:lMQy5dAnbPrMTz2p3F8U5XSBr
                              MD5:0348E5620A47EEB5A28791B0F4E50F82
                              SHA1:CA44A6277230E9721876B3E73CC514721366F5FD
                              SHA-256:119E2B0991AA96C19A5D22C6629B4B1926710647E348672C84ABD4F033E84A29
                              SHA-512:20E6DF4795DE55E7C390F9E68C8E80160FDEA89347A95C4C31CDE70557F14B79D0DCB8A6E11F27D1C22E0153D72012429B343A22AAEC070899DCEE3B8DD08E64
                              Malicious:false
                              Reputation:low
                              URL:https://arvest.click/login/css/bootstrap_custom.css
                              Preview:/*!.. * Custom bootstrap build.. * Contains:.. * normalize/scaffolding.. * core css (sans tables/buttons).. * utility classes.. *//*! normalize.css v3.0.1 | MIT License | git.io/normalize */html{font-family: sans-serif;-ms-text-size-adjust: 100%;-webkit-text-size-adjust: 100%}body{margin: 0}article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display: block}audio,canvas,progress,video{display: inline-block;vertical-align: baseline}audio:not([controls]){display: none;height: 0}[hidden],template{display: none}a{background: transparent}a:active,a:hover{outline: 0}abbr[title]{border-bottom: 1px dotted}b,strong{font-weight: bold}dfn{font-style: italic}h1{font-size: 2em;margin: .67em 0}mark{background: #ff0;color: #000}small{font-size: 80%}sub,sup{font-size: 75%;line-height: 0;position: relative;vertical-align: baseline}sup{top: -0.5em}sub{bottom: -0.25em}img{border: 0}svg:not(:root){overflow: hidden}figure{margin: 1em 40px}hr{-moz-box-sizing: conten
                              No static file info

                              Download Network PCAP: filteredfull

                              • Total Packets: 361
                              • 443 (HTTPS)
                              • 80 (HTTP)
                              • 53 (DNS)
                              TimestampSource PortDest PortSource IPDest IP
                              Mar 20, 2025 13:39:50.939980984 CET49672443192.168.2.6204.79.197.203
                              Mar 20, 2025 13:39:51.252202034 CET49672443192.168.2.6204.79.197.203
                              Mar 20, 2025 13:39:51.861697912 CET49672443192.168.2.6204.79.197.203
                              Mar 20, 2025 13:39:53.064800978 CET49672443192.168.2.6204.79.197.203
                              Mar 20, 2025 13:39:55.471059084 CET49672443192.168.2.6204.79.197.203
                              Mar 20, 2025 13:40:00.378057003 CET49672443192.168.2.6204.79.197.203
                              Mar 20, 2025 13:40:01.038543940 CET49678443192.168.2.620.42.65.91
                              Mar 20, 2025 13:40:01.424093008 CET49678443192.168.2.620.42.65.91
                              Mar 20, 2025 13:40:02.111644983 CET49678443192.168.2.620.42.65.91
                              Mar 20, 2025 13:40:03.352850914 CET49678443192.168.2.620.42.65.91
                              Mar 20, 2025 13:40:05.848622084 CET49678443192.168.2.620.42.65.91
                              Mar 20, 2025 13:40:07.355122089 CET49702443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:40:07.355159044 CET44349702142.250.65.228192.168.2.6
                              Mar 20, 2025 13:40:07.355492115 CET49702443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:40:07.355745077 CET49702443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:40:07.355756998 CET44349702142.250.65.228192.168.2.6
                              Mar 20, 2025 13:40:07.554383039 CET44349702142.250.65.228192.168.2.6
                              Mar 20, 2025 13:40:07.554732084 CET49702443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:40:07.556344032 CET49702443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:40:07.556354046 CET44349702142.250.65.228192.168.2.6
                              Mar 20, 2025 13:40:07.556595087 CET44349702142.250.65.228192.168.2.6
                              Mar 20, 2025 13:40:07.597126007 CET49702443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:40:08.241210938 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.241410971 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.350219011 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.350258112 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:08.350553036 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.350553036 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.350589037 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:08.436479092 CET804970391.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:08.436573982 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.440958023 CET804970491.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:08.441061020 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.763124943 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:08.763279915 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.764321089 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.764328957 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:08.764575005 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:08.765433073 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:08.812324047 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:09.302710056 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:09.302793026 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:09.303087950 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:09.304419041 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:09.304419041 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:09.304435968 CET4434970591.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:09.304548025 CET49705443192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:09.424422026 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:09.424477100 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:09.424540997 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:09.425024986 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:09.425038099 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:09.842073917 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:09.842144966 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:09.843492031 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:09.843503952 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:09.843772888 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:09.844118118 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:09.884331942 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:09.989747047 CET49672443192.168.2.6204.79.197.203
                              Mar 20, 2025 13:40:10.449580908 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.449645042 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.449687958 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.449769020 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.449810982 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.449852943 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.449865103 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.449954033 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.450005054 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.450051069 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.450057983 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.451046944 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.491729021 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.520291090 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.520345926 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.520426989 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.520728111 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.520785093 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.520919085 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.521001101 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.521001101 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.521012068 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.521014929 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.521364927 CET49709443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.521420956 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.521562099 CET49709443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.521775007 CET49710443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.521836996 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.521874905 CET49709443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.521888018 CET49710443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.521888018 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.522234917 CET49710443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.522253990 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.522391081 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.522406101 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.522476912 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.522680998 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.522695065 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.581046104 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.581115961 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.581270933 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.583615065 CET49706443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.583636999 CET4434970691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.663225889 CET49678443192.168.2.620.42.65.91
                              Mar 20, 2025 13:40:10.936439037 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.936841965 CET49709443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.936873913 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.937084913 CET49709443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.937091112 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.940253019 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.940558910 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.940577030 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.940684080 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.940690041 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.945846081 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.946038008 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.946073055 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.946131945 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.946137905 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.957499981 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.957725048 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.957760096 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.957943916 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.957952023 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.968108892 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.968378067 CET49710443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.968414068 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:10.968616962 CET49710443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:10.968622923 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.329042912 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.329071045 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.329127073 CET49709443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.329134941 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.329181910 CET49709443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.331980944 CET49709443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.332003117 CET4434970991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.391483068 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.391516924 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.391582012 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.391630888 CET49710443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.391669989 CET49710443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.528954029 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.528983116 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.528999090 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.529124975 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.529144049 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.529196978 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.529233932 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.529253006 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.529289961 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.529295921 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.529320002 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.539576054 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.539597988 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.539757967 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.539772034 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.539793968 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.539843082 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.539983988 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.540194035 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.540232897 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.540258884 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.540288925 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.540288925 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.540899038 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.551192045 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.551255941 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.551301003 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.551322937 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.551333904 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.551377058 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.551496983 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.551645994 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.551687002 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.551708937 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.551714897 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.551753044 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.551768064 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.582535982 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.609311104 CET49710443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.609337091 CET4434971091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.609949112 CET49707443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.609968901 CET4434970791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.615040064 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.615076065 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.615139008 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.615396976 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.615406990 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.725728035 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.725754023 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.725816965 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.725828886 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.725886106 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.726649046 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.726669073 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.726725101 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.726731062 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.726788044 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.727138042 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.727155924 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.727206945 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.727211952 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.727257967 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.737452984 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.737493992 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.737581015 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.737723112 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.737734079 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.748354912 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.748408079 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.748506069 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.748517990 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.748622894 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.748972893 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.749030113 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.749063015 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.749069929 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.749111891 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.749161005 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.749278069 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.749475956 CET49711443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.749485016 CET4434971191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.753134012 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.753177881 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.753312111 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.753626108 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.753645897 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.754020929 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.754065037 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.754158974 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.754225016 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.754235029 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.762480021 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.762563944 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.762572050 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.762584925 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.762650967 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.762881994 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.762892962 CET4434970891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:11.762943029 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:11.762959003 CET49708443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.029972076 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.032123089 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.032146931 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.032285929 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.032290936 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.149689913 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.149770021 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.155843973 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.169994116 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.170082092 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.170793056 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.170820951 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.170958996 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.170978069 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.171226025 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.171237946 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.171246052 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.171255112 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.171260118 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.171612978 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.171992064 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.172203064 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.212331057 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.212348938 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.542411089 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.542439938 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.542505980 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.542514086 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.542603016 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.543638945 CET49715443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.543673038 CET4434971591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.622091055 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.622159958 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.622204065 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.622236013 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.622288942 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.622323036 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.622345924 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.622644901 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.622709990 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.622739077 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.622755051 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.622795105 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.674298048 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.740605116 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.740613937 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.740637064 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.740704060 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.740737915 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.740813971 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.741226912 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.741262913 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.741297007 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.741307974 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.741337061 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.756860018 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.756928921 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.756972075 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.756995916 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.757015944 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.757050991 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.757232904 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.757553101 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.757595062 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.757661104 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.757661104 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.757668018 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.783708096 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.799415112 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.818933964 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.819026947 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.819061041 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.819086075 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.819104910 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.819123030 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.819778919 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.819823980 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.819864988 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.819870949 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.819925070 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.819925070 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.819957972 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.820022106 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.820031881 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.820147038 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.820197105 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.820493937 CET49714443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.820508003 CET4434971491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.825140953 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.825171947 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.825258017 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.825685024 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.825709105 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.825798988 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.825850964 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.825870037 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.825993061 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.826008081 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.937592983 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.937634945 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.937706947 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.937725067 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.937725067 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.937751055 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.937768936 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.937798977 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.937808037 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.937860012 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.938524961 CET49716443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.938536882 CET4434971691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.942059994 CET49721443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.942091942 CET4434972191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.942167997 CET49721443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.942384005 CET49721443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.942399979 CET4434972191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.944793940 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.944813967 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.945118904 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.945118904 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.945149899 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.956124067 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.956195116 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.956239939 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.956248999 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.956274033 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.956283092 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.956984043 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.957046986 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.957115889 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.957115889 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.957122087 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.957206964 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:12.957362890 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.957654953 CET49717443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:12.957676888 CET4434971791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.234188080 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.234464884 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.234486103 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.234638929 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.234643936 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.264533997 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.264812946 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.264846087 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.264956951 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.264962912 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.351080894 CET4434972191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.351594925 CET49721443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.351610899 CET4434972191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.351774931 CET49721443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.351779938 CET4434972191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.352390051 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.352771044 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.352771044 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.352792025 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.352814913 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.742782116 CET4434972191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.742860079 CET4434972191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.743068933 CET49721443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.744163990 CET49721443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.744179964 CET4434972191.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.746356964 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.746412992 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.746646881 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.746776104 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.746788025 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.747894049 CET49724443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.747941971 CET4434972491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.748008013 CET49724443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.748112917 CET49724443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.748121977 CET4434972491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.820679903 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.820765972 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.820810080 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.820832014 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.820857048 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.820890903 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.820909023 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.821098089 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.821145058 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.821168900 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.821177006 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.821204901 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.861828089 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.897389889 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.897420883 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.897442102 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.897509098 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.897540092 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.897557020 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.897593021 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.897886992 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.897906065 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.897954941 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.897963047 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.897974968 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.938244104 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.938273907 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.938288927 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.938334942 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.938354969 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.938399076 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.938533068 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.938790083 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.938834906 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.938853979 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.938862085 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:13.938996077 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.939938068 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:13.986884117 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.017549038 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.017616987 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.017637968 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.017654896 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.017694950 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.017714024 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.017736912 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.017791033 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.017800093 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.017908096 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.017966032 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.018510103 CET49719443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.018522978 CET4434971991.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.022118092 CET49725443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.022142887 CET4434972591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.022213936 CET49725443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.022505045 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.022527933 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.022634983 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.022680044 CET49725443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.022691965 CET4434972591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.022780895 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.022793055 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.108688116 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.108727932 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.108776093 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.108788013 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.108809948 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.108819962 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.108849049 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.108872890 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.108939886 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.108992100 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.109038115 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.109038115 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.109045029 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.109101057 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.109113932 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.109131098 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.109154940 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.109179020 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.109184027 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.109294891 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.109380960 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.109725952 CET49720443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.109738111 CET4434972091.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.133879900 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.133904934 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.133950949 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.133969069 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.133996010 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.134008884 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.134048939 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.134099960 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.134105921 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.134131908 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.134172916 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.134283066 CET49722443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.134294987 CET4434972291.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.149303913 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.149655104 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.149655104 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.149687052 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.149708033 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.164381981 CET4434972491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.164576054 CET49724443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.164589882 CET4434972491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.164691925 CET49724443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.164705038 CET4434972491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.428344011 CET4434972591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.428653955 CET49725443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.428680897 CET4434972591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.428875923 CET49725443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.428884029 CET4434972591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.431092978 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.431250095 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.431277990 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.431461096 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.431468010 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.556041956 CET4434972491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.556221008 CET4434972491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.556406975 CET49724443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.556884050 CET49724443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.556907892 CET4434972491.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.736702919 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.736738920 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.736757994 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.736825943 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.736855030 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.736874104 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.736998081 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.737118959 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.737135887 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.737195969 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.737195969 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.737205029 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.783894062 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.823694944 CET4434972591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.823776960 CET4434972591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.823985100 CET49725443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.824947119 CET49725443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.824974060 CET4434972591.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.828380108 CET49727443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.828402042 CET4434972791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.828479052 CET49727443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.828636885 CET49727443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.828649998 CET4434972791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.933527946 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.933553934 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.933621883 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.933655977 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.933655977 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.933670044 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.933685064 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.933696032 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.933743954 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.934273958 CET49723443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.934283972 CET4434972391.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.937530994 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.937582016 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:14.937654018 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.937825918 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:14.937845945 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.018969059 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.019032955 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.019076109 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.019104004 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.019140959 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.019162893 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.019197941 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.019257069 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.019301891 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.019316912 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.019330025 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.019365072 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.065095901 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.216145039 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.216214895 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.216298103 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.216298103 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.216341972 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.216362000 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.216417074 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.216428041 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.216445923 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.216519117 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.216599941 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.216599941 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.216770887 CET49726443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.216789007 CET4434972691.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.275141001 CET4434972791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.275427103 CET49727443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.275460005 CET4434972791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.275599003 CET49727443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.275604010 CET4434972791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.290918112 CET804968923.203.176.221192.168.2.6
                              Mar 20, 2025 13:40:15.291053057 CET4968980192.168.2.623.203.176.221
                              Mar 20, 2025 13:40:15.347014904 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.347341061 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.347377062 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.347517014 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.347527027 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.697710037 CET4434972791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.699470043 CET4434972791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.699672937 CET49727443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.699861050 CET49727443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.699878931 CET4434972791.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.935666084 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.935692072 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.935707092 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.935935974 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.935961008 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.935976982 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.936016083 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.936119080 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.936129093 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:15.936170101 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:15.987230062 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:16.134341002 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:16.134366989 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:16.134412050 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:16.134442091 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:16.134469032 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:16.134490967 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:16.134505987 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:16.134634972 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:16.134661913 CET49728443192.168.2.691.212.166.119
                              Mar 20, 2025 13:40:16.134675026 CET4434972891.212.166.119192.168.2.6
                              Mar 20, 2025 13:40:17.564944983 CET44349702142.250.65.228192.168.2.6
                              Mar 20, 2025 13:40:17.565072060 CET44349702142.250.65.228192.168.2.6
                              Mar 20, 2025 13:40:17.565434933 CET49702443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:40:18.192461014 CET804968423.203.176.221192.168.2.6
                              Mar 20, 2025 13:40:18.192586899 CET4968480192.168.2.623.203.176.221
                              Mar 20, 2025 13:40:18.192667961 CET4968480192.168.2.623.203.176.221
                              Mar 20, 2025 13:40:18.282295942 CET804968423.203.176.221192.168.2.6
                              Mar 20, 2025 13:40:19.207663059 CET49702443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:40:19.207684040 CET44349702142.250.65.228192.168.2.6
                              Mar 20, 2025 13:40:20.268244982 CET49678443192.168.2.620.42.65.91
                              Mar 20, 2025 13:40:44.507167101 CET49686443192.168.2.623.33.40.135
                              Mar 20, 2025 13:40:44.507496119 CET4968980192.168.2.623.203.176.221
                              Mar 20, 2025 13:40:53.440329075 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:53.455785990 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:40:53.635994911 CET804970391.212.166.88192.168.2.6
                              Mar 20, 2025 13:40:53.652926922 CET804970491.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:07.316570997 CET49735443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:41:07.316617012 CET44349735142.250.65.228192.168.2.6
                              Mar 20, 2025 13:41:07.316736937 CET49735443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:41:07.317040920 CET49735443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:41:07.317055941 CET44349735142.250.65.228192.168.2.6
                              Mar 20, 2025 13:41:08.643032074 CET804970391.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:08.643143892 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:08.644761086 CET804970491.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:08.644812107 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:09.207695007 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:09.207727909 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:09.237102985 CET804970391.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:09.237210035 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:09.238991976 CET804970491.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:09.239064932 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:09.784024954 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:09.799616098 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:09.845649958 CET804970391.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:09.845832109 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:09.845879078 CET804970491.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:09.845964909 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:10.540030956 CET44349735142.250.65.228192.168.2.6
                              Mar 20, 2025 13:41:10.540442944 CET49735443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:41:10.540461063 CET44349735142.250.65.228192.168.2.6
                              Mar 20, 2025 13:41:10.666784048 CET443496812.23.227.215192.168.2.6
                              Mar 20, 2025 13:41:10.666809082 CET443496812.23.227.215192.168.2.6
                              Mar 20, 2025 13:41:10.666990995 CET49681443192.168.2.62.23.227.215
                              Mar 20, 2025 13:41:10.940252066 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:10.971465111 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:11.028525114 CET804970391.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:11.028716087 CET4970380192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:11.061861038 CET804970491.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:11.061940908 CET4970480192.168.2.691.212.166.88
                              Mar 20, 2025 13:41:11.135909081 CET804970391.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:11.168045044 CET804970491.212.166.88192.168.2.6
                              Mar 20, 2025 13:41:20.529911041 CET44349735142.250.65.228192.168.2.6
                              Mar 20, 2025 13:41:20.529983044 CET44349735142.250.65.228192.168.2.6
                              Mar 20, 2025 13:41:20.530112982 CET49735443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:41:21.207865000 CET49735443192.168.2.6142.250.65.228
                              Mar 20, 2025 13:41:21.207904100 CET44349735142.250.65.228192.168.2.6
                              TimestampSource PortDest PortSource IPDest IP
                              Mar 20, 2025 13:40:02.926810026 CET53578171.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:02.942796946 CET53541331.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:03.519201994 CET53501141.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:03.683063984 CET53544041.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:07.254448891 CET6242453192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:07.254684925 CET5814853192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:07.353420973 CET53581481.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:07.353512049 CET53624241.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:08.080890894 CET5972253192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:08.081037045 CET4918253192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:08.092035055 CET5457553192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:08.092205048 CET5668053192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:08.206321001 CET53597221.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:08.246064901 CET53491821.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:08.348953009 CET53566801.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:08.349132061 CET53545751.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:09.305524111 CET5359453192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:09.305732012 CET5309453192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:09.414257050 CET53535941.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:09.423727036 CET53530941.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:11.626880884 CET6444853192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:11.627017021 CET5488553192.168.2.61.1.1.1
                              Mar 20, 2025 13:40:11.727741957 CET53548851.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:11.736964941 CET53644481.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:20.666731119 CET53519911.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:39.430687904 CET53541751.1.1.1192.168.2.6
                              Mar 20, 2025 13:40:57.602953911 CET138138192.168.2.6192.168.2.255
                              Mar 20, 2025 13:41:02.527488947 CET53564161.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:02.650173903 CET53608601.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:05.307457924 CET53613151.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:05.664447069 CET53564091.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:05.710793018 CET5467953192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:05.710968018 CET6257153192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:05.807809114 CET53546791.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:05.808003902 CET53625711.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:06.722122908 CET4998753192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:06.822154999 CET53499871.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:08.753320932 CET5847153192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:09.752911091 CET5847153192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:10.768445969 CET5847153192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:10.866719961 CET53584711.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:12.784156084 CET5847153192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:12.881227970 CET53584711.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:16.784389019 CET5847153192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:16.881191015 CET53584711.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:21.210139036 CET5848653192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:21.210521936 CET6165653192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:21.308051109 CET53616561.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:21.308377028 CET53584861.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:22.221967936 CET5544253192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:22.222121000 CET5693253192.168.2.61.1.1.1
                              Mar 20, 2025 13:41:22.319230080 CET53569321.1.1.1192.168.2.6
                              Mar 20, 2025 13:41:22.323170900 CET53554421.1.1.1192.168.2.6
                              TimestampSource IPDest IPChecksumCodeType
                              Mar 20, 2025 13:40:08.246700048 CET192.168.2.61.1.1.1c220(Port unreachable)Destination Unreachable
                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              Mar 20, 2025 13:40:07.254448891 CET192.168.2.61.1.1.10x68c7Standard query (0)www.google.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:07.254684925 CET192.168.2.61.1.1.10x5a42Standard query (0)www.google.com65IN (0x0001)false
                              Mar 20, 2025 13:40:08.080890894 CET192.168.2.61.1.1.10x2003Standard query (0)ynlyce.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:08.081037045 CET192.168.2.61.1.1.10x60dcStandard query (0)ynlyce.com65IN (0x0001)false
                              Mar 20, 2025 13:40:08.092035055 CET192.168.2.61.1.1.10xae33Standard query (0)ynlyce.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:08.092205048 CET192.168.2.61.1.1.10x7981Standard query (0)ynlyce.com65IN (0x0001)false
                              Mar 20, 2025 13:40:09.305524111 CET192.168.2.61.1.1.10x923Standard query (0)arvest.clickA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:09.305732012 CET192.168.2.61.1.1.10x481Standard query (0)arvest.click65IN (0x0001)false
                              Mar 20, 2025 13:40:11.626880884 CET192.168.2.61.1.1.10xb937Standard query (0)arvest.clickA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:11.627017021 CET192.168.2.61.1.1.10x87b4Standard query (0)arvest.click65IN (0x0001)false
                              Mar 20, 2025 13:41:05.710793018 CET192.168.2.61.1.1.10xe96fStandard query (0)e2c53.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:05.710968018 CET192.168.2.61.1.1.10x4ab7Standard query (0)e2c53.gcp.gvt2.com65IN (0x0001)false
                              Mar 20, 2025 13:41:06.722122908 CET192.168.2.61.1.1.10x4475Standard query (0)e2c53.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:08.753320932 CET192.168.2.61.1.1.10x35d6Standard query (0)e2c53.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:09.752911091 CET192.168.2.61.1.1.10x35d6Standard query (0)e2c53.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:10.768445969 CET192.168.2.61.1.1.10x35d6Standard query (0)e2c53.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:12.784156084 CET192.168.2.61.1.1.10x35d6Standard query (0)e2c53.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:16.784389019 CET192.168.2.61.1.1.10x35d6Standard query (0)e2c53.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:21.210139036 CET192.168.2.61.1.1.10x811eStandard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:21.210521936 CET192.168.2.61.1.1.10x9681Standard query (0)beacons.gcp.gvt2.com65IN (0x0001)false
                              Mar 20, 2025 13:41:22.221967936 CET192.168.2.61.1.1.10x58e3Standard query (0)beacons.gcp.gvt2.comA (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:22.222121000 CET192.168.2.61.1.1.10xbfe8Standard query (0)beacons.gcp.gvt2.com65IN (0x0001)false
                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              Mar 20, 2025 13:40:07.353420973 CET1.1.1.1192.168.2.60x5a42No error (0)www.google.com65IN (0x0001)false
                              Mar 20, 2025 13:40:07.353512049 CET1.1.1.1192.168.2.60x68c7No error (0)www.google.com142.250.65.228A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:08.206321001 CET1.1.1.1192.168.2.60x2003No error (0)ynlyce.com91.212.166.88A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:08.349132061 CET1.1.1.1192.168.2.60xae33No error (0)ynlyce.com91.212.166.88A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:09.414257050 CET1.1.1.1192.168.2.60x923No error (0)arvest.click91.212.166.119A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:40:11.736964941 CET1.1.1.1192.168.2.60xb937No error (0)arvest.click91.212.166.119A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:05.807809114 CET1.1.1.1192.168.2.60xe96fNo error (0)e2c53.gcp.gvt2.com35.217.93.191A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:06.822154999 CET1.1.1.1192.168.2.60x4475No error (0)e2c53.gcp.gvt2.com35.217.93.191A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:10.866719961 CET1.1.1.1192.168.2.60x35d6No error (0)e2c53.gcp.gvt2.com35.217.93.191A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:12.881227970 CET1.1.1.1192.168.2.60x35d6No error (0)e2c53.gcp.gvt2.com35.217.93.191A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:16.881191015 CET1.1.1.1192.168.2.60x35d6No error (0)e2c53.gcp.gvt2.com35.217.93.191A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:21.308051109 CET1.1.1.1192.168.2.60x9681No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
                              Mar 20, 2025 13:41:21.308377028 CET1.1.1.1192.168.2.60x811eNo error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
                              Mar 20, 2025 13:41:21.308377028 CET1.1.1.1192.168.2.60x811eNo error (0)beacons-handoff.gcp.gvt2.com142.251.116.94A (IP address)IN (0x0001)false
                              Mar 20, 2025 13:41:22.319230080 CET1.1.1.1192.168.2.60xbfe8No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
                              Mar 20, 2025 13:41:22.323170900 CET1.1.1.1192.168.2.60x58e3No error (0)beacons.gcp.gvt2.combeacons-handoff.gcp.gvt2.comCNAME (Canonical name)IN (0x0001)false
                              Mar 20, 2025 13:41:22.323170900 CET1.1.1.1192.168.2.60x58e3No error (0)beacons-handoff.gcp.gvt2.com142.250.114.94A (IP address)IN (0x0001)false
                              • ynlyce.com
                              • arvest.click
                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.64970391.212.166.88802588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              Mar 20, 2025 13:40:53.440329075 CET6OUTData Raw: 00
                              Data Ascii:


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.64970491.212.166.88802588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              Mar 20, 2025 13:40:53.455785990 CET6OUTData Raw: 00
                              Data Ascii:


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.64970591.212.166.884432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:08 UTC660OUTGET / HTTP/1.1
                              Host: ynlyce.com
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:09 UTC216INHTTP/1.1 302 Found
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:09 GMT
                              Content-Type: text/html; charset=UTF-8
                              Content-Length: 0
                              Connection: close
                              Cache-Control: no-store
                              Location: https://arvest.click/login/


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.64970691.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:09 UTC668OUTGET /login/ HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-User: ?1
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:10 UTC280INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:10 GMT
                              Content-Type: text/html
                              Content-Length: 52602
                              Connection: close
                              Vary: Accept-Encoding
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              ETag: "cd7a-62e5acb89bd40"
                              Accept-Ranges: bytes
                              Vary: Accept-Encoding
                              2025-03-20 12:40:10 UTC16104INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 63 6c 61 73 73 3d 22 6a 73 22 3e 0a 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 69 64 3d 22 6d 79 56 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77
                              Data Ascii: <!DOCTYPE html><html lang="en" class="js"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" id="myViewport" content="width=device-w
                              2025-03-20 12:40:10 UTC16384INData Raw: 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 72 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 76 65 73 74 2e 63 61 72 64 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 22 3e 4c 6f 67 20 49 6e 20 74 6f 20 59 6f 75 72 20 50 65 72 73 6f 6e 61 6c 20 41 63 63 6f 75 6e 74 3c 2f 61 3e 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 72 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 65 6e 74 72 65 73 75 69 74 65 2e 63 6f 6d 2f 43 65 6e 74 72 65 2f 50 75 62 6c 69 63 2f 4c 6f 67 6f 6e 2f 49 6e 64 65 78 3f 52 65 74 75 72
                              Data Ascii: > <li><a class="text-red" href="https://arvest.cardmanager.com/">Log In to Your Personal Account</a></li> <li><a class="text-red" href="https://www.centresuite.com/Centre/Public/Logon/Index?Retur


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              2192.168.2.64970991.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:10 UTC568OUTGET /login/css/MyFontsWebfontsKit.css HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:11 UTC323INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:11 GMT
                              Content-Type: text/css
                              Content-Length: 1630
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              Vary: Accept-Encoding
                              ETag: "67b3818d-65e"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:11 UTC1630INData Raw: 2f 2a 20 40 6c 69 63 65 6e 73 65 0d 0a 20 2a 20 4d 79 46 6f 6e 74 73 20 57 65 62 66 6f 6e 74 20 42 75 69 6c 64 20 49 44 20 32 35 34 36 32 33 31 2c 20 32 30 31 33 2d 30 35 2d 30 32 54 31 32 3a 35 37 3a 33 30 2d 30 34 30 30 0d 0a 20 2a 0d 0a 20 2a 20 54 68 65 20 66 6f 6e 74 73 20 6c 69 73 74 65 64 20 69 6e 20 74 68 69 73 20 6e 6f 74 69 63 65 20 61 72 65 20 73 75 62 6a 65 63 74 20 74 6f 20 74 68 65 20 45 6e 64 20 55 73 65 72 20 4c 69 63 65 6e 73 65 0d 0a 20 2a 20 41 67 72 65 65 6d 65 6e 74 28 73 29 20 65 6e 74 65 72 65 64 20 69 6e 74 6f 20 62 79 20 74 68 65 20 77 65 62 73 69 74 65 20 6f 77 6e 65 72 2e 20 41 6c 6c 20 6f 74 68 65 72 20 70 61 72 74 69 65 73 20 61 72 65 0d 0a 20 2a 20 65 78 70 6c 69 63 69 74 6c 79 20 72 65 73 74 72 69 63 74 65 64 20 66 72 6f 6d
                              Data Ascii: /* @license * MyFonts Webfont Build ID 2546231, 2013-05-02T12:57:30-0400 * * The fonts listed in this notice are subject to the End User License * Agreement(s) entered into by the website owner. All other parties are * explicitly restricted from


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              3192.168.2.64970891.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:10 UTC566OUTGET /login/css/bootstrap_custom.css HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:11 UTC326INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:11 GMT
                              Content-Type: text/css
                              Content-Length: 84190
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              Vary: Accept-Encoding
                              ETag: "67b3818d-148de"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:11 UTC16058INData Raw: 2f 2a 21 0d 0a 20 2a 20 43 75 73 74 6f 6d 20 62 6f 6f 74 73 74 72 61 70 20 62 75 69 6c 64 0d 0a 20 2a 20 43 6f 6e 74 61 69 6e 73 3a 0d 0a 20 2a 20 20 20 20 6e 6f 72 6d 61 6c 69 7a 65 2f 73 63 61 66 66 6f 6c 64 69 6e 67 0d 0a 20 2a 20 20 20 20 63 6f 72 65 20 63 73 73 20 28 73 61 6e 73 20 74 61 62 6c 65 73 2f 62 75 74 74 6f 6e 73 29 0d 0a 20 2a 20 20 20 20 75 74 69 6c 69 74 79 20 63 6c 61 73 73 65 73 0d 0a 20 2a 2f 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 31 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 2e 69 6f 2f 6e 6f 72 6d 61 6c 69 7a 65 20 2a 2f 68 74 6d 6c 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 20 31 30 30 25 3b
                              Data Ascii: /*! * Custom bootstrap build * Contains: * normalize/scaffolding * core css (sans tables/buttons) * utility classes *//*! normalize.css v3.0.1 | MIT License | git.io/normalize */html{font-family: sans-serif;-ms-text-size-adjust: 100%;
                              2025-03-20 12:40:11 UTC16384INData Raw: 6f 6c 2d 6c 67 2d 31 30 7b 77 69 64 74 68 3a 20 38 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 39 7b 77 69 64 74 68 3a 20 37 35 25 7d 2e 63 6f 6c 2d 6c 67 2d 38 7b 77 69 64 74 68 3a 20 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 37 7b 77 69 64 74 68 3a 20 35 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 36 7b 77 69 64 74 68 3a 20 35 30 25 7d 2e 63 6f 6c 2d 6c 67 2d 35 7b 77 69 64 74 68 3a 20 34 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 34 7b 77 69 64 74 68 3a 20 33 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 33 7b 77 69 64 74 68 3a 20 32 35 25 7d 2e 63 6f 6c 2d 6c 67 2d 32 7b 77 69 64 74 68 3a 20 31 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 31 7b 77 69 64
                              Data Ascii: ol-lg-10{width: 83.33333333%}.col-lg-9{width: 75%}.col-lg-8{width: 66.66666667%}.col-lg-7{width: 58.33333333%}.col-lg-6{width: 50%}.col-lg-5{width: 41.66666667%}.col-lg-4{width: 33.33333333%}.col-lg-3{width: 25%}.col-lg-2{width: 16.66666667%}.col-lg-1{wid
                              2025-03-20 12:40:11 UTC16384INData Raw: 6d 3a 20 30 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 37 70 78 7d 7d 2e 66 6f 72 6d 2d 68 6f 72 69 7a 6f 6e 74 61 6c 20 2e 68 61 73 2d 66 65 65 64 62 61 63 6b 20 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 2d 66 65 65 64 62 61 63 6b 7b 74 6f 70 3a 20 30 3b 72 69 67 68 74 3a 20 39 70 78 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 32 36 30 70 78 29 7b 2e 66 6f 72 6d 2d 68 6f 72 69 7a 6f 6e 74 61 6c 20 2e 66 6f 72 6d 2d 67 72 6f 75 70 2d 6c 67 20 2e 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 31 34 2e 33 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 32 36 30 70 78 29 7b 2e 66 6f 72 6d 2d 68 6f 72 69 7a 6f 6e 74 61 6c 20 2e 66 6f 72 6d 2d 67 72 6f 75 70 2d 73 6d 20 2e 63 6f 6e 74 72 6f 6c
                              Data Ascii: m: 0;padding-top: 7px}}.form-horizontal .has-feedback .form-control-feedback{top: 0;right: 9px}@media (min-width: 260px){.form-horizontal .form-group-lg .control-label{padding-top: 14.3px}}@media (min-width: 260px){.form-horizontal .form-group-sm .control
                              2025-03-20 12:40:11 UTC16384INData Raw: 32 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 37 35 3b 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 29 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 34 70 78 20 34 70 78 20 30 20 30 7d 2e 6e 61 76 2d 74 61 62 73 20 3e 20 6c 69 20 3e 20 61 3a 68 6f 76 65 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 65 65 65 20 23 65 65 65 20 23 64 64 64 7d 2e 6e 61 76 2d 74 61 62 73 20 3e 20 6c 69 2e 61 63 74 69 76 65 20 3e 20 61 2c 2e 6e 61 76 2d 74 61 62 73 20 3e 20 6c 69 2e 61 63 74 69 76 65 20 3e 20 61 3a 68 6f 76 65 72 2c 2e 6e 61 76 2d 74 61 62 73 20 3e 20 6c 69 2e 61 63 74 69 76 65 20 3e 20 61 3a 66 6f 63 75 73 7b 63 6f 6c 6f 72 3a 20 23 35 35 35 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20
                              Data Ascii: 2px;line-height: 1.75;border: 1px solid rgba(0,0,0,0);border-radius: 4px 4px 0 0}.nav-tabs > li > a:hover{border-color: #eee #eee #ddd}.nav-tabs > li.active > a,.nav-tabs > li.active > a:hover,.nav-tabs > li.active > a:focus{color: #555;background-color:
                              2025-03-20 12:40:11 UTC16384INData Raw: 20 33 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 33 70 78 7d 2e 70 61 6e 65 6c 20 3e 20 2e 6c 69 73 74 2d 67 72 6f 75 70 3a 6c 61 73 74 2d 63 68 69 6c 64 20 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 30 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 33 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 33 70 78 7d 2e 70 61 6e 65 6c 2d 68 65 61 64 69 6e 67 20 2b 20 2e 6c 69 73 74 2d 67 72 6f 75 70 20 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 3a 66 69 72 73 74 2d 63 68 69 6c 64 7b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 20 30 7d 2e 6c 69 73
                              Data Ascii: 3px;border-top-left-radius: 3px}.panel > .list-group:last-child .list-group-item:last-child{border-bottom: 0;border-bottom-right-radius: 3px;border-bottom-left-radius: 3px}.panel-heading + .list-group .list-group-item:first-child{border-top-width: 0}.lis
                              2025-03-20 12:40:11 UTC2596INData Raw: 20 62 6c 6f 63 6b 20 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 32 35 39 70 78 29 7b 2e 76 69 73 69 62 6c 65 2d 78 73 2d 69 6e 6c 69 6e 65 7b 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 32 35 39 70 78 29 7b 2e 76 69 73 69 62 6c 65 2d 78 73 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 20 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 32 36 30 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 39 35 39 70 78 29 7b 2e 76 69 73 69 62 6c 65 2d 73 6d 7b 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 20 21 69
                              Data Ascii: block !important}}@media (max-width: 259px){.visible-xs-inline{display: inline !important}}@media (max-width: 259px){.visible-xs-inline-block{display: inline-block !important}}@media (min-width: 260px) and (max-width: 959px){.visible-sm{display: block !i


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              4192.168.2.64970791.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:10 UTC557OUTGET /login/css/layout2.css HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: text/css,*/*;q=0.1
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: style
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:11 UTC325INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:11 GMT
                              Content-Type: text/css
                              Content-Length: 31484
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              Vary: Accept-Encoding
                              ETag: "67b3818d-7afc"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:11 UTC16059INData Raw: 2a 7b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 29 7d 2e 69 6f 73 50 68 6f 6e 65 2c 2e 69 6f 73 50 68 6f 6e 65 20 61 7b 63 6f 6c 6f 72 3a 20 23 63 63 30 30 30 30 7d 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 75 6e 64 65 72 6c 69 6e 65 7d 68 31 2c 68 32 2c 68 33 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 46 75 74 75 72 61 42 54 2d 42 6f 6f 6b 7d 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 37 72 65 6d 3b 6d 61 72 67 69 6e 3a 20 38 70 78 20 30 7d 68 33 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 37 72 65 6d 3b 6d 61 72 67 69 6e 3a 20 36 70 78 20 30 7d 68 32 2e 73 75 62 2d 68 65 61 64 65 72 7b 6d 61 72 67 69 6e 3a 20 30 3b 70 61 64 64 69 6e 67 3a
                              Data Ascii: *{-webkit-tap-highlight-color: rgba(0,0,0,0)}.iosPhone,.iosPhone a{color: #cc0000}a:hover{text-decoration: underline}h1,h2,h3{font-family: FuturaBT-Book}h2{font-size: 1.7rem;margin: 8px 0}h3{font-size: 1.7rem;margin: 6px 0}h2.sub-header{margin: 0;padding:
                              2025-03-20 12:40:11 UTC15425INData Raw: 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 20 74 6f 70 20 23 30 30 33 31 36 32 7d 2e 63 6f 70 79 72 69 67 68 74 7b 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 31 70 78 7d 2e 63 6f 70 79 72 69 67 68 74 2d 6c 65 66 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 7d 2e 63 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 70 79 72 69 67 68 74 2d 72 69 67 68 74 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 20 72 69 67 68 74 7d 2e 63 6f 70 79 72 69 67 68 74 2d 72 69 67 68 74 20 69 6d 67 2c 2e 63 6f 70 79 72 69 67 68 74 2d 72 69 67 68 74 20 73 70 61 6e 7b 70 6f 73 69 74 69 6f
                              Data Ascii: g) no-repeat left top #003162}.copyright{overflow: hidden;color: #ffffff;text-align: center;font-size: 1rem;line-height: 21px}.copyright-left{text-align: left}.container .copyright-right{text-align: right}.copyright-right img,.copyright-right span{positio


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              5192.168.2.64971191.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:10 UTC634OUTGET /login/css/2024_ACC_3X_Holiday_Rewards_Main%20Nav.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:11 UTC303INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:11 GMT
                              Content-Type: image/png
                              Content-Length: 64027
                              Last-Modified: Mon, 17 Feb 2025 18:35:56 GMT
                              Connection: close
                              ETag: "67b3818c-fa1b"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:11 UTC16081INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d9 00 00 00 ea 08 06 00 00 00 2f 50 e0 75 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 20 00 49 44 41 54 78 9c d4 bc 67 ac 64 77 9a de f7 3b 39 56 8e 37 87 be dd b7 73 20 d9 c3 61 18 0e c9 dd d9 9d 81 ac 5d ed c8 1a c8 d6 2a 58 86 c3 57 1b 02 fc 95 f2 17 03 06 6c 18 30 0c 38 40 5f 0c 4b 6b 01 86 ac dd 59 ed a4 25 39 c3 e1 30 36 3b 77 df ee db 37 e7 ba 95 c3 a9 3a f9 f8 43 dd ee 19 2e b9 da 99 59 ed 42 7e 81 8b 02 ee a9 aa 73 fe ff 73 de f0 3c ef f3 96 70 d0 1c 24 dd c1 88 66 a7 45 ad b6 41 39 3f 4d da ce 61 65 2c 34 45 22 8e 60 b3 7e c0 e8 b8 8e 6e 19 f8 a3 1e ae d7 46 37 52 9c 3f 73 8d e9 4a 91 a1 1f 22 0a 02 ba 22 f1 67 2d 49 20 4e 12 24 51 f8 b7 fe ef ff 8f d6 e8 fb f4 bd
                              Data Ascii: PNGIHDR/PupHYs~ IDATxgdw;9V7s a]*XWl08@_KkY%906;w7:C.YB~ss<p$fEA9?Mae,4E"`~nF7R?sJ""g-I N$Q
                              2025-03-20 12:40:11 UTC16384INData Raw: ad d5 b9 b8 ba c5 d5 27 5e 22 f7 7a 34 9b 75 24 49 21 f2 5d 7e ef 37 ff 67 de b9 7e 0f 3f ce 16 34 aa d8 c5 ef ed 31 38 d8 e3 a8 33 61 eb a5 06 f3 93 5d f6 3f bc 81 28 80 69 9a 4c 0f bb a8 56 1d a3 b1 4e 69 f3 3c 0f 5f fb 01 46 a5 81 a0 17 51 05 81 d0 9b 51 2a e8 c4 41 8f 71 a7 cb e8 64 97 d5 e5 16 9f fe 99 7f 8b 4a ab c9 c9 d1 2e fd f1 88 de 89 83 a4 67 8c c3 85 1e b2 60 2b 04 64 08 ae 80 13 e4 b8 93 00 d7 8d 49 92 14 d3 50 68 d6 2c 74 51 a5 a2 cb 18 62 c6 52 b3 42 a5 58 a4 3b 99 93 c5 39 29 02 2b eb 4b a8 92 80 1f f8 0c 86 33 a4 3c a7 50 54 99 fa 11 bd 79 44 38 4a 99 cd 3d 20 a1 56 d1 17 60 20 a9 cc f9 ad 16 13 3f 61 ee a7 9c 5f 5f 03 29 a6 54 5d 61 ad d5 22 1a df 20 ce 45 cc e2 2a b1 6c 61 56 96 d8 14 d7 50 bb 1f 21 bf f2 dc 33 14 b4 85 15 fc 68 96 d2
                              Data Ascii: '^"z4u$I!]~7g~?4183a]?(iLVNi<_FQQ*AqdJ.g`+dIPh,tQbRBX;9)+K3<PTyD8J= V` ?a__)T]a" E*laVP!3h
                              2025-03-20 12:40:11 UTC16384INData Raw: 1a 3e 96 13 20 9d 1a ed ba c7 ff f2 af fe 25 89 aa 32 1a 74 b9 72 f9 7d be f3 dd ef f0 f6 fa 55 b6 f6 7b 50 e4 b4 7c 9f 41 96 82 49 a9 38 0e c9 20 65 32 0a 49 8d a6 e5 fa 1c 5b 98 46 79 8a ba f2 08 27 63 c6 69 4a 9e 65 8c c6 31 53 ae 4d 73 b9 8d 2d 61 63 fb 00 57 09 02 c7 66 b9 e2 31 5f af 92 18 4d 6f 12 73 30 4e 19 16 86 65 df 66 be ea 61 8f b7 28 92 88 ea d4 1c 51 b7 43 3a 2e f0 2a 3e a8 04 39 33 4f 1e 97 2e e7 22 4e 48 27 13 8a 2c 23 49 73 6c df a7 db ed 32 88 0b ee 3f d6 64 65 a1 85 28 52 86 fd 31 77 0e 47 9c 7f fa 1c 49 27 62 b0 d7 e1 91 d5 59 5e fe e8 06 93 ac a0 38 f2 94 65 79 88 ef b9 c4 61 42 a3 5e a1 dd aa e3 0a 58 58 9a 45 39 2e e9 11 70 d1 75 1c 1c d7 61 e9 d4 1a 97 5f 7b 8b 7b 1b f7 d8 d8 d8 20 35 82 6a dd c7 ad 97 2d f8 b0 d3 a5 36 35 4d 16
                              Data Ascii: > %2tr}U{P|AI8 e2I[Fy'ciJe1SMs-acWf1_Mos0Nefa(QC:.*>93O."NH',#Isl2?de(R1wGI'bY^8eyaB^XXE9.pua_{{ 5j-65M
                              2025-03-20 12:40:11 UTC15178INData Raw: 72 38 89 c9 29 d9 da f7 98 04 09 bd b1 8f 3f 23 ed 96 80 a5 eb 74 ea 15 b2 12 26 b3 e1 b9 55 73 09 e2 94 ba 6b 71 30 f6 28 81 23 47 16 68 36 2b 9c 3f b5 cc ca da 02 96 ae d3 9c ef 92 e4 19 79 59 70 b8 db c7 71 4d 0c 43 22 4d 1d d3 d4 19 4d 42 1c 5d a1 82 e3 e1 14 c3 30 48 f3 82 24 49 68 d5 5c 4e 9e 58 60 73 1a 32 dc 3b 64 b9 53 65 f5 f4 45 74 d3 52 9e 20 33 0d 5a 89 86 2e 25 69 9e b3 db ef f1 ff fe da af b2 7c 74 91 ac 88 49 d2 10 b4 02 b7 d2 a4 d2 68 70 ed e3 ab a4 d3 11 f3 2b 2b 14 65 81 2e 0d 1c c7 21 d7 24 c3 fd 5d e2 30 41 97 92 fb 1b 87 78 7e c4 e9 e3 0b 24 69 c6 38 8c 91 a5 ce 97 5f fd 1a f7 6e 7d cc 47 1f 7c 80 6e 57 f9 ec e7 3e c7 8b 9f fd 3c dd ee 1c a3 c1 3e 37 ae bc c3 eb af bf c9 bd f5 2d d6 d7 37 69 b8 16 65 e8 23 35 05 55 8f 7b 07 3c f9 cc
                              Data Ascii: r8)?#t&Uskq0(#Gh6+?yYpqMC"MMB]0H$Ih\NX`s2;dSeEtR 3Z.%i|tIhp++e.!$]0Ax~$i8_n}G|nW><>7-7ie#5U{<


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              6192.168.2.64971091.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:10 UTC607OUTGET /login/css/arvest-logo.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:11 UTC301INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:11 GMT
                              Content-Type: image/png
                              Content-Length: 4092
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              ETag: "67b3818d-ffc"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:11 UTC4092INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c9 00 00 00 45 08 06 00 00 00 e0 b4 c2 a6 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 0f 9e 49 44 41 54 78 da ec 5d 07 98 17 c5 15 9f e3 e0 28 47 39 30 22 4d 04 05 02 16 04 05 44 c1 92 4f 41 b0 20 36 a2 10 01 e5 03 cf 20 b1 45 85 a0 89 9a 80 09 41 a5 08 44 40 e1 0b 62 41 b1 a4 2b 06 50 f1 02 16 40 05 45 48 e2 81 85 d8 10 94 22 f5 9f f7 d8 f7 c7 65 7c 6f eb 6c 39 6f 7f df f7 fb ee fe bb b3 b3 b3 b3 fb 66 e6 95 99 29 c8 e5 72 2a 62 74 02 b6 02 3e a6 e2 43 55 60 4b ba ef 61 74 6c 1f f0 53 e0 fb c0 75 f4 3b 43 b2 a8 0e dc 05 cc a5 b9 90 05 31 08 c9 c3 c0 63 81 1d 43 54 46 13 e0 68 e0 46 e0 7f 80 eb 81 9f 03 b7 02 8b 80 f5 48 20 da
                              Data Ascii: PNGIHDREtEXtSoftwareAdobe ImageReadyqe<IDATx](G90"MDOA 6 EAD@bA+P@EH"e|ol9of)r*bt>CU`KatlSu;C1cCTFhFH


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              7192.168.2.64971491.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:12 UTC629OUTGET /login/css/Small_Business_Checking_2_mainnav.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:12 UTC304INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:12 GMT
                              Content-Type: image/png
                              Content-Length: 70110
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              ETag: "67b3818d-111de"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:12 UTC16080INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 da 00 00 00 ea 08 06 00 00 00 c4 67 5b 76 00 00 2c 62 63 61 42 58 00 00 2c 62 6a 75 6d 62 00 00 00 1e 6a 75 6d 64 63 32 70 61 00 11 00 10 80 00 00 aa 00 38 9b 71 03 63 32 70 61 00 00 00 2c 3c 6a 75 6d 62 00 00 00 47 6a 75 6d 64 63 32 6d 61 00 11 00 10 80 00 00 aa 00 38 9b 71 03 75 72 6e 3a 75 75 69 64 3a 39 39 65 30 61 63 37 64 2d 39 31 37 31 2d 34 30 65 63 2d 62 35 66 38 2d 38 61 30 32 37 36 32 63 34 36 38 39 00 00 00 01 a6 6a 75 6d 62 00 00 00 29 6a 75 6d 64 63 32 61 73 00 11 00 10 80 00 00 aa 00 38 9b 71 03 63 32 70 61 2e 61 73 73 65 72 74 69 6f 6e 73 00 00 00 00 ca 6a 75 6d 62 00 00 00 26 6a 75 6d 64 63 62 6f 72 00 11 00 10 80 00 00 aa 00 38 9b 71 03 63 32 70 61 2e 61 63 74 69 6f 6e 73 00 00 00
                              Data Ascii: PNGIHDRg[v,bcaBX,bjumbjumdc2pa8qc2pa,<jumbGjumdc2ma8qurn:uuid:99e0ac7d-9171-40ec-b5f8-8a02762c4689jumb)jumdc2as8qc2pa.assertionsjumb&jumdcbor8qc2pa.actions
                              2025-03-20 12:40:12 UTC16384INData Raw: 46 35 e1 e9 88 29 51 4a c3 54 4d 8b 05 ab 2d ad 16 52 49 98 5a 66 2a 5e 06 ac 0a 75 52 72 28 a3 09 e3 9e ed f6 23 0e 69 e4 7a b7 61 bb dd 71 79 ff 2e 97 ee 92 2e f7 d8 6e 25 73 38 9d c9 29 73 48 d7 4c 69 c7 22 9c b1 1e ee 63 8d c7 59 4b ca 11 a5 2a d3 74 4d ab 95 f1 b8 65 73 f5 11 1a cb 9d 7b af b1 58 df c5 fa 81 92 26 c2 f1 86 30 ed 51 d6 b3 6f 8a ee b8 a4 1c 8e 4c e9 23 c6 f1 86 12 5f e6 ec dc b0 49 1b a6 9b 0d 97 97 17 1c 0f 47 a6 e9 48 29 85 65 d7 b1 30 70 be ec e8 bc e3 cb af bd c2 17 5f bd e4 f3 8f ee 50 72 c6 ae 1d a5 29 72 e7 e8 8c e6 7c e1 b8 bb 9e 18 34 7c 34 46 7e f8 e4 0a ef 3a 6e 76 7b a6 29 80 b6 33 1b dc 93 4b e2 3b df 4f 1c af fe 80 f3 bb ff f6 3c db 63 56 8c 7c a2 5a 29 35 53 ed e7 a7 40 ac b5 92 72 22 c4 44 48 81 18 22 e3 34 72 38 1e 45
                              Data Ascii: F5)QJTM-RIZf*^uRr(#izaqy..n%s8)sHLi"cYK*tMes{X&0QoL#_IGH)e0p_Pr)r|4|4F~:nv{)3K;O<cV|Z)5S@r"DH"4r8E
                              2025-03-20 12:40:12 UTC16384INData Raw: 18 79 ee 9d df e0 1f ff 37 ff 2d 0f 0f 8f 41 45 ee 3f 3a e4 f4 f8 08 e3 35 87 a7 87 bc fa 4b ff 80 f9 6c ca 62 b1 a4 70 05 d6 5a 9c 93 0b fb f8 fc 98 37 de f8 32 b7 ae 5e 11 7b 07 ad 99 6d ed 50 58 cb 72 71 21 16 e9 ab a5 b4 fa 46 33 0c 21 87 b0 18 7a 1f f0 21 cb b9 52 62 e8 7b 26 a5 08 62 49 b2 c9 f4 71 54 4e 78 ea 52 72 21 08 16 93 49 04 a4 44 bb 5e b3 6a 1a a6 b5 d8 5e b4 7d 47 d7 0f f4 5e ec 28 64 be d6 04 2f d9 da f2 d8 47 5c 67 99 4d 66 94 65 c1 68 75 31 0c 3d de f7 2c da 96 a6 ed 30 88 95 41 df 49 ae bb f5 21 60 13 74 7d 8b f7 81 21 c1 d0 7b 4e cf ce 58 2e 97 24 e3 68 16 e2 32 bb 6e 3b b4 91 6a 32 44 b1 ff 2a ad 24 2b da 2c da 4b 51 4a bf cf ac 91 91 b6 15 f2 9a 53 6b 11 43 8e b0 2d 24 c8 38 51 3f 04 7c df e1 aa 99 2c 2d 36 c0 ac c5 2a b3 d9 18 8d
                              Data Ascii: y7-AE?:5KlbpZ72^{mPXrq!F3!z!Rb{&bIqTNxRr!ID^j^}G^(d/G\gMfehu1=,0AI!`t}!{NX.$h2n;j2D*$+,KQJSkC-$8Q?|,-6*
                              2025-03-20 12:40:12 UTC16384INData Raw: ca 4a 89 84 cb 8b 1c d1 1f 43 e3 65 9c 90 57 3e 47 9f a0 e0 33 42 a6 67 1d 5b a6 98 e4 77 0b f0 ec f9 f7 f8 57 db 1d e9 b0 27 8e 3b 42 ec d1 65 a4 2e 0c b6 2e 38 4c 91 59 59 53 36 2b 51 26 b7 05 aa ac 29 8a 52 4a 14 2b aa 80 2a fa bc 9f 9a 80 94 33 af c5 56 10 a3 5c c9 6e 12 11 ac 71 8e 14 e2 69 ff a3 b4 a6 ef 0e ec b6 1b bc 3f 10 fa 37 9c cd 37 b8 d1 60 8b 73 bc 0f a4 78 c1 34 f6 94 e5 12 ab cb 6c 7b e1 d4 d3 b8 e0 d1 99 99 91 44 fe 21 b7 1e 47 a5 84 3c 5c 21 37 e4 47 53 e8 f1 97 4c 48 b3 c6 73 18 30 45 91 97 cd 2a f3 d5 c5 62 73 0a 31 48 19 04 84 0c 93 82 9f 44 49 d2 cc d0 39 09 26 46 47 1a d7 a8 dd b7 b0 7f 01 61 4d 2a 2c 81 15 21 5a 94 e9 a5 b4 4c 91 e4 44 3d 72 0a 4b 1c 47 5c ff c0 e1 60 78 b1 de e0 9c 67 df f5 b8 10 79 ef e9 63 2c d0 f7 23 db ae a7
                              Data Ascii: JCeW>G3Bg[wW';Be..8LYYS6+Q&)RJ+*3V\nqi?77`sx4l{D!G<\!7GSLHs0E*bs1HDI9&FGaM*,!ZLD=rKG\`xgyc,#
                              2025-03-20 12:40:12 UTC4878INData Raw: 97 1c bb 7d db ad 17 18 da b3 5d 3f 8f 8f 0d f3 f5 65 6e 76 b5 5c 64 82 b9 74 2d a7 2e d8 25 32 23 cb 8e fd e6 97 1f ba e8 7a 64 3c 7d aa f3 f3 eb b9 47 f6 7c 64 d7 92 d7 dc 73 f7 bb 2e 08 0d ba 77 ee f1 b1 e1 25 0f cd 6a b9 c8 ae bb b7 fd 6a 18 da f2 ac 23 c8 0f 77 df 27 be c0 c4 d4 1c 0d ab cd be c7 9e ba e4 45 bf 14 f6 3e 78 ff 92 24 c8 c4 d4 1c 13 53 73 1c 38 78 84 87 f7 7d e3 8a 62 9a d7 82 e5 17 7d f9 17 b7 d2 b1 57 ba 46 e9 46 ef 58 e2 fa 1d 3e fa bc ac 37 7e 7b ff 05 bb ce a5 b0 7d eb 6d 6f c8 53 b8 1c b2 18 f8 52 7f ef c6 86 b1 91 d7 7c fe 0c e3 63 c3 6f 5a 31 ba fb 7d 5e eb 1a 5f 2f 56 6d 47 cb 32 3a fb 1e 93 3b c1 1b 69 a1 d9 b2 79 13 3f 3a f0 97 3c f9 f4 f7 39 90 c6 3c dd 4f d2 4f 7f ee ab 6c d9 bc e9 aa 7d 51 59 52 a0 fb fd 2f 77 43 5f c9 1a
                              Data Ascii: }]?env\dt-.%2#zd<}G|ds.w%jj#w'E>x$Ss8x}b}WFFX>7~{}moSR|coZ1}^_/VmG2:;iy?:<9<OOl}QYR/wC_


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              8192.168.2.64971691.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:12 UTC650OUTGET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Consumer.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:12 UTC303INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:12 GMT
                              Content-Type: image/png
                              Content-Length: 53690
                              Last-Modified: Mon, 17 Feb 2025 18:35:56 GMT
                              Connection: close
                              ETag: "67b3818c-d1ba"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:12 UTC16081INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d9 00 00 00 ea 08 06 00 00 00 2f 50 e0 75 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 20 00 49 44 41 54 78 9c a4 bd 47 b0 2d 49 7a df f7 fb 32 b3 aa 8e bb f6 99 ee d7 76 a6 07 3d 06 18 50 10 08 09 00 45 2f 32 24 42 62 80 20 83 a2 22 14 c2 56 7b 69 a5 0d 03 1b 85 76 da 92 a1 9d 4c 84 36 92 a8 08 2e 44 17 24 44 90 04 a9 00 40 12 c0 60 30 33 dd d3 6e da 3c 7f dd 71 55 69 b4 f8 32 b3 ea dc f7 06 18 84 4e c7 ed 77 ef 39 75 aa d2 7c e6 ff d9 94 ff e9 6f ff 0f a9 9d 75 08 10 53 04 20 fa 88 18 c1 58 43 08 11 ef 07 44 84 61 f0 dc 6c 37 3c 7b 76 c9 c5 c5 05 cf af 37 5c 5d df f0 f4 c9 53 7e f0 f0 19 66 79 c4 f1 f1 11 c6 3a 86 10 f1 21 60 8c 01 11 40 10 11 ac b5 18 63 b0 d6 e2 9c a3 6d
                              Data Ascii: PNGIHDR/PupHYs~ IDATxG-Iz2v=PE/2$Bb "V{ivL6.D$D@`03n<qUi2Nw9u|ouS XCDal7<{v7\]S~fy:!`@cm
                              2025-03-20 12:40:12 UTC16384INData Raw: b2 79 fa 98 7e 7d a3 95 dc c6 d0 3a c3 d1 bc e3 6c b9 e4 de e9 09 47 8b 19 9b cd 86 f5 7e 47 d7 39 1a 67 f0 fb 2d bb bd e7 e6 7a cd d1 72 86 4d 03 c7 ab 39 11 78 f4 f0 29 fb ab a7 c4 e0 81 48 3b 5f d2 b4 73 c2 10 b0 4d 43 c9 dd bc 3d 95 17 51 c3 68 8f 99 49 6e e3 cb 84 9c b6 42 d4 ac 99 18 23 8e 7c 84 8c 18 43 74 96 d8 6b 95 ae 35 23 b3 30 dd 44 e0 f8 68 95 03 cf 25 d5 c6 60 4c 22 06 aa 57 b2 48 8a 44 ae 9e 76 ca 04 6d e3 58 2e 3a 1e 3f bb 64 b5 58 d6 1c c4 fd a0 4c a5 6e 5f 8d 8b f4 de 57 ed b1 db f7 6c f7 3d 36 05 8e 8e 4e 68 9b 86 7d 3f d0 ba 86 ab f5 26 37 a2 89 34 b6 a5 78 02 05 cd c5 33 c6 e0 b3 17 32 a6 48 23 ae c6 6d 24 33 60 59 a8 22 f1 43 8c dc 7d eb 4b c8 9f fa 4b 7c f7 d7 fe 6f 3c 60 73 42 34 b9 43 92 97 cc 7c 59 ad 24 20 84 44 df 7b 4d 96 6e
                              Data Ascii: y~}:lG~G9g-zrM9x)H;_sMC=QhInB#|Ctk5#0Dh%`L"WHDvmX.:?dXLn_Wl=6Nh}?&74x32H#m$3`Y"C}KK|o<`sB4C|Y$ D{Mn
                              2025-03-20 12:40:12 UTC16384INData Raw: 26 29 a3 67 3b e4 08 b2 5e 8f 76 bb c5 dc 48 36 ca 1c a1 04 9d f9 98 8b b2 62 9e 6b 8a bc c4 d4 06 1d ab 85 d1 aa 54 7e 9a ec 95 1a 95 bf b9 95 0a ea 72 81 08 65 18 e1 19 97 45 c1 3c af c8 22 81 15 11 e8 94 bb 2f ac 72 72 3a e2 e1 d3 03 a4 96 7c eb 6b 6f 21 93 84 b9 05 7d 72 86 4a ae 21 a5 0d 58 a9 cf 93 9b 4c a6 08 25 18 8d 26 6c 5f dd 66 6f ff 90 17 5e bc 4b 55 96 1c 1e 1c 62 71 5c 8c a7 14 65 41 31 cb 83 e7 8b a5 0a f0 4d 53 22 36 b8 af 4f 6d bd ac 62 8c b1 a1 cc 0c aa 91 95 c1 b2 3f e9 c3 74 cc 6f 8c 4b 25 70 63 0e ea ad cb 1c 79 5e 91 24 82 8b dc 90 25 16 95 7a 8e 59 55 19 ac 71 24 51 4c e3 48 b5 e0 10 86 5b a3 11 5b d6 d6 11 07 5a 96 0b 27 b8 56 8a 5e 27 65 ff e4 0c f0 3e fb 59 1c 53 87 fe aa 08 78 9d 00 da ad 8c bc 28 17 37 2f d6 62 6a c3 b4 ce b9
                              Data Ascii: &)g;^vH6bkT~reE<"/rr:|ko!}rJ!XL%&l_fo^KUbq\eA1MS"6Omb?toK%pcy^$%zYUq$QLH[[Z'V^'e>YSx(7/bj
                              2025-03-20 12:40:12 UTC4841INData Raw: bc 03 87 d3 25 b9 e6 50 dd ab a8 a9 ae 04 30 19 82 59 2d b9 70 7b fc 70 7b fd 68 69 aa 87 c3 39 80 7d 0d 1f 31 07 a6 df ad db b5 0d 3b b7 db 58 19 c5 a1 31 bd a6 f1 e0 2e d6 f0 d0 f4 6d 55 e5 68 ef e8 96 a4 27 0e f7 1b 1a 4f e1 f8 1f ed 92 bf cb eb 68 ae ec 6b f8 88 3d 47 94 d2 e2 02 34 1e 7c 83 d5 55 bc fc 1b 0f be 91 b0 ae 62 95 25 56 7e 56 4b 2e 1a 0f ee 4a aa b3 25 65 76 51 6c 10 7d 40 e9 ff f4 6f f4 77 79 ab 72 fc 84 5d 12 ba d5 54 6f 82 d9 68 40 7b 67 37 5e 7a f3 9d b8 79 8a 1d cc 6a c9 85 d5 92 cb f2 89 e5 4c 33 61 cb 8e 03 cc ce 9a ea 4d cc f6 e3 27 ec 68 3e d3 26 b9 56 de 73 27 a2 ab a7 4f 62 a3 db eb c7 4b bf 79 87 fd bc 65 c7 01 38 9c a4 77 ac a9 de 84 d2 e2 02 a1 11 39 3a c5 e1 1d 4e 97 e4 a1 a1 0e 56 5a 5c 80 ba 5d db 50 51 56 02 b7 77 f2 c1
                              Data Ascii: %P0Y-p{p{hi9}1;X1.mUh'Ohk=G4|Ub%V~VK.J%evQl}@owyr]Toh@{g7^zyjL3aM'h>&Vs'ObKye8w9:NVZ\]PQVw


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              9192.168.2.64971591.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:12 UTC401OUTGET /login/css/arvest-logo.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Sec-Fetch-Storage-Access: active
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:12 UTC301INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:12 GMT
                              Content-Type: image/png
                              Content-Length: 4092
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              ETag: "67b3818d-ffc"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:12 UTC4092INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c9 00 00 00 45 08 06 00 00 00 e0 b4 c2 a6 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 0f 9e 49 44 41 54 78 da ec 5d 07 98 17 c5 15 9f e3 e0 28 47 39 30 22 4d 04 05 02 16 04 05 44 c1 92 4f 41 b0 20 36 a2 10 01 e5 03 cf 20 b1 45 85 a0 89 9a 80 09 41 a5 08 44 40 e1 0b 62 41 b1 a4 2b 06 50 f1 02 16 40 05 45 48 e2 81 85 d8 10 94 22 f5 9f f7 d8 f7 c7 65 7c 6f eb 6c 39 6f 7f df f7 fb ee fe bb b3 b3 b3 b3 fb 66 e6 95 99 29 c8 e5 72 2a 62 74 02 b6 02 3e a6 e2 43 55 60 4b ba ef 61 74 6c 1f f0 53 e0 fb c0 75 f4 3b 43 b2 a8 0e dc 05 cc a5 b9 90 05 31 08 c9 c3 c0 63 81 1d 43 54 46 13 e0 68 e0 46 e0 7f 80 eb 81 9f 03 b7 02 8b 80 f5 48 20 da
                              Data Ascii: PNGIHDREtEXtSoftwareAdobe ImageReadyqe<IDATx](G90"MDOA 6 EAD@bA+P@EH"e|ol9of)r*bt>CU`KatlSu;C1cCTFhFH


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              10192.168.2.64971791.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:12 UTC428OUTGET /login/css/2024_ACC_3X_Holiday_Rewards_Main%20Nav.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Sec-Fetch-Storage-Access: active
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:12 UTC303INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:12 GMT
                              Content-Type: image/png
                              Content-Length: 64027
                              Last-Modified: Mon, 17 Feb 2025 18:35:56 GMT
                              Connection: close
                              ETag: "67b3818c-fa1b"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:12 UTC16081INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d9 00 00 00 ea 08 06 00 00 00 2f 50 e0 75 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 20 00 49 44 41 54 78 9c d4 bc 67 ac 64 77 9a de f7 3b 39 56 8e 37 87 be dd b7 73 20 d9 c3 61 18 0e c9 dd d9 9d 81 ac 5d ed c8 1a c8 d6 2a 58 86 c3 57 1b 02 fc 95 f2 17 03 06 6c 18 30 0c 38 40 5f 0c 4b 6b 01 86 ac dd 59 ed a4 25 39 c3 e1 30 36 3b 77 df ee db 37 e7 ba 95 c3 a9 3a f9 f8 43 dd ee 19 2e b9 da 99 59 ed 42 7e 81 8b 02 ee a9 aa 73 fe ff 73 de f0 3c ef f3 96 70 d0 1c 24 dd c1 88 66 a7 45 ad b6 41 39 3f 4d da ce 61 65 2c 34 45 22 8e 60 b3 7e c0 e8 b8 8e 6e 19 f8 a3 1e ae d7 46 37 52 9c 3f 73 8d e9 4a 91 a1 1f 22 0a 02 ba 22 f1 67 2d 49 20 4e 12 24 51 f8 b7 fe ef ff 8f d6 e8 fb f4 bd
                              Data Ascii: PNGIHDR/PupHYs~ IDATxgdw;9V7s a]*XWl08@_KkY%906;w7:C.YB~ss<p$fEA9?Mae,4E"`~nF7R?sJ""g-I N$Q
                              2025-03-20 12:40:12 UTC16384INData Raw: ad d5 b9 b8 ba c5 d5 27 5e 22 f7 7a 34 9b 75 24 49 21 f2 5d 7e ef 37 ff 67 de b9 7e 0f 3f ce 16 34 aa d8 c5 ef ed 31 38 d8 e3 a8 33 61 eb a5 06 f3 93 5d f6 3f bc 81 28 80 69 9a 4c 0f bb a8 56 1d a3 b1 4e 69 f3 3c 0f 5f fb 01 46 a5 81 a0 17 51 05 81 d0 9b 51 2a e8 c4 41 8f 71 a7 cb e8 64 97 d5 e5 16 9f fe 99 7f 8b 4a ab c9 c9 d1 2e fd f1 88 de 89 83 a4 67 8c c3 85 1e b2 60 2b 04 64 08 ae 80 13 e4 b8 93 00 d7 8d 49 92 14 d3 50 68 d6 2c 74 51 a5 a2 cb 18 62 c6 52 b3 42 a5 58 a4 3b 99 93 c5 39 29 02 2b eb 4b a8 92 80 1f f8 0c 86 33 a4 3c a7 50 54 99 fa 11 bd 79 44 38 4a 99 cd 3d 20 a1 56 d1 17 60 20 a9 cc f9 ad 16 13 3f 61 ee a7 9c 5f 5f 03 29 a6 54 5d 61 ad d5 22 1a df 20 ce 45 cc e2 2a b1 6c 61 56 96 d8 14 d7 50 bb 1f 21 bf f2 dc 33 14 b4 85 15 fc 68 96 d2
                              Data Ascii: '^"z4u$I!]~7g~?4183a]?(iLVNi<_FQQ*AqdJ.g`+dIPh,tQbRBX;9)+K3<PTyD8J= V` ?a__)T]a" E*laVP!3h
                              2025-03-20 12:40:12 UTC16384INData Raw: 1a 3e 96 13 20 9d 1a ed ba c7 ff f2 af fe 25 89 aa 32 1a 74 b9 72 f9 7d be f3 dd ef f0 f6 fa 55 b6 f6 7b 50 e4 b4 7c 9f 41 96 82 49 a9 38 0e c9 20 65 32 0a 49 8d a6 e5 fa 1c 5b 98 46 79 8a ba f2 08 27 63 c6 69 4a 9e 65 8c c6 31 53 ae 4d 73 b9 8d 2d 61 63 fb 00 57 09 02 c7 66 b9 e2 31 5f af 92 18 4d 6f 12 73 30 4e 19 16 86 65 df 66 be ea 61 8f b7 28 92 88 ea d4 1c 51 b7 43 3a 2e f0 2a 3e a8 04 39 33 4f 1e 97 2e e7 22 4e 48 27 13 8a 2c 23 49 73 6c df a7 db ed 32 88 0b ee 3f d6 64 65 a1 85 28 52 86 fd 31 77 0e 47 9c 7f fa 1c 49 27 62 b0 d7 e1 91 d5 59 5e fe e8 06 93 ac a0 38 f2 94 65 79 88 ef b9 c4 61 42 a3 5e a1 dd aa e3 0a 58 58 9a 45 39 2e e9 11 70 d1 75 1c 1c d7 61 e9 d4 1a 97 5f 7b 8b 7b 1b f7 d8 d8 d8 20 35 82 6a dd c7 ad 97 2d f8 b0 d3 a5 36 35 4d 16
                              Data Ascii: > %2tr}U{P|AI8 e2I[Fy'ciJe1SMs-acWf1_Mos0Nefa(QC:.*>93O."NH',#Isl2?de(R1wGI'bY^8eyaB^XXE9.pua_{{ 5j-65M
                              2025-03-20 12:40:12 UTC15178INData Raw: 72 38 89 c9 29 d9 da f7 98 04 09 bd b1 8f 3f 23 ed 96 80 a5 eb 74 ea 15 b2 12 26 b3 e1 b9 55 73 09 e2 94 ba 6b 71 30 f6 28 81 23 47 16 68 36 2b 9c 3f b5 cc ca da 02 96 ae d3 9c ef 92 e4 19 79 59 70 b8 db c7 71 4d 0c 43 22 4d 1d d3 d4 19 4d 42 1c 5d a1 82 e3 e1 14 c3 30 48 f3 82 24 49 68 d5 5c 4e 9e 58 60 73 1a 32 dc 3b 64 b9 53 65 f5 f4 45 74 d3 52 9e 20 33 0d 5a 89 86 2e 25 69 9e b3 db ef f1 ff fe da af b2 7c 74 91 ac 88 49 d2 10 b4 02 b7 d2 a4 d2 68 70 ed e3 ab a4 d3 11 f3 2b 2b 14 65 81 2e 0d 1c c7 21 d7 24 c3 fd 5d e2 30 41 97 92 fb 1b 87 78 7e c4 e9 e3 0b 24 69 c6 38 8c 91 a5 ce 97 5f fd 1a f7 6e 7d cc 47 1f 7c 80 6e 57 f9 ec e7 3e c7 8b 9f fd 3c dd ee 1c a3 c1 3e 37 ae bc c3 eb af bf c9 bd f5 2d d6 d7 37 69 b8 16 65 e8 23 35 05 55 8f 7b 07 3c f9 cc
                              Data Ascii: r8)?#t&Uskq0(#Gh6+?yYpqMC"MMB]0H$Ih\NX`s2;dSeEtR 3Z.%i|tIhp++e.!$]0Ax~$i8_n}G|nW><>7-7ie#5U{<


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              11192.168.2.64971991.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:13 UTC650OUTGET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Mortgage.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:13 UTC303INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:13 GMT
                              Content-Type: image/png
                              Content-Length: 53802
                              Last-Modified: Mon, 17 Feb 2025 18:35:56 GMT
                              Connection: close
                              ETag: "67b3818c-d22a"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:13 UTC16081INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d9 00 00 00 ea 08 06 00 00 00 2f 50 e0 75 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 20 00 49 44 41 54 78 9c cc bd 59 b0 25 c9 79 df f7 cb cc 5a ce 7e f7 a5 f7 6d a6 67 a6 67 1f 00 43 02 04 86 94 08 90 32 2d 2e a2 18 52 c8 5a 1c 61 d2 bb 14 61 2b fc e0 b0 5f f4 e0 17 3f c9 0f 0e c9 56 48 a6 2c d3 a2 49 8a 94 2c 8a a4 68 98 a4 20 12 00 81 19 0c 66 ef e9 9e de f7 bb 9e 7b cf 56 a7 96 cc f4 43 56 d5 a9 73 ee bd 3d 0d 1a 0c 3b 23 6e 9f d3 75 aa b2 b2 32 bf f5 ff 7d f9 95 b8 fe de 1f 5a a1 3c 94 5f c7 5a 8b 10 12 63 2d d6 68 ac 05 b0 18 63 b0 d6 a2 fc 90 5a 67 91 e1 de 36 51 bf 8b 0a 42 e6 57 cf b2 bc b4 8c 05 3e fc e4 26 a7 8e af 33 df 6a 00 60 8c 21 d1 86 d0 53 0c a2 88 46 18
                              Data Ascii: PNGIHDR/PupHYs~ IDATxY%yZ~mggC2-.RZaa+_?VH,I,h f{VCVs=;#nu2}Z<_Zc-hcZg6QBW>&3j`!SF
                              2025-03-20 12:40:13 UTC16384INData Raw: 94 8c 8f f6 50 27 b7 40 e5 ae 86 ae 40 15 d7 ec 9f 2b 15 ea 9f 37 73 82 ab cc 80 8d ba 41 cd cc e5 56 90 86 fd 79 1b 29 2d 70 52 89 30 55 00 8e e3 21 1a 0b ae 8c 93 6c 6e 30 da 0a ff 18 83 93 1c c4 45 31 7b 82 85 db f4 6a a8 7a 7b a2 46 43 2b 4a 4f 05 8c d4 bb dd dc 3b dd dd 3d e2 4f 7f f0 09 69 aa b8 b0 b9 c6 64 34 20 2f 73 de bb 77 87 1f 7d 7c 87 07 87 e7 1c f5 27 bc 7f 67 9f 7c f1 3a 97 5f 7a 93 1c c5 a5 b5 25 1a 26 a1 bd 7d 9d a9 ec b2 77 ef 36 57 6e be 42 a7 bb 50 9f e7 e9 74 44 91 a5 f8 41 4c 1c 37 28 cb c2 f5 c9 e6 53 f1 2a 2a d5 97 f3 73 d1 68 0e d6 ad 2f f0 5c dd 50 3f ed 2f 48 0d 3f 5f 77 e5 69 c2 e0 e4 98 d1 f9 39 e3 f3 3e 65 96 d8 99 34 03 46 48 fc 76 9b f5 4b 97 58 5a 5f 23 32 09 14 e7 48 12 02 df 67 d8 4f d0 65 8b 22 4b e9 9f 3f c2 94 ab a8
                              Data Ascii: P'@@+7sAVy)-pR0U!ln0E1{jz{FC+JO;=Oid4 /sw}|'g|:_z%&}w6WnBPtDAL7(S**sh/\P?/H?_wi9>e4FHvKXZ_#2HgOe"K?
                              2025-03-20 12:40:14 UTC16384INData Raw: 26 2b 14 86 92 ca 18 54 e0 71 f7 fc 2d 1e 1d 9f 73 ef f0 9c 4a 79 f6 3e 11 3e 7e 10 5a 1d 4b e9 bb 2c 19 d0 5d d9 24 9b 1c f1 d2 b3 37 88 23 9f 9d cb 5b 0e a2 b0 33 c3 86 84 66 0f ae c6 bf da ad bf 34 c3 71 37 ea f2 97 29 ab 89 c3 a5 fc c0 c5 af 72 21 b1 5d dc 98 16 62 a9 bb 9e a6 73 1e be 7b 87 f1 ac e6 17 3f f3 39 aa 62 86 0c 63 ae dd 7c 9a f1 f9 01 a6 56 04 a1 4f 55 e6 14 45 46 43 4e 96 d2 a7 2c 0b c2 30 e6 f5 37 df 24 8a 02 56 86 03 8c d6 1c 1f 9f e2 49 9f ba ae 88 a3 88 77 de 7b 84 31 da 0d 7c c1 53 25 79 56 a1 90 98 2c 25 10 56 af 70 3a 9f 23 3d 8f 76 2b 66 9e 97 28 5d 23 bd c0 3a 7b 56 9a 7e bf cb e9 d9 39 3b 3b db 3c 7c f4 88 2c 7d 87 dd eb d7 e9 ee ee 52 66 29 d9 2c 25 49 5a c4 49 42 55 3a de 9a 63 86 0b 4f 22 fd 90 e9 3c e3 e4 c4 5a 11 49 4f e2
                              Data Ascii: &+Tq-sJy>>~ZK,]$7#[3f4q7)r!]bs{?9bc|VOUEFCN,07$VIw{1|S%yV,%Vp:#=v+f(]#:{V~9;;<|,}Rf),%IZIBU:cO"<ZIO
                              2025-03-20 12:40:14 UTC4953INData Raw: d7 2d b4 3a 86 23 51 74 75 5f 44 60 20 84 da aa 4a 00 c0 8e 5d 07 50 5b 5d 89 93 87 f6 e4 fd 5d 20 38 88 c0 40 08 c0 c2 a8 e7 5c 52 30 21 db b1 eb 00 8e 1c 3f 9d f5 b9 df e7 c5 be 7f d8 86 a6 c6 7a f4 f4 f5 a3 79 db 6e 00 c0 48 ef a7 85 7a f4 63 e1 dc c5 5e 4d 80 88 10 35 d4 d5 e0 c8 f1 33 08 0c 84 e0 af f0 a2 b5 65 03 00 2c a8 3a 86 23 51 34 6f db ad 0f 0a 1e b7 0b b5 d5 95 08 47 a2 38 77 b1 17 3d 7d fd a8 ad ae cc f9 db 23 bf 3e 8d 8e 03 47 01 cc ff 7a ce 35 05 11 b2 8e ce a3 39 05 0c 00 02 c1 10 de fe e9 21 34 35 d6 17 e2 51 73 46 d3 a6 7a 9c bb d0 0b 4f b1 4b 1f b9 8f 1c 3f 8d 73 17 7b d1 50 57 a3 0b d9 42 e2 c8 f1 33 ba 80 b5 6d 6d 82 df e7 85 bf 82 1c 67 54 5b 5d 99 57 c0 18 33 a3 20 42 76 e4 f8 19 00 64 24 3c 7b 6c 3f fc be 72 84 23 51 1c 3c dc 85
                              Data Ascii: -:#Qtu_D` J]P[]] 8@\R0!?zynHzc^M53e,:#Q4oG8w=}#>Gz59!45QsFzOK?s{PWB3mmgT[]W3 Bvd$<{l?r#Q<


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              12192.168.2.64972091.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:13 UTC423OUTGET /login/css/Small_Business_Checking_2_mainnav.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Sec-Fetch-Storage-Access: active
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:13 UTC304INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:13 GMT
                              Content-Type: image/png
                              Content-Length: 70110
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              ETag: "67b3818d-111de"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:13 UTC16080INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 da 00 00 00 ea 08 06 00 00 00 c4 67 5b 76 00 00 2c 62 63 61 42 58 00 00 2c 62 6a 75 6d 62 00 00 00 1e 6a 75 6d 64 63 32 70 61 00 11 00 10 80 00 00 aa 00 38 9b 71 03 63 32 70 61 00 00 00 2c 3c 6a 75 6d 62 00 00 00 47 6a 75 6d 64 63 32 6d 61 00 11 00 10 80 00 00 aa 00 38 9b 71 03 75 72 6e 3a 75 75 69 64 3a 39 39 65 30 61 63 37 64 2d 39 31 37 31 2d 34 30 65 63 2d 62 35 66 38 2d 38 61 30 32 37 36 32 63 34 36 38 39 00 00 00 01 a6 6a 75 6d 62 00 00 00 29 6a 75 6d 64 63 32 61 73 00 11 00 10 80 00 00 aa 00 38 9b 71 03 63 32 70 61 2e 61 73 73 65 72 74 69 6f 6e 73 00 00 00 00 ca 6a 75 6d 62 00 00 00 26 6a 75 6d 64 63 62 6f 72 00 11 00 10 80 00 00 aa 00 38 9b 71 03 63 32 70 61 2e 61 63 74 69 6f 6e 73 00 00 00
                              Data Ascii: PNGIHDRg[v,bcaBX,bjumbjumdc2pa8qc2pa,<jumbGjumdc2ma8qurn:uuid:99e0ac7d-9171-40ec-b5f8-8a02762c4689jumb)jumdc2as8qc2pa.assertionsjumb&jumdcbor8qc2pa.actions
                              2025-03-20 12:40:13 UTC16384INData Raw: 46 35 e1 e9 88 29 51 4a c3 54 4d 8b 05 ab 2d ad 16 52 49 98 5a 66 2a 5e 06 ac 0a 75 52 72 28 a3 09 e3 9e ed f6 23 0e 69 e4 7a b7 61 bb dd 71 79 ff 2e 97 ee 92 2e f7 d8 6e 25 73 38 9d c9 29 73 48 d7 4c 69 c7 22 9c b1 1e ee 63 8d c7 59 4b ca 11 a5 2a d3 74 4d ab 95 f1 b8 65 73 f5 11 1a cb 9d 7b af b1 58 df c5 fa 81 92 26 c2 f1 86 30 ed 51 d6 b3 6f 8a ee b8 a4 1c 8e 4c e9 23 c6 f1 86 12 5f e6 ec dc b0 49 1b a6 9b 0d 97 97 17 1c 0f 47 a6 e9 48 29 85 65 d7 b1 30 70 be ec e8 bc e3 cb af bd c2 17 5f bd e4 f3 8f ee 50 72 c6 ae 1d a5 29 72 e7 e8 8c e6 7c e1 b8 bb 9e 18 34 7c 34 46 7e f8 e4 0a ef 3a 6e 76 7b a6 29 80 b6 33 1b dc 93 4b e2 3b df 4f 1c af fe 80 f3 bb ff f6 3c db 63 56 8c 7c a2 5a 29 35 53 ed e7 a7 40 ac b5 92 72 22 c4 44 48 81 18 22 e3 34 72 38 1e 45
                              Data Ascii: F5)QJTM-RIZf*^uRr(#izaqy..n%s8)sHLi"cYK*tMes{X&0QoL#_IGH)e0p_Pr)r|4|4F~:nv{)3K;O<cV|Z)5S@r"DH"4r8E
                              2025-03-20 12:40:14 UTC16384INData Raw: 18 79 ee 9d df e0 1f ff 37 ff 2d 0f 0f 8f 41 45 ee 3f 3a e4 f4 f8 08 e3 35 87 a7 87 bc fa 4b ff 80 f9 6c ca 62 b1 a4 70 05 d6 5a 9c 93 0b fb f8 fc 98 37 de f8 32 b7 ae 5e 11 7b 07 ad 99 6d ed 50 58 cb 72 71 21 16 e9 ab a5 b4 fa 46 33 0c 21 87 b0 18 7a 1f f0 21 cb b9 52 62 e8 7b 26 a5 08 62 49 b2 c9 f4 71 54 4e 78 ea 52 72 21 08 16 93 49 04 a4 44 bb 5e b3 6a 1a a6 b5 d8 5e b4 7d 47 d7 0f f4 5e ec 28 64 be d6 04 2f d9 da f2 d8 47 5c 67 99 4d 66 94 65 c1 68 75 31 0c 3d de f7 2c da 96 a6 ed 30 88 95 41 df 49 ae bb f5 21 60 13 74 7d 8b f7 81 21 c1 d0 7b 4e cf ce 58 2e 97 24 e3 68 16 e2 32 bb 6e 3b b4 91 6a 32 44 b1 ff 2a ad 24 2b da 2c da 4b 51 4a bf cf ac 91 91 b6 15 f2 9a 53 6b 11 43 8e b0 2d 24 c8 38 51 3f 04 7c df e1 aa 99 2c 2d 36 c0 ac c5 2a b3 d9 18 8d
                              Data Ascii: y7-AE?:5KlbpZ72^{mPXrq!F3!z!Rb{&bIqTNxRr!ID^j^}G^(d/G\gMfehu1=,0AI!`t}!{NX.$h2n;j2D*$+,KQJSkC-$8Q?|,-6*
                              2025-03-20 12:40:14 UTC16384INData Raw: ca 4a 89 84 cb 8b 1c d1 1f 43 e3 65 9c 90 57 3e 47 9f a0 e0 33 42 a6 67 1d 5b a6 98 e4 77 0b f0 ec f9 f7 f8 57 db 1d e9 b0 27 8e 3b 42 ec d1 65 a4 2e 0c b6 2e 38 4c 91 59 59 53 36 2b 51 26 b7 05 aa ac 29 8a 52 4a 14 2b aa 80 2a fa bc 9f 9a 80 94 33 af c5 56 10 a3 5c c9 6e 12 11 ac 71 8e 14 e2 69 ff a3 b4 a6 ef 0e ec b6 1b bc 3f 10 fa 37 9c cd 37 b8 d1 60 8b 73 bc 0f a4 78 c1 34 f6 94 e5 12 ab cb 6c 7b e1 d4 d3 b8 e0 d1 99 99 91 44 fe 21 b7 1e 47 a5 84 3c 5c 21 37 e4 47 53 e8 f1 97 4c 48 b3 c6 73 18 30 45 91 97 cd 2a f3 d5 c5 62 73 0a 31 48 19 04 84 0c 93 82 9f 44 49 d2 cc d0 39 09 26 46 47 1a d7 a8 dd b7 b0 7f 01 61 4d 2a 2c 81 15 21 5a 94 e9 a5 b4 4c 91 e4 44 3d 72 0a 4b 1c 47 5c ff c0 e1 60 78 b1 de e0 9c 67 df f5 b8 10 79 ef e9 63 2c d0 f7 23 db ae a7
                              Data Ascii: JCeW>G3Bg[wW';Be..8LYYS6+Q&)RJ+*3V\nqi?77`sx4l{D!G<\!7GSLHs0E*bs1HDI9&FGaM*,!ZLD=rKG\`xgyc,#
                              2025-03-20 12:40:14 UTC4878INData Raw: 97 1c bb 7d db ad 17 18 da b3 5d 3f 8f 8f 0d f3 f5 65 6e 76 b5 5c 64 82 b9 74 2d a7 2e d8 25 32 23 cb 8e fd e6 97 1f ba e8 7a 64 3c 7d aa f3 f3 eb b9 47 f6 7c 64 d7 92 d7 dc 73 f7 bb 2e 08 0d ba 77 ee f1 b1 e1 25 0f cd 6a b9 c8 ae bb b7 fd 6a 18 da f2 ac 23 c8 0f 77 df 27 be c0 c4 d4 1c 0d ab cd be c7 9e ba e4 45 bf 14 f6 3e 78 ff 92 24 c8 c4 d4 1c 13 53 73 1c 38 78 84 87 f7 7d e3 8a 62 9a d7 82 e5 17 7d f9 17 b7 d2 b1 57 ba 46 e9 46 ef 58 e2 fa 1d 3e fa bc ac 37 7e 7b ff 05 bb ce a5 b0 7d eb 6d 6f c8 53 b8 1c b2 18 f8 52 7f ef c6 86 b1 91 d7 7c fe 0c e3 63 c3 6f 5a 31 ba fb 7d 5e eb 1a 5f 2f 56 6d 47 cb 32 3a fb 1e 93 3b c1 1b 69 a1 d9 b2 79 13 3f 3a f0 97 3c f9 f4 f7 39 90 c6 3c dd 4f d2 4f 7f ee ab 6c d9 bc e9 aa 7d 51 59 52 a0 fb fd 2f 77 43 5f c9 1a
                              Data Ascii: }]?env\dt-.%2#zd<}G|ds.w%jj#w'E>x$Ss8x}b}WFFX>7~{}moSR|coZ1}^_/VmG2:;iy?:<9<OOl}QYR/wC_


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              13192.168.2.64972191.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:13 UTC609OUTGET /login/css/FDIC-new-logo.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:13 UTC300INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:13 GMT
                              Content-Type: image/png
                              Content-Length: 437
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              ETag: "67b3818d-1b5"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:13 UTC437INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 26 00 00 00 10 08 06 00 00 00 7a 1e 0d 1e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 01 6c 49 44 41 54 48 89 cd 55 c1 71 84 30 0c 5c 32 f7 cc 4c e8 20 74 00 1d 84 fb e7 41 07 c7 23 ff 5c 2a c8 5d 07 57 02 25 50 02 e9 c0 d7 01 74 00 15 6c 1e 36 13 a3 13 98 5c 78 64 67 f4 90 b4 96 65 59 b6 22 92 f8 07 88 01 24 00 cc 68 d8 01 68 02 8b 2a 00 e5 82 bf 71 9c 56 d8 2f 00 32 4f 3f fa 1b bb 44 4e 00 0a 00 4f 9e bd 03 50 83 61 9c 56 70 48 b2 22 19 93 84 93 46 f8 73 cf 17 8c f9 10 a8 d6 6f 70 70 d5 8b 03 bc 0a c0 67 28 d8 4e b1 7d 09 bd 5d e0 bc 08 7b 0a a0 06 90 cf ec 57 c0 1e 40 62 80 bd e6 0c e3 b5 2a 55 84 22 73 9c 98 64 ad f8 f3 99 ab 6c 85 ad 27 79 14 7b 95 24 fb bf 26 36 8a 11 fe 5a 49 ec 4d
                              Data Ascii: PNGIHDR&zsBIT|dlIDATHUq0\2L tA#\*]W%Ptl6\xdgeY"$hh*qV/2O?DNOPaVpH"Fsoppg(N}]{W@b*U"sdl'y{$&6ZIM


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              14192.168.2.64972291.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:13 UTC444OUTGET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Consumer.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Sec-Fetch-Storage-Access: active
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:13 UTC303INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:13 GMT
                              Content-Type: image/png
                              Content-Length: 53690
                              Last-Modified: Mon, 17 Feb 2025 18:35:56 GMT
                              Connection: close
                              ETag: "67b3818c-d1ba"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:13 UTC16081INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d9 00 00 00 ea 08 06 00 00 00 2f 50 e0 75 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 20 00 49 44 41 54 78 9c a4 bd 47 b0 2d 49 7a df f7 fb 32 b3 aa 8e bb f6 99 ee d7 76 a6 07 3d 06 18 50 10 08 09 00 45 2f 32 24 42 62 80 20 83 a2 22 14 c2 56 7b 69 a5 0d 03 1b 85 76 da 92 a1 9d 4c 84 36 92 a8 08 2e 44 17 24 44 90 04 a9 00 40 12 c0 60 30 33 dd d3 6e da 3c 7f dd 71 55 69 b4 f8 32 b3 ea dc f7 06 18 84 4e c7 ed 77 ef 39 75 aa d2 7c e6 ff d9 94 ff e9 6f ff 0f a9 9d 75 08 10 53 04 20 fa 88 18 c1 58 43 08 11 ef 07 44 84 61 f0 dc 6c 37 3c 7b 76 c9 c5 c5 05 cf af 37 5c 5d df f0 f4 c9 53 7e f0 f0 19 66 79 c4 f1 f1 11 c6 3a 86 10 f1 21 60 8c 01 11 40 10 11 ac b5 18 63 b0 d6 e2 9c a3 6d
                              Data Ascii: PNGIHDR/PupHYs~ IDATxG-Iz2v=PE/2$Bb "V{ivL6.D$D@`03n<qUi2Nw9u|ouS XCDal7<{v7\]S~fy:!`@cm
                              2025-03-20 12:40:13 UTC16384INData Raw: b2 79 fa 98 7e 7d a3 95 dc c6 d0 3a c3 d1 bc e3 6c b9 e4 de e9 09 47 8b 19 9b cd 86 f5 7e 47 d7 39 1a 67 f0 fb 2d bb bd e7 e6 7a cd d1 72 86 4d 03 c7 ab 39 11 78 f4 f0 29 fb ab a7 c4 e0 81 48 3b 5f d2 b4 73 c2 10 b0 4d 43 c9 dd bc 3d 95 17 51 c3 68 8f 99 49 6e e3 cb 84 9c b6 42 d4 ac 99 18 23 8e 7c 84 8c 18 43 74 96 d8 6b 95 ae 35 23 b3 30 dd 44 e0 f8 68 95 03 cf 25 d5 c6 60 4c 22 06 aa 57 b2 48 8a 44 ae 9e 76 ca 04 6d e3 58 2e 3a 1e 3f bb 64 b5 58 d6 1c c4 fd a0 4c a5 6e 5f 8d 8b f4 de 57 ed b1 db f7 6c f7 3d 36 05 8e 8e 4e 68 9b 86 7d 3f d0 ba 86 ab f5 26 37 a2 89 34 b6 a5 78 02 05 cd c5 33 c6 e0 b3 17 32 a6 48 23 ae c6 6d 24 33 60 59 a8 22 f1 43 8c dc 7d eb 4b c8 9f fa 4b 7c f7 d7 fe 6f 3c 60 73 42 34 b9 43 92 97 cc 7c 59 ad 24 20 84 44 df 7b 4d 96 6e
                              Data Ascii: y~}:lG~G9g-zrM9x)H;_sMC=QhInB#|Ctk5#0Dh%`L"WHDvmX.:?dXLn_Wl=6Nh}?&74x32H#m$3`Y"C}KK|o<`sB4C|Y$ D{Mn
                              2025-03-20 12:40:14 UTC16384INData Raw: 26 29 a3 67 3b e4 08 b2 5e 8f 76 bb c5 dc 48 36 ca 1c a1 04 9d f9 98 8b b2 62 9e 6b 8a bc c4 d4 06 1d ab 85 d1 aa 54 7e 9a ec 95 1a 95 bf b9 95 0a ea 72 81 08 65 18 e1 19 97 45 c1 3c af c8 22 81 15 11 e8 94 bb 2f ac 72 72 3a e2 e1 d3 03 a4 96 7c eb 6b 6f 21 93 84 b9 05 7d 72 86 4a ae 21 a5 0d 58 a9 cf 93 9b 4c a6 08 25 18 8d 26 6c 5f dd 66 6f ff 90 17 5e bc 4b 55 96 1c 1e 1c 62 71 5c 8c a7 14 65 41 31 cb 83 e7 8b a5 0a f0 4d 53 22 36 b8 af 4f 6d bd ac 62 8c b1 a1 cc 0c aa 91 95 c1 b2 3f e9 c3 74 cc 6f 8c 4b 25 70 63 0e ea ad cb 1c 79 5e 91 24 82 8b dc 90 25 16 95 7a 8e 59 55 19 ac 71 24 51 4c e3 48 b5 e0 10 86 5b a3 11 5b d6 d6 11 07 5a 96 0b 27 b8 56 8a 5e 27 65 ff e4 0c f0 3e fb 59 1c 53 87 fe aa 08 78 9d 00 da ad 8c bc 28 17 37 2f d6 62 6a c3 b4 ce b9
                              Data Ascii: &)g;^vH6bkT~reE<"/rr:|ko!}rJ!XL%&l_fo^KUbq\eA1MS"6Omb?toK%pcy^$%zYUq$QLH[[Z'V^'e>YSx(7/bj
                              2025-03-20 12:40:14 UTC4841INData Raw: bc 03 87 d3 25 b9 e6 50 dd ab a8 a9 ae 04 30 19 82 59 2d b9 70 7b fc 70 7b fd 68 69 aa 87 c3 39 80 7d 0d 1f 31 07 a6 df ad db b5 0d 3b b7 db 58 19 c5 a1 31 bd a6 f1 e0 2e d6 f0 d0 f4 6d 55 e5 68 ef e8 96 a4 27 0e f7 1b 1a 4f e1 f8 1f ed 92 bf cb eb 68 ae ec 6b f8 88 3d 47 94 d2 e2 02 34 1e 7c 83 d5 55 bc fc 1b 0f be 91 b0 ae 62 95 25 56 7e 56 4b 2e 1a 0f ee 4a aa b3 25 65 76 51 6c 10 7d 40 e9 ff f4 6f f4 77 79 ab 72 fc 84 5d 12 ba d5 54 6f 82 d9 68 40 7b 67 37 5e 7a f3 9d b8 79 8a 1d cc 6a c9 85 d5 92 cb f2 89 e5 4c 33 61 cb 8e 03 cc ce 9a ea 4d cc f6 e3 27 ec 68 3e d3 26 b9 56 de 73 27 a2 ab a7 4f 62 a3 db eb c7 4b bf 79 87 fd bc 65 c7 01 38 9c a4 77 ac a9 de 84 d2 e2 02 a1 11 39 3a c5 e1 1d 4e 97 e4 a1 a1 0e 56 5a 5c 80 ba 5d db 50 51 56 02 b7 77 f2 c1
                              Data Ascii: %P0Y-p{p{hi9}1;X1.mUh'Ohk=G4|Ub%V~VK.J%evQl}@owyr]Toh@{g7^zyjL3aM'h>&Vs'ObKye8w9:NVZ\]PQVw


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              15192.168.2.64972391.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:14 UTC653OUTGET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_NewYearPlan.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:14 UTC303INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:14 GMT
                              Content-Type: image/png
                              Content-Length: 55947
                              Last-Modified: Mon, 17 Feb 2025 18:35:56 GMT
                              Connection: close
                              ETag: "67b3818c-da8b"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:14 UTC16081INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d9 00 00 00 ea 08 06 00 00 00 2f 50 e0 75 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 20 00 49 44 41 54 78 9c 74 bd f9 8f 25 59 76 df f7 39 f7 de 88 78 ef e5 9e 95 55 bd 54 f7 f4 36 3d 9c e6 cc f4 68 38 dc 34 14 c9 11 05 5a 96 69 09 12 0c c8 32 6d d8 b0 65 0b 32 0c d8 12 60 ff 68 03 36 60 d8 fe 0f 0c 43 80 24 d8 80 65 cb 02 24 8a 96 45 51 24 b5 91 23 52 1a ce 3e 3d d3 33 bd d6 5e 59 95 cb cb b7 c4 72 17 ff 70 97 88 ec 26 b3 50 99 2f 5f be 17 2f e2 dc b3 7c cf f7 9c 7b 42 b6 db 75 00 40 80 00 e0 81 40 f0 01 41 e2 f3 02 22 8a 80 a0 44 11 88 7f 13 51 40 c0 7b 8f b5 03 7d d7 e2 fa 8e 61 bb e2 e2 f1 03 1e bc fd 1d 2e 1e 3f a0 db 6e e9 ac 65 b5 da b0 e9 2c a2 0c 8e 40 5d 19 76 76
                              Data Ascii: PNGIHDR/PupHYs~ IDATxt%Yv9xUT6=h84Zi2me2`h6`C$e$EQ$#R>=3^Yrp&P/_/|{Bu@@A"DQ@{}a.?ne,@]vv
                              2025-03-20 12:40:14 UTC16384INData Raw: 79 ea 26 fb 37 6f f2 f8 87 bf 8d 90 03 ce 0e 9f 70 72 78 8c d4 39 45 21 30 c6 f0 e8 d1 13 c6 d3 31 3b 57 6f 10 32 8d cc 4a 32 99 51 cc f6 08 c0 fc d1 2d fe e4 fd 0f c8 84 e7 5b 5f bc ca bf fa f0 11 e7 eb 25 8c a7 8c 87 43 be f9 d6 9b 34 ab 25 a3 f1 70 6b 93 b7 8d cd a5 d7 e1 5d e0 6b 97 f9 7b 5c ba d1 ff 8d 9b fd 12 fa b6 ad 8a 97 4c 52 07 bb 57 31 76 13 7f 3d 53 9c 1f 7f ca fd 87 b7 30 8d 65 3c 28 19 4d 4a 28 20 68 83 6f 2b d0 01 53 5b 42 88 f3 b3 d4 1a 3d 98 30 3f 3b 67 30 ec 28 77 af a2 91 e8 d1 94 ce 34 9f 03 04 03 81 22 cf c9 77 0e d2 2f 0b 8c 69 2f 81 a6 82 e9 f4 20 be d1 6d ab dc 7f 3f 97 90 c3 f4 fe 03 3d ff f5 e2 f9 bb f4 b5 a2 03 92 ce 3a 6a 03 a7 eb 8e e5 a6 a1 ee 62 82 a5 35 06 6b 0d 84 48 11 89 a5 35 c3 6b 8b b3 06 e5 33 a2 a1 5c d4 ce 68 dd
                              Data Ascii: y&7oprx9E!01;Wo2J2Q-[_%C4%pk]k{\LRW1v=S0e<(MJ( ho+S[B=0?;g0(w4"w/i/ m?=:jb5kH5k3\h
                              2025-03-20 12:40:14 UTC16384INData Raw: ca 32 d9 0d a2 28 47 69 aa 79 c5 ec e8 88 db 0f ee 33 5f ae b8 be db 33 b8 25 57 ad c7 66 05 6f 3d b8 c9 ab 37 66 b8 76 c3 2b a7 15 7f f7 6b 0f d9 f5 8e cb cb 0e a3 35 fd 30 90 25 9a 96 d6 46 1c a0 b5 58 b5 b7 29 64 31 22 0b e6 cc 4b 75 1f 82 c7 22 ec f8 5e 69 56 47 47 1c 1d ad b8 76 ed 1a 75 5d 51 96 d5 b4 63 73 2e d2 ee c5 58 d4 3b 91 e2 68 9b 25 db 40 e9 9a 46 76 cd c8 59 1d 85 a6 43 27 06 4f bd 3b 98 dc 78 e7 a4 1b 8a 51 aa 52 92 76 85 41 fe 5c 4c 6c 23 a3 35 d1 f9 69 c6 aa e7 75 da bd 7a da a6 61 f0 03 b1 ac e9 87 01 36 5b e6 8b 85 7c 3f 13 98 95 0b ac b5 cc 17 4b ac 54 9e 98 d0 42 39 00 e3 2e c1 24 ad 92 52 f2 eb a2 ae 99 af 96 cc 97 35 36 b3 78 e7 69 f7 2d db cb 35 cd 66 43 50 0a a3 ed a4 08 8d 90 c2 e4 fc d4 26 32 42 ec 7a 3c 54 29 fb 8a f1 b7 a4
                              Data Ascii: 2(Giy3_3%Wfo=7fv+k50%FX)d1"Ku"^iVGGvu]Qcs.X;h%@FvYC'O;xQRvA\Ll#5iuza6[|?KTB9.$R56xi-5fCP&2Bz<T)
                              2025-03-20 12:40:14 UTC7098INData Raw: 75 c5 e9 43 66 f5 5a 21 75 91 fd cd ac e0 7c 8a a2 32 63 88 c6 ef 2d 50 bc 4e 21 ac e6 0e ad a8 b6 33 43 4d 15 e7 64 73 b1 7d 8b 1f db b7 f8 31 91 99 c2 bf fe f1 06 86 df bf 81 7f fd 60 14 57 6f dc 64 17 18 6c d1 b0 78 58 04 2d 42 17 40 27 71 b2 88 56 2c f4 81 aa b1 d0 08 16 7e ae 15 6d 8b 81 aa 00 e2 94 4f 03 85 3c d3 e3 73 f9 1c 73 2f d1 0b a8 cb 66 91 2b 70 f5 46 05 14 85 ed 20 b0 da 9d c8 4f e5 a0 69 2a 1c 2e 2f dc 2e 0d 0d be b5 68 bc 79 05 8d eb dd 78 e4 c6 08 1e bb 37 89 eb 77 f3 f8 f3 d8 7d dc b8 57 c0 e4 54 5e ec 4b d4 2c 2c 6a 91 50 19 b9 01 84 26 e2 ac de 75 58 2d 0a 1e 5d dd 80 f5 5f 6a 42 cb 9a 46 78 1b dc 70 3a 6c b0 59 c8 a4 cd 3a 05 7b 36 0f c5 b8 8f f1 7b 77 f0 c9 ed 4f 90 cf de 87 81 3c 54 15 b0 db 6c b0 58 2d dc 03 bc 38 07 a1 75 25 26
                              Data Ascii: uCfZ!u|2c-PN!3CMds}1`WodlxX-B@'qV,~mO<ss/f+pF Oi*./.hyx7w}WT^K,,jP&uX-]_jBFxp:lY:{6{wO<TlX-8u%&


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              16192.168.2.64972491.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:14 UTC403OUTGET /login/css/FDIC-new-logo.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Sec-Fetch-Storage-Access: active
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:14 UTC300INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:14 GMT
                              Content-Type: image/png
                              Content-Length: 437
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              ETag: "67b3818d-1b5"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:14 UTC437INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 26 00 00 00 10 08 06 00 00 00 7a 1e 0d 1e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 01 6c 49 44 41 54 48 89 cd 55 c1 71 84 30 0c 5c 32 f7 cc 4c e8 20 74 00 1d 84 fb e7 41 07 c7 23 ff 5c 2a c8 5d 07 57 02 25 50 02 e9 c0 d7 01 74 00 15 6c 1e 36 13 a3 13 98 5c 78 64 67 f4 90 b4 96 65 59 b6 22 92 f8 07 88 01 24 00 cc 68 d8 01 68 02 8b 2a 00 e5 82 bf 71 9c 56 d8 2f 00 32 4f 3f fa 1b bb 44 4e 00 0a 00 4f 9e bd 03 50 83 61 9c 56 70 48 b2 22 19 93 84 93 46 f8 73 cf 17 8c f9 10 a8 d6 6f 70 70 d5 8b 03 bc 0a c0 67 28 d8 4e b1 7d 09 bd 5d e0 bc 08 7b 0a a0 06 90 cf ec 57 c0 1e 40 62 80 bd e6 0c e3 b5 2a 55 84 22 73 9c 98 64 ad f8 f3 99 ab 6c 85 ad 27 79 14 7b 95 24 fb bf 26 36 8a 11 fe 5a 49 ec 4d
                              Data Ascii: PNGIHDR&zsBIT|dlIDATHUq0\2L tA#\*]W%Ptl6\xdgeY"$hh*qV/2O?DNOPaVpH"Fsoppg(N}]{W@b*U"sdl'y{$&6ZIM


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              17192.168.2.64972591.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:14 UTC612OUTGET /login/css/login-arrow-icon.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              sec-ch-ua-platform: "Windows"
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"
                              sec-ch-ua-mobile: ?0
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://arvest.click/login/
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:14 UTC300INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:14 GMT
                              Content-Type: image/png
                              Content-Length: 271
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              ETag: "67b3818d-10f"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:14 UTC271INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0f 00 00 00 0a 08 06 00 00 00 6b 1b 04 f9 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 00 b1 49 44 41 54 78 da 8c 90 31 0e 82 40 10 45 27 98 58 d8 58 79 14 43 8f b5 16 96 7a 01 3d 11 a5 16 72 01 0e 40 cf 0d b8 83 95 31 b1 20 98 f1 4f f8 2b 23 c1 c0 4b 5e d8 d9 fd 9f 25 88 aa 46 f0 06 cf 50 26 78 62 7e 66 43 aa 2d 6f 78 1c 29 1e 98 33 d2 48 3a 6c 7d 81 3b 19 66 0b af cc b5 d8 f5 30 d3 8e 17 4c 7a 37 26 dc 0f 64 e1 b3 cd 39 cc dd e1 03 c6 3c 8b 39 07 72 e6 c5 bf 7d 01 0b 17 ba c3 3d 9f 81 82 39 e9 97 cd 25 2c 5d b8 71 eb 92 e7 f2 af 6c ae 60 a5 bf 54 dc 97 b1 b2 b9 86 35 8b 35 67 99 5a 36 37 f0 39 f0 e7 bf 7e 04 18 00 bf d5 c4 d4
                              Data Ascii: PNGIHDRktEXtSoftwareAdobe ImageReadyqe<IDATx1@E'XXyCz=r@1 O+#K^%FP&xb~fC-ox)3H:l};f0Lz7&d9<9r}=9%,]ql`T55gZ679~


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              18192.168.2.64972691.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:14 UTC444OUTGET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_Mortgage.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Sec-Fetch-Storage-Access: active
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:15 UTC303INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:14 GMT
                              Content-Type: image/png
                              Content-Length: 53802
                              Last-Modified: Mon, 17 Feb 2025 18:35:56 GMT
                              Connection: close
                              ETag: "67b3818c-d22a"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:15 UTC16081INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d9 00 00 00 ea 08 06 00 00 00 2f 50 e0 75 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 20 00 49 44 41 54 78 9c cc bd 59 b0 25 c9 79 df f7 cb cc 5a ce 7e f7 a5 f7 6d a6 67 a6 67 1f 00 43 02 04 86 94 08 90 32 2d 2e a2 18 52 c8 5a 1c 61 d2 bb 14 61 2b fc e0 b0 5f f4 e0 17 3f c9 0f 0e c9 56 48 a6 2c d3 a2 49 8a 94 2c 8a a4 68 98 a4 20 12 00 81 19 0c 66 ef e9 9e de f7 bb 9e 7b cf 56 a7 96 cc f4 43 56 d5 a9 73 ee bd 3d 0d 1a 0c 3b 23 6e 9f d3 75 aa b2 b2 32 bf f5 ff 7d f9 95 b8 fe de 1f 5a a1 3c 94 5f c7 5a 8b 10 12 63 2d d6 68 ac 05 b0 18 63 b0 d6 a2 fc 90 5a 67 91 e1 de 36 51 bf 8b 0a 42 e6 57 cf b2 bc b4 8c 05 3e fc e4 26 a7 8e af 33 df 6a 00 60 8c 21 d1 86 d0 53 0c a2 88 46 18
                              Data Ascii: PNGIHDR/PupHYs~ IDATxY%yZ~mggC2-.RZaa+_?VH,I,h f{VCVs=;#nu2}Z<_Zc-hcZg6QBW>&3j`!SF
                              2025-03-20 12:40:15 UTC16384INData Raw: 94 8c 8f f6 50 27 b7 40 e5 ae 86 ae 40 15 d7 ec 9f 2b 15 ea 9f 37 73 82 ab cc 80 8d ba 41 cd cc e5 56 90 86 fd 79 1b 29 2d 70 52 89 30 55 00 8e e3 21 1a 0b ae 8c 93 6c 6e 30 da 0a ff 18 83 93 1c c4 45 31 7b 82 85 db f4 6a a8 7a 7b a2 46 43 2b 4a 4f 05 8c d4 bb dd dc 3b dd dd 3d e2 4f 7f f0 09 69 aa b8 b0 b9 c6 64 34 20 2f 73 de bb 77 87 1f 7d 7c 87 07 87 e7 1c f5 27 bc 7f 67 9f 7c f1 3a 97 5f 7a 93 1c c5 a5 b5 25 1a 26 a1 bd 7d 9d a9 ec b2 77 ef 36 57 6e be 42 a7 bb 50 9f e7 e9 74 44 91 a5 f8 41 4c 1c 37 28 cb c2 f5 c9 e6 53 f1 2a 2a d5 97 f3 73 d1 68 0e d6 ad 2f f0 5c dd 50 3f ed 2f 48 0d 3f 5f 77 e5 69 c2 e0 e4 98 d1 f9 39 e3 f3 3e 65 96 d8 99 34 03 46 48 fc 76 9b f5 4b 97 58 5a 5f 23 32 09 14 e7 48 12 02 df 67 d8 4f d0 65 8b 22 4b e9 9f 3f c2 94 ab a8
                              Data Ascii: P'@@+7sAVy)-pR0U!ln0E1{jz{FC+JO;=Oid4 /sw}|'g|:_z%&}w6WnBPtDAL7(S**sh/\P?/H?_wi9>e4FHvKXZ_#2HgOe"K?
                              2025-03-20 12:40:15 UTC16384INData Raw: 26 2b 14 86 92 ca 18 54 e0 71 f7 fc 2d 1e 1d 9f 73 ef f0 9c 4a 79 f6 3e 11 3e 7e 10 5a 1d 4b e9 bb 2c 19 d0 5d d9 24 9b 1c f1 d2 b3 37 88 23 9f 9d cb 5b 0e a2 b0 33 c3 86 84 66 0f ae c6 bf da ad bf 34 c3 71 37 ea f2 97 29 ab 89 c3 a5 fc c0 c5 af 72 21 b1 5d dc 98 16 62 a9 bb 9e a6 73 1e be 7b 87 f1 ac e6 17 3f f3 39 aa 62 86 0c 63 ae dd 7c 9a f1 f9 01 a6 56 04 a1 4f 55 e6 14 45 46 43 4e 96 d2 a7 2c 0b c2 30 e6 f5 37 df 24 8a 02 56 86 03 8c d6 1c 1f 9f e2 49 9f ba ae 88 a3 88 77 de 7b 84 31 da 0d 7c c1 53 25 79 56 a1 90 98 2c 25 10 56 af 70 3a 9f 23 3d 8f 76 2b 66 9e 97 28 5d 23 bd c0 3a 7b 56 9a 7e bf cb e9 d9 39 3b 3b db 3c 7c f4 88 2c 7d 87 dd eb d7 e9 ee ee 52 66 29 d9 2c 25 49 5a c4 49 42 55 3a de 9a 63 86 0b 4f 22 fd 90 e9 3c e3 e4 c4 5a 11 49 4f e2
                              Data Ascii: &+Tq-sJy>>~ZK,]$7#[3f4q7)r!]bs{?9bc|VOUEFCN,07$VIw{1|S%yV,%Vp:#=v+f(]#:{V~9;;<|,}Rf),%IZIBU:cO"<ZIO
                              2025-03-20 12:40:15 UTC4953INData Raw: d7 2d b4 3a 86 23 51 74 75 5f 44 60 20 84 da aa 4a 00 c0 8e 5d 07 50 5b 5d 89 93 87 f6 e4 fd 5d 20 38 88 c0 40 08 c0 c2 a8 e7 5c 52 30 21 db b1 eb 00 8e 1c 3f 9d f5 b9 df e7 c5 be 7f d8 86 a6 c6 7a f4 f4 f5 a3 79 db 6e 00 c0 48 ef a7 85 7a f4 63 e1 dc c5 5e 4d 80 88 10 35 d4 d5 e0 c8 f1 33 08 0c 84 e0 af f0 a2 b5 65 03 00 2c a8 3a 86 23 51 34 6f db ad 0f 0a 1e b7 0b b5 d5 95 08 47 a2 38 77 b1 17 3d 7d fd a8 ad ae cc f9 db 23 bf 3e 8d 8e 03 47 01 cc ff 7a ce 35 05 11 b2 8e ce a3 39 05 0c 00 02 c1 10 de fe e9 21 34 35 d6 17 e2 51 73 46 d3 a6 7a 9c bb d0 0b 4f b1 4b 1f b9 8f 1c 3f 8d 73 17 7b d1 50 57 a3 0b d9 42 e2 c8 f1 33 ba 80 b5 6d 6d 82 df e7 85 bf 82 1c 67 54 5b 5d 99 57 c0 18 33 a3 20 42 76 e4 f8 19 00 64 24 3c 7b 6c 3f fc be 72 84 23 51 1c 3c dc 85
                              Data Ascii: -:#Qtu_D` J]P[]] 8@\R0!?zynHzc^M53e,:#Q4oG8w=}#>Gz59!45QsFzOK?s{PWB3mmgT[]W3 Bvd$<{l?r#Q<


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              19192.168.2.64972791.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:15 UTC406OUTGET /login/css/login-arrow-icon.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Sec-Fetch-Storage-Access: active
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:15 UTC300INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:15 GMT
                              Content-Type: image/png
                              Content-Length: 271
                              Last-Modified: Mon, 17 Feb 2025 18:35:57 GMT
                              Connection: close
                              ETag: "67b3818d-10f"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:15 UTC271INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0f 00 00 00 0a 08 06 00 00 00 6b 1b 04 f9 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 00 b1 49 44 41 54 78 da 8c 90 31 0e 82 40 10 45 27 98 58 d8 58 79 14 43 8f b5 16 96 7a 01 3d 11 a5 16 72 01 0e 40 cf 0d b8 83 95 31 b1 20 98 f1 4f f8 2b 23 c1 c0 4b 5e d8 d9 fd 9f 25 88 aa 46 f0 06 cf 50 26 78 62 7e 66 43 aa 2d 6f 78 1c 29 1e 98 33 d2 48 3a 6c 7d 81 3b 19 66 0b af cc b5 d8 f5 30 d3 8e 17 4c 7a 37 26 dc 0f 64 e1 b3 cd 39 cc dd e1 03 c6 3c 8b 39 07 72 e6 c5 bf 7d 01 0b 17 ba c3 3d 9f 81 82 39 e9 97 cd 25 2c 5d b8 71 eb 92 e7 f2 af 6c ae 60 a5 bf 54 dc 97 b1 b2 b9 86 35 8b 35 67 99 5a 36 37 f0 39 f0 e7 bf 7e 04 18 00 bf d5 c4 d4
                              Data Ascii: PNGIHDRktEXtSoftwareAdobe ImageReadyqe<IDATx1@E'XXyCz=r@1 O+#K^%FP&xb~fC-ox)3H:l};f0Lz7&d9<9r}=9%,]ql`T55gZ679~


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              20192.168.2.64972891.212.166.1194432588C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2025-03-20 12:40:15 UTC447OUTGET /login/css/24WEB057%20Dec%20TP%20Ads%20for%20Web_MainNav_NewYearPlan.png HTTP/1.1
                              Host: arvest.click
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                              Accept: */*
                              Sec-Fetch-Site: none
                              Sec-Fetch-Mode: cors
                              Sec-Fetch-Dest: empty
                              Sec-Fetch-Storage-Access: active
                              Accept-Encoding: gzip, deflate, br, zstd
                              Accept-Language: en-US,en;q=0.9
                              2025-03-20 12:40:15 UTC303INHTTP/1.1 200 OK
                              Server: nginx
                              Date: Thu, 20 Mar 2025 12:40:15 GMT
                              Content-Type: image/png
                              Content-Length: 55947
                              Last-Modified: Mon, 17 Feb 2025 18:35:56 GMT
                              Connection: close
                              ETag: "67b3818c-da8b"
                              Expires: Thu, 31 Dec 2037 23:55:55 GMT
                              Cache-Control: max-age=315360000
                              Accept-Ranges: bytes
                              2025-03-20 12:40:15 UTC16081INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 d9 00 00 00 ea 08 06 00 00 00 2f 50 e0 75 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 20 00 49 44 41 54 78 9c 74 bd f9 8f 25 59 76 df f7 39 f7 de 88 78 ef e5 9e 95 55 bd 54 f7 f4 36 3d 9c e6 cc f4 68 38 dc 34 14 c9 11 05 5a 96 69 09 12 0c c8 32 6d d8 b0 65 0b 32 0c d8 12 60 ff 68 03 36 60 d8 fe 0f 0c 43 80 24 d8 80 65 cb 02 24 8a 96 45 51 24 b5 91 23 52 1a ce 3e 3d d3 33 bd d6 5e 59 95 cb cb b7 c4 72 17 ff 70 97 88 ec 26 b3 50 99 2f 5f be 17 2f e2 dc b3 7c cf f7 9c 7b 42 b6 db 75 00 40 80 00 e0 81 40 f0 01 41 e2 f3 02 22 8a 80 a0 44 11 88 7f 13 51 40 c0 7b 8f b5 03 7d d7 e2 fa 8e 61 bb e2 e2 f1 03 1e bc fd 1d 2e 1e 3f a0 db 6e e9 ac 65 b5 da b0 e9 2c a2 0c 8e 40 5d 19 76 76
                              Data Ascii: PNGIHDR/PupHYs~ IDATxt%Yv9xUT6=h84Zi2me2`h6`C$e$EQ$#R>=3^Yrp&P/_/|{Bu@@A"DQ@{}a.?ne,@]vv
                              2025-03-20 12:40:15 UTC16384INData Raw: 79 ea 26 fb 37 6f f2 f8 87 bf 8d 90 03 ce 0e 9f 70 72 78 8c d4 39 45 21 30 c6 f0 e8 d1 13 c6 d3 31 3b 57 6f 10 32 8d cc 4a 32 99 51 cc f6 08 c0 fc d1 2d fe e4 fd 0f c8 84 e7 5b 5f bc ca bf fa f0 11 e7 eb 25 8c a7 8c 87 43 be f9 d6 9b 34 ab 25 a3 f1 70 6b 93 b7 8d cd a5 d7 e1 5d e0 6b 97 f9 7b 5c ba d1 ff 8d 9b fd 12 fa b6 ad 8a 97 4c 52 07 bb 57 31 76 13 7f 3d 53 9c 1f 7f ca fd 87 b7 30 8d 65 3c 28 19 4d 4a 28 20 68 83 6f 2b d0 01 53 5b 42 88 f3 b3 d4 1a 3d 98 30 3f 3b 67 30 ec 28 77 af a2 91 e8 d1 94 ce 34 9f 03 04 03 81 22 cf c9 77 0e d2 2f 0b 8c 69 2f 81 a6 82 e9 f4 20 be d1 6d ab dc 7f 3f 97 90 c3 f4 fe 03 3d ff f5 e2 f9 bb f4 b5 a2 03 92 ce 3a 6a 03 a7 eb 8e e5 a6 a1 ee 62 82 a5 35 06 6b 0d 84 48 11 89 a5 35 c3 6b 8b b3 06 e5 33 a2 a1 5c d4 ce 68 dd
                              Data Ascii: y&7oprx9E!01;Wo2J2Q-[_%C4%pk]k{\LRW1v=S0e<(MJ( ho+S[B=0?;g0(w4"w/i/ m?=:jb5kH5k3\h
                              2025-03-20 12:40:16 UTC16384INData Raw: ca 32 d9 0d a2 28 47 69 aa 79 c5 ec e8 88 db 0f ee 33 5f ae b8 be db 33 b8 25 57 ad c7 66 05 6f 3d b8 c9 ab 37 66 b8 76 c3 2b a7 15 7f f7 6b 0f d9 f5 8e cb cb 0e a3 35 fd 30 90 25 9a 96 d6 46 1c a0 b5 58 b5 b7 29 64 31 22 0b e6 cc 4b 75 1f 82 c7 22 ec f8 5e 69 56 47 47 1c 1d ad b8 76 ed 1a 75 5d 51 96 d5 b4 63 73 2e d2 ee c5 58 d4 3b 91 e2 68 9b 25 db 40 e9 9a 46 76 cd c8 59 1d 85 a6 43 27 06 4f bd 3b 98 dc 78 e7 a4 1b 8a 51 aa 52 92 76 85 41 fe 5c 4c 6c 23 a3 35 d1 f9 69 c6 aa e7 75 da bd 7a da a6 61 f0 03 b1 ac e9 87 01 36 5b e6 8b 85 7c 3f 13 98 95 0b ac b5 cc 17 4b ac 54 9e 98 d0 42 39 00 e3 2e c1 24 ad 92 52 f2 eb a2 ae 99 af 96 cc 97 35 36 b3 78 e7 69 f7 2d db cb 35 cd 66 43 50 0a a3 ed a4 08 8d 90 c2 e4 fc d4 26 32 42 ec 7a 3c 54 29 fb 8a f1 b7 a4
                              Data Ascii: 2(Giy3_3%Wfo=7fv+k50%FX)d1"Ku"^iVGGvu]Qcs.X;h%@FvYC'O;xQRvA\Ll#5iuza6[|?KTB9.$R56xi-5fCP&2Bz<T)
                              2025-03-20 12:40:16 UTC7098INData Raw: 75 c5 e9 43 66 f5 5a 21 75 91 fd cd ac e0 7c 8a a2 32 63 88 c6 ef 2d 50 bc 4e 21 ac e6 0e ad a8 b6 33 43 4d 15 e7 64 73 b1 7d 8b 1f db b7 f8 31 91 99 c2 bf fe f1 06 86 df bf 81 7f fd 60 14 57 6f dc 64 17 18 6c d1 b0 78 58 04 2d 42 17 40 27 71 b2 88 56 2c f4 81 aa b1 d0 08 16 7e ae 15 6d 8b 81 aa 00 e2 94 4f 03 85 3c d3 e3 73 f9 1c 73 2f d1 0b a8 cb 66 91 2b 70 f5 46 05 14 85 ed 20 b0 da 9d c8 4f e5 a0 69 2a 1c 2e 2f dc 2e 0d 0d be b5 68 bc 79 05 8d eb dd 78 e4 c6 08 1e bb 37 89 eb 77 f3 f8 f3 d8 7d dc b8 57 c0 e4 54 5e ec 4b d4 2c 2c 6a 91 50 19 b9 01 84 26 e2 ac de 75 58 2d 0a 1e 5d dd 80 f5 5f 6a 42 cb 9a 46 78 1b dc 70 3a 6c b0 59 c8 a4 cd 3a 05 7b 36 0f c5 b8 8f f1 7b 77 f0 c9 ed 4f 90 cf de 87 81 3c 54 15 b0 db 6c b0 58 2d dc 03 bc 38 07 a1 75 25 26
                              Data Ascii: uCfZ!u|2c-PN!3CMds}1`WodlxX-B@'qV,~mO<ss/f+pF Oi*./.hyx7w}WT^K,,jP&uX-]_jBFxp:lY:{6{wO<TlX-8u%&


                              020406080s020406080100

                              Click to jump to process

                              020406080s0.0050100MB

                              Click to jump to process

                              Target ID:1
                              Start time:08:39:54
                              Start date:20/03/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                              Imagebase:0x7ff63b000000
                              File size:3'388'000 bytes
                              MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              Target ID:4
                              Start time:08:40:01
                              Start date:20/03/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2056,i,2299731630484019641,637105831372448406,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2088 /prefetch:3
                              Imagebase:0x7ff63b000000
                              File size:3'388'000 bytes
                              MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              Target ID:11
                              Start time:08:40:07
                              Start date:20/03/2025
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://ynlyce.com"
                              Imagebase:0x7ff63b000000
                              File size:3'388'000 bytes
                              MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              No disassembly