Play interactive tour

Edit tour

Analysis Report http://eiubp.ru

Overview

General Information

Sample URL:	http://eiubp.ru
Analysis ID:	423704
Infos:
Most interesting Screenshot:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

No high impact signatures.

Classification

Process Tree

System is w10x64

iexplore.exe (PID: 3548 cmdline: 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding MD5: 6465CB92B25A7BC1DF8E01D8AC5E7596)

iexplore.exe (PID: 4400 cmdline: 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3548 CREDAT:17410 /prefetch:2 MD5: 071277CC2E3DF41EEEA8013E2AB58D5A)

cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Source: unknown	HTTPS traffic detected: 87.250.251.119:443 -> 192.168.2.6:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.250.251.119:443 -> 192.168.2.6:49725 version: TLS 1.2

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /assets/css/style.css HTTP/1.1Accept: text/css, /Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /js/jquery-1.12.3.min.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/css/bvi.min.css HTTP/1.1Accept: text/css, /Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/visio.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/gerb.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/tlf.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/js/unslider-min.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/js/vkladki.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/js/responsivevoice.min.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/js/bvi-init-panel.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/js/bvi.min.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/js/js.cookie.js HTTP/1.1Accept: application/javascript, /;q=0.8Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/fon1.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/inst-coron.5d9bda69baeaff49f4ea93e898a86ffd.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/new-12-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/new-11-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/new-09-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/new-20-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/new-19-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/new-13-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/new-07-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/new-01-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/components/phpthumbof/cache/%D0%B2%D0%BD%D0%B8%D0%BC%D0%B0%D0%BD%D0%B8%D0%B5.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/%D0%BC%D1%8B%20%D0%BF%D0%BE%D0%BC%D0%BD%D0%B8%D0%BC.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/YoS_logo2.png HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/licen.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/svid-akkred.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/svid-akkred-mag.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/%D0%A1%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D1%8B%20%D0%A4%D0%AD%D0%9F%D0%9E%20-%202019_2_149_%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0_1.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/b-top.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/str1.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /assets/images/str.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Accept: /Accept-Encoding: gzip, deflateUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/ HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/common HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /assets/css/style-spec.css HTTP/1.1Accept: text/css, /Referer: http://eiubp.ru/sveden/commonAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/struct HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /assets/images/document.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/sveden/structAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /assets/images/pep1.jpg HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/sveden/structAccept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/document/ HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/education/ HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /assets/images/pdf.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/sveden/education/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /assets/images/icon-document.gif HTTP/1.1Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5Referer: http://eiubp.ru/sveden/education/Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/eduStandarts/ HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/employees/ HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/objects/ HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/grants/ HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
Source: global traffic	HTTP traffic detected: GET /sveden/paid_edu/ HTTP/1.1Accept: text/html, application/xhtml+xml, image/jxr, /Accept-Language: en-USUser-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like GeckoAccept-Encoding: gzip, deflateHost: eiubp.ruConnection: Keep-AliveCookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w

Source: unknown

DNS traffic detected: queries for: eiubp.ru

Source: tag[1].js0.2.dr	String found in binary or memory: http://127.0.0.1
Source: 5G49DE11.htm.2.dr	String found in binary or memory: http://ATK26.RU
Source: bvi.min[1].js.2.dr	String found in binary or memory: http://bvi.isvek.ru/
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/B
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/Root
Source: imagestore.dat.2.dr	String found in binary or memory: http://eiubp.ru/favicon.ico
Source: imagestore.dat.2.dr	String found in binary or memory: http://eiubp.ru/favicon.ico~
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveRoot
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/common
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/common"
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/common8
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/d
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr, ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/document/
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/document/"
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/document/(
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr, ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/eduStandarts/
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/eduStandarts/"
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/eduStandarts/H
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr, ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/education/
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/education/"
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/employees/
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/employees/"
Source: ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/employees/s/
Source: ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/employees/s/G
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/grants/
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/grants/"
Source: ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/grants//s/
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/grants/b
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/objects/
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/objects/"
Source: ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/objects//s/
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/paid_edu/
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/paid_edu/"
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/sveden/paid_edu/R
Source: ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/paid_edu/s/
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr, ~DFDE73A641DB18BC00.TMP.1.dr	String found in binary or memory: http://eiubp.ru/sveden/struct
Source: eiubp[1].xml.2.dr	String found in binary or memory: http://eiubp.ru/sveden/struct"
Source: {2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	String found in binary or memory: http://eiubp.ru/svedenB
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/2002/?f=%2Fuploadfiles%2FFGOS
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/2027/?f=%2Fuploadfiles%2FFGOS
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/2035/?f=%2Fuploadfiles%2FFGOS
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/2040/?f=%2Fuploadfiles%2FFGOS
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/2098/?f=%2Fuploadfiles%2FFGOS
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/231/?f=%2Fuploadfiles%2Ffgosvoaspism%2F400601.pdf
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/386/?f=%2Fuploadfiles%2Ffgosvom%2F380401_M_18062018.pdf
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/498/?f=%2Fuploadfiles%2Ffgosvob%2F380301.pdf
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/545/?f=%2Fuploadfiles%2Ffgosvob%2F380302_B_15062018.pdf
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/84/?f=%2Fuploadfiles%2Ffgosvoaspism%2F380601.pdf
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvo/downloads/891/?f=%2Fuploadfiles%2Ffgosvob%2F400301_B_15062018.pdf
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/fgosvpo/downloads/147/?f=uploadfiles%2Ffgos%2F32%2F20110318162458.pdf
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: http://fgosvo.ru/uploadfiles/FGOS%20VO%203
Source: 5G49DE11.htm.2.dr	String found in binary or memory: http://scienceport.ru
Source: eduStandarts[1].htm.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff)
Source: css[1].css.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7Cw.woff)
Source: js.cookie[1].js.2.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: tag[1].js0.2.dr	String found in binary or memory: https://mc.yandex.
Source: tag[1].js0.2.dr	String found in binary or memory: https://mc.yandex.md/cc
Source: 5G49DE11.htm.2.dr	String found in binary or memory: https://minobrnauki.gov.ru/
Source: 5G49DE11.htm.2.dr	String found in binary or memory: https://minobrnauki.gov.ru/god-nauki/
Source: 5G49DE11.htm.2.dr	String found in binary or memory: https://ncpti.su/
Source: tag[1].js0.2.dr	String found in binary or memory: https://yandexmetrica.com
Source: tag[1].js0.2.dr	String found in binary or memory: https://yastatic.net/s3/gdpr/popup/v2/
Source: tag[1].js0.2.dr	String found in binary or memory: https://ymetrica1.com/watch/3/1

Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724

Source: unknown	HTTPS traffic detected: 87.250.251.119:443 -> 192.168.2.6:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 87.250.251.119:443 -> 192.168.2.6:49725 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@3/67@2/2

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2A93EA3C-BD7E-11EB-90E5-ECF4BB2D2496}.dat

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File created: C:\Users\user\AppData\Local\Temp\~DFB31EA4ECC0EDC484.TMP

Jump to behavior

Source: C:\Program Files\internet explorer\iexplore.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: unknown	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3548 CREDAT:17410 /prefetch:2
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3548 CREDAT:17410 /prefetch:2

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation	Path Interception	Process Injection1	Masquerading1	OS Credential Dumping	File and Directory Discovery1	Remote Services	Data from Local System	Exfiltration Over Other Network Medium	Encrypted Channel2	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Process Injection1	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	Exfiltration Over Bluetooth	Non-Application Layer Protocol2	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Application Layer Protocol3	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	Ingress Tool Transfer1	SIM Card Swap		Carrier Billing Fraud

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://eiubp.ru	0%	Virustotal		Browse
http://eiubp.ru	0%	Avira URL Cloud	safe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
eiubp.ru	0%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label
http://eiubp.ru/favicon.ico~	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/js/responsivevoice.min.js	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/svid-akkred-mag.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/Root	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/%D0%BC%D1%8B%20%D0%BF%D0%BE%D0%BC%D0%BD%D0%B8%D0%BC.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/inst-coron.5d9bda69baeaff49f4ea93e898a86ffd.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/eduStandarts/"	0%	Avira URL Cloud	safe
https://mc.yandex.	0%	URL Reputation	safe
https://mc.yandex.	0%	URL Reputation	safe
https://mc.yandex.	0%	URL Reputation	safe
http://eiubp.ru/assets/images/%D0%A1%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D1%8B%20%D0%A4%D0%AD%D0%9F%D0%9E%20-%202019_2_149_%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0_1.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/new-09-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/css/bvi.min.css	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/licen.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/str1.gif	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/YoS_logo2.png	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/eduStandarts/H	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/visio.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/js/unslider-min.js	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/js/vkladki.js	0%	Avira URL Cloud	safe
https://mc.yandex.md/cc	0%	URL Reputation	safe
https://mc.yandex.md/cc	0%	URL Reputation	safe
https://mc.yandex.md/cc	0%	URL Reputation	safe
http://eiubp.ru/assets/images/svid-akkred.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/tlf.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/document/(	0%	Avira URL Cloud	safe
http://eiubp.ru/svedenB	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/new-13-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/favicon.ico	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/grants//s/	0%	Avira URL Cloud	safe
http://127.0.0.1	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/struct"	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/%D0%B2%D0%BD%D0%B8%D0%BC%D0%B0%D0%BD%D0%B8%D0%B5.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/pep1.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/common8	0%	Avira URL Cloud	safe
https://ncpti.su/	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/b-top.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/employees/s/G	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/paid_edu/"	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/new-01-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/str.gif	0%	Avira URL Cloud	safe
http://bvi.isvek.ru/	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/new-12-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	0%	Avira URL Cloud	safe
http://scienceport.ru	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/js/js.cookie.js	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/new-20-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/objects/"	0%	Avira URL Cloud	safe
http://eiubp.ru/js/jquery-1.12.3.min.js	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/grants/b	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/education/"	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/css/style-spec.css	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/js/bvi.min.js	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/gerb.gif	0%	Avira URL Cloud	safe
http://eiubp.ru/sveRoot	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/new-11-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/paid_edu/s/	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/d	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/grants/"	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/employees/s/	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/document/"	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/paid_edu/R	0%	Avira URL Cloud	safe
http://eiubp.ru/sveden/objects//s/	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/images/icon-document.gif	0%	Avira URL Cloud	safe
https://ymetrica1.com/watch/3/1	0%	URL Reputation	safe
https://ymetrica1.com/watch/3/1	0%	URL Reputation	safe
https://ymetrica1.com/watch/3/1	0%	URL Reputation	safe
http://eiubp.ru/assets/css/style.css	0%	Avira URL Cloud	safe
https://yandexmetrica.com	0%	URL Reputation	safe
https://yandexmetrica.com	0%	URL Reputation	safe
https://yandexmetrica.com	0%	URL Reputation	safe
http://ATK26.RU	0%	Avira URL Cloud	safe
http://eiubp.ru/assets/components/phpthumbof/cache/new-19-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
mc.yandex.ru	87.250.251.119	true	false		high
eiubp.ru	77.222.40.109	true	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://eiubp.ru/assets/js/responsivevoice.min.js	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/images/svid-akkred-mag.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/grants/	false		unknown
http://eiubp.ru/assets/images/%D0%BC%D1%8B%20%D0%BF%D0%BE%D0%BC%D0%BD%D0%B8%D0%BC.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/components/phpthumbof/cache/inst-coron.5d9bda69baeaff49f4ea93e898a86ffd.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/paid_edu/	false		unknown
http://eiubp.ru/assets/images/%D0%A1%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D1%8B%20%D0%A4%D0%AD%D0%9F%D0%9E%20-%202019_2_149_%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0_1.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/document/	false		unknown
http://eiubp.ru/assets/components/phpthumbof/cache/new-09-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/	false		unknown
http://eiubp.ru/assets/css/bvi.min.css	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/images/licen.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/images/str1.gif	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/images/YoS_logo2.png	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/paid_edu/	false		unknown
http://eiubp.ru/sveden/education/	false		unknown
http://eiubp.ru/assets/images/visio.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/js/unslider-min.js	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/js/vkladki.js	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/document/	false		unknown
http://eiubp.ru/sveden/	false		unknown
http://eiubp.ru/assets/images/svid-akkred.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/images/tlf.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/components/phpthumbof/cache/new-13-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/favicon.ico	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/objects/	false		unknown
http://eiubp.ru/sveden/common	false		unknown
http://eiubp.ru/assets/components/phpthumbof/cache/%D0%B2%D0%BD%D0%B8%D0%BC%D0%B0%D0%BD%D0%B8%D0%B5.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/images/pep1.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/images/b-top.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/employees/	false		unknown
http://eiubp.ru/sveden/eduStandarts/	false		unknown
http://eiubp.ru/sveden/	false		unknown
http://eiubp.ru/assets/components/phpthumbof/cache/new-01-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/objects/	false		unknown
http://eiubp.ru/assets/images/str.gif	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/eduStandarts/	false		unknown
http://eiubp.ru/assets/components/phpthumbof/cache/new-12-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/js/js.cookie.js	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/components/phpthumbof/cache/new-20-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/js/jquery-1.12.3.min.js	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/css/style-spec.css	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/js/bvi.min.js	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/images/gerb.gif	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/common	false		unknown
http://eiubp.ru/assets/components/phpthumbof/cache/new-11-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/struct	false		unknown
http://eiubp.ru/sveden/employees/	false		unknown
http://eiubp.ru/sveden/struct	false		unknown
http://eiubp.ru/	false		unknown
http://eiubp.ru/sveden/grants/	false		unknown
http://eiubp.ru/assets/images/icon-document.gif	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/css/style.css	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/assets/components/phpthumbof/cache/new-19-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://eiubp.ru/favicon.ico~	imagestore.dat.2.dr	false	Avira URL Cloud: safe	unknown
http://fgosvo.ru/fgosvo/downloads/84/?f=%2Fuploadfiles%2Ffgosvoaspism%2F380601.pdf	eduStandarts[1].htm.2.dr	false		high
http://eiubp.ru/Root	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://fgosvo.ru/fgosvo/downloads/2002/?f=%2Fuploadfiles%2FFGOS	eduStandarts[1].htm.2.dr	false		high
http://eiubp.ru/sveden/eduStandarts/"	eiubp[1].xml.2.dr	false	Avira URL Cloud: safe	unknown
https://mc.yandex.	tag[1].js0.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://fgosvo.ru/fgosvo/downloads/498/?f=%2Fuploadfiles%2Ffgosvob%2F380301.pdf	eduStandarts[1].htm.2.dr	false		high
http://fgosvo.ru/fgosvo/downloads/2035/?f=%2Fuploadfiles%2FFGOS	eduStandarts[1].htm.2.dr	false		high
http://eiubp.ru/sveden/eduStandarts/H	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://minobrnauki.gov.ru/	5G49DE11.htm.2.dr	false		high
http://fgosvo.ru/fgosvo/downloads/231/?f=%2Fuploadfiles%2Ffgosvoaspism%2F400601.pdf	eduStandarts[1].htm.2.dr	false		high
https://mc.yandex.md/cc	tag[1].js0.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://eiubp.ru/sveden/document/(	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/svedenB	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://fgosvo.ru/fgosvo/downloads/2027/?f=%2Fuploadfiles%2FFGOS	eduStandarts[1].htm.2.dr	false		high
http://eiubp.ru/sveden	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/grants//s/	~DFDE73A641DB18BC00.TMP.1.dr	false	Avira URL Cloud: safe	unknown
http://127.0.0.1	tag[1].js0.2.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/struct"	eiubp[1].xml.2.dr	false	Avira URL Cloud: safe	unknown
http://fgosvo.ru/fgosvo/downloads/545/?f=%2Fuploadfiles%2Ffgosvob%2F380302_B_15062018.pdf	eduStandarts[1].htm.2.dr	false		high
http://eiubp.ru/sveden/common8	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
https://ncpti.su/	5G49DE11.htm.2.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/employees/s/G	~DFDE73A641DB18BC00.TMP.1.dr	false	Avira URL Cloud: safe	unknown
https://github.com/js-cookie/js-cookie	js.cookie[1].js.2.dr	false		high
http://eiubp.ru/sveden/paid_edu/"	eiubp[1].xml.2.dr	false	Avira URL Cloud: safe	unknown
https://minobrnauki.gov.ru/god-nauki/	5G49DE11.htm.2.dr	false		high
http://bvi.isvek.ru/	bvi.min[1].js.2.dr	false	Avira URL Cloud: safe	unknown
http://fgosvo.ru/fgosvo/downloads/2098/?f=%2Fuploadfiles%2FFGOS	eduStandarts[1].htm.2.dr	false		high
http://scienceport.ru	5G49DE11.htm.2.dr	false	Avira URL Cloud: safe	unknown
https://yastatic.net/s3/gdpr/popup/v2/	tag[1].js0.2.dr	false		high
http://eiubp.ru/sveden/objects/"	eiubp[1].xml.2.dr	false	Avira URL Cloud: safe	unknown
http://fgosvo.ru/fgosvo/downloads/891/?f=%2Fuploadfiles%2Ffgosvob%2F400301_B_15062018.pdf	eduStandarts[1].htm.2.dr	false		high
http://eiubp.ru/sveden/grants/b	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/education/"	eiubp[1].xml.2.dr	false	Avira URL Cloud: safe	unknown
http://fgosvo.ru/fgosvo/downloads/386/?f=%2Fuploadfiles%2Ffgosvom%2F380401_M_18062018.pdf	eduStandarts[1].htm.2.dr	false		high
http://eiubp.ru/sveRoot	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/paid_edu/s/	~DFDE73A641DB18BC00.TMP.1.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/d	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/grants/"	eiubp[1].xml.2.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/employees/s/	~DFDE73A641DB18BC00.TMP.1.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/document/"	eiubp[1].xml.2.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/paid_edu/R	{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat.1.dr	false	Avira URL Cloud: safe	unknown
http://eiubp.ru/sveden/objects//s/	~DFDE73A641DB18BC00.TMP.1.dr	false	Avira URL Cloud: safe	unknown
https://ymetrica1.com/watch/3/1	tag[1].js0.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
https://yandexmetrica.com	tag[1].js0.2.dr	false	URL Reputation: safe URL Reputation: safe URL Reputation: safe	unknown
http://ATK26.RU	5G49DE11.htm.2.dr	false	Avira URL Cloud: safe	unknown

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
87.250.251.119	mc.yandex.ru	Russian Federation		13238	YANDEXRU	false
77.222.40.109	eiubp.ru	Russian Federation		44112	SWEB-ASRU	false

General Information

Joe Sandbox Version:	32.0.0 Black Diamond
Analysis ID:	423704
Start date:	25.05.2021
Start time:	10:24:23
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 5m 52s
Hypervisor based Inspection enabled:	false
Report type:	light
Cookbook file name:	browseurl.jbs
Sample URL:	http://eiubp.ru
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@3/67@2/2
Cookbook Comments:	Adjust boot time Enable AMSI Browsing link: http://eiubp.ru/ Browsing link: http://eiubp.ru/sveden/ Browsing link: http://eiubp.ru/sveden/common Browsing link: http://eiubp.ru/sveden/struct Browsing link: http://eiubp.ru/sveden/document/ Browsing link: http://eiubp.ru/sveden/education/ Browsing link: http://eiubp.ru/sveden/eduStandarts/ Browsing link: http://eiubp.ru/sveden/employees/ Browsing link: http://eiubp.ru/sveden/objects/ Browsing link: http://eiubp.ru/sveden/grants/ Browsing link: http://eiubp.ru/sveden/paid_edu/
Warnings:	Show All Exclude process from analysis (whitelisted): MpCmdRun.exe, ielowutil.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe HTTP Packets have been reduced TCP Packets have been reduced to 100 Excluded IPs from analysis (whitelisted): 92.122.145.220, 52.147.198.201, 168.61.161.212, 88.221.62.148, 104.42.151.234, 172.217.20.10, 172.217.16.99, 13.107.5.88, 13.107.43.23, 152.199.19.161, 20.82.210.154, 13.64.90.137, 20.54.104.15, 92.122.144.200 Excluded domains from analysis (whitelisted): gstaticadssl.l.google.com, client-office365-tas.msedge.net, ocos-office365-s2s.msedge.net, config.edge.skype.com.trafficmanager.net, store-images.s-microsoft.com-c.edgekey.net, e-0009.e-msedge.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, config-edge-skype.l-0014.l-msedge.net, l-0014.config.skype.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, consumerrp-displaycatalog-aks2eap-europe.md.mp.microsoft.com.akadns.net, e11290.dspg.akamaiedge.net, iecvlist.microsoft.com, e12564.dspb.akamaiedge.net, go.microsoft.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, prod.fs.microsoft.com.akadns.net, config.edge.skype.com, l-0014.dc-msedge.net, fonts.googleapis.com, skypedataprdcolwus17.cloudapp.net, afdo-tas-offload.trafficmanager.net, fs.microsoft.com, fonts.gstatic.com, ie9comview.vo.msecnd.net, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, skypedataprdcolcus17.cloudapp.net, e1723.g.akamaiedge.net, consumerrp-displaycatalog-aks2aks-europe.md.mp.microsoft.com.akadns.net, skypedataprdcoleus16.cloudapp.net, ocos-office365-s2s-msedge-net.e-0009.e-msedge.net, store-images.s-microsoft.com, blobcollector.events.data.trafficmanager.net, go.microsoft.com.edgekey.net, skypedataprdcolwus16.cloudapp.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net, cs9.wpc.v0cdn.net, neu-consumerrp-displaycatalog-aks2aks-europe.md.mp.microsoft.com.akadns.net Report size getting too big, too many NtDeviceIoControlFile calls found.

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\EQAWN5DV\eiubp[1].xml Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with no line terminators
Category:	dropped
Size (bytes):	45495
Entropy (8bit):	5.193697465125707
Encrypted:	false
SSDEEP:	384:zN1S9u95SL3jScpH8SpqXS53GnSPFwpSme5S2paSDY1USvCLallSaXFSeloiGTts:BB9kFHR8gyCx9YxCLwha+
MD5:	D5E1FED4A6139998CB63B6B241CCA271
SHA1:	D005B7A297A955DE34FA131935618608049DF8BB
SHA-256:	F5FAE714EF61231DA87E34B5C6AEB70CECC453EF30DAC7492A873C24FDAA972E
SHA-512:	3230EFE036647B10B66B6EFE332AC3445E0E6AD7028C90E93B5C72C87175AA7F375392376454493BE68B104EED725DEB9D75D6B70F72674D6B16FE99B6F266D1
Malicious:	false
Reputation:	low
Preview:	<root></root><root></root><root><item name="_ym64573390_lsid" value="1370828024958" ltime="4017794320" htime="30888330" /></root><root><item name="_ym64573390_lsid" value="1370828024958" ltime="4017794320" htime="30888330" /><item name="_ym64573390_reqNum" value="1" ltime="4017954320" htime="30888330" /></root><root><item name="_ym64573390_lsid" value="1370828024958" ltime="4017794320" htime="30888330" /><item name="_ym64573390_reqNum" value="1" ltime="4017954320" htime="30888330" /><item name="_ym_uid" value=""1621963520683999811"" ltime="4017954320" htime="30888330" /></root><root><item name="_ym64573390_lsid" value="1370828024958" ltime="4017794320" htime="30888330" /><item name="_ym64573390_reqNum" value="1" ltime="4017954320" htime="30888330" /><item name="_ym_uid" value=""1621963520683999811"" ltime="4017954320" htime="30888330" /><item name="_ym_retryReqs" value="{"1":{"protocol":"https:","host":"mc.yandex.ru"

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2A93EA3C-BD7E-11EB-90E5-ECF4BB2D2496}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	30296
Entropy (8bit):	1.8541044916972647
Encrypted:	false
SSDEEP:	96:rNZSZm2BWQt5cAfChgU1M8cTUmCRUy+fU6gVlX:rNZSZm2BWQthfO1M/GafVsX
MD5:	6F48FA05CBBC1CB98F8D5556B6FE9106
SHA1:	434C999B5C6D5511AC802F9ED6B6D3373546C365
SHA-256:	8CECFEF8320351EE0B9C4C3D33900098119E0536CF43128174432E48A326B9E6
SHA-512:	D38E0DCE6E06BE43263D84FDA5355D0EAFF9629D7240379A7D79C8FD121AB95E69777DEB0D8F0A55BBDDD54B0AC075CF8DF484738FC3DFB24C0B5E01A33AE79F
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{2A93EA3E-BD7E-11EB-90E5-ECF4BB2D2496}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	162616
Entropy (8bit):	2.5267311940742467
Encrypted:	false
SSDEEP:	384:rznM4UQc3vQ28O2862ml6uBUUrm1Uq69hK3cNAmMxh3fRvwh9I/gma2sX95XPGKN:F
MD5:	9FF6B029091355AE473371F95B3CB1ED
SHA1:	45A59AD073065A70AFAE1BC16DA41F4F30645865
SHA-256:	5FCC049770845020A1DFEC035B81AEC567026A5D0B6A5EA2FAD9569525C37550
SHA-512:	963DC94B143CCA8CE285B4F9D518DE605693B00BDF295CBDE9B6CCD5F33374E2818EADCBA5A50FB60D4FA7C933176627570C775249FE752E801C98C1FC0C39D9
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{309E38C0-BD7E-11EB-90E5-ECF4BB2D2496}.dat Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	Microsoft Word Document
Category:	dropped
Size (bytes):	16984
Entropy (8bit):	1.565661391784353
Encrypted:	false
SSDEEP:	48:Iw8Gcpr1GwpawG4pQ0GrapbS5GQpKXG7HpRATGIpG:rgZfQw6CBSTA2TUA
MD5:	9196DBA68DCF790B674A2B1C37F74FDB
SHA1:	864331FAF20136B908C329A159F5CA67E6A20730
SHA-256:	6BCC086E3C3419817A1349EF81DA32C8A1AE5EFF611F64120DA9A4F8AC8BAA6A
SHA-512:	F340BF470D5A6B035A92D094CC98B88AADA3EF61C408DDDEF7117960F4E57DA6EE50CF9681D43A72FB653D383FFC7B74946145E7ED3419264EE03F9730A998A6
Malicious:	false
Reputation:	low
Preview:	................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................R.o.o.t. .E.n.t.r.y.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\wlm7n14\imagestore.dat Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	4852
Entropy (8bit):	5.861518226895081
Encrypted:	false
SSDEEP:	96:VmMf+fUsz0mPh00H+UlD1WMV5fHjcAKngiS:Vo8sz0mPh/HL1WIHQ9s
MD5:	F3913EDED895064BD92D3856F1D96FA8
SHA1:	BF002C9B3E45ED7BE56BAB77BE765FA9294519C9
SHA-256:	7BA65009BE7B2B77321931D722373AE6A4E9FACB2831BA3A20605B26BB4E6931
SHA-512:	D8D6AE6A53AE638ABF415EF2E67EE3DC7FB057C3DB84428658978A634B994E17A8F7D9E5A3A3D77475C092BCA69CF7C2C5240546DB04B70434BE4D9B58206AC3
Malicious:	false
Reputation:	low
Preview:	..h.t.t.p.:././.e.i.u.b.p...r.u./.f.a.v.i.c.o.n...i.c.o.~.................h.......(....... ..................................................................................................................................h`w5FO=HV4NT@Wg......>':GBbu....17.....................GTb......;.K...8CQ4LR.. ................!1;Q\To....3R[..@Mr...1.........%;FThy.........@^_7;k...#.@.Kj.p.....Uu..L.co......;R.......66<+CC...Q,6.Nui9......EU.\.K.-......@Sh......6FR/EP.>\.Fj.j...............]~....&7 4E$MV........,....Ox...2.S.............3.(....!2.......#*.1<.4B.19._............y.......+BJ@[e7\j......);Z.L.....Jg.Xv.et1.@.s..Mo.Kk.....k............ .A.+7k..j..Bh.Ts.n..No.Ux...'r{:W^/NO..........BT:]g.........y?b...`+F.........Lfr.%0................m.......................o....................yU......................J:).....................s].xd/..jPJ"......................................................................................................2.`.....2.`......h.t.t.p.:./.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\advert[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 1 x 1
Category:	downloaded
Size (bytes):	43
Entropy (8bit):	2.7374910194847146
Encrypted:	false
SSDEEP:	3:CU9yltxlHh/:m/
MD5:	DF3E567D6F16D040326C7A0EA29A4F41
SHA1:	EA7DF583983133B62712B5E73BFFBCD45CC53736
SHA-256:	548F2D6F4D0D820C6C5FFBEFFCBD7F0E73193E2932EEFE542ACCC84762DEEC87
SHA-512:	B2CA25A3311DC42942E046EB1A27038B71D689925B7D6B3EBB4D7CD2C7B9A0C7DE3D10175790AC060DC3F8ACF3C1708C336626BE06879097F4D0ECAA7F567041
Malicious:	false
Reputation:	low
IE Cache URL:	https://mc.yandex.ru/metrika/advert.gif
Preview:	GIF89a.............!.......,...........D..;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\document[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	36658
Entropy (8bit):	5.371042074597082
Encrypted:	false
SSDEEP:	768:m54VR3hitbmkVyB8QvQbW13eHXDykWYPfpkpFckD7x1C53ZJuw0wCwPy1x5+P+Yl:m5U3hitbm8yB8QvQbW13eHXDykWYPfp9
MD5:	A85353DFDDE9DE202C8BEB3117693F23
SHA1:	CE99C73DF918FA841BCA9A9986E45679CC06EDEF
SHA-256:	E953AF09C5038BEE8E600B1F97A1767E7DA34BA6A9FC616AEA9B312FEFC8E3D5
SHA-512:	4BE9E257CD831524267FEC643CA58DDE53675618A4F06EE7EACF1F1286D710172189DC01C44324CAF6EEC1F81D1F086D6169E0C7CE02FDF195E0790F36696309
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>......... - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</script>.<noscript><div><img src="https://mc.yandex.ru/watch/64573390" style="position:absolut

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\eduStandarts[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	12909
Entropy (8bit):	5.642308324363482
Encrypted:	false
SSDEEP:	384:254VR3litbmarazrCaiMS/l0Hnsuraj+N+Yl:254VR3litbm5m/h+N+Yl
MD5:	E24962964359B4DE93012BEA88780E64
SHA1:	5215ACA98611ADB56DA08BF764E51D900C458E33
SHA-256:	8E8A1460A326757D2EA5989E01EF3A44FB8A0D27BA58C3809387BFD99F7490D8
SHA-512:	3AB2A05A87D37F6BF879A96E783836DA04F4C8D1A12D632F52350FB66735631CDBAC5553D24EDCC12A3916499592DDBE6409C8E9289E7382F38BA538A6E86126
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>............... ......... - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</script>.<noscript><div><img src="https://mc.yandex.ru/watch/64

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\fon1[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 994x458, frames 3
Category:	downloaded
Size (bytes):	220424
Entropy (8bit):	7.987425240578533
Encrypted:	false
SSDEEP:	6144:Hh9NKq6acDEM4oICeEuyH6nmBAaMpQtcEZ6/8y:HUq6a6ETx3IBAajt4/8y
MD5:	BCEF7AB2C896CB016B65E8A353E64041
SHA1:	AD86C7B7C11DE34E546E9F1516DF681E627A1115
SHA-256:	44D14A7C2A01D152479D8CFEF132C2DE047DCAABCD046A36B06370D8B3D0D29A
SHA-512:	9E4F7BE184CF49E5FF156B78A64B265E050B930195335CF5D5B13F79C2EB77CED1C208745C0BEB76E4F69DA248434C4DBFC3FAE7BEEEB977790837F42BCE3E03
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/fon1.jpg
Preview:	......JFIF.....H.H.....<CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100....C....................................................................C............................................................................"......................................................................................h~\|..q..(......]..}.....W.: ..1.~E.l.:ptBr.h/.p...<.2.}r..A....d.X.w+.....hU....}.%.;x........W..dz..4..../W...&.@..sU.)M^.U..,..........:.L.......V.}...Q.K:w.k...G~"...V..+..D.Z...i>'......=.>.....v....n}I{.e.-.....csK.v.7.:.R..\\|.._.G..gz..+.~................N-.z.5'.~..h}:_.(}...O.?.}\|.......&..G.Zl....k....e.x.R.._g.\|.....8m..eQ<g...\b#.#..A.../..^..Ge^1:!67..-tO.k.9T.6+.].=.r..ZX..{..;oR.'Qe......-2.....d...t.y&.4Tf..%0..Uq...Yh...+......h/.t.y..p.#^.....m-..V...8#[.....U...b5>.......\|.O...C........w...\|wt..c..}..~T...}...St...~.A...f.h.v.....%c8.;.xt.C.....u.H.....'.l,.S....:....o.93...J.#D..L...MJ5..e...a...ZIt..r<].S.I..H

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\icon-document[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 87a, 40 x 40
Category:	downloaded
Size (bytes):	1212
Entropy (8bit):	7.522176332246869
Encrypted:	false
SSDEEP:	24:DXacWSVgMORyMe3o0rvosoOfpyBEcXqVafHfA0:DqcWgcWUyyBxf40
MD5:	DDE92707947B4DD91D7452A313401B83
SHA1:	04EBEA116B9F4664D75C7A2D26C013BD5A3BC258
SHA-256:	C6012F13022F729058ABAB60B2CA8B703EEE2778384844BC2A1BB7A15FCC3B78
SHA-512:	F79897ADBC047E8484F914B74537E38689E1D3CAC527682ADD4B9EFFB9CE5E8B9878D11D63B7277E03C8ABF4A7BDBFC0F419576BDD65C4688D4196D791BE5334
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/icon-document.gif
Preview:	GIF87a(.(...................Z.......`.....B......8..?........i.....................a............Y......p.2...e.....y..H..i........A..a..Q..{......................&x.h..,\|..........r...k....j...1....X........f....N........V.@..Z..)z. t.w..j..h....................x..b..v.......o............U...........Q......f...........X............................................,....(.(.............................?nToJ...-..\_.&...&.&.0....=(.."_. ..3..4Z="0....... 4pU.(.......Hkf]DO....... .iH\I-j.P....b;rS...7!..Y......&..@....Y.(......9Bh.....,.:xA........@......C....."e........3.0.`....C...2...0>\|.....?.D.C..6QX..s.AN...b.....)........xm.."e`".....!B..U.(. ..#W.X..@..s...0......0.. ......\..a..Fd@........;.P!..."D @......`.....?.D........@.p@....@0........._......T.......H0A......(..-t....T.Bw.m .... ....`...$.F.........A.8..2..0........LG...\|.A.5.....1....(gB.#...zE........c...9A...p..I...'(p..'4...N..].i..a.)p.f... .o.EP..&."..h^..em-.c...H.5l0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\jquery-1.12.3.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines
Category:	downloaded
Size (bytes):	97180
Entropy (8bit):	5.373746180254919
Encrypted:	false
SSDEEP:	1536:kYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJSFk/zkZ4HjL5o8srOa99TwkEb7/Jp9s:P4J+R3jL5TCOaLTwkEFdnCVQwNa98HrV
MD5:	C07F2267A050732B752CC3E7A06850AC
SHA1:	220DAD6750FBA4898E10B8D9B78CA46F4F774544
SHA-256:	69A3831C082FC105B56C53865CC797FA90B83D920FB2F9F6875B00AD83A18174
SHA-512:	9B1D0BF71B3E4798C543A3A805B4BDA0E7DD3F2CA6417B2B4808C9F2B9DCB82C40F453CFAE5AC2C6BAFC5F0A3E376E3A8CE807B483C1474785EB5390B8F4A80E
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/js/jquery-1.12.3.min.js
Preview:	/! jQuery v1.12.3 \| (c) jQuery Foundation \| jquery.org/license /.!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="1.12.3",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+\|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.ca

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\js.cookie[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	3833
Entropy (8bit):	5.120380272683041
Encrypted:	false
SSDEEP:	96:itGurLtJwqfjH6CIuRxs0gPhtxq+jLqXnvZQQX:itGu3t+yb6CBUHE
MD5:	8C7ABC647EDBEB094188349C45EDF4C0
SHA1:	806218DB59D76995CD523BB3769988B061B5F01D
SHA-256:	E7ABFCFFCBAE9A6A8D7B7A2E3CCF5DD58988EDE6D7987528E2A097E2063FB0F6
SHA-512:	5ADFA9F4015AE3F89C79A399C49009D0F29607E4D461CB25ADF1959FF9C0D7FF27C1FF39FE8F991D0684F81D261EAFCA567B1B53A75D68B9F2D8FDBB6D550ED5
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/js/js.cookie.js
Preview:	/!.. JavaScript Cookie v2.1.3.. * https://github.com/js-cookie/js-cookie.. .. Copyright 2006, 2015 Klaus Hartl & Fagner Brack.. * Released under the MIT license.. */..;(function (factory) {...var registeredInModuleLoader = false;...if (typeof define === 'function' && define.amd) {....define(factory);....registeredInModuleLoader = true;...}...if (typeof exports === 'object') {....module.exports = factory();....registeredInModuleLoader = true;...}...if (!registeredInModuleLoader) {....var OldCookies = window.Cookies;....var api = window.Cookies = factory();....api.noConflict = function () {.....window.Cookies = OldCookies;.....return api;....};...}..}(function () {...function extend () {....var i = 0;....var result = {};....for (; i < arguments.length; i++) {.....var attributes = arguments[ i ];.....for (var key in attributes) {......result[key] = attributes[key];.....}....}....return result;...}.....function init (converter) {....function api (key, value, attributes) {.....var res

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\new-07-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	29277
Entropy (8bit):	7.976351560744736
Encrypted:	false
SSDEEP:	768:YzXJZUTHYMQNs2t8MwFmYpqI0FVrC77uA8k52qpZxwJgx9qu8GS:Yz5qTHYLNzqFGFVri7uAF52WxwJNjGS
MD5:	7B12C17E60E7EA4547EE066623DD9FBD
SHA1:	FE3C73A3E3202059652830D1F7613D6CBA9CDF56
SHA-256:	CB4760A1D7A5F94818BFD7D2A03044C91CA332E0B048574D84D508030F7B60B4
SHA-512:	6EB3836511504C3B2696C4DDA0FC1F04D0ED0C21D86845DB352CE9C755DD0F700DA1FA5232284944974DD4AA718CDE17AEBCED549A7506E2BC234D18445B8DAF
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/new-07-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg
Preview:	......JFIF.....H.H.....C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,...."........................................R........................!..1."AQa..q..2....#BR.3br.....$4CDc.....STs..%..5Ed...................................2........................!1A.Q"2aq..R......#3Bb..............?....WJ.LC..!p.......ek...u...em.+1A6i.C[.I..4.".....i.C[.Hh".1I...(!..V.......1I....PA...V..\RV.j..A.Vu.....5.I...k.A&...[.+.HrkI.SI..P..Vb.4..V..E...J..`^........~.... .5...mgE!..E=7.wX..U.$...1..Y..mN.z.[.....Z.W.......q.K...V.Q..:Ju...O.OYjvw..g2...+..:.8....%m..Vb.....-"...y..3..F' ..K..d$..+.J.n2...:.? ..n8......?...Rz.....IYC.\|e.^....f8.D...:.......B....F.b.. ......t...Cjyj.l.R.V.....R..%j......kcL^6,.>Q...n....]8..x..l..P..........'..>.v^...1..g.C.A.76..........z.TG...'/.XFN;z..g.t<.~..\.sH.@....z/..eR.......T.'.~...FLK.....p:..J..eJ........g......q..G..).%..A".^n^...}...-..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\new-13-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	21334
Entropy (8bit):	7.924548125106774
Encrypted:	false
SSDEEP:	384:+Bpl4EgSn7y8S2+h9NMVNODYxUqS4nN1b/+T3BQnYDkFw/odm+ht4ki6l0Wcx:++3c3S2U9NtkUHql+TRIYDbAdmitwx
MD5:	889CCE25F778FAC1F7684A6B5CAF5083
SHA1:	375C4DC744F4165C37987D25D0162BAD0A7D1CAF
SHA-256:	C6B647B30D8E3B4A64CC5A8B743A5812DA5A62EE3223D1F3CDE15BEEE3AF89C8
SHA-512:	2127D001A3F47175AD5C5BECF7AA350D1E233A5B812236A2960DE6CD4B935B964483A1A1F9D5F1E3CBC532D99107298E40393B9906386E83D9BDF4D1315A7E5B
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/new-13-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg
Preview:	......JFIF.....`.`.....C.....................................%...#... , #&')*)..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,.............................................O.........................!.1A..Qa."2q....BR..#br...$3.4CSs.......%..5TUVct...................................9........................!1A..Q."2aq.......#B...3R.$4br.............?...@. ...............\..5....4....A.0....M/.uH......7.o.ih,.k.o..ukn.0.w.Gz....=F...h..F...c..r..x.n.3l.].u.}..jZ.......C.)9v#...q.....ac9....\......1....M.h.e$.N.../..:...(..X.k..+8.v..<.....>.<u......L..uS....ig....W.....t.TV".k6.,...a...) ..Yi._Ch..J.i6.<..:....wA...;..q.Ui..^.?._..r..Q."..u0.o...s.}........8..H..........D`....}q..d.=.u....U2[..O....+.$/...../s.2.....v26S.:.....3...e....c....l.....}S#....O..T.>B!.f.d..O.e....K.........+~..yY\|.....+-.T...3.Q..{n#k..8.UU..+......9J....sN.&..^_&.\|2S...c. ...g.at4......&..... .... 2..}#.I^"...I..<..\z..c._C.O.....-E.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\new-19-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	34827
Entropy (8bit):	7.97589348153015
Encrypted:	false
SSDEEP:	768:lCAuFezJ39+0kgGMThFhddWjcOJRcc+VkRKjKez63odpnpkL9qHA:jeez99Tw4TWgcW6RuKezkoUqg
MD5:	8BDC9FF5B1E1639442E2A21A5D9A239A
SHA1:	A90687CE2653C55204AE434FED7C0EF08528A4AE
SHA-256:	107DB911E986290C1E4AFCD0D4C007D57A3D492C455185595EB3C0821FEE02F2
SHA-512:	32819F56560F4AC9736A5828AD3E41F7C7314A67559ACA1083E2C841259A72B4B9B37A53A8DE21918372F7F36DCAC5212F3255A77DEDB5FF8183BBA2C71A0C9D
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/new-19-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg
Preview:	......JFIF.....`.`.....C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,...."........................................S.........................!..1A"Qa..2q..#...B.....3R..$br.45CSUc...%DEt..'7ds....................................3.......................!1.A.Qa.q....."2R...B.#..b............?..H..I.i9.H;.>......nB..S+.7>V..X..Th..,V.B.+.......A...#c.w.....u.E.4R..[..[............[..$.... ..u. .cx.3A..Z.\|v.v..1.Q.@..A.&Vu...OM....<.0.....nn{[.lF.=B..H...Y.._..7E.F.....I.=.c.=:..9!V..&....a...\|..w.1%.Y....5.I...[aZ\|.r..b.......w.q........<...w=.}W.....S.Y.Tih..A...u)'5o"...V^..N..S..{_.?.........@....te.r6I*\|IC.5....#7..s..:(/F9..d. ...q.....$..l<.o...k..D....{.>..T;.+.9i.4.Q..]Vk..os.w.(.;.H.......3..c!..b.n..Dca...<.....d..I.Kz.i+Y..j.4..WI.[P..&[4QM..UK.b...}{..#.E.FP....1..X..B-. m.....F..22.#.$....bz..LW....jK...\.2F.A7.;.o....HK.2..c.....O......A.V.....'

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\objects[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	17038
Entropy (8bit):	5.308585206209824
Encrypted:	false
SSDEEP:	384:C54VR3DitbmZBn9yQpQIdobW5P6+U3uGtP+J+Yl:C54VR3Ditbmb9ywQwobW56FP+J+Yl
MD5:	D566A3A11962425B72C515EF8B1768D3
SHA1:	6F66A4E319C99D15D1F4A68B4C3B8B8840F641C5
SHA-256:	82904D78626E969727B70689018413D299BE1A48171D8C9B8BF0CE7B2253A715
SHA-512:	F560CAD81EBD74B5D75BE987AF66437574563250B3BA228360D5A5611C60ED1D154CAB0526994E90211779567156E2D9B1A6D076D5C0812ED3C188C61A4D19D7
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>...........-........... ........... . ............ ................ ........ - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:tr

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\paid_edu[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	modified
Size (bytes):	14352
Entropy (8bit):	5.396686684734554
Encrypted:	false
SSDEEP:	384:T54VR3litbmiN/C/N57OmO8sP2s73uGtP+S+Yl:T54VR3litbmiN/C/N5bO8sP2s7P+S+Yl
MD5:	7280C0D1E29464E944F0E1D42CEC97B3
SHA1:	5AEC60D79086388A419AF06E7B9ED402F9F06BF8
SHA-256:	48B973227A9B4A2B3FB0E5A254EC4342E18C49B948F405C4612DDA34E03A2921
SHA-512:	E229AB7389D2EFE75D39AD1A2902A9E20A9D59BEDDE7D2932E74CB920B45808972A4BC74D916AC93323CB690F9BAFF6F4C6BD51C88CA0FFF9B3EF4FC9F910394
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>....... ............... ...... - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</script>.<noscript><div><img src="https://mc.yandex.ru

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\str[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 30 x 30
Category:	downloaded
Size (bytes):	813
Entropy (8bit):	6.389437418936763
Encrypted:	false
SSDEEP:	24:3eR7z7QZXE70wygI8+dG7T5tuV0NCX2bq5Pe:O1z7kXEIwyLx+5oVp2bqm
MD5:	4AC96367C9D361F4E3587D14232C390A
SHA1:	B461A86DF3C624ACBEFA2405A04F6587BBE48A26
SHA-256:	92ED2CD5753D8125FA58BC22F2A5F1BEE39B42D298C3A9CE39785D412A0015E0
SHA-512:	979B3F9175E7193507284001E9FB0F63DF606B8435B953B34AB8CBC973B5C46D1C8F199E0516F6E74098E56F9EAA30859711FFF408023CFCCEAFDA5DB62A4A02
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/str.gif
Preview:	GIF89a................................................................................................................yyyuuusss```___YYYTTTLLLKKKJJJ???===<<<:::888555444333222111000///...---,,,+++)))((('''&&&%%%$$$###"""!!! ...........................................................................................................................................................................!.....L.,............L...........'/9>>9/'....2GA;7667;AG2!...+I<4...<I,....:D...D:...3.4@:.3...D.59(0>.43D.. J.493..:?.4J ...2..<-...9@.<3...H.9D..\......v.{...:.B\.Qb.E."..D..+!&j1p..U.#.6.T.A.B.;^0..!..V6.lX......p.....8.p..sB..4l..P.h.LU:....7......C..,I.dJ.-._....D..-.... ...@.../...~.Zk...]...{..>B...B.s...J....).Y.b.!....0..............PP...,Z.......P.f........ I.d.:#.."\....AL.1...;

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\tag[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	C source, UTF-8 Unicode (with BOM) text, with very long lines
Category:	downloaded
Size (bytes):	1104032
Entropy (8bit):	5.557529281075577
Encrypted:	false
SSDEEP:	12288:+9St2JqNZrjkQg4I3GadDkkQg4I3GadDkkQg4I3GadDkkQg4I3GadD1:+9C/frjkVbPxkkVbPxkkVbPxkkVbPx1
MD5:	FEC5525734FF3D37821A4AFCAFAB8114
SHA1:	7C69D996FC88D2504325F8B56BAA8410C11341A0
SHA-256:	D946F08530EBFFD770A9BD7CA82602B2186BAF47D6357523739286205F0C89E6
SHA-512:	E2EF94644AC5D71D439C811A2F2CBB9DFB25521B95DFF790252388910240116F4B2A8020473685F37DA23491E5F7602007032A0DDF81A103ED3B055340E60991
Malicious:	false
Reputation:	low
IE Cache URL:	https://mc.yandex.ru/metrika/tag.js
Preview:	.(function(){function Qb(Z){var Ea=0;return function(){return Ea<Z.length?{done:!1,value:Z[Ea++]}:{done:!0}}}var ec="function"==typeof Object.defineProperties?Object.defineProperty:function(Z,Ea,nb){Z!=Array.prototype&&Z!=Object.prototype&&(Z[Ea]=nb.value)};.function ce(Z){Z=["object"==typeof globalThis&&globalThis,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global,Z];for(var Ea=0;Ea<Z.length;++Ea){var nb=Z[Ea];if(nb&&nb.Math==Math)return nb}throw Error("Cannot find global object");}var Wf=ce(this);function Xf(){Xf=function(){};Wf.Symbol\|\|(Wf.Symbol=tj)}function uj(Z,Ea){this.Th=Z;ec(this,"description",{configurable:!0,writable:!0,value:Ea})}uj.prototype.toString=function(){return this.Th};.var tj=function(){function Z(nb){if(this instanceof Z)throw new TypeError("Symbol is not a constructor");return new uj("jscomp_symbol_"+(nb\|\|"")+"_"+Ea++,nb)}var Ea=0;return Z}();function vj(){Xf();var Z=Wf.Symbol.iterator;Z\|\|(Z=Wf.Symbol.iterator=Wf.Symbol

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3Y2ADQKS\vkladki[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	404
Entropy (8bit):	4.606998702115203
Encrypted:	false
SSDEEP:	6:0UL/GclZzQNNAM4HSRNnJkET8vJ/jL/RDD6QtLlILlVongIR5:N/G6yas6jblD6uLyL2gI/
MD5:	4FEDFB016C7B9F2988DCBFF4E7FF5DF0
SHA1:	8D2AA02A5D32E36243FE14B7DDA70D211F8479D9
SHA-256:	A640E60D3FE0A93FC33D0071D268FABBD5A53DC6E5F78505C9D602B15CDB6A97
SHA-512:	2ACB5D63E002566B6E3552A5C63D0AFEF37D6282348219DA47630C2FEA77A04BEAC9D0492BD6C3415A01A15B388621309100A5511F55B7795265D0A486DBBEB0
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/js/vkladki.js
Preview:	$(document).ready(function() { .. $('ul.tabs').each(function() {.. $(this).find('li').each(function(i) {.. $(this).click(function() {.. $(this).addClass('active').siblings().removeClass('active');.. var p = $(this).parents('div.tabs_container');.. p.find('div.tab_container').hide();.. p.find('div.tab_container:eq(' + i + ')').show();.. });.. });.. });..})

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\???????????%20????%20-%202019_2_149_????????_1[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 16, baseline, precision 8, 1024x1422, frames 3
Category:	dropped
Size (bytes):	381504
Entropy (8bit):	7.959057557883388
Encrypted:	false
SSDEEP:	6144:83/6cmVnvOZ/fgnETV3SPHrIGKh2DUN1XdJW+37jNWC08gNTOZ+fXsaBfKcmAkNF:S6cEOZ/fgfPH0GKAoNfBNanNTOZ+kad8
MD5:	808719BDB98205C641C9BCBB72C55BE2
SHA1:	3F70221E00B13B910EC59D7F6C2CE6641CFF649F
SHA-256:	90C5355C79F9BD8982385B95823D95029A93EE8540FDE6D9AC9AFDB4F9F453CE
SHA-512:	A90767C1EE08B18EBA98CD1A02A226E704F1CA8C49826DA9BB99FB1FD72FEA1CE8E4E31BD26AA29A967A1A09BB76E545FCFAD591B48930673B4B6639792667D9
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C....................................................................C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..S..(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(...(

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\KFOmCnqEu92Fr1Mu4mxM[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20332, version 1.1
Category:	downloaded
Size (bytes):	20332
Entropy (8bit):	7.970235088150752
Encrypted:	false
SSDEEP:	384:U0iwaxoOUPVkOJJSu6SsCKTIRDqG9oHKwZh98OSv+MsgkAOY:75mlUmOSu1guh+fZhLSxkAr
MD5:	DC3E086FC0C5ADDC09702E111D2ADB42
SHA1:	B1138B84FF19EAC5F43C4202297529D389BD09B7
SHA-256:	EA50AC7FDDB61A5CE248A7F8B3A31A98FE16285E076B16E6DA6B4E10910724BB
SHA-512:	10123C785C396CF0844751A014413ECF4D058AD0C00CAAEF5F8FFEF504C370F03EACD0B3C2A49211EEE0877B7AE7D0EF6E01264F04FC910C2660584B5E943BE0
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff
Preview:	wOFF......Ol.......x........................GDEF.......G...d....GPOS...............!GSUB................OS/2...L...P...`t...cmap...............#cvt .......T...T+...fpgm.......5....w.`.gasp...@............glyf...L..;...m.&.x.hdmx..H....m....'/./head..H....6...6.j.zhhea..H.... ...$....hmtx..H...........]uloca..Kp..........m,maxp..Mp... ... .4..name..M........t.U9.post..N`....... .m.dprep..Nt.......I.f..x...1..P......PB..U.=l.@..C)..N4C.\.51.3.......q.q.qu.O...OjC.cA......R.x...l\..F..3...N..q)..a\|.....^..33..c......p"y.iT....<Gg...!.3...T1...{.g0.u.y........m.\|.k..NF......mox.;...7&.Y..C.R_[.T.c..-.=...9:...aj.G...............O.Q".6...>...(?...~...._.2:..K4....S%...jbr).........e.U..-..X.3.ILQ....z..!.f:...<.W.#...e.c=...&6...lc;;..3<.s<....H.i2..N..t..)Ns...#`..".).[...._.T..T.....+l..=..O.....Z..F...r..eM.f.Y.....-...r.\.s6.r..,...:.<$..#.l..F.$.2#.e..].[.....yR...e.\|{..O..`)..U.0.e.50.Z.b../cM..i.&O._..+.Y.W...;z....j.p._.o..[CL.)n'.UGx..>).X..MJ..Fr..v

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\b-top[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre 7, datetime=2016:11:25 15:46:41], progressive, precision 8, 60x60, frames 3
Category:	downloaded
Size (bytes):	4813
Entropy (8bit):	7.670346111488885
Encrypted:	false
SSDEEP:	96:3dCY+DdyWZG9Yo3qbwQ5XVlBynKOfFww3:o3dyC+6wwFXoKcFww3
MD5:	BF40E93E9E7B236E70D5C6E550240492
SHA1:	D2895C7F07F7D5202EAB438626E1124365293011
SHA-256:	AEF253FC4B2B803CBB3B873BE2D14683DD326269F213072B9206305E0732DD58
SHA-512:	1D6C39DD75C0166CBA796F534366CEAF5CE031625869C97EE257852D07276EBCE13AD5C00036B6F83B1F3BA908418C712E6476711AFF901E64D2801D615543CB
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/b-top.jpg
Preview:	......Exif..II...........................b...........j...(...........1.......r...2...........i...............H.......H.......PhotoFiltre 7.2016:11:25 15:46:41...........0210........<...........<......C....................................................................C.......................................................................<.<..".................................................................................~.N..........TE..~;~.e...Y.a.4a.........e....XS....l.#.-..[....N.@.Ig\.4..Ax.1Y..vr....eGLY.r.iS..,.\...U.N)....$.................................#..........."p.C-.\T....... 3L...{.'.0..#{:..<....zS$..r.^..jm...7:..=.M;.....A.&>..`.1..._........*V.f.$..r@...O,...&..5.l6.6.u...../.X.....b....fy.'4.I...MhO.k. ...g.=..$..{._..6..2.mJ.t.&L.v.{.$.+Lq..I..p....I...$x....n..E5...0r{.....0...........................!.."1A.#24BQRSbcqr.........?...aL2E.(.2V..Z.H..4.f._P.2@..<..........0.VC..qV.......#"...W.`...<..}...e......Ydp?1..E.....3F.....U..!M..Q.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\bvi.min[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with CRLF line terminators
Category:	downloaded
Size (bytes):	26222
Entropy (8bit):	5.100868453979997
Encrypted:	false
SSDEEP:	192:SwsIK5KDBJadrgl1N91/tvZ1bU46XatlXavFPEykth8t8gEezg/ela7xNFk:3rWK9tvjtOEAa1g
MD5:	DD690B6939D800674D6FB4C6876AAD99
SHA1:	6736A5C31952C42FC35797F8CEC341BEA84F16BD
SHA-256:	2B00420E45DFFA9146757B2637618CF54B74DCC4251E6EB7E87AA9718261AF87
SHA-512:	459DAB3608792F6EB1F51282B4076A73DC02AD1B7775CBDAE20914C7FA90B62C88A18167D07665E78BAB30ABA13E8CA7E96E2320D18C4C693DDE9AE6E5C37DB0
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/css/bvi.min.css
Preview:	/!.. Button visually impaired bvi.css v1.0.6.. /body .bvi-body.. {... padding:0;... margin:0;... top:inherit !important;... bottom:inherit !important;... left:inherit !important;... right:inherit !important;... position:relative !important;... color:inherit !important;... font-size:inherit !important;... overflow:inherit !important;... z-index:inherit !important;... background:transparent !important... }... body .bvi-body ... {.... -webkit-box-sizing:border-box;.... -moz-box-sizing:border-box;.... box-sizing:border-box.... }.... body .bvi-body .bvi-text-center.... {..... text-align:center..... }...body .bvi-body .bvi-hide...{....display:none !important....}...body .bvi-body .bvi-show{display:block !important}body .bvi-body .bvi-img-grayscale,body .bvi-body #bvi-img-grayscale{filter:url("data:image/svg+xml;utf8,<svgxmlns='http://www.w3.org/2000/svg'><filterid='bvi-img-grayscale'><feColorMatrixtype='matrix'values='0.33330.33330.3333000.33330.33330.3333000.33330.33330.33330000010'/><

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\bvi.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	downloaded
Size (bytes):	29076
Entropy (8bit):	5.532924122123429
Encrypted:	false
SSDEEP:	384:eJny6MvG8FC0raoGLVS7Ae7Y0KlXrdGoR7b957jF:eJn8zuLqA5rdBRj7jF
MD5:	56E65C7D0DC7BD72C6B8224F18AF4253
SHA1:	B131EC67A711B44A8F96E14F63BC99FFE88E9F55
SHA-256:	E80DA9B24A682FCE021509F35ACD18B70ACD2AD938307902F4BB5A19A57A701A
SHA-512:	AA15CDC769266B2B8A1ACBE12E3CA715D8E2D81D723531E59F31392973B8D684A89F4D2B209B9CD48AA278E4D975EA7F07E83613EEFE2D9F2298CACED82EEEDA
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/js/bvi.min.js
Preview:	/!.. Button visually impaired v1.0.6.. /..(function(a){var d={BviConsoleLog:function(f,e,g){if(f==1){a.each(g,function(i,h){console.log("console.log.bvi - "+e+" \| ["+i+" - ("+h+")]")})}else{console.log("Bvi [console.log.bvi - off]")}},Init:function(g){var e=a(this).selector;var g=a.extend({BviPanel:1,BviPanelActive:0,BviPanelBg:"white",BviPanelFontFamily:"default",BviPanelFontSize:"12",BviPanelLetterSpacing:"normal",BviPanelLineHeight:"normal",BviPanelImg:1,BviPanelImgXY:1,BviPanelReload:0,BviPanelText:"...... ... ............",BviPanelCloseText:"....... ...... .....",BviCloseClassAndId:"",BviFixPanel:1,BviPlay:0,BviFlash:0,BviConsoleLog:1,BviPanelHide:0},g);console.log("Button visually impaired v1.0.6");function h(){if(Cookies.get("bvi-panel")=="1"){a("").each(function(){if(!a(this).attr("data-bvi-original")){a(this).attr("data-bvi-original",a(this).attr("style"))}});f();d.Bvi(g)}}h();function f(){a(e).addClass("bvi-hide");a(".bvi-panel-open

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7Cw[1].woff Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	Web Open Font Format, TrueType, length 20156, version 1.1
Category:	downloaded
Size (bytes):	20156
Entropy (8bit):	7.969769354696034
Encrypted:	false
SSDEEP:	384:7RPUq1e4roiK+ooGiS8I+r2U+0nKwh5V1nmPnPD+u13hgLPHGC:dPZ1eOosooGh+qNLs5VZmPnbTOLPGC
MD5:	5C7A07A5CC1FD3D8196E6F2A2E0F76FF
SHA1:	E8E9CFC35F641425C7F5A3ED3C38989CF2EAE702
SHA-256:	5FA1BE26865EE95BB2998CE2B53D3564AC49D94CC9FE14C4F8812867D95076A1
SHA-512:	68E38F70383BC6B1BDECEA50CDD4CCFAFB6DEE2C63C1DFFCB2686B30C93E5F18E3EDBBBF7E71340FC6BF44A4FD253CF1D4A2BFAF882A079CB4C4B4F8ADB874DF
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7Cw.woff
Preview:	wOFF......N........0........................GDEF.......G...d....GPOS................GSUB.......'......r.OS/2.......N...`t...cmap...$..........W.cvt .......X...X,...fpgm...t...4......".gasp................glyf......:...k.E...hdmx..Gt...i........head..G....6...6.5.hhea..H........$....hmtx..H8...t....l!ZJloca..J.........(...maxp..L.... ... .(.{name..L...........<.post..M........ .m.dprep..M..........{.ox...1..P......PB..U.=l.@..B)..w.......Y.e.u.m.C.s...x.h.~R....R...A.J.x.l..h.a........l.m.6.1+.X....i...y....&...._..63..5....2>...x\|D...ct.Kx..H@b.3..l..#u.....L......^..4.....rP..{.......Q...JT.:Xu>..T./>...oq...........~..@.....lq../.... ..#..".&.8.H$..r...J)..jj...&..f.=.9..N9.....'F..8.4.....m...m...m.m..n..&.X..}....S.\|.....n........PHaE...J...4..MjJ.*..nW)..rn3'/.....ks5zY5c...Mgg.5..p..rR{c...p..t\.8.c=..p...X.(.......7....=.........!...H ........(.0...(.q.JT?.b..z].'T...m..vNi.....t....:P.R..H....t.........&?.:.j.51+.S.":j.SK'I.^....}S.i.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\new-09-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	40440
Entropy (8bit):	7.960869292683963
Encrypted:	false
SSDEEP:	768:rR+LjIz6uG9SZiIHh+mlzF5M/4v8VyjIR6zgZQMrIDvRN85pwB/qVAmqj:rALjIz6t9oi+NzrMgvAefgi5DpYpwB/p
MD5:	F80C6501F4AEDAA51C3D2949A4228100
SHA1:	177EF3BCA5FC71987BC9D3EC93BC4DAEF249AE06
SHA-256:	9B29F6077ACF52F7456B0DD00D19B24AB93AAEC29319A1B9F151133C54316493
SHA-512:	DF91A8C459A4C45E8B5A3CD622FE06C6E1CEB559FD6059388E3DB176C70D0FA7D913573879A23A3A8AF3D7ED2DE763135141F8C9FAE40B3952D23C29CE6DB7C1
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/new-09-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg
Preview:	......JFIF.....H.H.....C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,...."........................................G.........................!.1."AQa.q.2...#B..R.3b...$r.%C....4Dcs...................................1.......................!1.A."Q.aq....2....#B.3R............?.E......AYx.g.Q ...E9 r\|..u^...[.QF.-.xe&....6.rI.....=JWH".....,.-........>.7y.oW8k.M5.&4Fi.....>...k..\..z\|>.;..........6kU5m.D.K...K.be^J.<....4v....S2.m..)..x..b.....'Iw..{.R.l.WCa..I-)..x.......R.z..q(J..go..*..x.$......W'k.~.=D.+.^.......j0..4..@\..G]..gnub;U.EX..9.2S.^.W!'.m.U.r..8..x.D)^...wK..MQA.....R..........s.7..n.k.s....V.ZJ.drU.+c..w....G...0.h7"........Z...F.(&d.n\\|.s...O.s.....w.j..I.....PJ...9...:..b......J.nV\..l..s....\i...+.)...'..d.N23.R.pr=...i..z~..mM.F........%)y..#I..x.....P...W....O_..\...x.......}3...}... [...8.Q.+...w..'..0=s........j)'...2."..9..y1.#...X.Y..x.X

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\new-11-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	21440
Entropy (8bit):	7.950347495847144
Encrypted:	false
SSDEEP:	384:/DzEFznzOYvYAxfsVHdZzb7O3blEI1zUOpqExAAYQQTMEU:0Km/UV9ZzcEIZxRAaEU
MD5:	ED8C956A87E4532B2DC68F13A53EABAF
SHA1:	D6D617B03462AD60F0A0620491CA4D3763EC7B6C
SHA-256:	C83B6AEC8096D893E5FA43C5A098B62A1BC17B2A0CEDF7E4BED337D938ABAB79
SHA-512:	05BD29E523C9D8ECA45911E2762E0638B815C45061D46E4EBD8FB9E80E931B2B11CA6C5FBB36B7C7C8C1C269E8EBC88A836816FAE1F51DEE87ADF9F917492B98
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/new-11-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg
Preview:	......JFIF.............C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,....".........................................Z.........................!..1..AQ"2aq...7..#3BRu.....48SVbrst......$5U...%CFce..&'6(Td..................................-........................!.1..AQ."2#a...3B.q............?...QE.QE...J.....c..4......3..e&\!I.Mz......i.......j..Kf....$.....p..%-.v..dv..-..V.Wo.\...ZF..o.d........Q$O..HL9"K..m..T.......T...L&.fjI......Z....>..?.."...#....>../.....V3.O.+E..v..\.c.J.>.;....%9.$...V..,..<=.sa..4.E....T. ..i.....?.......gD..c.&....Ym.O....x..O.0.+j...?Xi.Y.KS........<...BJ%8...\+..H..[.4..}5.j....C..1E...9!.4.kq.%.IQQ..u..N...q.!.)t-(ds4.H.....;/..Hu..d.f...B.......}R..)]q..E.>.\|A.q\.....c....g.T.>...m..s..1o0%A....A#.g....e..y..B...J.2TI...W.......B.l:.$f.p.._i.....7..A.P.>5U.....v.I.....JK...(.k............)d...q........oi/..~....q.UG.[AC

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\new-20-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	22419
Entropy (8bit):	7.9454289666590645
Encrypted:	false
SSDEEP:	384:xkMxkSEi18jEJRPDKsP1gZNWBauluE8yAjiwKFJn4e/BOVyAPlEu:xkMxpIjEJNziZNSzlFFJzBO7PD
MD5:	8CF89E64148D5784E90117B4287F0C77
SHA1:	71FDEECB65680CA05A3C91503B7ABDFC70F43154
SHA-256:	B085061829FE62F375919F3F436F1D00EBD91C7756F379C308C063103C228B1D
SHA-512:	A33436DCD323EBCB625527542907AA0827285EB6A0A4AAF53617D922106C7D63088E52B0A97A93B171893C421CD214B0D2DF20A880205FAA2D3E882A6F0CDB0D
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/new-20-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg
Preview:	......JFIF.....H.H.....C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,...."........................................D.......................!..1.A."Qa.2q...#3B....Rb.Cr...$4.....%S.................................,......................!..1.AQ."2Baq#................?..H).<..L......L.`.....>.$...&.v#....i.D}.R...>Z..I..[%F8....=.W.H..~.....h.qczBG.b......L}(...9..t.g;g.PdT%H...X..Y.y..VE.9..3H...\|.......'.D.R..J.T..Wp...p.......m!&H.>...X.1.".'.Z{r.y....A...}..U.J...-:.nT.ZR...<.8P...m6..~..)r..%.H.........6.^u.%......~.8.X...!}...O,.22#.~..>..c.X.:s......akmJC...........wKF....j`.a...~......].N...~...q....upw..N.=}=.f;M..6......[......M...X2...P.....).=..c\.5;..Q.m...Z=.jg....l. A..".9...mwG.V...5....mw..q...%).....[..._..^.g\|.O...0\|B.'.b...?.X-.,-..Q...ff`.S.[.k.].....ix.1.....\(.O.7..F.>.%...k.o:......5f.%R}I.=?....Z.6.v.....U.Q..k.`o.#..a../.........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\responsivevoice.min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with very long lines, with no line terminators
Category:	downloaded
Size (bytes):	48603
Entropy (8bit):	5.394626835263997
Encrypted:	false
SSDEEP:	768:Kitahw5HS6EVjKFqfVYPhVL+Vykw6HBMOxrnQvXfVN/t8m7I:daa5b0fyP34zHBMO18Nk
MD5:	94F4C585E1EACEC0A5A5E95C02C16259
SHA1:	59A6A78271E3870BFD0F0C48919A42488DE897ED
SHA-256:	BC04EA144CFC628E730E8216346D24003EFE4798AEF78823D697BC88383A9F50
SHA-512:	768CE0B38F97652D15FF3BA1EF8F8A34B922E44BF4C43DD859A7F3606D25060CE65A93415452E5F17F71E670B0C0FEED2A050029F0CCED9CC114D20A3C0A06B3
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/js/responsivevoice.min.js
Preview:	var responsiveVoice;if("undefined"!=typeof responsiveVoice){console.log("ResponsiveVoice already loaded"),console.log(responsiveVoice)}else{var ResponsiveVoice=function(){var a=this;a.version="1.5.3";console.log("ResponsiveVoice r"+a.version);a.responsivevoices=[{name:"UK English Female",flag:"gb",gender:"f",voiceIDs:[3,5,1,6,7,171,278,201,257,286,342,258,287,343,8]},{name:"UK English Male",flag:"gb",gender:"m",voiceIDs:[0,4,2,75,277,202,256,285,341,159,6,7]},{name:"US English Female",flag:"us",gender:"f",voiceIDs:[39,40,41,42,43,173,205,204,235,283,339,44]},{name:"Arabic Male",flag:"ar",gender:"m",voiceIDs:[96,95,97,196,98],deprecated:!0},{name:"Arabic Female",flag:"ar",gender:"f",voiceIDs:[96,95,97,196,98]},{name:"Armenian Male",flag:"hy",gender:"f",voiceIDs:[99]},{name:"Australian Female",flag:"au",gender:"f",voiceIDs:[87,86,5,276,201,88]},{name:"Brazilian Portuguese Female",flag:"br",gender:"f",voiceIDs:[245,124,123,125,186,223,126]},{name:"Chinese Female",flag:"cn",gender:"f",voic

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9QTQHWWN\svid-akkred-mag[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre 7, datetime=2020:11:12 11:23:02], progressive, precision 8, 350x482, frames 3
Category:	downloaded
Size (bytes):	32166
Entropy (8bit):	7.969723739595835
Encrypted:	false
SSDEEP:	768:eNBOpOuzyDKVdM39UAeOPB2vyUkRChDhSxfJF3VN8o:eCY2MKVdMNUJOPB2yD9n3VWo
MD5:	5D66F9020D1E0529BEC52618E0C8E73D
SHA1:	093546805E719DBCAE9F83345AC39CA218D02EA3
SHA-256:	709C24CF883E93E1C701561C5F31CDD5B7DCAA65904D03247850C4E30BC20B95
SHA-512:	44FC6FCF68DE0FA587462010BCF001A18E72E53F167F6E12E6D2032C24825B0FC023BBFF990697AC2FB6E8B601A3F4A5BB3F3BB80A4E1222F658C7185A1FE0FE
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/svid-akkred-mag.jpg
Preview:	......Exif..II...........................b...........j...(...........1.......r...2...........i.............$.`.......`.......PhotoFiltre 7.2020:11:12 11:23:02...........0210........^..................C............................. .....!%0)!#-$..9-13666 (;?:4>0563...C...........3"."33333333333333333333333333333333333333333333333333........^..".....................................................................................0......R]c.i5...Y.&..,k...D.K.g.fT..e..E.+D.3d.u.R..F....2....c..hFZ...Y...#VzE.....2G...z..yRC..t.tU..+q...Y..m+E..V.H.l..Eo.w....f..',..?=~.~.FH,o.8;...^....{.>.NG...8Rs.#3P..-.!..@.e....Ww..z6b.c..T.j...{.F.......tJ.Z... Ps..7..p7.3 ...............z.}...;l.....a...w.;....p.k@...j........Y.[..z.....r5..c.Y.;.~nz6.....an...) ...w....[....2d]#".\|.kh..i..\..y..1g.L.yk.\Y.e.f.9...U.,....r....S..W@......l....2oF.kX.o.c.Q....j....}wYv-..za...&..#).)../.3...h!r......[...m..8...$.y............Ds.<{}1.mo.....w..dU7

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\YoS_logo2[1].png Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	120201
Entropy (8bit):	7.677972108276398
Encrypted:	false
SSDEEP:	3072:46YdP284Sx8wGmxc51xU7Qqj7V7viUWDhijQPtyIgPqHg:4J43wGic51C7Qqj7V7vaDhi5r
MD5:	063D8A0574784E423B2CB90A31975DDC
SHA1:	151789FCF6F2EE48D4266CA535426D1320A6227F
SHA-256:	1C9AD734D4E7FBC1ABE600B250F34FE3AE8335DD8EF071A2FC4B31575C5F7AAA
SHA-512:	663CDBB5BB2F902E3B0DD7DE1697D11A3D410FD6DB2C17D7DEC1D87D2521AC189ECB16CF218DB3A7188D36BF55238B1FFC09DFACFA1FD500F81768AACE16DDA0
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/YoS_logo2.png
Preview:	.PNG........IHDR..............8.y....tEXtSoftware.Adobe ImageReadyq.e<...+IDATx....o..}..g.j...I.-..{..j...Wv..k...g[...nQ.(P..@.$.\......\|...l.6.....Z......_...eK...3.n..".......v5K..yH...;.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\bvi-init-panel[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	325
Entropy (8bit):	4.85647345649387
Encrypted:	false
SSDEEP:	6:UZcnvVWYOvz8HpULrfxSb6WAtGpthfY/M0076WAtyNuofW7Mg6WAtyNjF/M7M6:UGvIYqAMrPWAGptqWYyNu9I/WYyX/MI6
MD5:	DEF314CFCDF2EFA15FA8AE8BDB9A110C
SHA1:	8A2CC66AC7CB635AE56AF03DCE1D60BA69C0546A
SHA-256:	1DB1F706E85B4A4C637658DFD5EEE8BD469DF67D55EFF17636AD0AF0454D8218
SHA-512:	E1CEA71E7584BAB046B4723DA75C5445372A5C848F76ADA164C23A0FA9C7A3B92F43199D881B62846502880D71A791F61152CD7C6D40055108D945A41F1D8826
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/js/bvi-init-panel.js
Preview:	/!.. Button visually impaired v1.0.6.. /..jQuery(document).ready(function($) {.. /.. if (bvi['bvi_setting'].BviPanelActive == 1) {.. $().bvi('Active', bvi['bvi_setting']);.. } else {.. $('.bvi-panel-open').bvi('Init', bvi['bvi_setting']);.. }.. */.. $('.bvi-panel-open').bvi('Init');..});

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\css[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	383
Entropy (8bit):	5.214674092462807
Encrypted:	false
SSDEEP:	6:0IFFli+56ZRWHTizlpdAxInVuNijFFlcQajQ+56ZRWHTizlpdAxPA7NfmrUSbyzY:jF/iO6ZRoT6pixUEqF/PNO6ZRoT6pixL
MD5:	5ECC0A36A73D04189012C1DD67E4E331
SHA1:	8F23A02FE44C869E9E6AFA45059783AED7A497DF
SHA-256:	9FCC890C938716D54135A7C7F27A95CAF16E4BB89C89EC8D33C8FAA5E6F25B53
SHA-512:	1D931146BEC801256D7A4FD6CC20D9CDBF8EBA53431F1C8FEAEFE30200F9F35900D328AF96B4201B269C2E527B1595EF4819A0F17327E738DDF76014371CB957
Malicious:	false
Reputation:	low
IE Cache URL:	https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed
Preview:	@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxM.woff) format('woff');.}.@font-face {. font-family: 'Roboto Condensed';. font-style: normal;. font-weight: 400;. src: url(https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7Cw.woff) format('woff');.}.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\education[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	28567
Entropy (8bit):	5.306698637371778
Encrypted:	false
SSDEEP:	384:454VR3hitbmmOYA98IwZ93uGtDH3af+A+Yl:454VR3hitbmmlAPwZdj3c+A+Yl
MD5:	C7682CC9EE151B4B76D37B673698873F
SHA1:	103BDA218FD53B52DA573D46D05B4D8B25466353
SHA-256:	04338B531FF82FF17A8129BB03C2B4779948DCB8AD529B18029B45F25C1D87E9
SHA-512:	BBCA5E9C61D658B9B2CE69AB7931ACD17932BF53481DCDE103DB8F5D6350D5A9399F74C9E5116DD23C1AC987F063D29E30A341B9D880F8177F5FC0AD1A12C766
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>........... - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</script>.<noscript><div><img src="https://mc.yandex.ru/watch/64573390" style="position:abs

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\employees[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	605279
Entropy (8bit):	4.942685908164373
Encrypted:	false
SSDEEP:	12288:HJ3AWWyk8HRdhxybUCqbrYTHamacmHggMrspn3ZGzvndzN84AS6p8VITJ2I18JYn:HJ3AWWyk8HRdhxybUCqbrYTHamacmHgs
MD5:	EAD77CA08B3C91189AF88C5362BE2449
SHA1:	D89869EA8FF94F8793C99755FCD9D1CB09F9AE9B
SHA-256:	5CFDEB573050FFE37AAD0A0F4C0D3C2638AF3235C19F67A74B89F953D6EA3F6C
SHA-512:	A4065EF4335930ADE6320EBE9535D24F16A6360F06EE0D060466241760D104CF1E6F377AEFA98986C95922042006BCA161251F5CE22F6706044BCD214B0DAB56
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>............ .............. (......-..............) ...... - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</sc

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\favicon[1].ico Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	MS Windows icon resource - 2 icons, 16x16, 24 bits/pixel, 48x48, 8 bits/pixel
Category:	downloaded
Size (bytes):	4662
Entropy (8bit):	5.9014021599977005
Encrypted:	false
SSDEEP:	96:EmMf+fUbz0mPh00H+UlD1WMV5fHjcAKngi:Eo8bz0mPh/HL1WIHQ9
MD5:	D6EDB9D53D2621838F850D9CEC3C0E7C
SHA1:	CFBCE17BEECA9CE6E8BDEFE1290AA9771A4DBD7F
SHA-256:	B80894E1F51BCB45439285ECE98F732BE41800AEB2C1B7B52E598B9691DB7FC9
SHA-512:	0649E077B29608572D38479785E2B3BFFA0F0F71EA0C3B5DEA5741B0FCA1269254F8112844F21848E9DCFCEC96979A2B4189EB59E8119027C7312320A14A3009
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/favicon.ico
Preview:	..............h...&...00..............(....... ..................................................................................................................................h`w5FO=HV4NT@Wg......>':GBbu....17.....................GTb......;.K...8CQ4LR.. ................!1;Q\To....3R[..@Mr...1.........%;FThy.........@^_7;k...#.@.Kj.p.....Uu..L.co......;R.......66<+CC...Q,6.Nui9......EU.\.K.-......@Sh......6FR/EP.>\.Fj.j...............]~....&7 4E$MV........,....Ox...2.S.............3.(....!2.......#*.1<.4B.19._............y.......+BJ@[e7\j......);Z.L.....Jg.Xv.et1.@.s..Mo.Kk.....k............ .A.+7k..j..Bh.Ts.n..No.Ux...'r{:W^/NO..........BT:]g.........y?b...`+F.........Lfr.%0................m.......................o....................yU......................J:).....................s].xd/..jPJ".....................................................................................(...0...`.................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\grants[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	14794
Entropy (8bit):	5.4008981749053575
Encrypted:	false
SSDEEP:	384:F54VR3Litbm4/JOIInqQ0H123uGtP+h+Yl:F54VR3LitbmJdMeP+h+Yl
MD5:	9172A9529A46B832994982950B8FB853
SHA1:	7CDC0F0A08A658B678D0BC51D1792C7E42CF5D8E
SHA-256:	EB3A806964FAFE577BF33F1812BA01CD475E2D86A82B688AE952AE85F800E130
SHA-512:	E1F1386E11933F342EF77E98F46DB85DAFB934866008F2A3129872610E6FD2051B9DBED312310A3D7F979E04EB0117F9CAA9355B7061558E6A2730BA87055E46
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>......... . .... ......... ........... - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</script>.<noscript><div><img src="https:

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\inst-coron.5d9bda69baeaff49f4ea93e898a86ffd[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	23011
Entropy (8bit):	7.972702668738826
Encrypted:	false
SSDEEP:	384:W9+eY0sOEiDLVXwv19H8ZnBR9LcFhnvH1fjQcdUDKkf5xbZ4uK1n4Lo:UEuEiF49cZlY1H1fEW2xhFZ4T1l
MD5:	0BD03AC14AC9FE95A481331FBADC91B5
SHA1:	E02E408B2D36458499F0F64ED0528050CA83C071
SHA-256:	D638F21BBBEF3544E083DAA78C20B60DA0E1A4ADFC4BF4B34DB56570BA96FCD4
SHA-512:	E50C1EC523CB653AF39D21B2CBD3D1862DAFB40695490AE0EB69541288DAAA1784081BB80330885DF21193E36805B97D7153D434208BF331D00522A9FC5B4F2F
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/inst-coron.5d9bda69baeaff49f4ea93e898a86ffd.jpg
Preview:	......JFIF.....`.`.....C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,...."........................................P........................!..1..AQa."2q.R...#B.....$3br.....5CT..SUcst.478......................................3......................!..1AQ.."a2q.......#B...3r.............?...QEz..E.QB....of.by...u...HY(..Z...F....->.....V....>P....P`.A.`.z.....lT.W2o.i.F.....L.N...q.........Qa....5...b..a.#..T.I.....+..<{C....wc..<..O.^.....+.......!.L".s5...O..U.n...Y.Y#o.zz.#\..iz..q..>3.!.Xz...%`.5.....nh=2~....u.1Uz..m.E.3.:.~&;.Q...c...&.C....N...4.....T..:.Sj7.AR....^59...1B....qRd..vd`.2.....v.sr...w....V...r.....c..7.c.OM0.).p.s..#......td.b..U..]K.(..'....L/y.<........R.->0,3.....:z..Ij.m3s$x.}.}q.....kmh..........'...8..-...PJp....V...($"...j...B..H~c...iK.p..s..g..:....g`..B=iJ...a}GC.7.$V8.lF...i.K..].R5..!....SaY4...&...><I....%.K7.F.^U@=1...R..!...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\licen[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 350x507, frames 3
Category:	downloaded
Size (bytes):	64544
Entropy (8bit):	7.968279899783747
Encrypted:	false
SSDEEP:	1536:iDsfTmcZ67s4RkvAHyl3ZBsgAqc2WqPSMewpe2ef4jr6IKXEs:LS4qs4AB1Z+gct2EkeJKaEs
MD5:	A27D5AA05B86A5378C77ADB3CED53C25
SHA1:	986DF75616936199D4D6681BAC18B3316BCF17CB
SHA-256:	87FAFB118781F51657A1D0C3C5C66E2BB5E46EEC106C2FED83AA5145F70865DF
SHA-512:	095B9F79E87DE437CCA61FF4C5EFF6A14C886FC39702238CC52C18BCD7C8FFB0F98B0DF1AC8DB86538C14E2758139640555EAC6D48ACD87D000253D1F6F5AF2A
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/licen.jpg
Preview:	......JFIF.....`.`.....C....................................................................C.........................................................................^.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?....\|3...4S..k.:f..:..,,]y=..x.W.g...\|i..{.......m.).c.....o.78= qSx......Ih...V1......0....'..wF.]?i9[.T.5+$pi.#.?)....A#......M#...<..@ rwk...?_..>9.N..p.g..(.....+..n7.K=...LQ$`$dv..9n.......Im/.\..tC....#..5....V]vB1..\|.?.Bx....t..?.9'....&./.\|Y...wK...!...]..b.y.oNA..k..?Y\...S.$..dpBSw..A.......;\|..]....A.....h[..;'...J...fF..z........O....f..[.ne..C....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\new-12-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	15348
Entropy (8bit):	7.956228389248102
Encrypted:	false
SSDEEP:	192:GiEt6jSPbPSbbsn1+yitTZtXcfHRh6DbO4Sy4ySmoUH5ypSf2kpIso71qCjbbhSB:GV6jSwtMfxhwO4Sl4oUgYvpevGJQ+Fz
MD5:	565D6ADD04894FCC1C74AB8AA69E40B3
SHA1:	85C670F72DB8E6DD574D76128713EF9945C2A5CA
SHA-256:	3C367EA316D5106EA05880B137C95E76250135D3C7B101C0A6F216B10FE34D10
SHA-512:	761F5410A4B81B33E425B3C9A886C1FC5EEADC7F746CF03E46A0EF367C0E722E9F099FA28948E964D70CD0508264379744A290908BC232E064B8CBD4B770C794
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/new-12-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg
Preview:	......JFIF.............C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,....".........................................S..........................!1..2AQaq."r......3BRb.#...$4CSs...cd..%56......DEFTt..................................5........................!1.2AQ.aq."B....#3R.....$%.............?..J....!.!.@.Bkt...f..T.MI.v..Wl........r.[s...5..Q4..bi}Q...=....a'KS]...>..u.+..kMQ'OQ]..W'.R_d.K...5r~..}.`.8.x...\.....P..H......x...@}.}L..M.\|\.E.:.t.)..+G.\|.2..>.%k.....~.3.t.o.C..#&..G.Z..W.......b..... =.&.............r....jK_.@+.....Y..k...gKR[..O.&..sC....)....e....@{....f...V.C.)......;.ZI?E. .....u.m.={.ZG\|....H7...)..+.k!..G. 4..Q........i>..\|t-7Wx.../2..........\|e.\|...D.}.9T\|j.>K.!..)>.,..M?.............C.?....@w.}!..pl:~.h..j.I?.].F\.o.v...M.5T..G.%.~...ys..*.C.#..?W.p...9...z..S..146645.u..Q.B.B.... .!...B.B.... .!...B.B.......'.q+.r..-.....EYp.d..........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\pdf[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 87a, 29 x 30
Category:	downloaded
Size (bytes):	1502
Entropy (8bit):	7.7547407133698885
Encrypted:	false
SSDEEP:	24:I7Z+YyxiSP3M/A0fjtI68FkOOHsz4Vi/Sdxi+jQtVuoZrJru1wyeP8ylHzeLMMFk:vi88nf+6Sao48Yi3tVuof8ekylHzeIuk
MD5:	28E7DC65D023AA45423D13C673D312EF
SHA1:	B4C9DA744ADBD76F0543C224035B849CD45D37BF
SHA-256:	4B088635EB269FDF62B814FF7DF64F7822A4DBC1BD25ED117F061F7A88EB8171
SHA-512:	5C28C6376A06355D9B5720CFA1A8A98CC658CEEBA45F951F777CC2BC74F445FCD8CAEEC40C7195EBA94593BD361A8667E8CAB741C4D51678151AF9B69E3A00D4
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/pdf.gif
Preview:	GIF87a....w..,.........l.....v?>VVW]__^`__``ceemnnsttwxx{{{.....................................?=."!.-0.34.>=....................... .'".44.AA.[X.TT.]W.\Z.BC.VU.ZZ.e`.hd.dc.jl.NL.MI.TT.TW.WX.YZ.ff.wx............................. .,,.65.,$.).&&.,-.53.5<.9>....#$.7:.45.::.=A.=A.C?.@F.NR.]].FI.OR.UK.QU.VX.XW.QT.\`.bc.kk.xx.hk.ag.mk.mp.qo.xp.wx.AC.GI.YX.B@.eW.bb.kj.{v............................................................................................................................................................................................................................................................................................................................................................................'p.9j..Ns...5b..I.HQ"<}.5....f.p.5......jT.#5e...F..+8p.1C.)i(wM..EJ.6o.(...?D...aC.V.....(.Ri..K..M......_.(...$..q..&K(M....1...?qg....D.!B\|h.e.....-*.#D..,X..El.P}.@...c.&+!...D..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\svid-akkred[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 350x495, frames 3
Category:	downloaded
Size (bytes):	57235
Entropy (8bit):	7.969962896345143
Encrypted:	false
SSDEEP:	1536:+3bbwUC9UrR9z2MjczJLibPyT/SIMhO+MQtEJDt:0VC9Ur321EyT/SIMhWzJDt
MD5:	A317CC5DB89C276EA856424DAD6FC96C
SHA1:	13F802F3CFC373DF6D99A40D700EA16C9804D1A6
SHA-256:	965F667413D88F8CA2AA09DC734CC96404988244FBE6A31CA5D322FDC10A8D3C
SHA-512:	9AB5F85D3F8DE51FFB56FE311AB9C07C94AF50B325CA8688D20A6EE2F061E71AD77EC941C374A175EF40088B320A93BB79C6423C01845CCBFC26F5F3122183B7
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/svid-akkred.jpg
Preview:	......JFIF.....`.`.....C....................................................................C.........................................................................^.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?...D....0.#b6....f.............G..[k..z.b....g..W.H......q..x...&.4.R..qr..<.$.....W..............'...q.#_.....o..;YIK..f...kCN..u..=...c./&X...\..O.6d..c..f..d.h.z...~.._..Tb..7..k..5.KO.6..M.@..np{..S_..<z..N..I.~...F6N....]Q......8.q.....\.I....1..W....7.S%..c.?..6....=..<U?.\|Z.5...Ie..S..n]......]>.......R...I.)##u.=H.O......=.4.G.2_.....%}..v.z.&.Z..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\tag[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	C source, UTF-8 Unicode (with BOM) text, with very long lines
Category:	dropped
Size (bytes):	663241
Entropy (8bit):	5.557176550316428
Encrypted:	false
SSDEEP:	6144:CV9SBGu2JqNl0ocwIStiq54CKeoRAfV9SBGu2JqNl0ocwIStiq54CKeoRAZLkQfw:+9St2JqNZrn9St2JqNZrjkQg4I3GadD1
MD5:	6A301A0B6A67574589CD57CDCB5F19C8
SHA1:	93B6E7521FB176E8BDC9FCBC4C18FE7ACB5577AE
SHA-256:	D101613F88F56AB4CD1C513F3D51E1DBFD34785EAEE27C6E2F4EF38329F646D1
SHA-512:	7D316CC56A6C0482B40849C3D6E3789F33CF27117D3F836A0E3C3D5E347EB5B3F224E43C70940939969F6306A438D1D88925CFBEA5C68D592DC2D2B86989AE4E
Malicious:	false
Reputation:	low
Preview:	.(function(){function Qb(Z){var Ea=0;return function(){return Ea<Z.length?{done:!1,value:Z[Ea++]}:{done:!0}}}var ec="function"==typeof Object.defineProperties?Object.defineProperty:function(Z,Ea,nb){Z!=Array.prototype&&Z!=Object.prototype&&(Z[Ea]=nb.value)};.function ce(Z){Z=["object"==typeof globalThis&&globalThis,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global,Z];for(var Ea=0;Ea<Z.length;++Ea){var nb=Z[Ea];if(nb&&nb.Math==Math)return nb}throw Error("Cannot find global object");}var Wf=ce(this);function Xf(){Xf=function(){};Wf.Symbol\|\|(Wf.Symbol=tj)}function uj(Z,Ea){this.Th=Z;ec(this,"description",{configurable:!0,writable:!0,value:Ea})}uj.prototype.toString=function(){return this.Th};.var tj=function(){function Z(nb){if(this instanceof Z)throw new TypeError("Symbol is not a constructor");return new uj("jscomp_symbol_"+(nb\|\|"")+"_"+Ea++,nb)}var Ea=0;return Z}();function vj(){Xf();var Z=Wf.Symbol.iterator;Z\|\|(Z=Wf.Symbol.iterator=Wf.Symbol

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\G62TDH9B\visio[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 29x15, frames 3
Category:	downloaded
Size (bytes):	1085
Entropy (8bit):	6.137901110873271
Encrypted:	false
SSDEEP:	12:tXW//oCF7zAf6arfYRoaD9c4XYplLIf9Np5BBVVmEdp1zFSH44E74quHsl8:MlfACuYRoaJZIplW9NppSEdXzFSYUq98
MD5:	528E8CA46B48E48A9635579E676A5289
SHA1:	36EF9F0951B359D768B1854701FC7B62529249CB
SHA-256:	CBB52EE39B6D255DBA9C422421A3958A5F91358F9A9772590BCDC5B98A4D2319
SHA-512:	C32BC700132FA6F435A4237491FB83093D288DA770E7C3ED19AC4AEC32A96D9169C35B2868EF336D9793186A4812139B05D2E51EEDD7539EFF2467D1DDDCC05E
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/visio.jpg
Preview:	......JFIF.....H.H.....C....................................................................C............................................................................"...................................................................J....7k*/.........................................}..'.\..5.n`u..1...X.p.=.%=~S.....................................?.?..............................?.?...!............................."$........?.1...^eK....}......r...8..sDe.....PR.q,.J^.!a.....F.F.V\...ub.\|Qn......A\....._.%D;y...........r..r..QC%...].-...5..:=,F......6C.`jm...U:.q...+i...)a..P...NA..].........O.\..tt.s..."...F7.Z<.!c?.F=v.U.>s.t....._.> ..$..2..o..j...#.A.[^.....bXP..5...rvW....f<d.\...5.U~k/Y_./.+Yd.l......l.q...W...v..B..Z]..h...N\..v1....@.FR.%..@AS..............................!........?!....u...a.n".t.yu....a.8.........:..!7#-.98......]d)R.m.L\9^.$^.j,.I..............................................?.?..............................?.?..................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\5G49DE11.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	37879
Entropy (8bit):	5.0932542734468935
Encrypted:	false
SSDEEP:	768:0564n3xitbmbVq6u0s7YH8n8u/2/sEJcwjdyyOrTgF+Yl:05d3xitbmbM4sEJcwcyOrTgF+Yl
MD5:	609EA3E918821FE543378F90AE42674B
SHA1:	27436982ED5E63585F592B8BB16AD2CA01AF55CD
SHA-256:	05EEBDDC5641B32AE63757227E2704BABF3DDE68F40230664C6374930B1F594A
SHA-512:	2622E3D3BC45F54B5674EE4B287C3AFB41817729EB6EB5B306C57D8E4580FA0ECA31CD6E5784668418369FC41A25B8C9193D4FFEC73455DA73101E51233505F4
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>Home - eiubp.ru</title>.<meta name="yandex-verification" content="280540c6c39efd8d" />. <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />. .<link rel="stylesheet" type="text/css" href="/assets/css/style.css" />....<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>....<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</script>.<noscript><div><img src="https://mc.yand

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\5KNJP0BI.htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	37879
Entropy (8bit):	5.093223819781275
Encrypted:	false
SSDEEP:	768:0564n3xitbmbVq6u0s7YH8n8u/2/sEJcwjdyyOrTpF+Yl:05d3xitbmbM4sEJcwcyOrTpF+Yl
MD5:	E3B832361616BB1BF32AD910EC5FCAE3
SHA1:	0D48490B17C00EA9D83F0BE99B8B9D1DD0D44B82
SHA-256:	0D37EE847935ED440C81121293712726F6B21A0685D1BAC0CCC63228AB0CCA59
SHA-512:	B16B1FFB092E1CF00D4F6F4D95BA71ED0DDA24AFACCA568EB58B3FC930F1839DCE12B91D3D2AE6F4CE6681F5D27839D49E40621741E8E3B484BA3E0F505BAED9
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>Home - eiubp.ru</title>.<meta name="yandex-verification" content="280540c6c39efd8d" />. <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />. .<link rel="stylesheet" type="text/css" href="/assets/css/style.css" />....<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>....<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</script>.<noscript><div><img src="https://mc.yand

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\??%20??????[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 486x250, frames 3
Category:	dropped
Size (bytes):	55866
Entropy (8bit):	7.884082409341063
Encrypted:	false
SSDEEP:	768:J/5Hmd2GdIVTMiVsZlyCJPRUdDIFWqB6cQ1Pt3qKBkY1TBvQCvv+ky3kB:J5mpdUFVsZzJPR2DKDutD+Y1lv/V
MD5:	D2674E0D9B014C06C812D7CABAE86C3F
SHA1:	720C6C0FDAC2B6456E701FD60D238F75E4CDF66C
SHA-256:	822C7F54A7CD9A2C26271AD31A70FEA66489817F91ACE3C27BA86E40E2B16338
SHA-512:	CC717444BF2CBF703E253F9AD7248D4833739936BCF047727166FDD3F908E5726D60DE5A9D4BBF14D2E26BD04B2772D5EE01183BDC4DB4633DFC0901AC97C413
Malicious:	false
Reputation:	low
Preview:	......JFIF.....`.`.....C....................................................................C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?.....(...(...(...(...(....l..."w........,..zf....Z)..-+..(...!.KQ.O..ON.......q.k.g........4....x..=........B-.t0.\.c.F.............?f..\|@.8,.3..u....[&0..\|.W./..&_x...y.;..._\\|e..u?.,u..&...H...e\|...N.$.,N5.)F.}..u.0U1Rp..\...T.7+...:...O ........G...?k..'.Z..'..o.....n...o.6...1\..j.`.s&7.J.U.~.4...=...R.HQE..QH...~^x4..S.Lt..i......3....R+oPGC.-..QE..QE..QE..Q

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\????????.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	dropped
Size (bytes):	13343
Entropy (8bit):	7.924411455598647
Encrypted:	false
SSDEEP:	192:kn3fpbHtj2Pwc6zX44Tx790FggGE/MM3Hvo4c3OfbJq55P2:kPpjty4c6r/Txo0OHE3OTk55P2
MD5:	DE990FC08D792F3148CCC0A4064DD9F2
SHA1:	4533851EECD44CAAE0C0EC8C4812A6D680DFDEF9
SHA-256:	1CD2981B1B58F05EF3BB655BCA83ED963058CF5986CF700EDCF4072556238FCA
SHA-512:	E97BF4B3244B53AE80D984942D4970A482572FB062B61AACE806E76D310331EC108F0014E38388D830BA704A2FD611B76B8A62F396CB9E6B71CA34A93DE008E2
Malicious:	false
Reputation:	low
Preview:	......JFIF.............C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,...."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..(..8...(...(...(...(...^.....LM...........#)HTL.N(.9..3Vs.`...4iK.U.N..H..T.."%J.V...F#..8.S,u"..AUc.P.........).....A..l..`4X.hR(}).......,5P.c..U.1...A........N..66...J...>..$Oj...2..W.j....T.uBe.^j&..H.]...GDdDi).q.m#U.QE...QE..QE..QE..QE..QE..QE..QE..QE..QJ.0`..OAH..SF..Fm.D.1..64.}j..9.....H..f$.H..tN......9g!..#..S..=...#.H...P..*G.X.L%2...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\common[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	16851
Entropy (8bit):	5.218254091231382
Encrypted:	false
SSDEEP:	384:D54VRzGitbmqjkHUwy3l4FgRKWZyh+VQi4T5Fk2um58i4T5Fk2wm5HC+3+Yl:D54VRzGitbmqjkHUwy3l4aRK36Qi4T50
MD5:	1B0287F24A05E8A3D431B6FAFFBA1508
SHA1:	F9497B5273C25E6080AE8C2A11C4D08444E8CCCF
SHA-256:	834FEAACAD8D81DAE14E715C67E4B07827FA6E559410C3E51B5F399FA377FC5D
SHA-512:	7D76580F7CB68D6A05F97B80BD222154A0AF82F314BBC860C6D6961A4935D6C0015E0601CC5463D699176B4C0EEFF77F6FD627EDE44935332C2EF2A39ADF9398
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>........ ........ - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</script>.<noscript><div><img src="https://mc.yandex.ru/watch/64573390" style="p

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\document[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 20x20, frames 3
Category:	downloaded
Size (bytes):	926
Entropy (8bit):	7.205060299312022
Encrypted:	false
SSDEEP:	24:qio0XxDuLHeOWXG4OZ7DAJuLHenX3DPKVondLU2:ouERAxndw2
MD5:	BC38B2CEAB67E88CFA08E44555C6608C
SHA1:	8CF64F89CBE2869A8130DD7342720E56A6DCBEE3
SHA-256:	837F997805A037509C63E9ED7944DA0AB1D7D7E56A94C487B09BEA143A512302
SHA-512:	2EB1159448487E10E6430B0CFE317B3AAD4871A1C8A5C53A08157FCEB726ED2EA31EC25FCE4AFFF46B8F0DA1D037666ED49EB479C3944C87CE8F898165E6FE8A
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/document.jpg
Preview:	......JFIF.....H.H.....C....................................................................C............................................................................"............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?......MgW[..[K?!#K..1...o......^s._.'.\|:Z.[Y.....6..`....#.$..9...>6.w........2I=....)P!~v.e.^.G....k..j.V........<RG.........}{.......Y...m.{.{.\|.+.(M.......}.gw..i...[y.d..FR2..h.........B...@.W.Mr.}$].O^....;.uw..;(Gh'x...pS.2k,.......w....'..EwS.V1II..,.Srm.}.ckk...V. ..." .....+......

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\gerb[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 65 x 70
Category:	downloaded
Size (bytes):	4068
Entropy (8bit):	7.596037579194824
Encrypted:	false
SSDEEP:	96:tdFjY5o+Mc1betty7h95KSm1bzAPXn2MNqO+LTM5BCiqXueb1hlpq5:tvs5oFc1Stcr5KSyg+McO+yBCim5dq5
MD5:	FFF8B08BDBD781C18EDAE20D86852762
SHA1:	FDA8181FCFB17489E5006D47FBCC1F1A0AEDF3A3
SHA-256:	81EA92D8931F54D698C3F8BC78E5188F3CE88B8B435CFCD077B7585CA4AA6FF6
SHA-512:	01BC1C3ABE39246E88AA970666A7689DDA334D94DC0144B58E72A934A72E8D9593202CEFFD1191E636D8489A75AF17DB7AE1410013E793A2B53B48646FEC3479
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/gerb.gif
Preview:	GIF89aA.F.......5(.G9)mM.G4.PE1...vX.b<.5/+.p....hM3._....)..ueQ...........R@.lTL..t...o...ukpnnQPP........lLpR1o/3KV[fX4...q.,..........x..OO{e..nUWerw..ze.e8v...........o.;DV..!k...W......V>A>......[FxP,T............V..t..\Fi...l2Kh..AKfdu.....W...Ld.g..n.;.......e\|.}..e....;l[x...,Uh....P.jW..lS..;0d.P...M.-...X.....L2..R..h.uv.u..v{..Pl...q..\q......p.Ki.mkq.1J.P.Wqge..k7LpY........Ou.......w..g..u..Rl..q.N......q...W....ON.4I...JXi..o...........z..]>......\|.....5.g..4.tU.......&y....QK[tSYt5.Mj...x.5Mz....G2.:....Y.......m;.CJ./3P..$...j......s..........L..c...qz....jxv.....B-...q..g..v..h..9a.i.........n).7v.K\|....k..G....>n....[.._.....(U......?..Ki....EKp.?<..4.k4ek.^........OT........................................!.......,....A.F........H..A....b..C[.J.H."E0.l\...G,6,..iP..-.$q.QG..%3T..!.%*X.h.i.&G.b..:P...KLU.))..VNp8..D..C8...1C..={ ..T...6.@......"p..%B.....dh6j...}0I.r...+..N.d'..O..P.w.@......IS0O.xY"I..5k..Q!I.',.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\new-01-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x300, frames 3
Category:	downloaded
Size (bytes):	23086
Entropy (8bit):	7.973543601199081
Encrypted:	false
SSDEEP:	384:pWUZ2Igsa+F4ejc6vQJOHsV6dJYSXuyhXluXB6qDRXoDdLKP66jhjKTcQHQK3PQn:cUZ2Pjejc6vQ2diSX31lwBpNBPpj5SXW
MD5:	D52673348D86E1E93AFECB09FA538794
SHA1:	F9E527B38B7C9D9F44FFB87B0CA9C32948A723C8
SHA-256:	7A1BB80A1CF8BE243EDB268F3C0959599C9EE40DBA7BC0567B1731EF37A116B2
SHA-512:	7EB343D273A728D7C4A87DA4C5FF4908E864AA37EA4ACFF2BCB455A9B1A65F68017641EE6BFCF5E75D85C06911083773D8824224A8A5828F2C6516DFD6C3FE18
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/components/phpthumbof/cache/new-01-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg
Preview:	......JFIF.....H.H.....C.....................................%...#... , #&'))..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((......,....".........................................H........................!..1."AQaq.2..#.....BR.3b....$r...4CS...5DT%..................................6........................!.1A.Q"a...2q..#.....BR$3b..............?..uuuB.\+..B.F^.Z.E...-....1.Z...p.ie.l.n...&L..O.s_7-...S\|...c..6.'..........Eq. m...=.":...-.J...m..~......."^Urz6<.1^D.\9.M\|z....N..G....K,...g../..=..V..;...B..........F=h.bfc....).w.b\|....w\|....A.....l.832..q..)......y...R...U.DrF.2.R<>..z..?h........o.)f}...r.y...yy.A.3....%..A.<.B((E.(u..v.1..S8.....,..X.]BWKKDY%D...(>...U..].c....\|......T.Z...g....-...i?!....Y[.......^.t.b..z.Z#...^........M.........&.Z. '....T..d)ddA.E.>.&dV1...RT`.za.X#X......./S@...Q..D..1.w....O.....b.4.x.l....(J8#X.C..w.sR......8..w.@....uB.h1F..H...(......W....P..P.`......]G..M.G....I@-.<..T....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\pep1[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	[TIFF image data, little-endian, direntries=0], progressive, precision 8, 75x75, frames 3
Category:	downloaded
Size (bytes):	2201
Entropy (8bit):	7.42759480183783
Encrypted:	false
SSDEEP:	48:XcejnrGa77n7nJgUbIytlRZQ+T0lJkjpsDxp+2l7ur:xB7mUbNf0+Tekj6fpa
MD5:	F93C4F098F91CBAF7013779DFDD29EB6
SHA1:	E2527D42E4D2FC9EFC7E290C243609958BB03E87
SHA-256:	581D04A0DF1B8BBBE702861CEB2724963CE1D1B62C5D3AE776012E755442B6A5
SHA-512:	036796EAE0EB9FE031B95A3C8749FDA14E82E79FAE184CA9534672DD697F3096EB6834F407E791A9885EFA0DC52E9832E86C1E38473DD68C0ED4F879EDD53532
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/pep1.jpg
Preview:	......Exif..II................C............................. .....!%0)!#-$..9-13666 (;?:4>0563...C...........3"."33333333333333333333333333333333333333333333333333......K.K.."...............................................................................C6.h8G.S......8..2....\|........_...e....Z..q(.drgC^.v.t...;.]...Z...,........(.7...Y...@.....$........................ ....!"#$0............).e.&.8.Xl% ...[!kd..q=.x.sf.Y-fM]U.~E.p..`oW0[...q<..B.%..X.&.,d...L..a.....\n2..*....v.o_...6.....a..3j}X~...$...B...E=.,C:...r..!.?.... ........................1A.!"Q........?...T.g.....~5#.....2..........eI.d.kT....T.o...R..3...?... .......................!.1A."Q........?.Q..,........}.<.u.}s..../.R>.:.ldq.Q...Sp-..A!.H.....1.......................A.!1. "Qa.Bq..#023Rb...........?...M\|Utj.E......3.i.\....O.....K.1......<.1L...6.}/.L.s..SGM...p@@.l....n..A0...@.F[...0V....rT......Yp.fA.7A..6....e&8.....)...7..:T~.d..[g...C3.....k.w..>.......k9 .M./.U.#<...dt;.n...g4.r.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\str1[1].gif Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	GIF image data, version 89a, 30 x 30
Category:	downloaded
Size (bytes):	1323
Entropy (8bit):	6.102714563986048
Encrypted:	false
SSDEEP:	12:3HufY66PgP5ODv9TlPba7772cD4otbbEOmtEgJnjaSdYiFfdWO6jDSBFVDSvp:3HgY66PgPoDuiotwOEJF1WpDIVD4
MD5:	865ED0C4C2A3F336B12B1570241E771C
SHA1:	D78DA2DDAA64D28A8BD67B71EC58CFC7BB6F84F1
SHA-256:	E3D64F29AD66ABF0AB7A9D276BB2BF39A0502DC7C93FBED4695672183D4D1F5A
SHA-512:	4A00A050EBCA7C2744B4B95F7DAD3B5EFC63AC21C7D36EDA5E6BBA7BD05ECB4FAD59DEA9C5729F4F56933ABD88E8E8E6D3859550F64092898044AE28A7BE0136
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/str1.gif
Preview:	GIF89a.............................................................................................................................................................................................................zzzyyyvvvuuutttpppooommmllliiigggdddYYYVVVUUURRRQQQPPPKKKHHHGGGFFFEEEDDDCCC???>>>===999888777666555444333222111000///...---,,,+++***)))((('''&&&%%%$$$###"""!!! ........................................................................................................................................................................................................................................................................................................................................................................................................................!.......,...............H.......H`A......HH....R.....$3.P,....8y.1..M.:x..8RA.2\|.!.'.2q.,.@...=s..\..LL......G.O6ov.-S.........)k..1C......!.S....Q.F......Z......!.L.+..6...0 ...p....t.h5#....O....F.f..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\struct[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	53018
Entropy (8bit):	5.236460275570152
Encrypted:	false
SSDEEP:	1536:XM5UGGitbmMPVQPl8B7hzhx5T0lUW3nIiwLqbQYgiVEQJrhIpkhjw+X+Yl:X5GGitbmMPSPasNI+X+Yl
MD5:	F3624477F13FF822103A3337DBDBF3D2
SHA1:	7F558FC155C609159457514A02F3D346C713CDC7
SHA-256:	311118A7A02AABD6E7125AF31833397CC8A6D57055D08E2C782D6F749EC59001
SHA-512:	43C95458CF48F54094BF5D7652C7FD51CD3AAC2B07F85CDCECD182547F2CF3D88BB672CBC6FF7BFB275F51B9A298AE3D2E52439310092453F144C804CE807D4A
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>......... . ...... .......... ............... ............ - eiubp.ru</title>. . . <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />.<link rel="stylesheet" type="text/css" href="/assets/css/style-spec.css" />..<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>.<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,. webvisor:true. });.</

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\style-spec[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	26081
Entropy (8bit):	5.470222607787918
Encrypted:	false
SSDEEP:	768:a/ycSJtK+dewMIttFIF4UeF1HFwloEF5pr8FTi:atOtFdewMIXSCUeLHCFtAZi
MD5:	D0FB2690CF39E8664121B88DD6B6910A
SHA1:	69586BCA753F9F5A213EE293C213A3472D200BCF
SHA-256:	5C4C9DE0611979025226331DD6A01C5A0B5FC82270C70CB398AAD25F4EE36370
SHA-512:	9BDAAA6ABDCC0061E555BD9D884EBE7A434164113CA40674E7CAA499A83800F66D4843C69F7C6604451F2FAECF2672BF82E169A1B7D65A18141E05878E88D817
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/css/style-spec.css
Preview:	/* --------------- reset.css --------------- /.html, body, div, span, h1, h2, h3, h4, h5, h6, p, em, img, strong, sub, sup, b, u, i, dl, dt, dd, ol, ul, li, fieldset, form, label, table, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, figcaption, figure, footer, header, hgroup, menu, nav, section, summary, time, mark, audio, video {..margin: 0;..padding: 0;..border: 0;..outline: 0; / ........ ....... . ....... ....... /..vertical-align: baseline; / ........ ... . ..... ....... ..... /..background: transparent; / ..... .. ............ ..... ...., ............. .. ......... /..font-size: 100%; / ...... ...... .... .......... /.}.a { . / ...... .. . ..... ...... ..... .. .......... outl

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\style[1].css Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines
Category:	downloaded
Size (bytes):	30143
Entropy (8bit):	5.478084475383491
Encrypted:	false
SSDEEP:	768:amh5S3h08WdFUiFAGhvMIttFRF41nmuedF1HFwUoVY3C9FTQ:a0ehwdyi+GhvMIXfC1nmuedLHCfcC9xQ
MD5:	1022A86C0FCFB9860139F27AD01FD903
SHA1:	F498204793163D7AE46135C3CDFA42351CDA8982
SHA-256:	E791E10850CB0FEFAC629D1CEB2AA39A63FDDB6248E06EF8DD2CB4FF45E7523D
SHA-512:	E105B13C2092BD5A7022BB8C36A1196FDB7F382593BE52377E939C721E741EC4641E1E6FDFDCE61401F1D7964F180A49B45CF4DA4119AD1A45A076B84BC8AC8F
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/css/style.css
Preview:	/* --------------- reset.css --------------- /.html, body, div, span, h1, h2, h3, h4, h5, h6, p, em, img, strong, sub, sup, b, u, i, dl, dt, dd, ol, ul, li, fieldset, form, label, table, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, figcaption, figure, footer, header, hgroup, menu, nav, section, summary, time, mark, audio, video {..margin: 0;..padding: 0;..border: 0;..outline: 0; / ........ ....... . ....... ....... /..vertical-align: baseline; / ........ ... . ..... ....... ..... /..background: transparent; / ..... .. ............ ..... ...., ............. .. ......... /..font-size: 100%; / ...... ...... .... .......... /.}.a { . / ...... .. . ..... ...... ..... .. .......... outl

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\sveden[1].htm Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	16983
Entropy (8bit):	5.337862230380443
Encrypted:	false
SSDEEP:	192:fWZTF9hi/4+4uF3gmfdij5qexNM4zKV4A328L7n9BIm/86wAl7XOTJMh4C+Y9D:fW5I4k3xitbmbhVBtIIF+Yl
MD5:	FE411E6947E0F94D79F996A7A693EE66
SHA1:	72EE3086F4E260C335074A737D67FB93DFED56F7
SHA-256:	641494C93F7BA0C55FDA1101A201FFFA2D7C893870403BD98CF0851E56C3A5FC
SHA-512:	85C6700B511B514771C30CD61E1E4A08866651E3BF4426C247F5C107C33D4C51B6D7416FAB1B353B1806A4AEBBBDA2C7F917B03B13179FB483E9189A420BC958
Malicious:	false
Reputation:	low
Preview:	<!DOCTYPE HTML>.<html>.<head>.<title>........ .. ............... ........... - eiubp.ru</title>.<meta name="yandex-verification" content="280540c6c39efd8d" />. <base href="http://eiubp.ru/" />. <meta charset="UTF-8" />. .<link rel="stylesheet" type="text/css" href="/assets/css/style.css" />....<link href='https://fonts.googleapis.com/css?family=Roboto\|Roboto+Condensed' rel='stylesheet' type='text/css'>....<script type="text/javascript" src="/js/jquery-1.12.3.min.js"></script>.. Yandex.Metrika counter -->.<script type="text/javascript" >. (function(m,e,t,r,i,k,a){m[i]=m[i]\|\|function(){(m[i].a=m[i].a\|\|[]).push(arguments)};. m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)}). (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");.. ym(64573390, "init", {. clickmap:true,. trackLinks:true,. accurateTrackBounce:true,.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\tag[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	C source, UTF-8 Unicode (with BOM) text, with very long lines
Category:	dropped
Size (bytes):	662067
Entropy (8bit):	5.557680188365287
Encrypted:	false
SSDEEP:	12288:WkQg4I3GadDkkQg4I3GadDkkQg4I3GadD1:WkVbPxkkVbPxkkVbPx1
MD5:	62E17ED55BA2357BE9BC02E65EFB1DE5
SHA1:	EA36DBC7E8AFECEF8D3075083705CCF6947704A8
SHA-256:	DA0CC1758F70AE7035FEA565E391422B49449A5EB55777E427A4441B5ADB9831
SHA-512:	BBE1D5F29DC1B36F24B4E5F62AADDF58EA7887F34736C6BE7A2D2876E8DE1CFE657E3FB6DF1CFC91891A584C37F13DF0B3254641CCBCA16C8685938EDD9A36C0
Malicious:	false
Reputation:	low
Preview:	.(function(){function Pb(Z){var Ea=0;return function(){return Ea<Z.length?{done:!1,value:Z[Ea++]}:{done:!0}}}var dc="function"==typeof Object.defineProperties?Object.defineProperty:function(Z,Ea,nb){Z!=Array.prototype&&Z!=Object.prototype&&(Z[Ea]=nb.value)};.function ce(Z){Z=["object"==typeof globalThis&&globalThis,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global,Z];for(var Ea=0;Ea<Z.length;++Ea){var nb=Z[Ea];if(nb&&nb.Math==Math)return nb}throw Error("Cannot find global object");}var Vf=ce(this);function Wf(){Wf=function(){};Vf.Symbol\|\|(Vf.Symbol=pj)}function qj(Z,Ea){this.Th=Z;dc(this,"description",{configurable:!0,writable:!0,value:Ea})}qj.prototype.toString=function(){return this.Th};.var pj=function(){function Z(nb){if(this instanceof Z)throw new TypeError("Symbol is not a constructor");return new qj("jscomp_symbol_"+(nb\|\|"")+"_"+Ea++,nb)}var Ea=0;return Z}();function rj(){Wf();var Z=Vf.Symbol.iterator;Z\|\|(Z=Vf.Symbol.iterator=Vf.Symbol

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\tag[2].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	C source, UTF-8 Unicode (with BOM) text, with very long lines
Category:	dropped
Size (bytes):	220689
Entropy (8bit):	5.557680188365287
Encrypted:	false
SSDEEP:	6144:kLkQfpQMmXMvI3G4BBIIlB7ij484P/dOJ5C:WkQg4I3GadD1
MD5:	FB0D40BC16F391193A110A6747B4B5FF
SHA1:	42CBE055E98CD2D16C7E934A2EC075007324DF93
SHA-256:	087441CA486A8530BE0960AA2F8B462F04D7038AA84BAFFB1A0EC984F27F1EAF
SHA-512:	02773997ADE6B89E5793497334C1CC78BC02BCB5D7A023B31358F6362F873D2CF6F9424E25BE6056EBC662094E83378840468CE008BA12E59CD6F574234418A0
Malicious:	false
Reputation:	low
Preview:	.(function(){function Pb(Z){var Ea=0;return function(){return Ea<Z.length?{done:!1,value:Z[Ea++]}:{done:!0}}}var dc="function"==typeof Object.defineProperties?Object.defineProperty:function(Z,Ea,nb){Z!=Array.prototype&&Z!=Object.prototype&&(Z[Ea]=nb.value)};.function ce(Z){Z=["object"==typeof globalThis&&globalThis,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global,Z];for(var Ea=0;Ea<Z.length;++Ea){var nb=Z[Ea];if(nb&&nb.Math==Math)return nb}throw Error("Cannot find global object");}var Vf=ce(this);function Wf(){Wf=function(){};Vf.Symbol\|\|(Vf.Symbol=pj)}function qj(Z,Ea){this.Th=Z;dc(this,"description",{configurable:!0,writable:!0,value:Ea})}qj.prototype.toString=function(){return this.Th};.var pj=function(){function Z(nb){if(this instanceof Z)throw new TypeError("Symbol is not a constructor");return new qj("jscomp_symbol_"+(nb\|\|"")+"_"+Ea++,nb)}var Ea=0;return Z}();function rj(){Wf();var Z=Vf.Symbol.iterator;Z\|\|(Z=Vf.Symbol.iterator=Vf.Symbol

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\tlf[1].jpg Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 55x56, frames 3
Category:	downloaded
Size (bytes):	2213
Entropy (8bit):	7.758778455039699
Encrypted:	false
SSDEEP:	48:TFuERAKlEz/eFfm7xortT4eCRfacBMTYUo606Ts+:YErEz/eQWrtEyGi
MD5:	FF206ACB5F22ED966E02ED1ABF35BF6C
SHA1:	F0638784652FD7658B9002EE153E0AA54E1B9E90
SHA-256:	8E9E32098305D984F6F96ABE83B693DCC6DD4808AAB23730202673714B567058
SHA-512:	18E02AEF853106BF4C693ED9E67C649DD6433D03AC4445C75DE1DAD3D3B30D984059408AE745EE5BF47199D234ED24A6EBC94EB2393B8DC2790941B7B408A2D4
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/images/tlf.jpg
Preview:	......JFIF.....H.H.....C....................................................................C.......................................................................8.7.."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..S.M{.v.$..Gos.......+.q..!c\.7..c9.....ZZYX$sk....H..HR.,..b.......a.i.../...!M..]..&`.4....p..P..U...t...Q^...../.....\u.M...}...^.w}..e.M`.Q.;...Y....W..#?ZO.C.B.2x.Uw.YY4..X........>.......)....?5M.K..@pZ<18..@<..^.]...`j{...$.8Gg......:...U./...^./....<]../{mg.kE<.!.....;.>;...zV...Yx...V2.#.Q.Dh..Tt`..deX.3..9..7..sDU.Y.....c....);duG..un^jx.&

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OTUW0Q90\unslider-min[1].js Download File
Process:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
File Type:	UTF-8 Unicode text, with very long lines, with CRLF line terminators
Category:	downloaded
Size (bytes):	6054
Entropy (8bit):	5.110934735497946
Encrypted:	false
SSDEEP:	96:eu+Afzf5sAzYASx45A5AwXQPuO4WKJDyKoY7wYwnUVb71I39KFcu5r:eKb5JzYbx45A5yPuO4WKJDyBQcnWw0Ff
MD5:	15A81D4B3D54EC16BE002CDDBFB2A496
SHA1:	3949781A08A080C0271CF607275884E7288DE410
SHA-256:	D50642719C1D8EFEA6FD493783B02644AE06602E72E0A0B5764412A20C789137
SHA-512:	0E581DDC4D0E641E8F6B765B2BDFE75E8F34F37A5C3F39D61CB48464D73CE08EEC9C96CBA389C6583D23232FF2F9D7FF40AF53854E8FF52A090378A16CDD8866
Malicious:	false
Reputation:	low
IE Cache URL:	http://eiubp.ru/assets/js/unslider-min.js
Preview:	!function($)..{return $?($.Unslider=function(t,n)...{var e=this;return e._="unslider",...e.defaults={autoplay:!1,delay:3e3,speed:750,easing:"swing",keys:{prev:37,next:39},nav:!0,arrows:...{prev:'<a class="'+e._+'-arrow prev"><img src="assets/images/str1.gif" alt=".........." /></a>',... next:'<a class="'+e._+'-arrow next"><img src="assets/images/str.gif" alt="........." /></a>'},.................animation:"horizontal",selectors:{container:"ul:first",slides:"li"},animateHeight:!1,...activeClass:e._+"-active",swipe:!0},e.$context=t,e.options={},e.$parent=null,e.$container=null,e.$slides=null,e.$nav=null,e.$arrows=[],e.total=0,e.current=0,e.prefix=e._+"-",e.eventSuffix="."+e.prefix+~~(2e3*Math.random()),e.interval=null,e.init=function(t){return e.options=$.extend({},e.defaults,t),e.$container=e.$context.find(e.options.selectors.container).addClass(e.prefix+"wrap"),e.$slides=e.$container.children(e.options.selectors.slides),e.setup(),$.each(["nav","arrows","keys","infi

C:\Users\user\AppData\Local\Temp\~DF57BA4E7BC701E9BB.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	25441
Entropy (8bit):	0.28863091613861913
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9lRx/9lRJ9lTb9lTb9lSSU9lSSU9laAa/9laAU:kBqoxxJhHWSVSEabU
MD5:	E55D7D2EF271569CF3E1AFEE731ACC90
SHA1:	51F9F420EBF82B3397028FB566636C859C05140F
SHA-256:	3D7B79085D229F50FDE1F5635168A9AFACE32AC356CE79831554700C3542D708
SHA-512:	704427748E4BD3142EB5B88EFB388848FCB1BE05899BDD65ECF5C985CBF95AAFAA94A8AD9BF6ED7E88A6D8A9AA2F05B3DE2DACAA31D90BA2166169380789A9AD
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DFB31EA4ECC0EDC484.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	13029
Entropy (8bit):	0.4802776091629975
Encrypted:	false
SSDEEP:	24:c9lLh9lLh9lIn9lIn9log9low9lWHJNqPvUW5:kBqoIb9pHW5
MD5:	3FF684393EC3951D0A27425FCA58ADC1
SHA1:	CCA5710169C360B91DA4E18A2C05E81EF7852E2E
SHA-256:	137D0FE7461890D7A6A9F407811DCEBA9A062221AEB7AF4845E328EF62711B51
SHA-512:	AB9C7E26AD01BD4FAE01C228A8F4D97F2AEF502CA814816EF7747B0349BAD883E375DA8F5CD21E6D76466126777A0143371BBA8FD491069F48F7DF0F85DDC48C
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\~DFDE73A641DB18BC00.TMP Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	133785
Entropy (8bit):	1.111277193805155
Encrypted:	false
SSDEEP:	384:kBqoxKAuqR+rl3elVW8w8WvI7AuWC686q+utnUZ8na6952505/J+Rjd7Zu0y09lZ:7z
MD5:	D76A10B17BC1EA6D2F0025F94B7BA7C1
SHA1:	2CCF9571761BD528C39DF0DCB5F9E1FB5FD09EFA
SHA-256:	D3CD825FA88322525F41B24F205D6FFD02FA6A88CE5FBEDC30F8474E3DC10F77
SHA-512:	065B36C657B2B13A62F9EFA2F256091963D0B138AC60E592CD8B4138939DF2D94F80C46CFF07507F742B44719CC702515A81982A4F19B4573FD9785538899303
Malicious:	false
Reputation:	low
Preview:	.............................%..H..M..{y..+.0...(................... ...............................................%..H..M..{y..+.0...(................... ..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\HAIIJY43UUMMIV7ZR6VH.temp Download File
Process:	C:\Program Files\internet explorer\iexplore.exe
File Type:	data
Category:	dropped
Size (bytes):	5149
Entropy (8bit):	3.191601311032488
Encrypted:	false
SSDEEP:	48:bdioPFI8C9GrIowAsASFfddioPFI8h683GrIowAcz8ddioPFI8x9GrIowAV1H:pPFW9SQAJ4PFL3SQAVPFd9SQAf
MD5:	2B1AD11C19DC766B8BC4C8137613E145
SHA1:	1334F34E26ADDB39BE082E9856949440FC0E92DD
SHA-256:	8F15476CC5F9C282EDCAB8F0C8321A44928247802554B857048E7A99E5C87A63
SHA-512:	BD4B6FDBAC5D42DF9FC65C7CA749CF77DF2A3496085CDA3BD3030CE828CA818DB23B3DBDF70EA4DCDEC5CF5AC8C09B4DDF24C6DF07D743ABFF6BFF0D4E5610B7
Malicious:	false
Reputation:	low
Preview:	...................................FL..................F.@.. .....@.>.......Q....?.c................................P.O. .:i.....+00.../C:\.....................1.....>Q.z..PROGRA~1..t......L.>QV{....E...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....l.1......L.J..INTERN~1..T......L..R)...............................i.n.t.e.r.n.e.t. .e.x.p.l.o.r.e.r.....f.2......L.9 .iexplore.exe..J......L.J.R(......R..........x.............i.e.x.p.l.o.r.e...e.x.e.......^...............-.......]............#......C:\Program Files\internet explorer\iexplore.exe....-.p.r.i.v.a.t.e...C.:.\.W.i.n.d.o.w.s.\.S.Y.S.T.E.M.3.2.\.I.E.F.R.A.M.E...d.l.l.........%SystemRoot%\SYSTEM32\IEFRAME.dll...................................................................................................................................................................................................................................%.S.y.s.t.e.m.R.o.o.t.%.\.S.Y.S.T.E.M.3.2.\.I

Static File Info

No static file info

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
05/25/21-10:26:35.372067	ICMP	402	ICMP Destination Unreachable Port Unreachable			192.168.2.6	8.8.8.8

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 25, 2021 10:25:17.489223957 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.489471912 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.583110094 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.583148956 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.583223104 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.584142923 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.584217072 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.678009033 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.719718933 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.719805002 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.719806910 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.719825029 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.719844103 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.719851017 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.719861984 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.719877958 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.719945908 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.719950914 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.720026970 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.856127024 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.904360056 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.950001955 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.951941013 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.951968908 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.951987028 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.952003002 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.952022076 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.952029943 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.952039003 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:17.952054977 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.952084064 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.961508989 CEST	49718	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.975969076 CEST	49720	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.976352930 CEST	49719	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.977319956 CEST	49721	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.978441000 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:17.998342991 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003165960 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003248930 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003268003 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003283024 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003302097 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003309965 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.003324986 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003334999 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.003348112 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003372908 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003381968 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003391027 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.003403902 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.003446102 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.003449917 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.055567026 CEST	80	49718	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.055747032 CEST	49718	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.069576025 CEST	80	49720	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.069745064 CEST	49720	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.070763111 CEST	80	49721	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.071000099 CEST	49721	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.073128939 CEST	80	49719	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.073417902 CEST	49719	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.077658892 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.077701092 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.077717066 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.077752113 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.077807903 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.077847958 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.097306967 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097336054 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097352982 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097373962 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097393990 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097410917 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097428083 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097445011 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097460985 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097481966 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097489119 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097496986 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.097506046 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097508907 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.097523928 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097541094 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097558022 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097564936 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.097572088 CEST	80	49717	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.097615004 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.097618103 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.136918068 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.171699047 CEST	49719	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.171945095 CEST	49721	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.172353029 CEST	49720	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.172549009 CEST	49718	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.173082113 CEST	49717	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.231734037 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.231749058 CEST	80	49716	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.231861115 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.238277912 CEST	49716	80	192.168.2.6	77.222.40.109
May 25, 2021 10:25:18.265469074 CEST	80	49721	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.265660048 CEST	80	49720	77.222.40.109	192.168.2.6
May 25, 2021 10:25:18.266248941 CEST	80	49718	77.222.40.109	192.168.2.6

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 25, 2021 10:25:07.544183016 CEST	64267	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:07.602385044 CEST	53	64267	8.8.8.8	192.168.2.6
May 25, 2021 10:25:08.468698978 CEST	49448	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:08.518135071 CEST	53	49448	8.8.8.8	192.168.2.6
May 25, 2021 10:25:09.351752996 CEST	60342	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:09.401335001 CEST	53	60342	8.8.8.8	192.168.2.6
May 25, 2021 10:25:10.146167994 CEST	61346	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:10.195815086 CEST	53	61346	8.8.8.8	192.168.2.6
May 25, 2021 10:25:11.472623110 CEST	51774	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:11.530466080 CEST	53	51774	8.8.8.8	192.168.2.6
May 25, 2021 10:25:12.652312994 CEST	56023	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:12.702003956 CEST	53	56023	8.8.8.8	192.168.2.6
May 25, 2021 10:25:13.661341906 CEST	58384	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:13.711075068 CEST	53	58384	8.8.8.8	192.168.2.6
May 25, 2021 10:25:15.202836990 CEST	60261	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:15.252491951 CEST	53	60261	8.8.8.8	192.168.2.6
May 25, 2021 10:25:15.590152025 CEST	56061	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:15.650994062 CEST	53	56061	8.8.8.8	192.168.2.6
May 25, 2021 10:25:16.035409927 CEST	58336	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:16.084997892 CEST	53	58336	8.8.8.8	192.168.2.6
May 25, 2021 10:25:17.081190109 CEST	53781	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:17.478491068 CEST	53	53781	8.8.8.8	192.168.2.6
May 25, 2021 10:25:17.913814068 CEST	54064	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:17.979590893 CEST	53	54064	8.8.8.8	192.168.2.6
May 25, 2021 10:25:18.559427977 CEST	52811	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:18.597809076 CEST	55299	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:18.609191895 CEST	53	52811	8.8.8.8	192.168.2.6
May 25, 2021 10:25:18.655901909 CEST	53	55299	8.8.8.8	192.168.2.6
May 25, 2021 10:25:32.741452932 CEST	63745	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:32.793987989 CEST	53	63745	8.8.8.8	192.168.2.6
May 25, 2021 10:25:39.064621925 CEST	50055	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:39.114418983 CEST	53	50055	8.8.8.8	192.168.2.6
May 25, 2021 10:25:41.737224102 CEST	65084	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:41.738101959 CEST	52751	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:41.738120079 CEST	50286	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:41.787528992 CEST	53	52751	8.8.8.8	192.168.2.6
May 25, 2021 10:25:41.789438009 CEST	53	65084	8.8.8.8	192.168.2.6
May 25, 2021 10:25:41.796629906 CEST	53	50286	8.8.8.8	192.168.2.6
May 25, 2021 10:25:43.579190969 CEST	61374	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:43.633371115 CEST	53	61374	8.8.8.8	192.168.2.6
May 25, 2021 10:25:45.197141886 CEST	50339	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:45.249463081 CEST	53	50339	8.8.8.8	192.168.2.6
May 25, 2021 10:25:45.565414906 CEST	63307	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:45.618041992 CEST	53	63307	8.8.8.8	192.168.2.6
May 25, 2021 10:25:46.080455065 CEST	49694	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:46.138489962 CEST	53	49694	8.8.8.8	192.168.2.6
May 25, 2021 10:25:46.309287071 CEST	54982	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:46.370093107 CEST	53	54982	8.8.8.8	192.168.2.6
May 25, 2021 10:25:46.462260008 CEST	50010	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:46.511626959 CEST	53	50010	8.8.8.8	192.168.2.6
May 25, 2021 10:25:46.565784931 CEST	63307	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:46.620065928 CEST	53	63307	8.8.8.8	192.168.2.6
May 25, 2021 10:25:47.456856012 CEST	50010	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:47.506212950 CEST	53	50010	8.8.8.8	192.168.2.6
May 25, 2021 10:25:47.521543026 CEST	63718	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:47.572014093 CEST	53	63718	8.8.8.8	192.168.2.6
May 25, 2021 10:25:47.637173891 CEST	63307	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:47.689718008 CEST	53	63307	8.8.8.8	192.168.2.6
May 25, 2021 10:25:49.076423883 CEST	50010	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:49.125677109 CEST	53	50010	8.8.8.8	192.168.2.6
May 25, 2021 10:25:49.783938885 CEST	63307	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:49.836424112 CEST	53	63307	8.8.8.8	192.168.2.6
May 25, 2021 10:25:51.094469070 CEST	50010	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:51.145158052 CEST	53	50010	8.8.8.8	192.168.2.6
May 25, 2021 10:25:54.079464912 CEST	63307	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:54.131989956 CEST	53	63307	8.8.8.8	192.168.2.6
May 25, 2021 10:25:55.751280069 CEST	50010	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:55.802196980 CEST	53	50010	8.8.8.8	192.168.2.6
May 25, 2021 10:25:59.159778118 CEST	62116	53	192.168.2.6	8.8.8.8
May 25, 2021 10:25:59.214245081 CEST	53	62116	8.8.8.8	192.168.2.6
May 25, 2021 10:26:01.515371084 CEST	63816	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:01.564889908 CEST	53	63816	8.8.8.8	192.168.2.6
May 25, 2021 10:26:03.303498030 CEST	55014	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:03.352677107 CEST	53	55014	8.8.8.8	192.168.2.6
May 25, 2021 10:26:31.797398090 CEST	62208	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:31.953434944 CEST	53	62208	8.8.8.8	192.168.2.6
May 25, 2021 10:26:32.566246033 CEST	57574	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:32.624269009 CEST	53	57574	8.8.8.8	192.168.2.6
May 25, 2021 10:26:33.257098913 CEST	51818	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:33.314994097 CEST	53	51818	8.8.8.8	192.168.2.6
May 25, 2021 10:26:33.688092947 CEST	56628	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:33.746205091 CEST	53	56628	8.8.8.8	192.168.2.6
May 25, 2021 10:26:34.213073969 CEST	60778	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:35.206343889 CEST	60778	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:35.270391941 CEST	53	60778	8.8.8.8	192.168.2.6
May 25, 2021 10:26:35.371901989 CEST	53	60778	8.8.8.8	192.168.2.6
May 25, 2021 10:26:35.770109892 CEST	53799	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:35.831563950 CEST	53	53799	8.8.8.8	192.168.2.6
May 25, 2021 10:26:36.214479923 CEST	54683	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:36.275211096 CEST	53	54683	8.8.8.8	192.168.2.6
May 25, 2021 10:26:37.257576942 CEST	59329	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:37.318574905 CEST	53	59329	8.8.8.8	192.168.2.6
May 25, 2021 10:26:38.409950972 CEST	64021	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:38.467942953 CEST	53	64021	8.8.8.8	192.168.2.6
May 25, 2021 10:26:38.909746885 CEST	56129	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:38.972589970 CEST	53	56129	8.8.8.8	192.168.2.6
May 25, 2021 10:26:45.051410913 CEST	58177	53	192.168.2.6	8.8.8.8
May 25, 2021 10:26:45.120193958 CEST	53	58177	8.8.8.8	192.168.2.6

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
May 25, 2021 10:26:35.372066975 CEST	192.168.2.6	8.8.8.8	d123	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
May 25, 2021 10:25:17.081190109 CEST	192.168.2.6	8.8.8.8	0x3252	Standard query (0)	eiubp.ru	A (IP address)	IN (0x0001)
May 25, 2021 10:25:18.559427977 CEST	192.168.2.6	8.8.8.8	0xc592	Standard query (0)	mc.yandex.ru	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	Address	Type	Class
May 25, 2021 10:25:17.478491068 CEST	8.8.8.8	192.168.2.6	0x3252	No error (0)	eiubp.ru	77.222.40.109	A (IP address)	IN (0x0001)
May 25, 2021 10:25:18.609191895 CEST	8.8.8.8	192.168.2.6	0xc592	No error (0)	mc.yandex.ru	87.250.251.119	A (IP address)	IN (0x0001)
May 25, 2021 10:25:18.609191895 CEST	8.8.8.8	192.168.2.6	0xc592	No error (0)	mc.yandex.ru	93.158.134.119	A (IP address)	IN (0x0001)
May 25, 2021 10:25:18.609191895 CEST	8.8.8.8	192.168.2.6	0xc592	No error (0)	mc.yandex.ru	77.88.21.119	A (IP address)	IN (0x0001)
May 25, 2021 10:25:18.609191895 CEST	8.8.8.8	192.168.2.6	0xc592	No error (0)	mc.yandex.ru	87.250.250.119	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

eiubp.ru

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.6	49716	77.222.40.109	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
May 25, 2021 10:25:17.584217072 CEST	1175	OUT	GET / HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive
May 25, 2021 10:25:17.719718933 CEST	1177	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Set-Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; expires=Tue, 01-Jun-2021 08:25:17 GMT; Max-Age=604800; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 66 64 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 3d 69 73 1b c7 95 9f c5 aa fc 87 16 ec 98 c4 06 83 8b 87 48 8a 44 6a 6d 67 2b aa cd b1 9b 38 59 a7 52 29 d5 00 18 10 43 0c 66 90 99 01 24 c8 56 15 a9 c3 c7 ca 6b 4a b2 b5 2b c7 b6 64 d9 ce 26 29 6f 12 88 12 24 88 97 aa fc 0b 06 7f 21 bf 64 df 7b dd 73 01 03 10 a4 48 89 56 49 07 09 f4 f4 74 bf 7e fd ee ee 7e bd 70 fc f5 9f bf f6 c6 6f fe ed 47 ec c7 6f fc f4 27 b9 b1 85 b2 5d d5 f0 97 22 17 e1 97 ad da 9a 92 fb b1 51 55 98 c4 14 b5 9e af 25 cd fa 42 8a 17 8f 2d 54 15 5b 66 ba 5c 55 16 63 4d 59 2f 2a 67 a5 86 62 aa 25 b5 20 db aa a1 c7 58 c1 d0 6d 45 b7 17 63 d9 d9 f4 f4 54 ba 30 53 98 9c 53 4a c5 d9 62 8c a5 72 63 8c b1 85 bc 6c 29 ac 6c 2a a5 c5 58 d9 b6 6b f3 a9 94 db 4b ca ad c3 78 37 85 b2 6c 5a 0a b4 f5 ab 37 fe 45 9a f5 1e 8e 2d 68 aa 5e 61 a6 a2 2d c6 2c bb a9 29 56 59 51 ec 18 b3 9b 35 80 ca 56 ce da a9 82 65 c5 44 1f 29 d9 82 36 2c 2c 4a 51 ed 24 3d 84 b6 e0 0f 6f 89 2a 8e 23 30 16 40 53 82 11 58 c9 25 c3 58 d2 14 b9 a6 5a c9 82 51 c5 b7 7f 58 92 ab aa d6 5c fc 85 91 37 6c e3 6d fe eb 07 af 19 80 04 dd 52 8a e3 04 d0 b8 0f d0 38 07 68 dc 05 68 1c 7a 3c 36 b6 60 15 4c b5 66 07 81 5d 96 1b 32 2f 8d 31 cb 2c 00 c8 cb 56 6a f9 f7 75 c5 6c 4a 99 64 26 9b 9c 4c 56 55 3d b9 6c c5 72 0b 29 5e 11 9a 5a 38 2e 49 ec 37 34 05 c9 9f 2a b6 a9 56 00 61 46 1d b0 6f 32 49 ca ed d6 11 a1 72 a2 54 d7 0b 38 6f 13 d5 84 92 b0 13 66 42 4d 54 12 72 fc ad ea 6f d5 df 2d e2 8f b7 df f6 aa c4 df 9a c0 92 a4 bc c8 7f bd fd f6 6f 7f 17 4f d6 ea 56 79 42 36 97 ea 55 98 75 2b 7e fe 24 b6 4b 15 b4 c5 cc 3f e9 ca 19 f6 ba 6c 2b 13 f1 93 95 45 c0 bc a9 c0 97 1f 69 0a 56 9e b0 e3 09 19 0a 97 14 5b 94 58 af 36 df 90 97 7e 06 c4 05 cf 7e 9b fe 5d a2 92 94 ad a6 5e 58 cc c0 27 c4 8c 99 90 93 35 d9 84 aa 3f 33 8a 4a 52 05 bc 9b f6 ab 4a c9 30 95 09 84 fb 7c 9c 46 75 46 d5 8b c6 99 04 2b 1a 05 02 2b c1 62 62 d8 f0 c9 9d e6 6a 21 c9 09 18 09 af ca 11 98 b2 e5 25 c4 33 54 6b 56 63 f1 93 63 d8 5c b3 3a 31 33 35 7d 62 72 72 2e 0d e5 aa ae 62 33 6f 11 25 e2 9f 82 a6 16 2a 55 b9 36 6f 9b 75 25 e1 15 db a6 5c a8 fc 04 a8 cb ea 79 20 17 0a 75 13 b0 f0 06 56 78 15 26 ac a0 f4 d4 38 a3 e4 1b aa 65 98 54 8c a5 e7 01 12 7f e6 17 74 43 7c 5c 28 aa 8d dc 82 5a 5d e2 64 13 39 b2 33 b2 5d 28 a7 dc 01 00 81 21 7d 2e c6 6a 86 a5 e2 ac ce cb 79 cb d0 ea b6 72 92 69 4a c9 9e 97 e6 e0 4f ed ec c9 18 93 35 60 3c e4 93 85 14 75 93 f2 ba e5 a4 97 1a 42 7b 1e 67 f5 f1 68 3f 4f c2 58 89 bc 89 2b 7b 58 18 5b 5a 48 09 c1 94 37 8a 4d 21 1d b0 44 Data Ascii: 1fd3=isHDjmg+8YR)Cf$VkJ+d&)o$!d{sHVIt~~poGo']"QU%B-T[f\UcMY/gb% XmEcT0SSJbrcl)lXkKx7lZ7E-h^a-,)VYQ5VeD)6,,JQ$=o#0@SX%XZQX\7lmR8hhz<6`Lf]2/1,VjulJd&LVU=lr)^Z8.I74VaFo2IrT8ofBMTro-oOVyB6Uu+~$K?l+EiV[X6~~]^X'5?3JRJ0\|FuF++bbj!%3TkVcc\:135}brr.b3o%*U6ou%\y uVx&8eTtC\|\(Z]d93](!}.jyriJO5`<uB{gh?OX+{X[ZH7M!D
May 25, 2021 10:25:17.856127024 CEST	1185	OUT	GET /assets/css/style.css HTTP/1.1 Accept: text/css, / Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:17.951941013 CEST	1187	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:17 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding Last-Modified: Fri, 09 Apr 2021 10:16:37 GMT ETag: W/"6362633-75bf-5bf87758dbaba" Content-Encoding: gzip Data Raw: 31 65 30 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 e5 3d 6b 93 1b c7 71 9f 81 5f 31 11 8b 25 92 39 e0 76 17 c0 1d ee 50 51 85 d4 f1 92 4a 39 5f e2 a4 52 a9 94 cb b5 c0 2e 0e eb 5b 60 51 bb 8b 23 29 d4 a5 48 c9 b6 ec a2 23 d9 8e 5d e5 b2 63 39 4e 3e e6 45 d1 a4 74 a2 78 d4 5f 00 fe 51 ba 7b 1e 3b b3 3b 00 ee 28 d2 96 1c 50 d0 61 77 e7 d1 af e9 ee e9 e9 99 dd be c1 1a e6 87 a5 61 16 e6 cd 41 96 55 9e dc d8 ae 8f f2 71 bc c5 fa 49 70 6f 8b 05 d1 c9 16 cb a6 fe 64 8b 8d 5c f8 7a f0 6d c1 b7 0d df 0e 7c 77 b6 d8 74 8b 85 e3 2d 16 8d 8f a0 64 9e 26 13 fc 3b eb e3 ff e0 11 fc 9d c1 c3 2d c6 02 68 34 c8 e1 1b 6c b1 04 7e cf e0 1b c3 83 61 14 c6 01 80 03 bf 92 14 1a 8a fd 7e 08 8f 72 bf 1f 87 f0 87 c3 91 0f 93 04 4a e4 a3 d0 87 ea 79 8a 3f e1 0b bf fd 34 8f 06 58 d2 cf a2 00 fe 0c fc c9 89 9f 41 37 61 ee 47 71 86 ed 1f 0d fc 69 1e 25 13 fa 3d 4b 43 ec 29 c9 43 68 04 9b a3 bf 47 69 82 d0 8e c3 09 40 3b f1 11 e9 70 c0 eb 64 b3 f1 d8 4f 11 86 68 0c 55 e1 f7 31 74 36 0b a2 64 8b 9d 40 97 09 9b d7 6b 70 f7 28 9a ec 33 a7 57 af 4d fd 20 88 26 47 fc a2 9f a4 d0 03 ff 9d cc f2 38 9a 84 78 c1 d6 7f b6 6f b0 c5 8b c5 c7 8b f3 e5 7b 8b cf 97 1f 2e 9e 2e 9e c3 8d e5 bb cb 07 f0 7d 6f f1 c5 f2 21 5b 9c 31 f8 f5 f1 e2 6c 79 7f f1 88 17 f8 18 8a dc 5f 3c 59 7e b0 bc 0f 05 80 93 b5 93 10 a9 e3 c7 0d 3f 8e 8e 00 bc be 9f 85 08 42 cf ec ea 0b a8 76 b6 78 0c 5d 3e 81 bf d0 d2 e3 e5 83 c5 53 b6 78 c6 e8 d6 39 fc ff 33 6c fe d1 e2 53 f8 f9 98 5f 7e 0e 45 cf e1 7b 46 3d f5 fd c1 31 12 71 12 ec 03 7b fc 09 c8 4c 1a 4e f2 9e ea 64 f9 fe f2 5d c4 09 41 3f c7 c6 b1 d3 17 d0 cf 33 68 f6 19 75 ff 08 db c4 86 9f 02 00 0f a1 cc f2 bb 50 e3 7c f9 70 0b 50 45 d4 a1 c4 39 01 80 45 ce f1 09 35 b4 78 81 a4 78 0e 4f 3e 5f be 4f 65 ce 96 1f 10 54 c3 64 92 37 b2 e8 1d a0 b9 eb 38 57 ed 64 47 e0 ee 13 6e cf 17 4f 97 f7 d9 f2 07 48 8e e5 77 b1 3f 41 0a 22 3f 11 e7 9c a0 7d 41 00 7e 86 7d 9c d6 7d 36 df c0 4e f1 a9 a9 ee 1e c0 bf 87 80 c5 33 ec 81 a8 f1 98 18 be fc 21 f5 05 5d 7e 01 10 20 6d 9e 56 08 07 b7 3f 46 78 a9 09 20 1a 48 c4 8f 98 10 ad b5 c4 10 32 aa 8b 28 fe 2e 68 44 24 aa 08 8d 92 19 83 c9 3a 8f 0b c9 9e 24 54 2e 0f ef e6 8d 20 1c 24 a9 8f 63 48 dc 3e ad d7 69 50 b3 79 8d 3e 48 08 62 2b 51 ff 7c 85 98 03 4f 16 9f 80 50 bf c7 96 1f 02 42 4f 17 9f 91 c4 3c 47 f9 47 81 f8 18 85 66 f9 7d 21 f0 7c b8 35 06 49 1c fb d3 0c d8 9e 85 00 a4 9f 53 f7 a8 2e f2 00 35 15 0e d9 f2 d8 c8 93 69 8f 46 03 ca f7 a7 c0 60 a4 f1 0f e5 d8 12 43 64 f9 10 60 40 19 44 96 a1 b4 00 0c 67 04 d0 e7 cb 1f a9 07 50 0a 51 7a 4c e3 e3 31 67 02 3c 40 69 61 75 f8 44 93 e9 2c 47 15 13 83 92 01 1d 39 cb 73 d4 34 48 36 a0 a8 6f 2a 14 a6 68 65 8e f6 12 9d 56 30 1e 84 16 14 08 5b fe 33 8d 19 24 e6 39 89 d3 63 1a 5c d0 da 73 76 0d 2f de 27 81 7a 17 51 a0 bf 67 b2 e6 60 14 0e 8e fb c9 5d 54 38 a9 0f 5a ef ba 7d 64 71 20 a1 d2 53 e8 89 83 b8 6a 54 61 ef 48 3d 78 f6 04 e9 55 1d 59 cf a9 0f a5 2f a5 fc 10 dd fe 31 bf 37 0d ff ec 0d 24 d6 1b df 02 d3 a2 dd 9b fa 59 76 07 24 00 ef eb c4 d4 34 f2 2a 6a 3e 46 5d 4b a2 48 9a 85 f8 55 26 b1 20 e5 bb 50 e4 19 11 89 80 5d 7e 8f 88 4f f4 15 1a 41 87 49 d2 ef 8d 6f 81 9a e0 34 Data Ascii: 1e03=kq_1%9vPQJ9_R.[`Q#)H#]c9N>Etx_Q{;;(PawaAUqIpod\zm\|wt-d&;-h4l~a~rJy?4XA7aGqi%=KC)ChGi@;pdOhU1t6d@kp(3WM &G8xo{..}o![1ly_<Y~?Bvx]>Sx93lS_~E{F=1q{LNd]A?3huP\|pPE9E5xxO>_OeTd78WdGnOHw?A"?}A~}}6N3!]~ mV?Fx H2(.hD$:$T. $cH>iPy>Hb+Q\|OPBO<GGf}!\|5IS.5iF`Cd`@DgPQzL1g<@iauD,G9s4H6oheV0[3$9c\sv/'zQg`]T8Z}dq SjTaH=xUY/17$Yv$4j>F]KHU& P]~OAIo4
May 25, 2021 10:25:17.978441000 CEST	1194	OUT	GET /assets/css/bvi.min.css HTTP/1.1 Accept: text/css, / Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.077658892 CEST	1210	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding Last-Modified: Mon, 26 Oct 2020 13:34:03 GMT ETag: W/"63618f2-666e-5b292fbcc68c0" Content-Encoding: gzip Data Raw: 66 65 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 dd 5d 5b 8f db b8 19 7d de 05 f6 3f 78 33 28 66 26 3b f2 48 be 5f 36 69 b0 2d d0 f6 a1 2d 50 b4 4f 6d 51 d0 16 65 ab 91 25 43 17 5f d6 98 ff 5e 5e 25 51 a4 c4 4f 93 6c d1 69 8c cd 5a e2 39 24 bf 0b e9 23 da 64 9e df 7f ff dd b7 83 f7 83 9f 8a 3c 4f e2 c1 29 cc 0a 14 45 d7 41 78 38 a2 30 c5 fe 60 73 0a 87 db 2c 1b 9c bc a1 3b 9c 51 ec f3 26 f1 af 83 21 29 70 e8 3b 72 eb f6 dd b7 df 0c 8e c8 f7 c3 78 b7 72 d7 f4 ea 80 d2 5d 18 8b 8b 3c 39 ae c2 78 8f d3 30 1f 7c 4f 6a 4e d2 1c c5 39 2b da 24 a4 dd 43 5b 69 84 83 bc ad 2c 0d 77 fb d6 c2 63 92 85 79 98 c4 ab 14 47 28 0f 4f b8 09 d8 26 51 92 b6 b1 83 24 ce 9d 2c fc 19 b7 01 92 13 4e 83 28 39 b7 95 ff ec 84 b1 8f 2f ad 46 a3 ed e7 5d 9a 14 b1 bf ca 53 14 67 47 94 e2 b8 8e a2 a0 17 ee 9e ba ab 07 ef e9 3d ea ed 6f 06 ce 19 6f 3e 87 39 b9 7f a1 5d a5 9e df 24 a9 8f 53 7a 67 cd 21 87 e4 e7 ae 72 63 11 2b 79 11 e5 4a e3 ec 5d 8e 2f b9 b3 25 bd c5 29 c3 b0 ce 90 08 d3 db 28 0a 77 f1 aa 2a e4 f5 98 6a d9 87 3e 26 45 8c ec 87 d9 31 42 d7 55 9c c4 58 75 c1 37 6d f4 6c 9f 9c 6f 92 b7 89 92 ed e7 1a f1 c5 c4 08 0f 3b 67 97 a2 6b b6 45 11 7e 6a 20 ee 34 c4 2d 08 23 62 c4 aa 48 a3 87 77 3e ca d1 2a 3c a0 1d 7e ce 4e bb 1f 2e 87 68 5d e4 c1 e2 e9 47 72 45 2e e2 ec c3 fd 3e cf 8f ab e7 e7 f3 f9 3c 3c 8f 87 49 ba 7b 1e b9 ae 4b e1 f7 1f 7f e4 75 85 fe 87 7b ad 1d 5a 8a 7f 43 53 f1 8f 28 4f c3 4b 7e 3d e2 0f f7 07 f6 fe fe 84 a2 02 93 ca dd e1 98 fc 51 fe 76 c1 f7 5c d7 73 ef 9f 3f fe f8 cc 7b 41 de 90 4e 7d d4 2d 7e f7 b8 96 19 25 6c 2f 8b 1e bc c7 b5 e5 5e ab cf 93 20 b8 f1 dc 5a 8d 8e 97 81 8f b2 3d 99 53 6a c3 c1 9c 9e 7b cc 06 37 2a f2 64 5d 8e 35 92 34 3e 8e d7 e7 d0 cf f7 bc e8 4c 18 ce 26 c5 e8 f3 8a fd 4d 32 30 e2 37 cf 29 3a 8a 7b f4 7a ad e5 e7 5a a6 4f 10 e1 cb 9a 95 38 61 8e 0f 99 2c ff 77 91 e5 61 70 75 b6 64 2e 20 77 e4 6d 36 35 9c 79 f7 36 49 e4 37 2c 67 6f ca e9 e3 a9 ab 70 f0 fe 66 ea 6a 7b 26 b3 37 6c de 72 ce 7b d2 57 53 ed b5 62 52 7f 35 cf f0 82 d5 5d 10 04 8a f7 2b 00 4b f0 e6 20 5c 73 da 26 42 ca 10 e3 51 db 23 9f 44 a5 c9 60 9e 6e 29 13 11 36 57 6a b1 76 85 02 e2 7f ab cd 1c f6 ff 65 f9 06 07 49 6a 0f b7 c0 e9 b6 f3 f2 37 67 3c 43 b6 5b cd 2b 32 24 b9 de 6d 98 b9 ba 9b be 82 b9 cd 4a 2d e6 da b2 5c 18 dd 96 e5 6f da 74 5b 9a 4b db db d2 fc cd 1a 5f 74 1a 5d 98 67 f2 a5 ef 7b af 9a d2 ee dc d9 78 32 1b 7d 6d 83 f5 6a bb 4d b6 67 7a d1 35 9d bf 79 f3 ed d9 5e 74 cd e9 6f db 01 69 72 8e 3b 4c a7 c5 66 f9 32 0f c6 fe ec 35 46 4f fc c9 66 32 fe ea 46 6b d5 5a 8c b6 66 3d 37 bd 5d c5 bc 79 07 58 f3 5e 78 a0 35 f1 df b2 0b 76 29 c6 1d 89 cf 8a 8d 89 3f de 8c e6 de ab 8c 46 4b 3c 99 e8 8f 5c 5f 6a b4 56 ad c5 68 5b e2 0b d3 5b 13 ff ed 3b c0 96 f8 d2 03 ad 89 ff 06 5c c0 cc 39 a2 18 47 37 ba e6 e7 ae d9 02 9e bb e6 6b 75 2e 7f 7a 0e d0 21 8c ae ab 43 12 27 d9 11 6d 31 01 e5 24 e8 0e bd e0 0b 88 da ea 9d d6 29 c3 03 bd 5c 71 1c b0 a5 81 28 8c b1 23 96 11 e2 24 3d a0 48 74 5e f6 82 2d ef 79 93 e3 65 2d 17 eb 96 fc cf cb a7 03 f6 43 f4 70 40 17 87 af 35 cc 67 8b e3 e5 f1 56 33 ae 56 c3 e8 78 a9 99 2d 22 9b c7 37 b9 1c 4a 5a 18 2c c9 7f 46 2f 89 Data Ascii: fef][}?x3(f&;H_6i--POmQe%C_^^%QOliZ9$#d<O)EAx80`s,;Q&!)p;rxr]<9x0\|OjN9+$C[i,wcyG(O&Q$,N(9/F]SgG=oo>9]$Szg!rc+yJ]/%)(wj>&E1BUXu7mlo;gkE~j 4-#bHw><~N.h]GrE.><<I{Ku{ZCS(OK~=Qv\s?{AN}-~%l/^ Z=Sj{7*d]54>L&M207):{zZO8a,wapud. wm65y6I7,gopfj{&7lr{WSbR5]+K \s&BQ#D`n)6WjveIj7g<C[+2$mJ-\ot[K_t]g{x2}mjMgz5y^toir;Lf25FOf2FkZf=7]yX^x5v)?FK<\_jVh[[;\9G7ku.z!C'm1$)\q(#$=Ht^-ye-Cp@5gV3Vx-"7JZ,F/
May 25, 2021 10:25:18.136918068 CEST	1235	OUT	GET /assets/images/visio.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.231734037 CEST	1239	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 1085 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Wed, 08 Feb 2017 10:27:09 GMT ETag: "636555b-43d-548024e93d940" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ff db 00 43 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ff c2 00 11 08 00 0f 00 1d 03 01 22 00 02 11 01 03 11 01 ff c4 00 16 00 01 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 09 08 07 ff c4 00 14 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 4a 8d e4 dc d0 37 6b 2a 2f be cf ff c4 00 19 10 00 02 03 01 00 00 00 00 00 00 00 00 00 00 00 00 05 06 03 04 07 01 ff da 00 08 01 01 00 01 05 02 ba fa 7d b4 8c 27 88 5c 98 0f 35 10 6e 60 75 85 db 9c 31 9e 11 1a 58 8e 70 cb 3d 05 25 3d 7e 53 8a d9 d0 05 9a ff 00 ff c4 00 14 11 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 ff da 00 08 01 03 01 01 3f 01 3f ff c4 00 14 11 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 ff da 00 08 01 02 01 01 3f 01 3f ff c4 00 21 10 00 02 03 01 00 02 03 00 03 00 00 00 00 00 00 00 04 05 02 03 06 01 07 13 00 11 12 14 22 24 ff da 00 08 01 01 00 06 3f 02 31 0f 8a c4 5e 65 4b c8 90 2e f7 ee 7d 96 e5 15 19 1f af 72 e5 03 0b 38 13 a8 73 44 65 fa ba b1 ae a1 50 52 ed 71 2c d9 4a 5e ae 21 61 b8 f2 e7 91 ed 8e fb 46 c1 46 15 56 5c f4 b8 f8 75 62 d6 7c 51 6e 8d ed dc ae 0b 97 8a 41 5c 9d 81 af af 97 5f 0a 25 44 3b 79 d6 f6 df c1 b9 bc ff 00 93 ea db 87 72 2e ea 72 d1 d8 51 43 25 ce d6 82 cb a9 5d aa 2d fa cf c3 35 ad d6 9d 3a 3d 2c 46 e9 eb 89 a6 ff 00 dd ab ea 95 36 43 e1 60 6a 6d 1b 07 a7 55 3a a9 71 9d d3 b2 00 2b 69 95 d1 94 a9 29 61 f6 db 50 8e d4 95 c8 4e 41 b1 06 5d 8c e1 1f ab ea 1e df e9 f0 bd 4f 8d 5c 0d 96 74 74 e3 73 94 87 0b 22 f1 9a 8b a1 ce 46 37 b4 5a 3c ab 21 63 3f ae 46 3d 76 9a 55 15 3e 73 fd 74 17 f7 de fc e6 5f c8 3e 20 b9 da 24 ee 1b 32 c6 b2 c9 6f 10 0c 6a 81 1d 17 23 cf 41 db 5b 5e b6 f3 93 c8 e9 ca 62 58 50 94 98 35 1c aa a9 72 76 57 ee ec d9 af cc 66 3c 64 b0 5c e8 b8 dc b4 d8 35 a7 55 7e 6b 2f 59 5f cc 2f a1 2b 59 64 c5 6c fd 99 90 1c 82 0e 6c c0 71 ab 88 d5 57 d1 ca ef b2 76 15 d9 42 d7 ce 5a 5d 12 de 68 f4 1e a6 4e 5c 97 ce 76 31 b0 9b ed af d7 40 f4 46 52 ac 25 e1 d7 40 41 53 de c2 8a b9 fa 9c e7 ff c4 00 17 10 01 01 01 01 00 00 00 00 00 00 00 00 00 00 00 00 01 00 11 21 ff da 00 08 01 01 00 01 3f 21 1f b2 88 de 75 ba a2 cf 61 0a 6e 22 08 74 92 79 75 c6 f5 b3 b2 61 df 38 ab 0c 85 c2 1c a3 ff 00 f5 3a 8b c0 21 37 23 2d c3 39 38 1b f3 01 b8 e0 9d 5d 64 29 52 f8 6d cd 4c 5c 39 5e 91 24 5e f6 6a 2c c5 49 ff da 00 0c 03 01 00 02 00 03 00 00 00 10 01 8f ff c4 00 14 11 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 ff da 00 08 01 03 01 01 3f 10 3f ff c4 00 14 11 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 ff da 00 08 01 02 01 01 3f 10 3f ff c4 00 17 10 00 03 01 00 00 00 00 00 00 00 00 00 00 00 00 00 01 10 11 00 ff da 00 08 01 01 00 01 3f 10 24 96 92 ec 93 b5 21 e9 82 a0 b1 a6 d6 6a c0 63 c2 95 15 e3 30 16 e1 fa 82 16 d2 3e 41 bc bb f4 7e d4 a8 47 10 98 a2 41 61 49 a8 af Data Ascii: JFIFHHCC"J7k*/}'\5n`u1Xp=%=~S????!"$?1^eK.}r8sDePRq,J^!aFFV\ub\|QnA\_%D;yr.rQC%]-5:=,F6C`jmU:q+i)aPNA]O\tts"F7Z<!c?F=vU>st_> $2oj#A[^bXP5rvWf<d\5U~k/Y_/+YdllqWvBZ]hN\v1@FR%@AS!?!uan"tyua8:!7#-98]d)RmL\9^$^j,I?????$!jc0>A~GAaI
May 25, 2021 10:25:18.238277912 CEST	1240	OUT	GET /assets/js/bvi-init-panel.js HTTP/1.1 Accept: application/javascript, /;q=0.8 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.335134983 CEST	1272	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: application/x-javascript Content-Length: 325 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Mon, 15 Jun 2020 21:29:55 GMT ETag: "6361a31-145-5a82620bef2b4" Accept-Ranges: bytes Data Raw: 2f 2a 21 0d 0a 20 2a 20 42 75 74 74 6f 6e 20 76 69 73 75 61 6c 6c 79 20 69 6d 70 61 69 72 65 64 20 76 31 2e 30 2e 36 0d 0a 20 2a 2f 0d 0a 6a 51 75 65 72 79 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 20 7b 0d 0a 20 20 20 20 2f 2a 0d 0a 20 20 20 20 69 66 20 28 62 76 69 5b 27 62 76 69 5f 73 65 74 74 69 6e 67 27 5d 2e 42 76 69 50 61 6e 65 6c 41 63 74 69 76 65 20 3d 3d 20 31 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 24 28 29 2e 62 76 69 28 27 41 63 74 69 76 65 27 2c 20 62 76 69 5b 27 62 76 69 5f 73 65 74 74 69 6e 67 27 5d 29 3b 0d 0a 20 20 20 20 7d 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 20 20 20 20 24 28 27 2e 62 76 69 2d 70 61 6e 65 6c 2d 6f 70 65 6e 27 29 2e 62 76 69 28 27 49 6e 69 74 27 2c 20 62 76 69 5b 27 62 76 69 5f 73 65 74 74 69 6e 67 27 5d 29 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 2a 2f 0d 0a 20 20 20 20 24 28 27 2e 62 76 69 2d 70 61 6e 65 6c 2d 6f 70 65 6e 27 29 2e 62 76 69 28 27 49 6e 69 74 27 29 3b 0d 0a 7d 29 3b Data Ascii: /! Button visually impaired v1.0.6 /jQuery(document).ready(function($) { / if (bvi['bvi_setting'].BviPanelActive == 1) { $().bvi('Active', bvi['bvi_setting']); } else { $('.bvi-panel-open').bvi('Init', bvi['bvi_setting']); } */ $('.bvi-panel-open').bvi('Init');});
May 25, 2021 10:25:18.364490986 CEST	1273	OUT	GET /assets/components/phpthumbof/cache/new-11-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.459356070 CEST	1328	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 21440 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Sun, 16 May 2021 09:52:12 GMT ETag: "63601b6-53c0-5c26f6e653ff6" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1d 00 00 01 04 03 01 01 00 00 00 00 00 00 00 00 00 00 00 05 06 07 08 02 03 04 01 09 ff c4 00 5a 10 00 01 03 03 02 03 04 05 04 0a 0e 07 07 03 05 00 01 02 03 04 00 05 11 06 21 07 12 31 08 13 41 51 22 32 61 71 91 14 15 37 81 17 23 33 42 52 75 92 a1 b2 b3 16 34 38 53 56 62 72 73 74 82 93 b1 d1 d2 18 24 35 55 94 b4 c1 25 43 46 63 65 a3 c2 26 27 36 28 54 64 85 a2 ff c4 00 1b 01 01 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 04 05 01 03 06 02 07 ff c4 00 2d 11 00 02 02 02 02 02 01 03 03 03 05 01 00 00 00 00 00 01 02 03 04 11 05 21 12 31 13 06 41 51 14 22 32 23 61 a1 15 16 33 42 d1 71 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 ab 14 51 45 00 51 45 14 02 dd 87 4a df f5 03 2e bd 63 b3 cf b8 34 d2 82 16 b8 cc 95 84 92 33 83 8f 65 26 5c 21 49 b7 4d 7a 1c f8 ee c6 94 ca 8a 1c 69 d4 94 a9 0a 1e 04 1e 95 6a fb 1b 4b 66 06 89 d5 f3 24 92 18 8e fa 1d 70 81 9c 25 2d 12 76 f7 0a 64 76 b8 d3 2d c5 d5 56 ed 57 6f e5 5c 0b e3 09 2a 5a 46 c5 d4 a4 6f fd 64 14 9f a8 d6 01 01 d6 f8 51 24 4f 98 cc 48 4c 39 22 4b ca 08 6d a6 92 54 a5 a8 f4 00 0e a6 b4 54 f1 d9 1b 4c 26 e1 ad 66 6a 49 c9 02 05 91 82 e0 5a 87 a3 de a8 10 3e 09 e6 3f 0a c8 22 1b ee 95 bf d8 23 b6 fd ea cd 3e 03 2e 2f 91 0b 92 c2 9b 0a 56 33 80 4f 8e 2b 45 86 c3 76 d4 12 5c 8f 63 b7 4a b8 3e da 3b c5 b7 19 a2 b5 25 39 03 24 0f 0c 91 56 93 b6 2c d6 2e 3c 3d d2 73 61 a8 aa 34 99 45 e6 c9 18 ca 54 c9 20 e3 dc 69 9b d8 ab e9 0a f6 3f f4 b3 fa e6 eb 00 80 67 44 91 02 63 d1 26 b2 e3 12 98 59 6d d6 9c 4f 2a 90 a1 b1 04 78 1a d1 4f 0e 30 fd 2b 6a ff 00 c6 b2 3f 58 69 9f 59 01 4b 53 b4 a5 fe 05 9d ab b4 db 3c f8 f6 c7 42 4a 25 38 c2 92 da 82 bd 5c 2b db e1 48 a7 a5 5b ce 34 fe e5 7d 35 ed 6a df fa 14 05 43 a2 80 31 45 01 9b 0d 39 21 e4 34 c3 6b 71 d5 9c 25 08 49 51 51 f2 00 75 a7 bc 4e 11 eb e9 71 93 21 9d 29 74 2d 28 64 73 34 12 48 f7 12 0f e6 a9 e3 85 b6 3b 2f 07 b8 48 75 fd fe 2a 64 df 66 b4 95 c7 42 87 a4 80 bf b9 b4 82 7d 52 a1 e9 29 5d 71 b7 85 45 f7 3e d1 7c 41 97 71 5c 88 d7 08 d0 99 2a ca 63 b3 15 05 00 67 a6 54 09 3e fc d0 11 6d ea cd 73 b1 cc 31 6f 30 25 41 93 d7 bb 90 d1 41 23 cc 67 a8 f6 8a e2 65 a7 1f 79 b6 99 42 96 eb 8a 08 4a 12 32 54 49 c0 03 db 57 17 87 fa 8e db da 07 42 dd 6c 3a b2 24 66 af 70 d2 0a 5f 69 18 e5 e6 d9 0f 37 9d d2 41 18 50 ce 3e 35 55 ed 90 1f b4 eb e8 76 f9 49 e5 91 12 e6 86 1c 1e 4a 4b a0 1f ce 28 0e 6b fe 9a bd e9 e2 c8 be da a6 db fb ec f7 7f 29 64 a3 9f 1d 71 9e b8 c8 a4 8a b3 fd b7 7f 6f 69 2f e6 e5 7e 92 2a 0e e1 86 86 b9 71 03 55 47 b4 5b 41 43 7f 74 93 24 8c a5 86 81 dd 47 db e0 07 89 a0 13 6c 3a 4b 50 ea 08 eb 7e c7 65 b8 4f 65 0b ee d4 e4 76 14 b4 85 75 c6 47 8d 22 ba 85 34 e2 db 71 25 2b 41 29 52 4f 50 47 51 56 87 Data Ascii: JFIFC%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"Z!1AQ"2aq7#3BRu48SVbrst$5U%CFce&'6(Td-!1AQ"2#a3Bq?QEQEJ.c43e&\!IMzijKf$p%-vdv-VWo\ZFodQ$OHL9"KmTTL&fjIZ>?"#>./V3O+Ev\cJ>;%9$V,.<=sa4ET i?gDc&YmOxO0+j?XiYKS<BJ%8\+H[4}5jC1E9!4kq%IQQuNq!)t-(ds4H;/HudfB}R)]qE>\|Aq\cgT>ms1o0%AA#geyBJ2TIWBl:$fp_i7AP>5UvIJK(k)dqoi/~qUG[ACt$Gl:KP~eOevuG"4q%+A)ROPGQV
May 25, 2021 10:25:18.554245949 CEST	1429	OUT	GET /assets/components/phpthumbof/cache/new-01-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.648583889 CEST	1604	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 23086 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Mon, 05 Apr 2021 13:16:30 GMT ETag: "6360198-5a2e-5bf39817ebe27" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1d 00 00 00 07 01 01 01 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 00 08 09 ff c4 00 48 10 00 02 01 03 02 03 06 03 05 05 05 06 05 04 03 00 01 02 03 00 04 11 05 21 06 12 31 13 22 41 51 61 71 07 32 81 14 23 91 a1 b1 08 15 42 52 c1 33 62 d1 e1 f0 16 24 72 82 92 f1 34 43 53 a2 b2 17 35 44 54 25 83 c2 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 01 02 00 03 04 05 06 07 ff c4 00 36 11 00 02 02 01 03 03 02 03 06 05 03 05 00 00 00 00 00 01 02 03 11 04 12 21 05 31 41 13 51 22 61 b1 06 14 32 71 81 a1 23 91 c1 d1 f0 15 42 52 24 33 62 e1 f1 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 f2 b5 75 75 75 42 1d 5c 2b ab 85 42 03 46 5e b4 5a 11 45 10 94 d2 98 2d c2 93 d0 1a fa 31 c1 5a 06 9f a3 70 c6 9d 69 65 14 6c 8b 6e 99 90 a8 26 4c 8c 92 4f 8e 73 5f 37 2d df 91 81 af 53 7c 19 f8 fb 63 a7 e8 36 ba 27 18 09 94 da a0 8e 0b c8 d7 9f 99 07 45 71 d7 20 6d 91 e1 d6 b4 3d d2 86 22 3a 93 c6 11 2d fb 4a f0 1e 91 6d a2 9d 7e c2 04 b5 9b 9f b3 99 22 5e 55 72 7a 36 3c f2 31 5e 44 ba 5c 39 af 4d 7c 7a f8 b7 a4 f1 4e 8c 9a 47 0f 97 96 df 9c 4b 2c ce bc 9c c4 67 00 0f 2f 1a f3 3d e1 cb 93 56 d8 9a a6 3b bb ff 00 42 eb 1a f4 e3 9e ff 00 e6 06 86 8b 46 3d 68 0d 62 66 63 80 a5 e3 8c b0 ce 29 10 77 af 62 7c 1a f8 15 c2 77 7c 0f a5 ea fc 41 04 9a 9d f6 a3 6c b7 38 33 32 c7 08 71 90 14 29 1b 81 8c 93 9d e8 ac 79 0a c7 93 c9 52 88 a5 b6 55 ec 44 72 46 bf 32 e7 bf bf 52 3c 3e 95 1c 7a 9a dd 3f 68 8f 85 f6 ff 00 0f 2e ec 6f f4 29 66 7d 2e f4 ba 72 ca 79 8c 2e 06 79 79 bc 41 1d 33 be d5 86 1e b5 25 14 b9 41 9e 3c 01 42 28 28 45 04 28 75 c9 a7 f6 76 cd 31 c2 f8 53 38 86 e2 b7 0f d9 e3 80 2c f8 d3 58 b9 5d 42 57 4b 4b 44 59 25 44 d9 a4 04 e0 28 3e 1e a6 b4 55 15 de 5d 90 63 1c 99 14 da 7c ca b9 00 ed f4 a8 e9 54 af 5a f7 ee b5 f0 67 83 ef f4 c9 2d ad f4 d1 69 3f 21 11 cf 1c 8c 59 5b 1b 12 09 c1 af 0d f1 5e 9e 74 dd 62 ee cd 87 7a 09 5a 23 ee a7 1f d2 9a 5e 9c d6 e8 13 0b c1 00 c6 8a 4d 19 e8 a6 b2 b0 1d 9a 10 09 a0 03 26 9f 5a 99 20 27 90 0c 91 be 54 1a 89 64 29 64 64 41 1d 45 05 3e be 26 64 56 31 aa b2 8e 52 54 60 1f 7a 61 d2 a3 58 23 58 06 ba 87 9d b1 8f 0a 2f 53 40 01 b1 9c 51 c2 d7 44 a4 b6 31 9a 77 15 b3 b1 e9 4f 18 b6 15 16 c6 84 62 93 34 f2 78 ca 6c c3 06 9a b6 28 4a 38 23 58 0b 43 8a 2e 77 a3 73 52 80 ea ec 1a 10 09 38 15 c4 90 77 a0 40 b5 d5 d9 cd 75 42 1c 68 31 46 15 d4 48 00 ae a3 28 cd 06 2a 10 0a ea 1c 57 1a 04 00 d0 50 9a e1 50 87 60 d7 0a 1a 0a 84 0b 5d 47 09 b6 4d 1c 47 95 cd 1c 90 49 40 2d 86 3c a3 ce 85 54 13 d7 1e b4 66 8d b0 48 07 02 b9 22 91 b7 54 63 f4 a8 40 39 37 c6 45 19 a3 2a 9c c7 18 ce 3a d0 88 25 fe 46 a1 ec 65 ff 00 d3 7c fb 51 4d 00 04 0d c9 9c 77 73 8c d2 ca ec 98 ce 41 fe 94 8f Data Ascii: JFIFHHC%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"H!1"AQaq2#BR3b$r4CS5DT%6!1AQ"a2q#BR$3b?uuuB\+BF^ZE-1Zpieln&LOs_7-S\|c6'Eq m=":-Jm~"^Urz6<1^D\9M\|zNGK,g/=V;BF=hbfc)wb\|w\|Al832q)yRUDrF2R<>z?h.o)f}.ry.yyA3%A<B((E(uv1S8,X]BWKKDY%D(>U]c\|TZg-i?!Y[^tbzZ#^M&Z 'Td)ddAE>&dV1RT`zaX#X/S@QD1wOb4xl(J8#XC.wsR8w@uBh1FH(WPP`]GMGI@-<TfH"Tc@97E*:%Fe\|QMwsA
May 25, 2021 10:25:18.652559042 CEST	1628	OUT	GET /assets/images/YoS_logo2.png HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.747275114 CEST	1822	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/png Content-Length: 120201 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Mon, 15 Mar 2021 09:21:32 GMT ETag: "6360183-1d589-5bd8fc6861a09" Accept-Ranges: bytes Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 07 d0 00 00 07 d0 08 06 00 00 00 9a 38 c4 79 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 01 d5 2b 49 44 41 54 78 da ec dd cd 6f 1c e7 7d 07 f0 67 f4 6a ea cd b1 1c 49 89 2d 19 f5 7b a4 c4 6a a2 d4 b2 14 57 76 d4 d4 8e 6b e5 05 19 67 5b a0 87 02 6e 51 a0 28 50 da 7f 40 0b 24 97 5c 82 1e 0a f4 d0 de 7c 8a 0f 03 6c c1 36 b9 07 f5 bd 08 5a a0 87 1e 8a 14 88 5f 94 c8 12 65 4b f2 ab b2 9d c7 33 0b 6e 18 8a 22 b9 bb f3 fa f9 00 0f 76 35 4b f2 c7 79 48 ce ec e8 3b bf 99 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: PNGIHDR8ytEXtSoftwareAdobe ImageReadyqe<+IDATxo}gjI-{jWvkg[nQ(P@$\\|l6Z_eK3n"v5KyH;

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.6	49717	77.222.40.109	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
May 25, 2021 10:25:17.904360056 CEST	1185	OUT	GET /js/jquery-1.12.3.min.js HTTP/1.1 Accept: application/javascript, /;q=0.8 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.003165960 CEST	1196	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:17 GMT Content-Type: application/x-javascript Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding Last-Modified: Fri, 16 Sep 2016 08:27:16 GMT ETag: W/"63651be-17b9c-53c9bbada0100" Content-Encoding: gzip Data Raw: 34 30 30 30 0d 0a 1f 8b 08 00 00 00 00 00 00 03 dc bd 79 7b 1b c7 b1 2f fc ff f9 14 c4 44 07 9e 11 9a 20 21 2f f7 64 a0 21 1e d9 92 63 3b de 62 39 5e 02 c2 79 66 03 30 24 36 02 a0 16 13 c8 67 bf f5 ab ea ee e9 59 20 39 f7 9c 7b 9f f7 79 9d 88 98 99 de bb ab ab ab aa 6b b9 78 dc 39 bb f9 db 7d be 7d 7b f6 6a d0 1f 3c e9 7f 78 76 38 f3 d3 c0 7c fc 7c 7d bf ca e2 7d b1 5e d1 f7 9b 3b 7c eb af b7 b3 8b 45 91 e6 ab 5d 7e f6 f8 e2 3f 3a d3 fb 55 8a 1c 7e ac 92 e0 c1 5b 27 37 79 ba f7 a2 68 ff 76 93 af a7 67 cb 75 76 bf c8 bb dd 13 09 fd fc cd 66 bd dd ef 46 d5 d7 28 ee 67 eb f4 7e 99 af f6 a3 84 6a ee 5c 06 61 d9 50 f0 50 4c fd 4e 99 25 d8 cf b7 eb d7 67 ab fc f5 d9 8b ed 76 bd f5 3d dd ff 6d 7e 77 5f 6c f3 dd 59 7c f6 ba 58 65 94 e7 75 b1 9f d3 9b 29 e9 05 c3 6d be bf df ae ce a8 95 e0 18 f2 5f df a3 51 e7 d3 62 95 67 5e c7 74 57 ca 8f e4 27 dc cf 8b 9d aa 8e fc 55 bc 3d 4b a3 f1 44 65 4e e7 55 1e a5 fd 1d a6 4b 4d e9 29 5d af d2 78 af 66 f4 b8 b9 df cd d5 9c 1e a8 c2 fc cd 77 53 55 44 0f 47 75 13 15 fd fd fa e5 7e 5b ac 66 ea 96 5e e6 f1 ee bb d7 ab ef b7 eb 4d be dd bf 55 0b 64 5a 46 9e 2c 96 a7 56 51 b5 13 7a 30 98 89 55 7f ba a2 ca 8b 3d a7 1c d5 3a ba f8 6d 7c bd bb be ff fc c5 e7 9f 5f bf 79 76 39 e9 1d 6a ef 8f 2e 66 6a 43 d9 ce 97 bb f3 0b 75 17 5d 9c fb e3 eb 2c 3e ff 7d 12 5c cc 0a b5 6d 6f 2c a1 1e ff 7d 43 fd fb 2c de e5 7e 70 1c a2 e5 68 d5 df 6c d7 fb 35 66 2f 7a 10 d0 09 97 8a 26 60 b7 df de a7 fb f5 36 5c a9 5d be c8 f9 d1 f3 d4 22 5f cd f6 f3 f0 52 ed d7 cf b6 db f8 6d b9 dc b6 a1 bc 9f c6 8b 85 8f b9 a7 f1 cc f2 7d 05 24 cc d0 ef 17 8b 4e 14 8f 2e af e2 11 72 8e e3 1e 7e fa 52 ff 24 94 6f 93 b0 5a 19 56 e3 e5 3e 4e 6f 2b 55 62 49 13 1a c9 32 df ce 72 ce da 77 06 e0 07 2a 2e c1 87 86 9b bf fa 8e 61 3c 62 e8 48 90 77 9f bf 91 57 f3 a2 92 a3 ca e3 74 de da f5 3e 52 b8 1d aa 99 d6 39 de b4 65 e3 ea 6c 87 7d ea 5e bc f1 ab 00 99 a8 d4 66 8f 65 a0 f4 09 60 10 50 bd 0c 8f 2d f3 5b ab 38 ef c7 9b cd e2 ad ee cf 76 c6 00 bd 43 05 d3 62 bb db 9f aa 20 bf f3 2f 29 cf 22 7e 67 96 f3 01 e5 c9 ef 5a a6 db 59 2d 95 46 bd b8 e7 63 29 93 f0 d2 ce 75 ad 9f e9 55 74 d9 ed 26 57 e9 68 cc 8b 9b 4e 26 e1 78 82 ea 57 d9 c9 51 da c5 3a 1c 9a eb 2a f0 10 ce d4 8e 70 51 48 1b 98 7e d4 6e c3 d3 46 6f fc 70 54 b4 5c 6f f6 d4 46 c4 3b 4d 3f 3b ed 61 38 b4 4f 68 de 33 45 db 9f 76 bd 9d c4 f1 e5 e4 70 a0 9d 3c 8f 06 b4 ef ed 67 33 ec 9b a8 33 18 4e 81 c7 92 f5 7a 91 c7 ab 12 6b ce ba 5d ff 26 9a 55 2a 9b eb ca 7a bd 40 35 d0 ec ec 70 20 34 b0 fb dc f4 6b 16 1c 0e fe 8c d0 48 40 ad 47 51 41 f5 cd 04 60 e7 e7 e7 c1 b0 b8 9a 0f 51 11 21 58 d9 49 7e 5e 69 29 08 d0 af ec ac a0 ed 18 c4 d1 6c 9c 4d 68 95 72 fc cc 3a 51 94 a2 7b dd 2e 7e d0 ea f7 8b b8 58 c9 3c d3 a9 42 0d 63 37 15 3b de e0 f4 21 08 46 7e 42 ff a7 e1 12 7a 8c bb dd 32 31 0e 46 31 56 31 b4 df dd ba 38 95 86 8c e6 23 33 f7 fe 0d 4d 32 55 1a be 5a 17 d9 d9 a5 ee 0d 67 a1 af 06 78 66 e5 c2 f9 0f 74 da c4 84 cf 43 7d 5e 78 3d 7f d9 fb 26 de cf fb 5b 7c 5e fa 41 d0 df e6 9b 45 9c e6 fe c5 f5 73 c2 8e 9e 17 a8 62 f7 43 1e 67 6f c3 ce a5 ca 71 da Data Ascii: 4000y{/D !/d!c;b9^yf0$6gY 9{ykx9}}{j<xv8\|\|}}^;\|E]~?:U~['7yhvguvfF(g~j\aPPLN%gv=m~w_lY\|Xeu)m_Qbg^tW'U=KDeNUKM)]xfwSUDGu~[f^MUdZF,VQz0U=:m\|_yv9j.fjCu],>}\mo,}C,~phl5f/z&`6\]"_Rm}$N.r~R$oZV>No+UbI2rw.a<bHwWt>R9el}^fe`P-[8vCb /)"~gZY-Fc)uUt&WhN&xWQ:pQH~nFopT\oF;M?;a8Oh3Evp<g33Nzk]&U*z@5p 4kH@GQA`Q!XI~^i)lMhr:Q{.~X<Bc7;!F~Bz21F1V18#3M2UZgxftC}^x=&[\|^AEsbCgoq
May 25, 2021 10:25:18.173082113 CEST	1237	OUT	GET /assets/js/responsivevoice.min.js HTTP/1.1 Accept: application/javascript, /;q=0.8 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.269521952 CEST	1248	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: application/x-javascript Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding Last-Modified: Mon, 15 Jun 2020 21:29:54 GMT ETag: W/"636197b-bddb-5a82620b31f62" Content-Encoding: gzip Data Raw: 32 62 32 38 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 7d fd 57 db 38 b3 f0 bf 62 7c cf e1 b1 8b 13 e2 84 ef 6c 96 43 29 dd b2 2d 2d 07 e8 3e f7 2e f0 e4 75 6c 25 f1 c6 b1 b3 b6 43 97 92 fc ef 77 46 92 6d f9 33 26 e4 fe f0 f6 9c 62 47 1a cd 8c a4 d1 7c 49 4a 9e 0c 5f f2 49 30 f3 dc c0 7e 22 7f 78 b6 49 ba f6 50 91 e7 ae 45 86 b6 4b 2c 79 ab 17 3e cf 88 37 cc 82 a9 2f 26 7c f2 1c d2 74 bc 91 22 df a4 6b 25 c3 f1 89 61 3d 4b 8e 67 58 80 45 d5 44 e8 2c aa 25 71 02 f2 f2 04 bc 64 d0 f4 86 73 d7 0c 6d cf 55 54 5a 6d f4 c2 b1 1d 74 8d e6 13 f1 03 28 ee c9 7a 73 bf d9 91 bb 95 bc f8 f2 4e dc 42 85 c6 09 f9 27 ac 0f 7a f7 2f ae 31 25 27 f2 f7 cf d2 85 3b 72 ec 60 2c 7d 24 53 c3 21 b2 36 74 8c d1 89 3c 1a c8 da 88 c0 98 f8 27 f2 50 d6 68 b3 cb 0f c1 c9 7d 47 db d7 74 ed 40 3b d4 f4 43 5d 6b 1f 1e 69 ed 16 3c f7 0f b5 f6 d1 81 d6 d9 6b c3 3b 94 1d 1d c2 7b 47 3b 7a 5c 6a 79 52 57 25 84 a6 22 a1 96 b6 a7 b5 b5 c3 7d a0 01 b8 5b 88 f7 00 f0 ee 03 5e 5d d3 f7 8f 91 07 01 fb 6d 49 47 e6 41 59 47 8e b5 3d a0 a1 6b c0 32 70 aa 1f 76 80 0a 50 6b 01 d9 0e 3c 8f 3a 5a 07 61 f6 12 22 67 be 31 b0 cd 14 fb 86 5f c2 fe f1 81 76 bc af 1d c3 30 e1 db d1 a3 66 91 99 4f 4c 23 24 d6 c9 56 2b 8b 32 cd b3 88 74 58 85 54 40 33 25 ae 6d b8 29 de c6 cf 65 68 8e 85 96 f3 20 f4 0d 07 db 66 98 98 97 b4 86 a9 85 99 c6 79 39 a0 73 7f 24 f0 f1 de 37 7e da 14 d9 b5 e7 87 f3 d1 9c 04 24 83 77 50 d6 b9 f6 1e 48 56 7b 0f fe c3 6c b4 e1 1d a8 b4 e9 fb 41 42 e0 7c 0c 6b 34 87 d3 74 4b 71 1e 6b 20 8e 28 2d 2d 10 1a 40 7a 0c c2 7a 04 ff 3b f0 ff 00 04 15 06 b3 b3 0f 53 7f 70 0c ef 47 f0 be a7 1d e8 79 7a ca 27 cf 1d 49 9f e1 8f 9a a1 3d 9e 94 d0 d6 8f db 40 0e 50 77 50 76 5b f0 1f d7 0b 3c 8f 8f 81 0c 8c df 7e 3b 4f e7 ce b0 7f e4 a6 22 fc 51 4a 02 85 15 48 60 0f 80 f3 0e 08 70 a7 dd d6 3a 07 ba d6 d1 81 4c 07 96 24 2e a1 fd 7d 81 d4 4f 62 66 57 89 f9 b3 8c 02 4c b0 de 82 b1 6b 61 67 40 f0 5a 9d 04 d3 07 c3 cd 2f 38 ab 74 3c 80 39 1d 56 97 de 3a 00 54 47 f0 14 d6 ef 07 32 0f 83 1c 5b 16 29 9b 57 54 37 30 92 d0 63 e8 a8 06 5a 48 c7 91 3d c4 09 86 89 84 ee b7 8f a1 66 0f 24 e8 00 46 1f 26 bd b3 07 13 2d 0c f8 87 79 98 23 e7 3a a5 62 04 e3 0b e3 79 04 dc 83 a6 d3 41 a4 74 78 df 13 46 f5 a3 ed 16 0c c6 d0 2e 5b 82 2d ed e8 58 43 61 6c c1 43 e0 eb a3 4f dc 1c 63 c3 f2 35 03 bd 06 24 d0 c7 8e 76 88 3a 19 46 e5 10 46 40 87 f2 03 e8 3d a8 8b 0e c8 5d 07 c6 bd 03 80 9d 03 2c 4f a8 fd e6 13 32 c9 aa fe 32 62 30 92 07 a0 d2 01 03 08 c4 81 a0 17 3f d9 ae 65 67 97 45 59 cf db 30 11 c0 99 0e e2 aa 53 4e 51 74 e1 79 04 8b 6f 0f 16 9f 20 14 9f e6 ee c8 f0 f3 aa 69 5c a6 9a 8e 41 a8 34 5c dd 3a 20 17 56 f1 a5 6b 79 b0 bc f2 98 6c ab 94 4b 90 7b 1d ff 83 dc 63 97 75 10 2d 5d 90 fd cb b0 48 69 da 61 29 3e 58 95 60 51 60 1a 60 46 70 55 6a d0 79 9d f2 0a d3 74 88 53 04 02 0b 26 ae 23 a8 d3 df 8d 99 51 a0 ee fe 9a 95 52 01 5d d7 d2 60 c2 f7 81 6d 50 0a fa 11 48 06 65 1f 16 0c 58 b8 0e 2c e3 0e da e7 43 54 16 f0 19 46 7e 5f e8 d5 67 0f 9c 98 6c a7 26 65 02 01 53 08 7a 6c 1f 27 13 fe 1f e1 1a 81 49 84 e5 dd 01 69 ec 80 b8 ec 0b 93 f9 c5 08 ed 2c e6 27 a3 4c Data Ascii: 2b28}W8b\|lC)-->.ul%CwFm3&bG\|IJ_I0~"xIPEK,y>7/&\|t"k%a=KgXED,%qdsmUTZmt(zsNB'z/1%';r`,}$S!6t<'Ph}Gt@;C]ki<k;{G;z\jyRW%"}[^]mIGAYG=k2pvPk<:Za"g1_v0fOL#$V+2tXT@3%m)eh fy9s$7~$wPHV{lAB\|k4tKqk (--@zz;SpGyz'I=@PwPv[<~;O"QJH`p:L$.}ObfWLkag@Z/8t<9V:TG2[)WT70cZH=f$F&-y#:byAtxF.[-XCalCOc5$v:FF@=],O22b0?egEY0SNQtyo i\A4\: VkylK{cu-]Hia)>X`Q``FpUjytS&#QR]`mPHeX,CTF~_gl&eSzl'Ii,'L
May 25, 2021 10:25:18.280463934 CEST	1264	OUT	GET /assets/js/js.cookie.js HTTP/1.1 Accept: application/javascript, /;q=0.8 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.376744032 CEST	1281	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: application/x-javascript Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding Last-Modified: Mon, 15 Jun 2020 21:29:54 GMT ETag: W/"63619bf-ef9-5a82620b8286f" Content-Encoding: gzip Data Raw: 35 61 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 95 57 fb 6f db 36 10 fe d9 05 fa 3f 30 05 5a c9 8d 23 39 76 93 6e f1 dc 22 71 5a 2c dd ba 02 7d 60 c0 1c 0f 60 24 da 56 22 93 02 49 39 35 22 ff ef 3b 3e 25 3f d2 6d 01 62 4b e4 dd 77 df f1 78 0f c7 2f 0f 9e 3e 41 2f d1 07 bc c4 5f 12 9e 15 12 8d 18 bb cb 08 5a f6 a2 e3 a8 af 37 e7 52 16 e2 2c 8e 67 99 9c 97 37 51 c2 16 f1 ad 38 4a b4 5c fd a4 44 b5 f8 88 15 2b 9e cd e6 12 f5 ba dd d3 0e 7c 1e 9f a0 df 72 5c 0a f4 2b e6 32 47 2f d0 7b 3c a3 84 a3 0b 8e 93 3b ad f3 99 e4 04 0b 92 a2 92 a6 b0 21 e7 04 7d bc fa 8a f2 2c 21 54 68 e8 f8 e9 93 41 38 2d 69 22 33 46 51 38 c5 89 64 7c d5 46 0f 4f 9f b4 96 98 23 4e 66 99 90 84 93 f4 8a 7e 64 69 99 93 df 19 56 58 43 34 c5 b9 20 03 90 cb a6 28 94 ab 82 b0 29 4a c9 34 a3 04 0d 87 43 14 38 d4 00 bd 78 61 37 22 bc 48 0d 76 cb 2c 78 83 0a a7 f5 03 63 92 97 da d6 7a d3 1e f9 5e 30 2e 85 31 c8 6e 6e 49 22 03 6b 60 a1 01 22 2f 81 ac a9 f0 7f db 3a 78 4c d6 5a 52 e7 f4 29 4f 4d 84 95 a5 fb 8c a6 ec 3e b2 0b 03 27 83 8b 6c 67 73 87 17 08 45 94 8d 18 9d 42 94 a4 da f6 c1 b1 e6 5a 3b 08 b5 71 0d 01 be c9 92 53 65 4f bf af ad 33 eb 70 1b cb bf 93 ef 92 d0 d4 9b 50 6c 15 d7 ae e7 ce 89 28 73 45 e7 41 a3 b5 a6 8c a3 70 00 42 bf 20 cc 67 e5 82 50 29 a2 9c d0 99 9c c3 ea e1 a1 e3 aa fd 96 92 67 37 a5 d4 5c bd f4 18 94 27 86 af 06 53 92 77 64 85 32 da 50 70 30 2d 63 7f 0c 02 13 05 e2 05 f4 8a 41 59 6b 5f 4d 6c b5 ff 46 c7 3a df f4 36 a3 99 44 61 c2 e8 92 70 e9 c3 e8 b7 55 9c 42 c0 ed a0 25 ce 4b d2 d9 c3 a7 3e 12 63 bb 99 02 2c d1 0e 9a 3b a9 12 4f 5d f4 34 68 b8 a2 d8 79 ce fa 3b 8e d1 9f 3c 93 c4 be 2a b8 ed 63 45 6f d0 b1 c7 d8 38 52 13 bc d0 6e b5 0a 2c e7 67 28 88 03 f3 be ee 28 87 22 a0 81 81 ae d8 f0 66 60 ed 35 f9 d7 db 2a 77 32 4e 6c 76 d1 72 71 43 78 ed 86 3e 03 2f 81 28 b9 47 97 58 12 7b 8d e1 cf ee 45 82 c8 8f 59 9e 67 82 c0 89 a7 22 74 eb b3 ad f5 36 3a dc 67 fc 25 fa e9 f4 15 39 3c f1 b8 fb 08 3a 22 56 c6 1d 6b 4b f2 95 e7 eb af f0 87 2f 9f fe 88 04 80 d0 59 36 5d 85 3a c8 1e 5d 9d 44 fc f7 f8 fa e1 7a 3c 89 23 30 22 43 a3 d8 ae 3d 6f 69 15 40 6a 5e 01 7b f7 e0 0b 25 58 26 73 14 12 d0 58 37 4f f8 c0 5f b9 e8 5e 45 bb 79 96 06 90 d0 84 a5 e4 db e7 ab 11 5b 14 8c 42 f8 c3 2f 9a a8 65 d9 76 0c 22 4e 8a 1c 27 24 8c 9f 87 bd 7e d5 7b 55 f5 4e ab de 45 d5 3f af fa a3 aa ff ae ea 5f 56 bd f7 55 ff 7d f5 aa 5b 9d 5c 54 27 97 d5 c9 bb ea b4 5b bd be a8 5e 5f 56 af 47 ed 78 d6 81 aa bc 6d ce 9d c3 1a 11 a8 ee 3b fc b6 1c 08 6d 82 40 b2 b4 b7 8f 5e e5 f2 8f 1c 52 3a 4e c9 c8 c2 e7 63 6e 59 ee ff c6 7a 0f ce f8 3a bc 6e 4f 94 1a 11 09 2e 48 7d e7 6d 95 08 5d c2 46 a6 e1 02 c0 d8 7a ad 6b 40 30 0c 5c 21 78 fc 02 be 45 c1 c0 dd c1 61 b0 f7 22 47 92 7d fb 3a b2 ce b7 11 64 28 e0 42 de 97 70 cc 0e c6 6b 75 d0 02 7f 3f c2 33 82 32 81 28 93 48 94 85 ea 63 d0 ca 6f 56 e8 ea dd 2e 13 95 f5 86 86 7a da e6 a0 77 b5 c9 5d cd 94 2d 30 14 5d ad 6b 9e b7 b5 ad c4 23 fa 90 bf 25 27 46 df 3c 07 5a d4 48 4e a2 5b 96 d1 30 08 5c b0 1b 25 ef 33 c1 69 a3 e2 1d a8 2b b1 59 f0 eb 86 d3 d4 fb ca 50 c1 c9 52 15 59 35 d2 a8 f6 91 33 56 a8 d6 a1 Data Ascii: 5afWo6?0Z#9vn"qZ,}``$V"I95";>%?mbKwx/>A/_Z7R,g7Q8J\D+\|r\+2G/{<;!},!ThA8-i"3FQ8d\|FO#Nf~diVXC4 ()J4C8xa7"Hv,xcz^0.1nnI"k`"/:xLZR)OM>'lgsEBZ;qSeO3pPl(sEApB gP)g7\'Swd2Pp0-cAYk_MlF:6DapUB%K>c,;O]4hy;<cEo8Rn,g(("f`5w2NlvrqCx>/(GX{EYg"t6:g%9<:"VkK/Y6]:]Dz<#0"C=oi@j^{%X&sX7O_^Ey[B/ev"N'$~{UNE?_VU}[\T'[^_VGxm;m@^R:NcnYz:nO.H}m]Fzk@0\!xEa"G}:d(Bpku?32(HcoV.zw]-0]k#%'F<ZHN[0\%3i+YPRY53V
May 25, 2021 10:25:18.380247116 CEST	1304	OUT	GET /assets/components/phpthumbof/cache/new-20-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.474654913 CEST	1395	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 22419 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Sun, 16 May 2021 09:22:11 GMT ETag: "63601b1-5793-5c26f0306a86f" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 01 02 00 06 03 05 07 04 08 ff c4 00 44 10 00 01 03 03 03 02 04 05 01 06 03 05 07 05 01 00 01 02 03 11 00 04 21 05 12 31 06 41 13 22 51 61 07 32 71 81 91 14 23 33 42 a1 b1 c1 15 52 62 16 43 72 d1 f0 08 24 34 82 92 e1 f1 17 25 53 a2 c2 b2 ff c4 00 1a 01 01 00 03 01 01 01 00 00 00 00 00 00 00 00 00 00 00 01 03 04 02 05 06 ff c4 00 2c 11 01 00 02 02 01 03 03 03 03 04 03 00 00 00 00 00 00 01 02 03 11 21 04 12 31 13 41 51 05 22 32 42 61 71 23 c1 d1 e1 81 91 b1 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 eb 48 29 f0 a5 3c 0c 01 4c 84 92 b6 c9 00 0e 4c d4 60 0f 08 81 c0 c0 3e b5 24 82 90 07 26 b8 76 23 cc b7 13 cc e6 69 d4 44 7d 04 52 a3 ca ea a7 3e 5a 84 f9 49 a0 85 5b 25 46 38 a2 84 9f 12 3d a9 57 e6 48 99 8e 7e b4 c4 c9 99 1c 02 68 80 71 63 7a 42 47 cc 62 91 e5 12 93 04 82 4c 7d 28 85 8d c9 39 c1 a5 74 cb 67 3b 67 f9 50 64 54 25 48 03 d3 13 58 d2 09 59 cc 79 81 fb 56 45 9f 39 8e c2 33 48 dc 07 c4 7c ca ef e9 14 0c b3 e7 27 de 95 44 80 52 9c a9 4a 00 54 9d ca 57 70 08 fb d0 70 91 b4 8c 1d c2 81 c0 09 6d 21 26 48 91 3e b5 a7 d4 58 f0 9d 31 f2 ab 22 b7 27 0b 5a 7b 72 05 79 ef 1a 0e b2 41 f9 87 ca 7d ea bc 95 ee 87 55 9d 4a 85 ae e9 2d 3a e2 6e 54 d9 5a 52 a0 b5 a5 3c 82 38 50 f7 15 a8 6d 36 d7 09 7e d2 f5 29 72 ca f5 25 b5 48 c4 fa d5 dd c4 f2 08 aa ee af a5 36 86 5e 75 04 25 b9 df ff 00 09 ac 7e 17 38 1f 58 f4 bb fd 21 7d 1b c3 d6 4f 2c a5 32 32 23 80 7e d5 df 3e 09 fc 63 d0 58 e9 96 3a 73 ab ae 1b b5 f0 92 18 61 6b 6d 4a 43 ad 99 90 a3 98 89 8c f6 aa 17 c4 bd 77 4b 46 86 cd 9e a7 0f 6a 60 a5 61 84 e4 94 83 fc 7e 9f d6 b3 f4 df c1 f6 5d e9 8b 4e ac d7 15 7e 9d 2a e5 09 71 9b 1d 15 a3 75 70 77 1c 12 4e 12 3d 7d 3d ab 66 3b 4d a3 95 36 ae a5 f4 f2 b4 e6 f4 5b 15 b9 a0 d8 fe b3 4d b8 db e2 58 32 a4 84 ed 50 82 b6 e7 19 11 29 98 3d a0 d5 63 5c d3 35 3b 9d 0b 51 d3 6d b5 05 ea 5a 3d db 6a 67 c0 f0 c7 ea 6c c7 20 41 82 a0 22 08 39 aa dd a7 c4 6d 77 47 1a 56 8b d3 bf 0f 35 c7 b4 e6 d2 19 6d 77 bf b3 71 c1 18 e1 25 29 fa 93 f8 a6 7f 5b f8 94 eb 8e 5f da f4 5e 97 67 7c e2 8a 4f ea df e1 b0 30 7c 42 b1 27 b4 62 a2 e9 ae df 3f dd 58 2d 0f 2c 2d b1 e5 51 1e 94 11 66 66 60 0f 53 e9 5b ee ba 6b a8 5d d4 8b 9a ad 9e 8d 69 78 e1 95 31 a4 ba 17 07 b9 5c 28 80 4f d6 a9 37 16 fd 46 1d 3e 14 25 1d 82 e2 6b 17 6f 3a db d4 8c 9b ae f4 b1 35 66 92 25 52 7d 49 e2 b7 3d 3f 7f fe 15 ac 5a dd 36 7f 76 b1 b8 0e e9 ef 55 9b 51 aa ec 6b c6 80 60 6f c1 23 fa d7 61 e8 dd 2f a4 2e f4 e6 d5 a8 87 0d ec 0d c5 b2 95 89 fa 4d 73 15 99 9f 2e 6f 92 22 39 85 9a f2 f6 d2 d5 2a fd bb 4d a1 d4 ee de d8 c8 1c e4 f0 2a 95 d4 9d 54 c2 ad 5c 63 4e 52 c9 27 f7 bc 20 26 39 03 92 af 73 f6 ab 3f Data Ascii: JFIFHHC%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"D!1A"Qa2q#3BRbCr$4%S,!1AQ"2Baq#?H)<LL`>$&v#iD}R>ZI[%F8=WH~hqczBGbL}(9tg;gPdT%HXYyVE93H\|'DRJTWppm!&H>X1"'Z{ryA}UJ-:nTZR<8Pm6~)r%H6^u%~8X!}O,22#~>cX:sakmJCwKFj`a~]N~qupwN=}=f;M6[MX2P)=c\5;QmZ=jgl A"9mwGV5mwq%)[_^g\|O0\|B'b?X-,-Qff`S[k]ix1\(O7F>%ko:5f%R}I=?Z6vUQk`o#a/.Ms.o"9MT\cNR' &9s?
May 25, 2021 10:25:18.531404018 CEST	1429	OUT	GET /assets/components/phpthumbof/cache/new-07-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.625931978 CEST	1572	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 29277 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Mon, 12 Apr 2021 08:52:53 GMT ETag: "636019d-725d-5bfc2a3a20dd9" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 04 03 01 00 00 00 00 00 00 00 00 00 00 00 06 01 03 05 07 00 02 04 08 ff c4 00 52 10 00 02 01 03 02 03 05 05 04 05 06 0c 04 04 07 00 01 02 03 00 04 11 05 21 06 12 31 13 22 41 51 61 07 14 71 81 91 32 a1 b1 c1 15 23 42 52 d1 33 62 72 92 a2 b2 08 16 24 34 43 44 63 82 c2 e1 f0 f1 53 54 73 93 17 25 83 a3 35 45 64 b3 c3 d2 d3 ff c4 00 1a 01 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 00 02 01 03 04 05 06 ff c4 00 32 11 00 02 02 01 04 01 02 04 04 05 05 01 00 00 00 00 00 01 02 11 03 04 12 21 31 41 13 51 22 32 61 71 05 14 52 f0 81 91 a1 b1 c1 23 33 42 62 d1 e1 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 bd a1 1b 57 4a ef 4c 43 d2 ba 05 21 70 a2 97 18 a5 ac 14 08 65 6b 8a d8 d6 75 a0 06 cd 65 6d 80 2b 31 41 36 69 8a 43 5b 91 49 8a 09 34 a4 22 b7 02 93 14 12 69 8a 43 5b 91 48 68 22 cd 31 49 8a dc 8a c2 28 21 b1 bc 56 11 9a df 15 98 a0 0d 31 49 8a df 14 84 50 41 a1 15 84 56 f4 82 a4 93 5c 52 56 e7 6a d7 e9 41 02 56 75 ac f9 8a ca 08 35 e9 49 8c d6 dd 6b 0d 41 26 b8 a4 e9 5b 12 2b 0d 48 72 6b 49 8a 53 49 91 e7 50 06 a4 56 62 b7 34 d9 91 07 56 03 e3 45 85 0b 8a 4a d1 ee 60 5e b2 a0 f8 b0 a6 9a fe d1 7e d5 d4 03 e3 20 fe 35 1b 97 b8 6d 67 45 21 15 82 45 3d 37 a4 77 58 d0 bb b0 55 03 24 93 80 05 31 02 81 59 8a e4 6d 4e c5 7a de 5b 8f fe a0 a6 db 5a d3 57 ad f5 bf fe e0 a4 df 1f 71 b6 4b d8 ed f9 56 11 51 af c4 3a 4a 75 bf 83 ea 4f e5 4f 59 6a 76 77 e8 cd 67 32 ca 01 c1 2b 9e bf 3a 95 38 be 13 07 19 25 6d 1d 80 56 62 90 1a 8b bf e2 2d 22 c2 e0 c1 79 7f 04 33 80 09 46 27 20 1f 95 4b 92 8f 64 24 e5 d1 2b 8a 4a 80 6e 32 e1 f5 19 3a 9c 3f 20 df c2 9a 6e 38 e1 f5 ff 00 f3 05 3f 08 df f8 52 7a 90 f7 1b d2 9f b0 49 59 43 d6 7c 65 a2 5e dc a5 bd ad d9 92 66 38 00 44 c3 f1 15 3a ae 18 02 0e d4 d1 92 97 42 ca 12 8f 12 46 e0 62 97 ad 20 a5 a6 14 92 87 a5 74 0e 94 cc 43 6a 79 6a 07 6c d8 52 d6 56 03 8a 08 10 d6 52 e6 b3 ad 00 25 6a ec 11 19 88 d8 02 6b 63 4c 5e 36 2c e7 3e 51 b1 fe c9 a8 6e 95 8d 18 db a0 5d 38 e6 ca 78 f9 ed 6c f5 09 50 fe d2 c1 9a d4 f1 a2 e7 0b a5 ea 27 d7 b1 a8 3e 15 76 5e 1e b7 c7 8f 31 fb cd 67 12 43 a8 41 14 37 36 da 8d b5 9c 1c a4 c9 da c3 da 12 7a 8c 54 47 1c a5 15 27 2f e8 87 9e 58 46 4e 3b 7a fa b2 67 fc 74 3c c0 7e 89 be 5c 9c 73 48 a1 40 f8 d1 16 99 7a 2f ad d2 65 52 aa ea 1b 07 a8 c8 cd 54 ba 27 11 7e 99 b7 b8 46 4c 4b 07 2a bb a8 c2 b9 df 70 3a 81 b7 4a b3 f8 65 4a e9 b6 e3 fd 9a fe 02 a2 9c 67 b6 ec 96 d4 a0 a4 95 0c 71 af 11 47 c3 1a 29 d4 25 87 b5 41 22 a1 5e 6e 5e b9 de ab c9 7d b2 c1 9c 2d 90 07 c8 b1 fe 14 47 ed ac 03 c1 13 02 3a c8 3a ff 00 45 aa 91 e1 21 02 c5 7a 92 c7 1b 4b 32 04 8a 49 07 d8 39 f0 d8 e7 af 4a 31 e3 79 72 38 dd 11 3c 8b 16 35 2d b6 59 07 da f3 95 e6 Data Ascii: JFIFHHC%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"R!1"AQaq2#BR3br$4CDcSTs%5Ed2!1AQ"2aqR#3Bb?WJLC!pekuem+1A6iC[I4"iC[Hh"1I(!V1IPAV\RVjAVu5IkA&[+HrkISIPVb4VEJ`^~ 5mgE!E=7wXU$1YmNz[ZWqKVQ:JuOOYjvwg2+:8%mVb-"y3F' Kd$+Jn2:? n8?RzIYC\|e^f8D:BFb tCjyjlRVR%jkcL^6,>Qn]8xlP'>v^1gCA76zTG'/XFN;zgt<~\sH@z/eRT'~FLKp:JeJgqG)%A"^n^}-G::E!zK2I9J1yr8<5-Y
May 25, 2021 10:25:18.643292904 CEST	1603	OUT	GET /assets/images/%D0%BC%D1%8B%20%D0%BF%D0%BE%D0%BC%D0%BD%D0%B8%D0%BC.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.737972021 CEST	1762	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 55866 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Mon, 15 Mar 2021 09:37:00 GMT ETag: "6360184-da3a-5bd8ffddb09fd" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 02 01 01 02 01 01 02 02 02 02 02 02 02 02 03 05 03 03 03 03 03 06 04 04 03 05 07 06 07 07 07 06 07 07 08 09 0b 09 08 08 0a 08 07 07 0a 0d 0a 0a 0b 0c 0c 0c 0c 07 09 0e 0f 0d 0c 0e 0b 0c 0c 0c ff db 00 43 01 02 02 02 03 03 03 06 03 03 06 0c 08 07 08 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c 0c ff c0 00 11 08 00 fa 01 e6 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 23 42 b1 c1 15 52 d1 f0 24 33 62 72 82 09 0a 16 17 18 19 1a 25 26 27 28 29 2a 34 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e1 e2 e3 e4 e5 e6 e7 e8 e9 ea f1 f2 f3 f4 f5 f6 f7 f8 f9 fa ff c4 00 1f 01 00 03 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 11 00 02 01 02 04 04 03 04 07 05 04 04 00 01 02 77 00 01 02 03 11 04 05 21 31 06 12 41 51 07 61 71 13 22 32 81 08 14 42 91 a1 b1 c1 09 23 33 52 f0 15 62 72 d1 0a 16 24 34 e1 25 f1 17 18 19 1a 26 27 28 29 2a 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 82 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e2 e3 e4 e5 e6 e7 e8 e9 ea f2 f3 f4 f5 f6 f7 f8 f9 fa ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 fd fc a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 9a f2 6c a8 e4 ba f2 22 77 93 0a 8b d0 e7 a8 a0 09 a8 a6 2c e1 fa 7a 66 9c ad 9a 00 5a 29 09 c5 2d 2b a0 0a 28 a2 98 05 21 e9 4b 51 dc 4f e4 2e 4f 4e 99 a0 08 a6 04 86 db 80 71 c6 6b f2 67 f6 b0 ff 00 82 ce df fc 34 ff 00 82 ed 78 1b e1 3d 94 fa a1 f0 06 95 00 d1 bc 42 2d 13 74 30 de 5c 12 63 9a 46 e8 02 f4 af d1 7f db 13 f6 94 b0 fd 93 3f 66 df 1b 7c 40 d5 9a 38 2c fc 33 a6 c9 75 1b b9 ff 00 5b 26 30 8a 07 7c 9c 57 e3 2f ec bf fb 26 5f 78 bf fe 09 79 f1 3b c4 da c2 5f 5c 7c 65 f8 f1 75 3f 8a 2c 75 1b 97 26 ea c4 a3 ef b7 48 dc f2 13 65 7c d7 12 f1 4e 07 24 c3 2c 4e 35 e9 29 46 0b 7d e4 ec 75 e1 30 55 31 52 70 a7 d1 5c fd e2 d3 54 08 37 2b a3 a4 9f 3a 14 fb a5 4f 20 8f a8 ab d1 d7 ca df f0 47 8f da c9 3f 6b cf d8 27 c1 5a ec d2 27 f6 d6 8f 6f fd 87 ab c4 d2 6e 92 1b 9b 6f dd 36 ee ff 00 31 5c d7 d4 9f 6a c1 60 a3 73 26 37 0f 4a fa 55 fd 7e 87 34 95 9d 99 3d 14 80 e4 52 d0 48 51 45 14 00 51 48 c4 85 e3 ad 0a 7e 5e 78 34 00 b4 53 1e 4c 74 c7 e2 69 0c a5 14 b3 0c 00 33 9c d0 04 94 52 2b 6f 50 47 43 cd 2d 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 48 cd 83 40 0b 45 37 cc a3 cc a0 07 51 4d f3 28 f3 28 b8 0e a2 9b e6 50 1f 26 95 d0 0e a2 8a 29 80 51 45 14 00 51 45 Data Ascii: JFIF``CC"}!1AQa"q2#BR$3br%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzw!1AQaq"2B#3Rbr$4%&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz?(((((l"w,zfZ)-+(!KQO.ONqkg4x=B-t0\cF?f\|@8,3u[&0\|W/&_xy;_\\|eu?,u&He\|N$,N5)F}u0U1Rp\T7+:O G?k'Z'ono61\j`s&7JU~4=RHQEQH~^x4SLti3R+oPGC-QEQEQEQEQEQEQEQEQH@E7QM((P&)QEQE
May 25, 2021 10:25:18.745336056 CEST	1820	OUT	GET /assets/images/%D0%A1%D0%B5%D1%80%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%82%D1%8B%20%D0%A4%D0%AD%D0%9F%D0%9E%20-%202019_2_149_%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0_1.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.840464115 CEST	2058	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 381504 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Fri, 27 Dec 2019 12:01:00 GMT ETag: "6365565-5d240-59aae3f449700" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 c8 00 c8 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 05 8e 04 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 23 42 b1 c1 15 52 d1 f0 24 33 62 72 82 09 0a 16 17 18 19 1a 25 26 27 28 29 2a 34 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e1 e2 e3 e4 e5 e6 e7 e8 e9 ea f1 f2 f3 f4 f5 f6 f7 f8 f9 fa ff c4 00 1f 01 00 03 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 11 00 02 01 02 04 04 03 04 07 05 04 04 00 01 02 77 00 01 02 03 11 04 05 21 31 06 12 41 51 07 61 71 13 22 32 81 08 14 42 91 a1 b1 c1 09 23 33 52 f0 15 62 72 d1 0a 16 24 34 e1 25 f1 17 18 19 1a 26 27 28 29 2a 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 82 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e2 e3 e4 e5 e6 e7 e8 e9 ea f2 f3 f4 f5 f6 f7 f8 f9 fa ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 fd 53 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 a2 8a 28 00 Data Ascii: JFIFCC"}!1AQa"q2#BR$3br%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzw!1AQaq"2B#3Rbr$4%&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz?S((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.6	49719	77.222.40.109	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
May 25, 2021 10:25:18.171699047 CEST	1236	OUT	GET /assets/images/gerb.gif HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.269752026 CEST	1259	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/gif Content-Length: 4068 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Wed, 28 Dec 2016 07:36:21 GMT ETag: "6365558-fe4-544b3066a0740" Accept-Ranges: bytes Data Raw: 47 49 46 38 39 61 41 00 46 00 ff 00 00 f5 f5 f5 35 28 14 47 39 29 6d 4d 91 47 34 15 50 45 31 e5 d9 e5 76 58 a2 62 3c 87 35 2f 2b 8f 70 ab 92 8c 90 68 4d 33 81 5f a1 a5 86 ba 29 17 09 75 65 51 b2 95 c5 d2 cf d2 c2 9d c5 0a 05 0a 52 40 1a 6c 54 4c 94 86 74 ea e8 d7 6f 8e af 8b 75 6b 70 6e 6e 51 50 50 aa 95 8f c7 b0 cd e9 d6 d4 6c 4c 70 52 31 6f 2f 33 4b 56 5b 66 58 34 86 aa 92 71 2a 1a 2c b3 c6 ca c8 ba e3 d6 d4 e4 86 a4 b9 a6 78 a9 90 4f 4f 7b 65 97 8c 6e 55 57 65 72 77 91 9e 7a 65 88 65 38 76 97 ba d5 00 00 00 c8 b7 af 84 ab d7 8a 6f 90 3b 44 56 17 18 21 6b 83 9b 8b 57 8d 8e 93 ad aa 96 56 3e 41 3e b8 b5 b7 b2 a8 92 5b 46 78 50 2c 54 a6 99 a5 ba b2 a6 b8 c8 d5 b1 b0 cb b9 a6 56 b6 a5 74 d3 c3 b4 5c 46 69 a4 c8 da 6c 32 4b 68 95 c9 41 4b 66 64 75 8a a4 cb e6 c6 b3 57 8d 0c 14 4c 64 87 67 97 d5 6e 2e 3b aa a6 a8 86 b8 e6 93 bc e5 65 7c 97 7d a0 b9 65 8c c5 87 a9 c6 8e 3b 6c 5b 78 97 90 15 2c 55 68 85 b6 8f bd 50 1d 6a 57 86 c6 ab 6c 53 e2 c9 af 3b 30 64 a7 50 85 c8 ac 92 4d 11 2d ab 08 11 58 02 0d d9 e1 c8 8f 4c 32 97 86 52 e3 d9 68 e9 93 a2 75 76 88 75 85 89 76 7b 97 aa 50 6c 92 ab c7 71 9a d3 5c 71 88 94 a0 a8 f4 ee 70 8d 4b 69 af 6d 6b 71 12 31 4a 1d 50 c6 57 71 67 65 87 c5 b5 6b 37 4c 70 59 84 b5 ab a7 b6 a9 d3 e7 4f 75 ab 97 a7 b8 d2 ec d9 77 a4 d8 67 9b e2 75 99 c7 52 6c 97 cf 71 89 4e 93 da 96 b5 c9 b8 cb bc ae 71 8c d3 c8 57 88 a2 ad b0 4f 4e ad 34 49 99 c3 dc 4a 58 69 c9 90 91 6f 07 10 a6 d9 f6 b2 ab b6 a9 8b a7 7a a4 c7 5d 3e a1 8f 97 c8 81 ad e3 7c 88 c0 a9 b9 b8 35 13 67 16 17 34 cc 74 55 b4 80 a1 95 c8 ee aa 19 26 79 c5 fd e7 90 9a cb 8b 51 4b 5b 74 53 59 74 35 10 4d 6a a6 e9 c7 96 78 94 35 4d 7a b4 e9 b5 e4 f1 b2 47 32 a9 3a 1d 83 b6 f1 59 a8 f0 d5 f2 e5 b5 dc e4 89 6d 3b c6 43 4a a7 2f 33 50 96 e5 8e 24 11 d7 c5 6a a2 96 b5 a5 c6 ca 73 87 97 d1 97 b0 9a b8 ba b3 a7 a6 4c 8d d5 63 8e d5 e5 71 7a bd 94 a9 ca 6a 78 76 a9 e7 90 2e 2e c7 42 2d 13 0c 2e 71 ac f4 67 a9 f2 76 b6 f5 68 b5 f7 39 61 8d 69 91 99 ec e1 9d b2 db f1 c6 11 18 6e 29 1c 37 76 c5 4b 7c c0 b8 99 b9 6b a3 dc 47 87 cd 8d b5 cc 3e 6e ae ef b0 b6 ea eb ad 5b 96 da 5f c2 ff cd ec db 28 55 8c 88 b3 d9 e4 dc 94 3f af ff 4b 69 96 b8 d9 d7 45 4b 70 cf 3f 3c 0c 14 34 ba 6b 34 65 6b 99 5e 90 c6 e6 11 16 ab d2 dc 4f 54 89 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 f3 00 2c 00 00 00 00 41 00 46 00 00 08 ff 00 e7 09 1c 48 b0 a0 41 82 8a c6 8c a1 62 8c 8a 43 2a 5b 0e 4a 9c 48 b1 22 45 30 a6 6c 5c c1 82 e5 8a 47 2c 36 2c 8a 1c 69 50 8b 8d 2d 82 24 71 99 51 47 8b 8a 25 33 54 d4 e1 92 21 c3 8c 25 2a 58 be 68 a1 69 c8 26 47 99 62 91 1c 3a 50 10 15 1b 4b 4c 55 ba 29 29 83 0e 56 4e 70 38 f9 e3 44 84 0e 43 38 c0 e0 c0 31 43 16 0f 3d 7b 20 cd c8 54 8e 0a d1 91 36 a0 40 19 06 8c 8b 99 a8 22 70 88 18 25 42 c4 14 1c ec c0 64 68 36 6a 94 13 98 7d 30 49 91 72 a3 12 94 2b c6 ce 4e 0c 64 27 c3 9f 05 4f d4 e9 50 11 77 ca aa 40 ab ee dc c9 e2 f4 49 53 30 4f c0 78 59 22 49 00 a6 35 6b f8 fc 51 21 49 d1 27 2c 8a 0d 9a 7a 61 a2 ae 08 27 30 96 d4 ac c3 49 07 8f 13 c0 8b 14 91 50 e4 44 71 47 86 6c a8 60 a1 46 8d 14 3e ac a6 98 99 12 cf 6c 6c 82 99 78 8c 6a 00 23 0b 28 15 2a 42 19 ff 91 90 e2 96 01 Data Ascii: GIF89aAF5(G9)mMG4PE1vXb<5/+phM3_)ueQR@lTLtoukpnnQPPlLpR1o/3KV[fX4q,xOO{enUWerwzee8vo;DV!kWV>A>[FxP,TVt\Fil2KhAKfduWLdgn.;e\|}e;l[x,UhPjWlS;0dPM-XL2Rhuvuv{Plq\qpKimkq1JPWqgek7LpYOuwguRlqNqWON4IJXioz]>\|5g4tU&yQK[tSYt5Mjx5MzG2:Ym;CJ/3P$jsLcqzjxv..B-.qgvh9ain)7vK\|kG>n[_(U?KiEKp?<4k4ek^OT!,AFHAbC[JH"E0l\G,6,iP-$qQG%3T!%Xhi&Gb:PKLU))VNp8DC81C={ T6@"p%Bdh6j}0Ir+Nd'OPw@IS0OxY"I5kQ!I',za'0IPDqGl`F>llxj#(B
May 25, 2021 10:25:18.285717010 CEST	1265	OUT	GET /assets/components/phpthumbof/cache/inst-coron.5d9bda69baeaff49f4ea93e898a86ffd.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.382671118 CEST	1311	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 23011 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Tue, 07 Apr 2020 08:59:21 GMT ETag: "63653fc-59e3-5a2af99734c40" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 01 05 01 01 01 00 00 00 00 00 00 00 00 00 00 00 02 03 04 05 06 07 01 08 ff c4 00 50 10 00 02 01 03 02 03 05 05 04 03 0d 05 06 06 03 00 01 02 03 00 04 11 05 21 06 12 31 07 13 41 51 61 14 22 32 71 81 52 91 a1 d1 23 42 b1 08 15 16 17 24 33 62 72 92 93 b2 c1 e1 35 43 54 82 f0 53 55 63 73 74 a2 34 37 38 83 94 b3 a3 c3 f1 ff c4 00 1b 01 00 02 03 01 01 01 00 00 00 00 00 00 00 00 00 00 00 02 01 03 04 05 06 07 ff c4 00 33 11 00 01 04 01 03 02 04 05 02 07 01 01 01 00 00 00 01 00 02 03 11 21 04 12 31 41 51 05 13 22 61 32 71 81 91 a1 b1 d1 06 14 23 42 c1 f0 f1 33 72 e1 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 e7 f4 51 45 7a f5 c1 45 14 51 42 11 f2 d8 d4 98 6f 66 8f 62 79 d7 c8 fe 75 1a 8a ae 48 59 28 a7 8b 5a f4 ba ed 46 8d db f4 ef 2d 3e c7 f5 1c 1f a8 56 f0 df c4 fb 3e 50 fa f4 fb ea 50 60 d8 2a 41 1e 60 d6 7a 97 1c 8f 19 cc 6c 54 fa 57 32 6f 09 69 cc 46 97 b1 d0 7f 1c 4c cf 4e b1 9b 87 71 83 f6 e0 fe 16 82 8a ab 87 51 61 fc ea f3 0f 35 d8 d4 d8 ae 62 97 e0 61 9f 23 b1 ae 54 da 49 a1 f8 9b 8e e3 2b da e8 3c 7b 43 af a1 0c 83 77 63 83 f6 3c fd 09 4f d1 5e 0a f6 b3 2e ba 2b ca f6 8a 10 ae b4 0e 21 9f 4c 22 19 73 35 a7 d9 f1 4f ea fe 55 d0 ac 6e a0 bd b7 59 ed a4 59 23 6f 10 7a 7a 1f 23 5c 8e a6 69 7a 95 ce 99 71 de db 3e 33 f1 21 dd 58 7a 8f f3 ab 19 25 60 af 35 e3 1f c3 d1 eb 6e 68 3d 32 7e 0f cf df dd 75 8a 31 55 7a 16 b5 6d ab 45 fa 33 c9 3a 8f 7e 26 3b 8f 51 e6 2a d6 b5 03 63 0b e7 b3 c1 26 9e 43 14 a2 9c 12 4e f4 d9 19 34 e9 14 86 02 a5 54 92 05 3a 9b 53 6a 37 da 9e 41 52 10 95 8d b3 5e 35 39 8d a9 0c 31 42 82 a2 c9 d6 98 71 52 64 14 cf 76 64 60 a8 32 c7 c2 95 c9 17 96 76 ed 73 72 b1 8c ee 77 f4 15 aa 8d 56 18 95 10 72 a2 8c 00 2a 2e 91 63 ec aa d2 37 f3 84 63 e5 4f 4d 30 cf 29 cd 2a 70 13 73 cf b9 c9 23 d0 1a a0 d6 2e a1 74 64 ef 62 e7 ea 55 ce 0d 5d 4b 10 28 dd dc 98 27 c0 d5 1c da 4c 2f 79 de 3c bc e8 06 e9 8d be ff 00 f5 a9 52 14 2d 3e 30 2c 33 12 aa 93 93 92 3a 7a fd d4 49 6a 0c 6d 33 73 24 78 ea 7d d2 7d 71 d6 ad c5 cd b3 dc c3 6b 6d 68 a5 0e fe ee ca 00 f3 aa ce 2a bb ef 27 16 c8 16 38 a2 18 2d 9c e5 ba ed 50 4a 70 97 a1 a2 8d 56 05 0c a0 28 24 22 f8 ed e2 6a c7 88 1b 94 42 c1 f9 48 7e 63 d0 e2 a9 f8 69 4b ea 70 b8 e7 73 c8 c4 67 c8 8e bf 3a bc d5 ed b9 a6 88 67 60 09 cf 42 3d 69 4a 9e a8 d3 61 7d 47 43 9e 37 01 24 56 38 1b 6c 46 e3 18 da a3 69 ba 4b 12 b2 5d cc 52 35 1f 09 21 bf f7 1f d9 53 61 59 34 ed 0b 99 26 f7 9f 00 3e 3c 49 dc fd d5 05 25 92 4b 37 92 46 f7 5e 55 40 3d 31 9f a7 fa 52 97 05 21 a7 a2 b8 b5 30 4b ca b6 aa 1b 7f e7 1f 7c 8a 85 aa 81 3c b2 c7 de 32 31 3d 7a 6c 0f 4c d4 dd 1d 4b 3a 9f 77 1b 9c 2f 4a 6e fa c9 65 b9 90 b7 5e 63 d6 95 ce c2 90 32 b2 f7 16 33 c1 33 3c Data Ascii: JFIF``C%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"P!1AQa"2qR#B$3br5CTSUcst4783!1AQ"a2q#B3r?QEzEQBofbyuHY(ZF->V>PP`A`zlTW2oiFLNqQa5ba#TI+<{Cwc<O^.+!L"s5OUnYY#ozz#\izq>3!Xz%`5nh=2~u1UzmE3:~&;Qc&CN4T:Sj7AR^591BqRdvd`2vsrwVr.c7cOM0)ps#.tdbU]K('L/y<R->0,3:zIjm3s$x}}qkmh'8-PJpV($"jBH~ciKpsg:g`B=iJa}GC7$V8lFiK]R5!SaY4&><I%K7F^U@=1R!0K\|<21=zlLK:w/Jne^c233<
May 25, 2021 10:25:18.524318933 CEST	1427	OUT	GET /assets/components/phpthumbof/cache/new-19-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.621754885 CEST	1538	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 34827 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Mon, 19 Apr 2021 14:00:59 GMT ETag: "63601a3-880b-5c053c263783f" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 02 03 01 01 00 00 00 00 00 00 00 00 00 00 03 04 05 06 01 02 07 00 08 ff c4 00 53 10 00 02 01 02 04 04 03 05 05 05 04 05 08 07 09 00 01 02 03 04 11 00 05 12 21 06 13 31 41 22 51 61 07 14 32 71 81 15 23 91 a1 d1 42 b1 c1 e1 f0 08 33 52 f1 16 24 62 72 94 34 35 43 53 55 63 92 93 17 25 44 45 74 82 d2 27 37 64 73 83 b2 b3 c2 c3 ff c4 00 1a 01 00 03 01 01 01 01 00 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 ff c4 00 33 11 00 02 02 01 03 02 03 05 08 02 03 01 00 00 00 00 00 01 02 11 03 12 21 31 13 41 04 51 61 15 71 81 a1 f0 05 14 22 32 52 91 b1 d1 42 c1 23 e1 f1 62 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 9e 48 dc 05 49 e4 69 39 a3 48 3b 9d 3e b7 f5 c1 a4 81 d1 6e 2a 42 c6 c3 53 2b 0d 37 3e 56 f2 fe 58 da 9a a7 54 68 f2 15 2c 56 ee 42 fc 2b 7f df 82 a4 07 dd 15 84 41 ce e1 95 f6 23 63 d4 77 c7 c8 c5 d1 f4 75 e6 45 b2 34 52 c9 a5 09 5b 8b a7 5b 1f d3 0b 1a 01 01 91 da 96 16 2e 2e ac 5b a9 df ae 24 a4 d0 b4 c1 88 20 b1 f1 75 b1 20 dc 63 78 e1 33 41 ac 82 5a da 7c 76 01 76 da df 31 83 51 aa 40 f2 fa 41 18 26 56 75 0b d6 fd 4f 4d bf 98 c4 ca ad 3c 8d 30 8d 84 9c b4 d3 a0 6e 6e 7b 5b e5 6c 46 ad 3d 42 c6 d1 48 9c cd c9 59 11 bb 5f f7 8c 37 45 09 46 f7 a4 91 a6 91 49 04 3d 88 63 e4 3d 3a fc f0 ad b3 39 21 56 c9 95 9e 26 a3 85 11 a4 61 ae fb f8 7c 86 fb 77 fc 31 25 1e 59 cb 86 d3 04 04 35 d9 49 ba 91 d8 9f 5b 61 5a 7c dd 72 c9 e6 a4 62 b1 2e bb 99 1a ee 2e 77 d3 71 f0 f5 bf d7 0d c1 9c c3 3c ad 0b b8 77 3d cc 7d 57 c8 f9 e2 8c dd 93 91 53 c4 59 19 54 69 68 c2 00 41 16 f2 c2 75 29 27 35 6f 22 ab 11 f0 af 56 5e d8 91 88 4e f0 c5 a5 53 98 cb 7b 5f 7f 3f e3 85 99 f9 b5 0c 80 a1 8c ae 92 40 eb f2 f4 18 74 65 df 72 36 49 2a 7c 49 43 0b 35 85 f9 d2 1b 23 37 90 03 73 f3 e9 89 3a 28 2f 46 39 12 0d 64 15 20 1d 85 fd 71 95 07 98 c9 c9 24 04 dc ab 6c 3c ed 6f a6 0b 0c 6b a6 d1 9b 44 c4 02 eb df 7b 90 3e bd f1 54 3b f2 2b f5 39 69 87 34 9d 51 cb 16 5d 56 6b dc 1b 6f 73 fd 77 c7 a8 28 8d 3b 86 48 81 be a5 bf 98 c4 dd 33 16 cc 99 63 21 cc b1 91 62 db 9b 6e 05 fe 44 63 61 12 fb d4 3c b9 d0 15 1c b3 64 be fd 49 bf 4b 7a e1 69 2b 59 0e b4 6a e8 34 a1 0a 57 49 00 5b 50 bd f1 a5 26 5b 34 51 4d ee c8 55 4b 17 62 e0 f9 ec 7d 7b e2 d4 23 e4 45 a6 46 50 84 dc b5 87 f4 31 e9 f5 58 c8 a1 a4 42 2d e0 20 6d d3 f9 e2 f4 ec 46 b2 a8 32 32 f2 23 ce a9 24 bd 15 c2 13 62 7a de df 4c 57 f3 1e 19 9d 6a 4b cb 1c 92 5c e9 32 46 da 41 37 ee 3b ef 6f c3 17 ca e7 48 4b 8d 32 bb ec 63 b3 9f 16 df 90 eb 84 8d 4f bd d3 1b c4 ca ea 41 07 56 a3 bf 7f 9f ae 27 81 c6 4f 92 9f 4f 90 fb ad 40 79 55 e6 04 69 62 45 9b 7d af 8d 2b 29 aa 29 e8 64 f0 5d ac 19 b5 36 a3 b1 db f7 0c 59 6b 44 45 79 52 c3 14 91 46 00 8c b1 22 ee 7a 8b 7c ad f8 e1 Data Ascii: JFIF``C%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"S!1A"Qa2q#B3R$br45CSUc%DEt'7ds3!1AQaq"2RB#b?HIi9H;>nBS+7>VXTh,VB+A#cwuE4R[[..[$ u cx3AZ\|vv1Q@A&VuOM<0nn{[lF=BHY_7EFI=c=:9!V&a\|w1%Y5I[aZ\|rb..wq<w=}WSYTihAu)'5o"V^NS{_?@ter6I*\|IC5#7s:(/F9d q$l<okD{>T;+9i4Q]Vkosw(;H3c!bnDca<dIKzi+Yj4WI[P&[4QMUKb}{#EFP1XB- mF22#$bzLWjK\2FA7;oHK2cOAV'OO@yUibE}+))d]6YkDEyRF"z\|
May 25, 2021 10:25:18.722135067 CEST	1746	OUT	GET /assets/images/svid-akkred.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.819658041 CEST	1964	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 57235 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Tue, 27 Dec 2016 11:10:43 GMT ETag: "6365561-df93-544a1e73532c0" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 01 ef 01 5e 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 23 42 b1 c1 15 52 d1 f0 24 33 62 72 82 09 0a 16 17 18 19 1a 25 26 27 28 29 2a 34 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e1 e2 e3 e4 e5 e6 e7 e8 e9 ea f1 f2 f3 f4 f5 f6 f7 f8 f9 fa ff c4 00 1f 01 00 03 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 11 00 02 01 02 04 04 03 04 07 05 04 04 00 01 02 77 00 01 02 03 11 04 05 21 31 06 12 41 51 07 61 71 13 22 32 81 08 14 42 91 a1 b1 c1 09 23 33 52 f0 15 62 72 d1 0a 16 24 34 e1 25 f1 17 18 19 1a 26 27 28 29 2a 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 82 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e2 e3 e4 e5 e6 e7 e8 e9 ea f2 f3 f4 f5 f6 f7 f8 f9 fa ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 fa eb 44 f0 ec 9a c9 99 a2 30 c6 23 62 36 88 87 18 fe 66 b5 7f e1 0c 96 2e b3 da f4 ed 1a 8f e9 47 83 a7 5b 6b 1b f9 7a 14 62 db 81 af 1c d5 bc 67 ab eb 57 b3 48 d7 f3 c5 00 91 8c 71 c4 db 78 ce 00 f5 26 bf 34 ab 52 8d 0a 71 72 8d db 3c d7 24 95 d9 ec 0f e1 57 0f fe be 0f fb e1 7f c2 b1 af ad a1 d3 ee 12 27 9e 00 ee 71 f7 23 5f e7 8c fe 15 e7 1a 6f 88 b5 3b 59 49 4b c9 cf a8 66 dc 08 fc 6b 43 4e b4 fb 75 ae a3 3d c2 fd a2 63 17 2f 26 58 f5 f5 ed 5c be de 9d 4f 82 36 64 a9 df 63 d0 8f 86 66 ba 81 64 8e 68 0e 7a 93 12 e4 7e 94 db 5f 04 cc 54 62 ea dc 37 a1 8d 6b cb ee 35 dd 4b 4f b1 36 d0 de 4d 1c 40 80 00 6e 70 7b 03 d6 b2 53 5f d4 e1 94 3c 7a 95 e4 4e bc e4 49 9c 7e 14 be b7 46 36 4e 0f ef 17 b4 5d 51 ee 90 f8 02 e9 b8 f3 ad db 90 38 89 71 fc a9 df f0 84 5c ae 49 9e 0c 01 c1 31 af f8 57 0d e0 8f 8c 37 96 53 25 b6 a8 63 95 3f e5 9d ce 36 00 dd b7 8e c3 3d ff 00 3c 55 3f 18 7c 5a d4 35 1b 87 83 49 65 b3 b6 53 fe bb 6e 5d fd d4 1e 83 dc f3 5d 3e db 05 ec f9 ec ef d8 b5 52 16 b9 df 49 e1 29 23 23 75 c5 b7 3d 48 8d 4f f4 a8 e5 d0 1e d2 3d ed 34 1b 47 fd 32 5f f0 af 11 fe da d5 25 7d cd 7f 76 cc 7a 99 26 ef 5a e9 ac ea 5a 95 aa db 5c 5d 49 2c 3b b9 05 88 27 eb 5c cb 13 42 5a 2a 76 f9 90 aa 27 d0 f4 6b 08 a2 d4 e7 74 8e e2 12 c8 70 4e d8 db f9 67 15 ad 0f 85 a6 04 ef 96 05 fa c6 bf e1 5e 69 ab Data Ascii: JFIF``CC^"}!1AQa"q2#BR$3br%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzw!1AQaq"2B#3Rbr$4%&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz?D0#b6f.G[kzbgWHqx&4Rqr<$W'q#_o;YIKfkCNu=c/&X\O6dcfdhz~_Tb7k5KO6M@np{S_<zNI~F6N]Q8q\I1W7S%c?6=<U?\|Z5IeSn...RI)##u=HO=4G2_%}vz&ZZ\]I,;'\BZ*v'ktpNg^i
May 25, 2021 10:25:19.010555029 CEST	2469	OUT	GET /assets/images/str.gif HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:19.113111019 CEST	2596	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:19 GMT Content-Type: image/gif Content-Length: 813 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Fri, 10 Feb 2017 08:15:16 GMT ETag: "6365570-32d-54828b29bcd00" Accept-Ranges: bytes Data Raw: 47 49 46 38 39 61 1e 00 1e 00 e6 00 00 ff ff ff ff ff 00 ff 00 ff ff 00 00 00 ff ff 00 ff 00 00 00 ff 00 00 00 fc fc fc fa fa fa f7 f7 f7 f6 f6 f6 f4 f4 f4 f2 f2 f2 f1 f1 f1 f0 f0 f0 ed ed ed dd dd dd db db db da da da d9 d9 d9 d6 d6 d6 d5 d5 d5 d0 d0 d0 cf cf cf ce ce ce cd cd cd c6 c6 c6 c1 c1 c1 ac ac ac a3 a3 a3 a0 a0 a0 95 95 95 91 91 91 80 80 80 79 79 79 75 75 75 73 73 73 60 60 60 5f 5f 5f 59 59 59 54 54 54 4c 4c 4c 4b 4b 4b 4a 4a 4a 3f 3f 3f 3d 3d 3d 3c 3c 3c 3a 3a 3a 38 38 38 35 35 35 34 34 34 33 33 33 32 32 32 31 31 31 30 30 30 2f 2f 2f 2e 2e 2e 2d 2d 2d 2c 2c 2c 2b 2b 2b 29 29 29 28 28 28 27 27 27 26 26 26 25 25 25 24 24 24 23 23 23 22 22 22 21 21 21 20 20 20 1e 1e 1e 1d 1d 1d 1b 1b 1b 1a 1a 1a 19 19 19 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 4c 00 2c 00 00 00 00 1e 00 1e 00 00 07 ff 80 4c 82 83 84 85 86 87 88 89 8a 8b 85 27 2f 39 3e 3e 39 2f 27 1f 10 8c 86 32 47 41 3b 37 36 36 37 3b 41 47 32 21 09 00 98 2b 49 3c 34 ad ae af 3c 49 2c 14 a8 89 1a 3a 44 af ba ba 44 3a 1a 8a a2 33 bb 34 40 3a c2 ae 33 9c 12 88 2a 44 c7 af 35 39 28 30 3e cf 34 33 44 2a 09 86 20 4a c3 34 39 33 08 16 3a 3f d6 34 4a 20 b5 82 0f 32 ac c3 3c 2d 0b 00 19 39 40 d6 3c 33 0f 84 1e 48 c8 39 44 8a 08 5c a2 c3 01 00 00 18 76 dc 7b 85 c4 c3 3a 13 42 5c e5 80 51 62 84 45 12 22 14 1c 44 98 c3 9c 2b 21 26 6a 31 70 b1 a3 55 0d 23 1d 36 aa 54 99 41 c7 42 1a 3b 5e 30 10 14 21 07 8e 56 36 86 6c 58 c9 13 a1 8e 1e ad 70 e4 88 80 0a c3 0f 1b 38 87 70 e8 c9 73 42 0c 1d 34 6c fc c0 50 f4 68 d2 a5 4c 55 3a 85 2a 95 2a 93 9a 37 a3 ea cc ba 11 c3 cf a0 43 05 8d 2c 49 e3 64 4a b2 2d 8a 5f c6 9c c9 04 00 44 89 14 2d 8e c0 a8 f1 20 86 8e cf 40 ae eb f7 2f e0 c0 82 7e 15 5a 6b b8 ae dd bb 5d f1 e6 d5 7b d9 2a df 3e 42 dd be e5 a0 a1 a0 42 b9 73 e9 d6 09 4a b0 c2 d9 b0 1c 29 a8 59 c3 b6 62 9b 21 09 c1 86 fd 30 f6 2a d9 0e 09 a2 09 dd ca f5 8d 97 af dc 84 00 50 50 f5 18 9e 2c 5a 8c 12 84 98 b1 a9 d3 a7 50 a3 66 98 02 8e 08 00 84 0f 8e 20 49 a2 64 89 3a 23 00 0d 22 5c b8 10 a1 c1 41 4c e8 31 05 02 00 3b Data Ascii: GIF89ayyyuuusss```___YYYTTTLLLKKKJJJ???===<<<:::888555444333222111000///...---,,,+++)))((('''&&&%%%$$$###"""!!! !L,L'/9>>9/'2GA;7667;AG2!+I<4<I,:DD:34@:3D59(0>43D J493:?4J 2<-9@<3H9D\v{:B\QbE"D+!&j1pU#6TAB;^0!V6lXp8psB4lPhLU:*7C,IdJ-_D- @/~Zk]{>BBsJ)Yb!0*PP,ZPf Id:#"\AL1;
May 25, 2021 10:25:19.912985086 CEST	2680	OUT	GET /favicon.ico HTTP/1.1 Accept: / Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520
May 25, 2021 10:25:20.010597944 CEST	2684	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:19 GMT Content-Type: image/x-icon Content-Length: 4662 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Mon, 28 Jan 2013 07:04:25 GMT ETag: "6843ed9-1236-4d453e323f040" Accept-Ranges: bytes Data Raw: 00 00 01 00 02 00 10 10 00 00 01 00 18 00 68 03 00 00 26 00 00 00 30 30 00 00 01 00 08 00 a8 0e 00 00 8e 03 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fb fb fb ff ff ff ff ff ff ff fd ff ff ff ff f8 fb f9 ff ff ff fd f9 ff ff ff fb fd ff fc ff ff ff f5 f5 ef fc f8 ff c9 ec f9 fd ff fb ff ff ff fb fb fb ff ff ff 68 60 77 35 46 4f 3d 48 56 34 4e 54 40 57 67 bd db e0 b8 b8 f4 0c 2e 3e 27 3a 47 42 62 75 e4 f2 ff 1b 31 37 ff ff fb ff ff ff fb fb fb ff ff ff ff fe ff cc cd db e2 f2 ff 47 54 62 ed ff ff ef f9 ff 3b 17 4b fa ff f8 38 43 51 34 4c 52 07 01 20 f3 f9 ff f2 fe fe ff ff ff fb fb fb ff ff ff 14 21 31 3b 51 5c 54 6f a2 ff ff ff 33 52 5b 2e 0d 40 4d 72 ac 1d 00 31 fb fc ff ff ff ff f8 fb ff 25 3b 46 54 68 79 ff ff ff fb fb fb ff ff ff 40 5e 5f 37 3b 6b ff ff fe 23 14 40 b2 4b 6a 87 70 90 ff fa ff 9e 55 75 07 1e 4c 8b 63 6f fc fc fc c2 d4 eb 3b 52 ae fd ff ff fb fb fb 36 36 3c 2b 43 43 ff ff f5 51 2c 36 91 4e 75 69 39 b7 b6 99 b0 d6 ba d1 86 45 55 a1 5c 81 4b 14 2d ff fb ff ec f0 ff 40 53 68 8f 9f a5 fb fb fb 36 46 52 2f 45 50 1c 3e 5c 8e 46 6a a6 6a 89 cf a6 c1 f1 e5 ff ff ff fc e6 cd e9 c3 8d ab a2 5d 7e d5 c3 d4 12 26 37 20 34 45 24 4d 56 fb fb fb ea ff ff 1d 1e 2c fb fe fc 8b 4f 78 b9 90 af 32 06 53 ff fd f0 ff ff fc fe f9 ff d2 b7 d1 c2 81 a1 33 09 28 a6 b7 cc 1a 21 32 ef f6 ff fb fb fb 10 23 2a 1b 31 3c 19 34 42 00 31 39 9c 5f 83 ab 81 b1 e2 cb d3 f9 ff f2 d5 b2 cd b4 79 98 a8 8a 9d e0 f4 ff 2b 42 4a 40 5b 65 37 5c 6a fb fb fb f8 ff fe 29 3b 5a 1f 4c 96 ff ff ff 8c 4a 67 96 58 76 a0 65 74 31 00 40 aa 73 82 97 4d 6f 94 4b 6b ff ff ff 00 00 6b b9 c3 e5 ff ff f9 fb fb fb ff fe ff 20 2e 41 13 2b 37 6b e6 f0 6a ac c9 8b 42 68 8f 54 73 a7 6e 8f 95 4e 6f 99 55 78 7f e6 ff 27 72 7b 3a 57 5e 2f 4e 4f ff fc f7 fb fb fb ff ff ff 1e 42 54 3a 5d 67 fd ff ff ff ff fc f8 fc fd 79 3f 62 9f 9d b0 60 2b 46 ed f6 f9 ff ff ff ff ff ff 4c 66 72 09 25 30 ff ff ff fb fb fb ff ff ff ff ff fb de d6 a7 98 83 6d fb ff ff fb f9 f9 11 02 17 12 00 12 10 00 10 e4 db de ff ff ff 98 8d 6f e9 d9 a4 ff ff ff ff ff ff fb fb fb ff ff ff ff fe ff d0 bc 9d 93 79 55 f9 f8 fa ff ff fe fb fd ff 13 01 12 ff fc ff ff fe ff c3 bb da d3 b9 95 4a 3a 29 ff ff fe ff ff ff fb fb fb ff ff ff ff ff ff f6 f4 f3 e6 d2 a2 8b 73 5d 93 78 64 2f 12 0d 6a 50 4a 22 03 06 ec dc ad 13 1d a6 e9 d3 a9 fc fd ff ff ff ff ff ff ff fb fb fb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 00 00 00 30 00 00 00 60 00 00 00 01 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 fb ff fb 00 fb ff fe 00 fb ff ff 00 f6 fc ff 00 f9 fc ff 00 fd ff ff 00 ff ff fb 00 ff f8 f4 00 fe f5 f1 00 f8 e7 ea 00 eb da dd 00 ec db de 00 ed dc e0 00 f9 e8 ec 00 ff fc ff 00 fe fc fb 00 fa fc fd 00 fb ff f8 00 fc fe ff 00 fb fb fb 00 fe fe fe 00 ff fe fc 00 7a 6f 67 00 7c 73 66 00 ee da b7 00 e0 ca a7 00 Data Ascii: h&00( h`w5FO=HV4NT@Wg.>':GBbu17GTb;K8CQ4LR !1;Q\To3R[.@Mr1%;FThy@^_7;k#@KjpUuLco;R66<+CCQ,6Nui9EU\K-@Sh6FR/EP>\Fjj]~&7 4E$MV,Ox2S3(!2#*1<4B19_y+BJ@[e7\j);ZLJgXvet1@sMoKkk .A+7kjBhTsnNoUx'r{:W^/NOBT:]gy?b`+FLfr%0moyUJ:)s]xd/jPJ"(0`zog\|sf

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
3	192.168.2.6	49721	77.222.40.109	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
May 25, 2021 10:25:18.171945095 CEST	1236	OUT	GET /assets/images/tlf.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.267292023 CEST	1242	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 2213 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Wed, 11 Jan 2017 08:45:18 GMT ETag: "6365569-8a5-545cd9ec6e380" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 38 00 37 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 23 42 b1 c1 15 52 d1 f0 24 33 62 72 82 09 0a 16 17 18 19 1a 25 26 27 28 29 2a 34 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e1 e2 e3 e4 e5 e6 e7 e8 e9 ea f1 f2 f3 f4 f5 f6 f7 f8 f9 fa ff c4 00 1f 01 00 03 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 11 00 02 01 02 04 04 03 04 07 05 04 04 00 01 02 77 00 01 02 03 11 04 05 21 31 06 12 41 51 07 61 71 13 22 32 81 08 14 42 91 a1 b1 c1 09 23 33 52 f0 15 62 72 d1 0a 16 24 34 e1 25 f1 17 18 19 1a 26 27 28 29 2a 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 82 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e2 e3 e4 e5 e6 e7 e8 e9 ea f2 f3 f4 f5 f6 f7 f8 f9 fa ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 fd 53 ac 4d 7b c5 76 fa 24 d1 da 47 6f 73 a9 ea 93 2e e8 b4 fb 14 df 2b 2e 71 b9 89 21 63 5c 82 37 bb 2a e4 63 39 e2 93 c5 1a ec da 5a 5a 59 58 24 73 6b 1a 8c 86 1b 48 e5 c9 8d 48 52 cd 2c 98 e7 62 01 93 c8 c9 2a a0 82 c2 9b 61 a7 69 de 07 d1 af 2f 2e ae 89 21 4d ce a1 aa 5d b0 f3 26 60 bf 34 92 1e 83 00 70 a0 05 50 02 a8 55 00 0e ca 74 e3 14 a7 51 5e fb 2e ff 00 f0 2f a6 9a bd 95 b7 5c 75 2a ca 4d c2 9b b5 b7 7d bf e0 db 5e cb 77 7d 8c f3 65 e3 4d 60 ee 97 51 d3 bc 3b 01 19 10 59 db 9b b9 c7 d6 57 2a 83 e8 23 3f 5a 4f f8 43 fc 42 9f 32 78 ef 55 77 ee b3 59 59 34 7f 80 58 15 bf f1 ea e7 be 17 fe d1 3e 13 f8 b7 af df e9 1a 29 bc 8a ea d6 3f 35 4d e4 4b 18 b8 40 70 5a 3c 31 38 19 1d 40 3c f4 eb 5e a1 5d 98 af ad 60 6a 7b 0a f4 94 24 ba 38 47 67 ea 9b fb d9 c5 85 fa ae 3a 9f b7 a1 55 ce 2f aa 9c b7 5e 8d 2f b9 1c 8f db 3c 5d e1 f5 2f 7b 6d 67 e2 6b 45 3c c9 a6 21 b6 ba 0b eb e5 3b b2 3e 3b e1 d4 9e ca 7a 56 fe 8b ae 59 78 82 cb ed 56 32 99 23 0c 51 d2 44 68 e4 89 c7 54 74 60 19 18 64 65 58 02 33 d2 af d7 39 af e8 37 11 de 8d 73 44 55 8f 59 8c 05 96 12 db 63 bf 88 7f cb 29 3b 64 75 47 ea 87 be d6 75 6e 5e 6a 78 8d 26 94 65 dd 68 be 6b 65 ea ac 97 55 d5 75 f2 d4 c3 eb 06 e5 1e cf 57 f2 7b bf 47 76 fa 3e 8f a3 a2 a8 e8 7a cd af 88 b4 8b 4d 4a cd 99 ad ae 63 12 26 f5 da cb ea ac 3a ab 03 90 41 e4 10 Data Ascii: JFIFHHCC87"}!1AQa"q2#BR$3br%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzw!1AQaq"2B#3Rbr$4%&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz?SM{v$Gos.+.q!c\7c9ZZYX$skHHR,bai/.!M]&`4pPUtQ^./\uM}^w}eM`Q;YW#?ZOCB2xUwYY4X>)?5MK@pZ<18@<^]`j{$8Gg:U/^/<]/{mgkE<!;>;zVYxV2#QDhTt`deX397sDUYc);duGun^jx&ehkeUuW{Gv>zMJc&:A
May 25, 2021 10:25:18.270900965 CEST	1263	OUT	GET /assets/js/bvi.min.js HTTP/1.1 Accept: application/javascript, /;q=0.8 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.365360975 CEST	1275	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: application/x-javascript Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding Last-Modified: Mon, 15 Jun 2020 21:29:55 GMT ETag: W/"6361a49-7194-5a82620c0b3ec" Content-Encoding: gzip Data Raw: 31 33 62 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 3d 6b 8f dc c6 91 df 03 e4 3f 50 6d c0 3b f4 ce cc ee 4a 6b 05 9a dd 99 83 24 47 88 80 20 b9 b3 74 07 1b 82 71 e0 0e 9b 33 d4 72 48 2e c9 d9 d5 66 35 80 62 e5 70 39 d8 48 60 5f 80 04 c1 9d ef 89 cb 57 45 f1 5e f4 5c ff 05 ce 3f 4a f5 83 64 f3 dd e4 cc 22 0f c4 80 57 24 bb ba eb d1 d5 d5 d5 5d d5 3d 5b ef 5d f9 f6 b7 94 f7 94 5b f3 20 70 6c e5 d8 f4 e7 9a 65 9d 2a e6 cc d5 4c 0f eb ca f1 4e 7f bb 7f 9d c0 6c 7d fb 5b 1d 63 6e 8f 03 d3 b1 3b 9a 7a 76 ac 79 8a 3e 3c bb 75 6c de 76 6c df b1 f0 f7 9d c9 20 06 30 ba b8 3b 51 cf 4c a3 63 0c 87 3b ea 99 d6 c7 da 78 da 99 74 63 08 b3 3b 55 cf c6 ac 6a df 72 26 1d 24 bc f4 0f 8e 4d a5 a7 a0 4d bc 89 94 c7 ca 03 b4 69 c2 43 4f e9 a0 cd e9 26 52 3f 41 ea 42 5d 60 cb c7 e9 16 80 18 e5 41 be 19 c7 30 48 8d 45 f7 ae 6d 06 09 8d 13 c6 04 1e 6a 9d 60 6a fa 6a df c7 16 1e 07 8e b7 47 3e 4f 86 40 f3 a3 00 db 7a 87 30 f9 b7 9a 8d ad c1 4e 37 7a bc 09 6d 1c e3 c1 76 fc e1 d6 64 80 4e a6 66 80 51 fc e9 8e 63 07 77 b4 99 69 9d 0e 90 8e 0d 6d 6e 05 e9 c2 7b e6 8f f0 00 ed 5c 4d be 7e 1f 07 01 f6 ee b9 da d8 b4 a1 41 db f1 66 9a 25 14 9b 36 fe 1e 36 27 d3 20 5f 76 77 36 11 e8 83 b7 8f 3e 16 de 3f c4 96 a3 e9 02 bd f7 81 b9 01 0a bf 0c cf 97 4f 96 3f 0e 5f 2c 7f ae 84 5f 87 af e1 1f 78 7b 1d 3e 0b 7f 1b 5e 84 cf c3 17 e1 d7 cb 9f 2f ff 05 ca ff 29 41 75 db 72 7c cc 1b f8 2a fc ed f2 b3 e5 3f 87 6f c3 67 a4 89 e7 42 7b f0 cf b3 f0 e5 f2 d3 f0 19 ad 4a 6b dd b6 34 df bf 69 eb 77 f5 01 a2 5f ef 98 8f 44 d9 5a da 29 23 f2 0e 00 4e d9 a3 a0 60 09 43 df 33 75 10 ff 02 b4 6c 2f ad 03 d5 aa 8c d4 bd 48 01 94 69 87 6a e8 6d c7 39 34 b1 df 9f e0 a0 83 40 63 7a 2e 69 1f a9 c3 21 da 41 a0 ba 1d f4 1e 52 99 fe c6 ba 43 2b 5e 89 14 47 0b 02 af 83 74 2d d0 7a a4 be e3 99 13 d3 86 be 51 49 ed 6a 90 6e 1a c0 0f 4e 2d 0c f5 16 0b a0 b3 a3 ee e9 7d e0 17 34 75 b1 00 62 13 ca a1 08 5a c6 50 4b d7 a9 44 19 e1 53 90 09 30 08 14 f7 63 3e 7a 8e 8b ed de 0c db 73 54 0a 4e 1a 32 40 ef 3a 5a 67 63 5f 53 a6 1e 36 86 e8 1d a4 8c 09 ec 30 91 49 6f 4c ba 10 29 81 19 58 78 88 36 36 27 fd 9c 4a 6c 6e a0 d1 be 29 56 9d 58 a7 ee d4 84 4e 52 52 6f 3d 7c 8a 79 83 a3 fd 2d 73 a4 14 37 87 f6 b7 b4 11 48 a4 8a ab 98 76 cb 2c a3 79 b4 0e be aa 48 dc df b2 4c 4e 27 85 c9 68 bb da 27 d2 ee 50 36 0e 1c fd 14 c8 3e f1 34 f7 ae 6d 03 e9 1b fb ba 79 2c 52 45 21 a0 49 f8 3c da 20 75 72 10 4c 47 63 90 be eb 61 90 88 7e df 89 9a a7 46 cc 1c 76 4e 4c 5b 77 4e fa ae 36 c1 1f ff d0 30 7c 1c 5c 19 0e e7 36 d8 23 b0 25 ba fa 37 f9 f2 41 47 77 c6 73 90 6d d0 8f 1e be 6b 61 f2 cf e3 c7 71 09 41 02 95 3c 78 fe 81 a3 e3 4c 09 d8 d2 b1 e7 58 d6 7d c7 dd 83 81 42 05 12 0d 74 3e ac e0 b3 39 ba 71 83 8e af be 30 ea 32 3a ca fa c7 30 1f 61 1d 4c b8 c6 d9 89 da cf 0c c8 d8 90 47 c8 3b ea 68 d8 10 c7 5e 16 76 0c 60 67 16 36 02 30 46 81 e3 c2 5f 8f 1a e0 ed 2e 9a 69 1e 8c e2 1e 29 44 03 a4 cd 03 07 c5 1f 29 50 fc d5 75 7c 93 d0 39 40 0c 4d 17 fd a8 07 9c e0 47 68 70 83 fe 17 d7 3b 70 c0 7e cd a0 e2 d5 6d f7 11 5a 24 f4 50 e5 44 a2 1e bd 43 3e 8f 1d cb f1 7a 01 e8 61 be cc 9c Data Ascii: 13b7=k?Pm;Jk$G tq3rH.f5bp9H`_WE^\?Jd"W$]=[][ pleLNl}[cn;zvy><ulvl 0;QLc;xtc;Ujr&$MMiCO&R?AB]`A0HEmj`jjG>O@z0N7zmvdNfQcwimn{\M~Af%66' _vw6>?O?_,_x{>^/)Aur\|?ogB{Jk4iw_DZ)#N`C3ul/Hijm94@cz.i!ARC+^Gt-zQIjnN-}4ubZPKDS0c>zsTN2@:Zgc_S60IoL)Xx66'Jln)VXNRRo=\|y-s7Hv,yHLN'h'P6>4my,RE!I< urLGca~FvNL[wN60\|\6#%7AGwsmkaqA<xLX}Bt>9q02:0aLG;h^v`g60F_.i)D)Pu\|9@MGhp;p~mZ$PDC>za
May 25, 2021 10:25:18.373610020 CEST	1279	OUT	GET /assets/components/phpthumbof/cache/new-09-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.467946053 CEST	1350	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 40440 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Sun, 16 May 2021 09:45:41 GMT ETag: "63601b5-9df8-5c26f570bb8f2" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1c 00 00 02 03 01 01 01 01 00 00 00 00 00 00 00 00 00 05 06 03 04 07 02 01 00 08 ff c4 00 47 10 00 02 01 03 03 02 05 02 04 05 02 04 04 05 01 09 01 02 03 04 05 11 00 12 21 06 31 13 22 41 51 61 14 71 07 32 81 91 15 23 42 a1 b1 52 c1 33 62 d1 f0 16 24 72 e1 25 43 82 b2 f1 92 08 34 44 63 73 83 93 a2 c2 ff c4 00 1a 01 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 02 03 00 01 04 05 06 ff c4 00 31 11 00 02 02 01 03 02 04 06 02 03 00 03 01 01 00 00 01 02 00 11 03 12 21 31 04 41 13 22 51 f0 61 71 81 91 a1 b1 32 e1 14 c1 d1 23 42 f1 33 52 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 45 b7 dc eb fa 92 dd 41 59 78 9d 67 a8 51 20 0c b1 2a 1f 45 39 20 72 7c bd fe 75 5e 86 ae dd 5b 1b 51 46 16 2d 92 78 65 26 0a 03 93 82 36 82 72 49 f7 c7 ce 82 f4 ad 3d 4a 57 48 22 ae ff 00 cb c3 2c ab 2d 1b 13 c1 04 e3 03 d7 df 3e 9a 37 79 e8 99 6f 57 38 6b 85 4d 35 0c 26 34 46 69 b1 99 08 ee ca 3e d8 1c fb 6b 80 eb 8d 5c ab b5 7a 7c 3e 15 3b cb 99 d7 0a b2 0f 81 1e bf 1b 8c 36 6b 55 35 6d 1d 44 96 4b aa c2 8c 0a 4b 0b 62 65 5e 4a e7 3c 1e fd b3 ce be 34 76 fa 9a f6 b5 53 32 fd 6d 04 1b 29 ce fc 78 80 ed 62 1b db cc 0f c7 27 49 77 fe 9e 7b 1f 52 ad 6c 91 57 43 61 95 d4 49 2d 29 c3 93 8e 78 cf 00 9e d9 d1 9e 9e b4 52 da 7a de a4 cb 71 28 4a 87 85 67 6f e6 ec 2a 08 ce 78 c8 24 0f d3 b6 85 b1 ad 17 57 27 6b 1b 7e e6 3d 44 9a 2b 0d 5e 80 91 ea 19 a6 96 a5 6a 30 db 8a 91 34 cc fe 40 5c 8e 01 47 5d b8 00 67 6e 75 62 3b 55 1d 45 58 ba d3 39 15 32 53 c7 5e e6 57 21 27 a8 6d ca 55 87 72 a1 a3 38 1e 8c 78 e3 44 29 5e d1 d3 94 f5 77 4b d7 d4 4d 51 41 87 a6 84 90 ab 52 a1 86 c6 1e 85 b7 b9 cf c9 dd 8d 73 d4 37 95 eb 6e 95 6b 9c 73 a5 96 a2 96 56 a4 5a 4a c2 bb 64 72 55 d8 2b 63 b9 00 77 04 0f ef a0 16 47 97 83 de 30 90 68 37 22 00 ea 04 ae aa b4 a5 c6 5a 89 e3 95 e5 46 86 28 26 64 11 6e 5c 7c 12 73 93 df d3 4f ad 73 86 a6 c0 95 d5 77 87 6a a9 e1 49 1a 87 c5 07 18 50 4a 95 f7 cf 39 d2 9d 93 a7 3a 8f ab 62 82 a2 a0 d0 ad 9d 9c 4a 1a 6e 56 5c 12 18 6c 1c f0 73 83 91 ce 8f d3 5c 69 ec e8 d6 2b cc 29 f4 94 cf b2 27 a1 8f 64 d1 80 4e 32 33 96 52 0f 70 72 3d b4 bc a0 69 09 dc 7a 7e a6 8c 6d 4d ad 46 d3 da 1e 90 92 e0 82 e5 25 29 79 a6 d9 23 49 04 a0 78 80 1e dc e3 d3 8d 50 ff 00 c3 57 fe a1 ac b8 4f 5f 1c d1 5c a9 88 11 78 84 aa c9 1e ef c8 ad f9 7d 33 8c 11 cf 7d 1a b7 fe 20 5b e9 84 b1 d0 c1 38 b3 51 a4 2b f5 0e a7 77 99 88 27 1c f0 30 3d 73 df 8d 1d e9 ce a1 a4 ae af fa 6a 29 27 aa 91 e3 32 cb 22 91 b1 39 e3 bf bf c6 95 79 31 d8 23 fa 85 a9 58 ea 59 95 c3 78 ba 58 eb da 9e 46 13 d3 c7 08 8c 51 57 c2 cf e0 80 4e 38 c7 94 7a 06 1c 60 01 ce 88 d2 75 7c 17 cb 65 30 ba d2 18 2b 22 51 1c 95 14 5e 55 8d 7d 49 8c e0 8e ff 00 d3 ff 00 b6 8f 75 45 Data Ascii: JFIFHHC%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"G!1"AQaq2#BR3b$r%C4Dcs1!1A"Qaq2#B3R?EAYxgQ E9 r\|u^[QF-xe&6rI=JWH",->7yoW8kM5&4Fi>k\z\|>;6kU5mDKKbe^J<4vS2m)xb'Iw{RlWCaI-)xRzq(Jgo*x$W'k~=D+^j04@\G]gnub;UEX92S^W!'mUr8xD)^wKMQARs7nksVZJdrU+cwG0h7"ZF(&dn\\|sOswjIPJ9:bJnV\ls\i+)'dN23Rpr=iz~mMF%)y#IxPWO_\x}3} [8Q+w'0=sj)'2"9y1#XYxXFQWN8z`u\|e0+"Q^U}IuE
May 25, 2021 10:25:18.657499075 CEST	1629	OUT	GET /assets/images/licen.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.751949072 CEST	1872	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 64544 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Tue, 27 Dec 2016 11:06:22 GMT ETag: "6365564-fc20-544a1d7a6a780" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 01 fb 01 5e 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 23 42 b1 c1 15 52 d1 f0 24 33 62 72 82 09 0a 16 17 18 19 1a 25 26 27 28 29 2a 34 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e1 e2 e3 e4 e5 e6 e7 e8 e9 ea f1 f2 f3 f4 f5 f6 f7 f8 f9 fa ff c4 00 1f 01 00 03 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 11 00 02 01 02 04 04 03 04 07 05 04 04 00 01 02 77 00 01 02 03 11 04 05 21 31 06 12 41 51 07 61 71 13 22 32 81 08 14 42 91 a1 b1 c1 09 23 33 52 f0 15 62 72 d1 0a 16 24 34 e1 25 f1 17 18 19 1a 26 27 28 29 2a 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 82 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e2 e3 e4 e5 e6 e7 e8 e9 ea f2 f3 f4 f5 f6 f7 f8 f9 fa ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 f6 7f 0d 7c 33 f1 7f 8e 34 53 ae da 6b f6 3a 66 9f e7 b5 a8 3a 96 a7 2c 2c 5d 79 3d 88 e8 78 e6 b5 57 e0 67 8c 0a 90 7c 69 e1 e2 7b 11 ad c9 ff 00 c4 d7 6d f0 9c 29 f8 63 a2 f0 0a ff 00 6f de 37 38 3d 20 71 53 78 8f e2 05 be 8d a8 49 68 ab 05 b8 56 31 89 a5 8d 9c bb 0e 30 aa 07 a9 c7 27 b7 b5 77 46 94 5d 3f 69 39 5b e4 54 aa 35 2b 24 70 69 f0 23 c6 3f 29 ff 00 84 cf 41 23 a1 ff 00 89 dc 9f fc 4d 23 fc 09 f1 98 3c f8 d3 40 20 72 77 6b 92 7f f1 3f 5f ce a7 d6 3e 39 e9 b6 4e d1 ae a5 70 f3 67 07 cb 82 28 d5 7f 02 a4 d7 2b ac fc 6e 37 9a 4b 3d e9 8a fc 99 4c 51 24 60 24 64 76 2e 8a 39 6e b9 cf 1e 9e 95 84 a5 49 6d 2f c0 5c f2 ec 74 43 e0 7f 8c 2e 23 2e be 35 f0 f3 06 18 56 5d 76 42 31 ff 00 7c d3 3f e1 42 78 c3 00 bf 8d 74 02 ca 3f e8 39 27 e7 d3 fc fe 26 b9 2f 0d 7c 59 ff 00 84 77 4b b9 82 c9 21 b6 bc b4 5d a1 d8 62 19 79 00 6f 4e 41 fc 0e 6b a5 d2 be 3f 59 5c b1 8e ef 53 9d 24 03 1e 64 70 42 53 77 fb a5 41 18 fc 7f c4 8c a9 b5 ef 3b 7c 83 9e 5d 89 ff 00 e1 41 f8 cc 1c 8f 1a 68 5b 7f ec 3b 27 ff 00 13 4a df 01 fc 66 46 17 c6 7a 00 c0 c0 ff 00 89 ec 9f fc 4f f9 fc eb a2 97 e3 66 99 a6 5b 89 6e 65 b7 be 43 83 84 81 a1 94 0c 70 71 c8 3f a7 f8 ed db 7c 48 83 50 d1 0e ab 16 94 3e c6 aa 59 a4 37 50 61 40 e0 e4 e7 00 f2 06 09 cf 23 d6 ba 23 0a 32 ff 00 97 9f 81 3e d6 7d 62 70 51 fc 05 f1 aa 26 0f Data Ascii: JFIF``CC^"}!1AQa"q2#BR$3br%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzw!1AQaq"2B#3Rbr$4%&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz?\|34Sk:f:,,]y=xWg\|i{m)co78= qSxIhV10'wF]?i9[T5+$pi#?)A#M#<@ rwk?_>9Npg(+n7K=LQ$`$dv.9nIm/\tC.#.5V]vB1\|?Bxt?9'&/\|YwK!]byoNAk?Y\S$dpBSwA;\|]Ah[;'JfFzOf[neCpq?\|HP>Y7Pa@##2>}bpQ&
May 25, 2021 10:25:19.009202003 CEST	2468	OUT	GET /assets/images/str1.gif HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:19.105782032 CEST	2594	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:19 GMT Content-Type: image/gif Content-Length: 1323 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Fri, 10 Feb 2017 08:19:10 GMT ETag: "636555e-52b-54828c08e5b80" Accept-Ranges: bytes Data Raw: 47 49 46 38 39 61 1e 00 1e 00 f7 00 00 ff ff ff ff ff 00 ff 00 ff ff 00 00 00 ff ff 00 ff 00 00 00 ff 00 00 00 fe fe fe fd fd fd fc fc fc fb fb fb fa fa fa f9 f9 f9 f8 f8 f8 f7 f7 f7 f5 f5 f5 f1 f1 f1 f0 f0 f0 ef ef ef ee ee ee ed ed ed ec ec ec e8 e8 e8 e7 e7 e7 e5 e5 e5 e4 e4 e4 e3 e3 e3 e2 e2 e2 de de de dd dd dd dc dc dc db db db d9 d9 d9 d8 d8 d8 d5 d5 d5 d3 d3 d3 d2 d2 d2 d1 d1 d1 d0 d0 d0 ce ce ce cb cb cb c9 c9 c9 c5 c5 c5 c2 c2 c2 c1 c1 c1 c0 c0 c0 bf bf bf be be be bc bc bc bb bb bb b8 b8 b8 b5 b5 b5 b2 b2 b2 b1 b1 b1 b0 b0 b0 ae ae ae ad ad ad aa aa aa a4 a4 a4 95 95 95 93 93 93 8a 8a 8a 88 88 88 80 80 80 7f 7f 7f 7a 7a 7a 79 79 79 76 76 76 75 75 75 74 74 74 70 70 70 6f 6f 6f 6d 6d 6d 6c 6c 6c 69 69 69 67 67 67 64 64 64 59 59 59 56 56 56 55 55 55 52 52 52 51 51 51 50 50 50 4b 4b 4b 48 48 48 47 47 47 46 46 46 45 45 45 44 44 44 43 43 43 3f 3f 3f 3e 3e 3e 3d 3d 3d 39 39 39 38 38 38 37 37 37 36 36 36 35 35 35 34 34 34 33 33 33 32 32 32 31 31 31 30 30 30 2f 2f 2f 2e 2e 2e 2d 2d 2d 2c 2c 2c 2b 2b 2b 2a 2a 2a 29 29 29 28 28 28 27 27 27 26 26 26 25 25 25 24 24 24 23 23 23 22 22 22 21 21 21 20 20 20 1f 1f 1f 1d 1d 1d 1c 1c 1c 1b 1b 1b 19 19 19 18 18 18 17 17 17 14 14 14 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 f9 04 01 00 00 80 00 2c 00 00 00 00 1e 00 1e 00 00 08 ff 00 01 09 1c 48 b0 a0 c1 83 08 09 02 48 60 41 04 8a 12 1b 1c 00 48 48 11 c1 07 1f 52 c4 b0 81 e3 c6 8c 16 24 33 1a 50 2c 08 00 83 91 38 79 e0 a8 31 c3 12 4d 9b 3a 78 ac d8 98 38 52 41 0c 32 7c d2 8c 21 c3 b3 27 cf 32 71 f0 2c a1 40 91 01 0e 3d 73 c4 f8 5c da f3 4c 4c 0d 08 13 bc d0 03 47 a9 4f 36 6f 76 2e 2d 53 e7 8a 84 83 1a c0 d8 b1 fa d3 cd 16 29 6b 98 92 31 43 a7 09 cd 81 10 80 fc 21 cb 53 ce 96 0b 19 e6 a4 51 8b 46 8e 8e 82 1d e0 b0 d1 5a b7 8b 07 00 19 cc b4 21 dc b3 4c 9b 2b 08 06 36 e0 e1 87 b1 1c 30 20 00 00 d8 70 a7 8f 9d cf 74 d0 68 35 23 a7 c6 c0 07 4f ea 10 8e 13 46 84 66 00 11 84 14 19 42 fb 08 98 bd 64 80 2a a1 59 21 4c 5a 32 63 e2 90 19 f1 ba f8 6b 05 3b f4 f4 5c 93 85 01 20 04 21 d8 a0 e1 e9 e6 0c 09 e3 d8 11 b4 b8 63 86 27 9a 32 1c 00 01 ff 40 11 a7 bb 1a Data Ascii: GIF89azzzyyyvvvuuutttpppooommmllliiigggdddYYYVVVUUURRRQQQPPPKKKHHHGGGFFFEEEDDDCCC???>>>===999888777666555444333222111000///...---,,,+++**)))((('''&&&%%%$$$###"""!!! !,HH`AHHR$3P,8y1M:x8RA2\|!'2q,@=s\LLGO6ov.-S)k1C!SQFZ!L+60 pth5#OFfBdY!LZ2ck;\ !c'2@

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
4	192.168.2.6	49720	77.222.40.109	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
May 25, 2021 10:25:18.172353029 CEST	1237	OUT	GET /assets/js/unslider-min.js HTTP/1.1 Accept: application/javascript, /;q=0.8 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.268589973 CEST	1245	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: application/x-javascript Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding Last-Modified: Fri, 10 Feb 2017 08:19:54 GMT ETag: W/"6365657-17a6-54828c32dbe80" Content-Encoding: gzip Data Raw: 38 66 64 0d 0a 1f 8b 08 00 00 00 00 00 00 03 95 58 fd 8a 23 c7 11 ff db 81 bc 83 d4 c8 ab 69 ab 77 24 79 09 26 a3 1d 2d 17 07 63 63 e7 c0 5c 1c 12 84 b2 cc cd b4 a4 8e 67 7b 94 99 1e e9 36 5a 1d 01 ff 15 02 7e 05 e3 77 48 20 21 2f b1 f7 46 a9 ea 8f f9 90 46 67 8c 39 af a6 a7 ba ba 3e 7e f5 ab ea e9 af 4a 19 2b 91 49 6f 40 7f f9 8b 43 ce 55 99 cb de e0 ce 1b f8 df c8 22 15 09 cf c3 4a 44 31 09 42 1f 1c 76 51 de e3 a1 da 88 62 66 37 70 ff 3e 24 a5 dd 40 18 08 71 3f e1 ab a8 4c 55 11 1e a2 52 65 db 34 7a 0c fa 53 96 70 fc 71 c3 6f 58 b1 e5 3c 09 3e f9 d5 84 f1 a8 10 72 1d 90 62 0f 7f 08 fb 96 3f 16 c1 61 9b f3 5d 70 f3 09 93 fc 8d 0a 6e 7e 7d 64 32 da 05 fd 09 8b f2 3c db 17 01 da a1 45 86 b7 51 2f 4e a3 a2 08 c9 70 04 76 8c 86 d7 5a a4 87 6f c9 fc 56 3c ac 7b 45 1e 87 04 44 b8 2a c6 e2 21 5a f3 62 5c a8 7c ea af c5 8a f4 a2 54 85 e4 f9 87 77 7f 7f fe f7 f3 bf de fd 13 fe 7d f7 ee 1f cf ff 79 fe 2f e9 8d e7 b7 e3 68 3e 44 7f 7a bd 9e b6 e4 e2 71 f8 f6 bd c7 35 4f fb f1 f9 7f fa b4 ef de 7d 7f 72 d6 11 0e 6b ff f7 41 24 41 09 26 20 20 9b 2c 17 7f cb a4 8a 52 c2 0a 9e f2 58 65 39 c4 2a c6 25 21 79 1e 90 32 0d 56 22 2f 14 bc c7 64 14 01 49 05 39 32 a3 83 7f ce c5 7a a3 30 0f a8 17 b2 ba e3 9f a2 33 01 7a 42 ae cd 0a 6c dd 8b 2d 87 60 1f 19 f7 07 a8 1c 7c 0b 15 3c 64 5b b4 03 52 aa df 6c a3 9c 4b 15 ca 32 4d 9d a0 b6 a2 5a 31 26 54 8f 90 c1 ea b7 49 63 b8 58 c2 83 ca c0 a1 10 70 e0 c7 65 ae 55 e2 6f c8 df 4a bc 09 8d 65 04 16 f8 0e 5e bd 2a 57 b8 4a 7c 32 72 22 a3 b7 6f bd 8f f9 cd 47 bf 8b d4 c6 cf 23 99 64 0f 1e a5 b0 41 80 e1 f9 0e 54 db 43 85 14 aa 81 66 7a a8 d0 eb fc 1a f8 e0 29 97 89 a7 1d 74 08 66 8a b6 fd ab a3 e2 af 04 48 57 0a fc 2a 29 7e 25 4d fd 28 49 74 94 bd ca 62 b2 cf a3 2d a1 8d 18 35 f5 fb f1 46 a4 09 04 a2 53 b1 d9 80 7b 01 60 e5 d6 a3 0c ac 8e e2 8d b7 20 10 60 c2 88 09 2d fc c0 42 82 3f 42 ae d0 73 4e 96 ac 55 ca 87 4a fb 42 2e af ae f8 82 a0 18 19 0d fc fb 32 d6 20 f2 24 5d 7a f4 48 d9 5f be 2e 79 fe 68 32 e0 43 e1 c6 22 4a 7d 8d 12 d8 57 db e8 16 50 cf 2b 7c f0 68 0d 1a df d1 00 4a 14 2a ca 95 7e 1b 47 69 5c a6 80 cd 57 da 2f 8f 36 30 e7 ab 5c ac d7 3c f7 34 08 fc 9c 47 c9 a3 8e 9a 85 73 23 3e 90 06 fe e6 e9 a9 82 10 33 ce d0 a3 8b 53 9d 78 74 bc 3a e1 3c 37 0d 83 5d e1 51 1f f3 e5 0d 6f 13 b1 3b a9 7e 2c dc 21 6d 54 43 43 b7 59 f1 0c 56 ef e9 0c 79 b3 25 10 c3 b9 64 9b 15 02 0f 21 74 46 20 2c 4a c4 24 0c 43 85 51 ba 20 c8 48 0e 2c aa 4b b5 15 2d 2d 95 ed 78 be 4a b3 3d 48 6d 44 92 70 69 62 70 12 e6 66 34 c4 ca 73 35 58 e1 d1 4f b9 5c ab 0d 23 ab 28 e1 a4 1f 86 5d 51 39 18 87 c8 5e 24 6a 43 66 04 4e 06 eb 81 9b c2 4e f9 ab 2b 0f 84 37 9a 82 48 bb a2 b4 e9 8a 4d 27 93 8f ac 29 23 f2 21 e9 ac 9c 38 ca b3 12 aa a1 59 3d f5 f6 71 73 fb 51 27 1f 91 d6 74 b7 2a fa 8a 1e 00 1f bf 17 0f 3c 2b 95 d7 02 09 52 ba a7 a3 e7 7c d1 dd 0b 0e 36 8a b3 6d 87 de 38 e5 51 ee d4 d5 87 d8 4d 08 ca 97 40 83 8d 7d 26 88 03 40 17 94 6f 13 5d d6 e3 21 56 f5 fc 36 4b 75 8b 80 07 c0 db ac 76 5d 97 7e a5 ce 26 45 e8 ee ec af b9 7a a1 a0 86 5e 97 50 2b 24 89 54 74 8d ca e8 d3 93 1c 4d 67 03 5f 14 Data Ascii: 8fdX#iw$y&-cc\g{6Z~wH !/FFg9>~J+Io@CU"JD1BvQbf7p>$@q?LURe4zSpqoX<>rb?a]pn~}d2<EQ/NpvZoV<{ED!Zb\\|Tw}y/h>Dzq5O}rkA$A& ,RXe9%!y2V"/dI92z03zBl-`\|<d[RlK2MZ1&TIcXpeUoJe^WJ\|2r"oG#dATCfz)tfHW)~%M(Itb-5FS{` `-B?BsNUJB.2 $]zH_.yh2C"J}WP+\|hJ~Gi\W/60\<4Gs#>3Sxt:<7]Qo;~,!mTCCYVy%d!tF ,J$CQ H,K--xJ=HmDpibpf4s5XO\#(]Q9^$jCfNN+7HM')#!8Y=qsQ't<+R\|6m8QM@}&@o]!V6Kuv]~&Ez^P+$TtMg_
May 25, 2021 10:25:18.285965919 CEST	1265	OUT	GET /assets/components/phpthumbof/cache/new-12-05-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.380147934 CEST	1297	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 15348 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Thu, 13 May 2021 12:57:22 GMT ETag: "63601a7-3bf4-5c235ab0df2f9" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1d 00 00 01 04 03 01 01 00 00 00 00 00 00 00 00 00 00 00 03 04 05 06 01 02 07 08 09 ff c4 00 53 10 00 01 03 03 01 03 08 06 07 03 09 04 07 09 00 00 01 00 02 03 04 05 11 06 12 21 31 07 13 32 41 51 61 71 81 22 72 91 a1 b1 c1 08 14 33 42 52 62 d1 23 82 c2 15 24 34 43 53 73 92 b2 e1 63 64 83 d2 25 35 36 84 93 a2 f0 16 17 44 45 46 54 74 b3 f1 ff c4 00 1b 01 01 00 03 01 01 01 01 00 00 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 ff c4 00 35 11 00 02 01 02 04 04 03 06 05 04 03 00 00 00 00 00 00 01 02 03 11 04 12 21 31 13 32 41 51 05 61 71 14 22 42 81 91 a1 06 23 33 52 b1 15 c1 d1 e1 24 25 f1 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 f5 4a 10 84 00 84 21 00 21 08 40 08 42 6b 74 b8 d1 da a8 66 ad b9 54 c5 4d 49 0b 76 a4 96 57 6c b5 a3 c5 00 e9 0b cb dc a8 72 eb 5b 73 95 f4 1a 35 f2 d1 51 34 e1 d5 a4 62 69 7d 51 f7 1b ef 3d cb 9a bf 94 1d 61 27 4b 53 5d fc aa 9c 3e 08 0f 75 a3 2b c1 92 6b 4d 51 27 4f 51 5d dd e3 57 27 ea 9b bf 52 5f 64 fb 4b d5 cd de 35 72 7e a8 0f 7d e5 60 90 38 9c 78 af 9f ce bc 5c e4 e9 dc ab 9d e3 50 f3 f3 48 ba b6 a9 dd 2a aa 87 78 ca e3 f3 40 7d 03 7d 4c 0c e9 4d 1b 7c 5c 02 45 f7 3a 16 74 eb 29 9b e3 2b 47 cd 7c fe 32 c8 ee 94 8f 3e 2e 25 6b c7 8e f4 07 bf 1f 7e b4 33 a7 74 a0 6f 8d 43 07 cd 23 26 a9 b0 47 d3 be 5a db e3 57 1f ea bc 13 b2 df c2 df 62 ce cb 7f 08 f6 20 3d d7 26 b7 d2 f1 f4 f5 0d a4 7f de d9 fa a6 d2 72 8b a3 e3 e9 6a 4b 5f 95 40 2b c3 e0 0e c1 ec 59 08 0f 6b c9 ca 8e 8a 67 4b 52 5b fc 9e 4f c0 26 cf e5 73 43 b3 ff 00 a8 29 9d ea b1 e7 e4 bc 65 92 b6 c9 ed 40 7b 11 fc b2 e8 66 ff 00 f3 9d af 56 9e 43 fc 29 07 f2 db a2 1b c2 e3 3b bd 5a 49 3f 45 e4 20 b2 80 f5 a3 f9 75 d1 6d e1 3d 7b fd 5a 47 7c d2 0f e5 ef 48 37 a2 cb a3 fc 29 b1 f1 2b ca 6b 21 01 ea 47 fd 20 34 b0 e8 51 dd dd ff 00 05 83 f8 93 69 3e 90 9a 7c 74 2d 37 57 78 88 c7 f1 2f 32 85 94 07 a4 9f f4 87 b4 8e 85 8a e0 7c 65 8c 7c d2 0e fa 44 d1 7d cd 39 54 7c 6a 98 3e 4b ce ab 21 01 e8 29 3e 91 2c fe af 4d 3f f7 ab 07 fc 89 bb fe 91 15 07 ec f4 e4 43 d6 ab 3f f2 2e 0a b6 40 77 17 7d 21 2e 8f 70 6c 3a 7e 8f 68 9c 00 6a 1e 49 3f e1 5d cb 46 5c eb 6f 1a 76 92 ba e7 4d 1d 35 54 a0 97 47 19 25 a3 7e ec 13 bd 79 73 91 ad 2a fd 43 a9 23 99 ec 3f 57 a7 70 c1 c6 ed be 39 fd d1 bf c4 b5 7a ea 9e 16 53 c1 1c 31 34 36 36 34 35 a0 75 00 80 51 08 42 00 42 10 80 10 84 20 04 21 08 01 08 42 00 42 10 80 10 84 20 04 21 08 01 08 42 00 42 10 80 10 b0 e2 1a 09 27 00 71 2b 86 72 af cb 95 2d a3 9e b5 e9 07 45 59 70 19 64 95 87 d2 86 13 d7 b3 f8 dd ee 1d e8 0e 89 ca 1f 28 56 4d 0f 43 ce 5c a6 e7 6b 1e d2 61 a3 88 83 24 9d ff 00 95 bd e7 de bc 93 ca 1f 28 37 bd 73 5d ce 5c e6 e6 a8 a3 76 60 a2 88 91 1c 7d e7 f1 3b f3 1f 2c 2a cd ca Data Ascii: JFIFC%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"S!12AQaq"r3BRb#$4CSscd%56DEFTt5!12AQaq"B#3R$%?J!!@BktfTMIvWlr[s5Q4bi}Q=a'KS]>u+kMQ'OQ]W'R_dK5r~}`8x\PHx@}}LM\|\E:t)+G\|2>.%k~3toC#&GZWb =&rjK_@+YkgKR[O&sC)e@{fVC);ZI?E um={ZG\|H7)+k!G 4Qi>\|t-7Wx/2\|e\|D}9T\|j>K!)>,M?C?.@w}!.pl:~hjI?]F\ovM5TG%~ysC#?Wp9zS146645uQBB !BB !BB'q+r-EYpd(VMC\ka$(7s]\v`};,
May 25, 2021 10:25:18.524760008 CEST	1428	OUT	GET /assets/components/phpthumbof/cache/new-13-04-2021.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.619539976 CEST	1515	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 21334 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Tue, 13 Apr 2021 12:39:23 GMT ETag: "63601a1-5356-5bfd9eb863598" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 11 00 02 11 01 03 11 01 ff c4 00 1c 00 01 00 01 05 01 01 00 00 00 00 00 00 00 00 00 00 00 05 02 03 04 06 07 01 08 ff c4 00 4f 10 00 01 03 03 02 03 04 07 05 04 05 09 05 09 00 00 01 00 02 03 04 05 11 06 21 12 31 41 07 13 51 61 14 22 32 71 81 91 a1 15 42 52 b1 c1 23 62 72 d1 08 16 24 33 e1 34 43 53 73 82 92 c2 f0 f1 17 18 25 b2 d2 35 54 55 56 63 74 83 94 a2 ff c4 00 1b 01 01 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 01 03 02 04 05 06 07 ff c4 00 39 11 00 02 02 01 03 02 03 05 07 04 02 01 05 01 00 00 00 01 02 03 11 04 12 21 31 41 05 13 51 14 22 32 61 71 06 81 91 a1 b1 c1 d1 23 42 e1 f0 15 33 52 07 24 34 62 72 f1 ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 e3 8b d8 9c 40 80 20 08 0d e3 b3 0a 98 e2 a9 b8 b6 a2 ba 8f 0d 80 be 9e d9 5c f9 04 35 d3 fd d6 90 d7 34 13 b0 1e b6 41 ce 30 b4 b5 91 ca 4d 2f bd 75 48 ba 97 cb e4 dc a9 ae 37 0d 6f ac 69 68 2c 0f 6b df 6f a1 a8 75 6b 6e ed 30 b6 77 c8 47 7a de 06 ee c0 3d 46 b7 1e c8 68 f8 ea b8 46 8a dc a7 dd ac 63 b7 a1 72 93 b2 78 8f 6e b9 33 6c 96 5d 7f 75 af 7d 14 f6 6a 5a 16 db 9a f8 a8 a7 af 9e 43 15 29 39 76 23 dc f7 a7 71 87 1c 81 81 d0 61 63 39 e9 e2 94 94 9b cf 5c 7f bc 13 18 db 2e 31 d0 d5 e0 d7 4d b7 68 8b 65 24 94 4e ab ac a7 2f a2 92 3a a6 b8 c1 28 8d c4 b2 58 e5 6b 83 99 2b 38 f8 76 e6 d2 3c 96 c3 d2 ef b5 c9 3e 1f 3c 75 e7 b7 cd 15 f9 b8 82 4c e6 d5 75 53 d6 d4 be a2 ae 69 67 9d e7 2e 92 57 97 b8 fb c9 dd 74 14 54 56 22 b0 6b 36 df 2c b0 ff 00 61 d8 e7 83 f9 29 20 ec da 97 59 69 e3 5f 43 68 ad 82 4a fb 69 36 f3 3c 85 d1 3a 08 18 c6 b1 d2 77 41 8d e3 e2 3b b5 d9 71 ea b9 55 69 ad c3 9c 5e 1f 3f 7f 5f f5 1b 72 b2 19 51 7f 22 9b ad 75 30 82 6f eb b5 c6 cf 73 a2 7d ce 99 f6 d8 e8 1d 1b dd 1d 38 90 99 48 0c 00 b2 2e ef 03 85 db e7 cd 44 60 f2 bc 84 d3 c3 ce 7d 71 f9 b2 64 d6 3d fc 75 e0 f0 d6 d5 b7 55 32 5b fd eb 4f d4 d1 96 d5 0b 2b d9 24 2f a7 a7 94 b0 f7 2f 73 1a 32 c6 0d 87 af b0 76 32 36 53 b5 3a ff 00 a7 17 9e 33 d7 a7 7f bc 65 ee f7 9a c7 63 1e 0a 98 9b 6c d4 87 b4 1b 9d 1d 7d 53 23 a3 99 91 d3 4f 14 b2 54 06 3e 42 21 0e 66 db 9c 64 8d c3 4f b9 65 b7 98 aa 13 4b 95 df 8e 9c 98 ae 92 f3 1f a1 2b 7e bb e9 79 59 7c af ae f4 19 83 2b 2d f5 54 f4 14 e5 bc 33 bc 51 86 f7 7b 6e 23 6b cf ad fc 38 e6 55 55 c2 d5 b6 2b d1 f3 e9 ce 7f 13 39 4a 1c bf a7 e8 73 4e d2 26 82 a7 5e 5f 26 a3 7c 32 53 be a5 ce 63 a1 20 b0 8c 0f 67 1b 61 74 34 a9 aa a3 b8 d7 b5 a7 26 d1 ad ad 82 b0 80 20 08 02 00 80 20 32 a8 a9 7d 23 8e 49 5e 22 a6 8f 06 49 08 ce 3c 00 1d 5c 7a 05 94 63 9e 5f 43 09 4f 1c 2e a4 85 1d 2d 45 f2 a1 b4 f4 8c ee 28 a1 39 03 98 60 f1 3f 89 c7 fe 76 56 c6 0e e7 b6 3c 24 57 29 2a 56 65 cb 37 8b 65 ba 9e db 4e 22 a6 66 33 ed 3c fb 4e 3e 24 ae 95 75 46 b5 84 73 ec b2 56 3c b3 28 f2 Data Ascii: JFIF``C%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,O!1AQa"2qBR#br$34CSs%5TUVct9!1AQ"2aq#B3R$4br?@ \54A0M/uH7oih,koukn0wGz=FhFcrxn3l]u}jZC)9v#qac9\.1Mhe$N/:(Xk+8v<><uLuSig.WtTV"k6,a) Yi_ChJi6<:wA;qUi^?_rQ"u0os}8H.D`}qd=uU2[O+$//s2v26S:3ecl}S#OT>B!fdOeK+~yY\|+-T3Q{n#k8UU+9JsN&^_&\|2Sc gat4& 2}#I^"I<\zc_CO.-E(9`?vV<$W)Ve7eN"f3<N>$uFsV<(
May 25, 2021 10:25:18.633666039 CEST	1602	OUT	GET /assets/components/phpthumbof/cache/%D0%B2%D0%BD%D0%B8%D0%BC%D0%B0%D0%BD%D0%B8%D0%B5.b2ed6e8a45980f9c65b734ecb811b5ad.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.728147984 CEST	1748	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 13343 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Wed, 27 Jan 2021 12:07:13 GMT ETag: "63600ca-341f-5b9e09c827e1b" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 06 04 05 06 05 04 06 06 05 06 07 07 06 08 0a 10 0a 0a 09 09 0a 14 0e 0f 0c 10 17 14 18 18 17 14 16 16 1a 1d 25 1f 1a 1b 23 1c 16 16 20 2c 20 23 26 27 29 2a 29 19 1f 2d 30 2d 28 30 25 28 29 28 ff db 00 43 01 07 07 07 0a 08 0a 13 0a 0a 13 28 1a 16 1a 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 ff c0 00 11 08 01 2c 01 90 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 23 42 b1 c1 15 52 d1 f0 24 33 62 72 82 09 0a 16 17 18 19 1a 25 26 27 28 29 2a 34 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e1 e2 e3 e4 e5 e6 e7 e8 e9 ea f1 f2 f3 f4 f5 f6 f7 f8 f9 fa ff c4 00 1f 01 00 03 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 11 00 02 01 02 04 04 03 04 07 05 04 04 00 01 02 77 00 01 02 03 11 04 05 21 31 06 12 41 51 07 61 71 13 22 32 81 08 14 42 91 a1 b1 c1 09 23 33 52 f0 15 62 72 d1 0a 16 24 34 e1 25 f1 17 18 19 1a 26 27 28 29 2a 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 82 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e2 e3 e4 e5 e6 e7 e8 e9 ea f2 f3 f4 f5 f6 f7 f8 f9 fa ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 f3 aa 28 a2 be 38 fe 91 0a 28 a2 80 0a 28 a2 80 0a 28 a2 80 0a 28 a2 80 0a 5e f4 9d f8 a7 01 4c 4d 8a a3 9a 91 16 91 14 9a 9d 16 a9 23 29 48 54 4c d5 84 4e 28 8d 39 a9 d1 33 56 73 ce 60 89 c7 15 34 69 4b 1a 55 84 4e 99 aa 48 e5 94 c6 aa 54 a8 95 22 25 4a a9 56 91 84 a6 46 23 a9 15 38 e9 53 2c 75 22 c7 c7 41 55 63 17 50 ae b1 d3 b6 1c d5 a5 8e 9d e5 fd 29 d8 cd d4 2a 88 f3 41 8c e6 ae 6c f6 a3 60 34 58 9f 68 52 28 7d 29 0a d5 c3 1f 14 d6 8f 8a 2c 35 50 a2 63 a8 ca 55 e6 8e a3 31 d2 b1 aa 99 41 93 8a 85 93 8a be d1 d4 4e b8 15 36 36 8c cc f7 4a 81 d2 b4 1e 3e b8 a8 24 4f 6a 86 8d e1 32 83 a5 57 91 6a fc 89 d6 ab b2 54 b4 75 42 65 17 5e 6a 26 06 ae 48 b5 5d c1 15 9b 47 44 64 44 69 29 c4 71 9a 6d 23 55 a8 51 45 14 86 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 45 00 14 51 4a 05 30 60 07 e7 4f 41 48 01 ed 53 46 bc d3 46 6d 8e 44 ab 31 a7 b5 36 34 e2 ac a2 7d 6a d1 cd 39 0b 1a e0 d5 98 d3 8a 48 d3 15 66 24 ab 48 e4 9c 85 8d 2a 74 4e 94 a8 9c d5 84 8e b4 39 67 21 a8 87 23 8a 9d 53 9e 05 3d 13 8a 9d 23 ab 48 e6 9c c8 d5 2a 50 9e d5 2a 47 de a5 58 ea b9 4c 25 32 05 8c e6 9e b1 fb 55 85 8e 9e 23 c5 55 8c 9d 42 a8 4f 6a 36 7b 55 bd 9e d4 14 f6 a2 c2 f6 85 33 1e 7b 54 6d 19 f4 ab c5 29 a6 33 47 28 fd a1 45 92 a3 64 cd 5e 68 ea 26 8f 1d 2a 5a 34 8c cc f7 Data Ascii: JFIFC%# , #&'))-0-(0%()(C(((((((((((((((((((((((((((((((((((((((((((((((((((,"}!1AQa"q2#BR$3br%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzw!1AQaq"2B#3Rbr$4%&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz?(8((((^LM#)HTLN(93Vs`4iKUNHT"%JVF#8S,u"AUcP)Al`4XhR(}),5PcU1AN66J>$Oj2WjTuBe^j&H]GDdDi)qm#UQEQEQEQEQEQEQEQEQEQJ0`OAHSFFmD164}j9Hf$HtN9g!#S=#HPGXL%2U#UBOj6{U3{Tm)3G(Ed^h&Z4
May 25, 2021 10:25:18.739417076 CEST	1820	OUT	GET /assets/images/svid-akkred-mag.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.833728075 CEST	2024	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 32166 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Thu, 12 Nov 2020 08:23:45 GMT ETag: "63600b0-7da6-5b3e4a16d1eaf" Accept-Ranges: bytes Data Raw: ff d8 ff e1 00 c2 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 07 00 12 01 03 00 01 00 00 00 01 00 00 00 1a 01 05 00 01 00 00 00 62 00 00 00 1b 01 05 00 01 00 00 00 6a 00 00 00 28 01 03 00 01 00 00 00 02 00 00 00 31 01 02 00 0e 00 00 00 72 00 00 00 32 01 02 00 14 00 00 00 80 00 00 00 69 87 04 00 01 00 00 00 94 00 00 00 00 00 24 00 60 00 00 00 01 00 00 00 60 00 00 00 01 00 00 00 50 68 6f 74 6f 46 69 6c 74 72 65 20 37 00 32 30 32 30 3a 31 31 3a 31 32 20 31 31 3a 32 33 3a 30 32 00 03 00 00 90 07 00 04 00 00 00 30 32 31 30 02 a0 03 00 01 00 00 00 5e 01 00 00 03 a0 03 00 01 00 00 00 e2 01 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 15 0e 0c 0b 0b 0c 19 12 13 0f 15 1e 1b 20 1f 1e 1b 1d 1d 21 25 30 29 21 23 2d 24 1d 1d 2a 39 2a 2d 31 33 36 36 36 20 28 3b 3f 3a 34 3e 30 35 36 33 ff db 00 43 01 09 09 09 0c 0b 0c 18 0e 0e 18 33 22 1d 22 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 ff c2 00 11 08 01 e2 01 5e 03 01 22 00 02 11 01 03 11 01 ff c4 00 1a 00 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 00 01 03 04 05 02 06 ff c4 00 18 01 01 01 01 01 01 00 00 00 00 00 00 00 00 00 00 00 00 01 02 03 04 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 f7 fc f5 87 89 b4 b2 f9 cc d6 30 a5 8d 85 91 d5 9a a6 52 5d 63 0a 69 35 cc 9e ed d3 59 9c 26 b1 87 2c 6b ac be eb 44 cd 4b a6 67 f0 9a 66 54 11 b6 65 f4 ba 45 1e 2b 44 cc 87 33 64 cc 75 a4 52 e6 af 99 d1 46 b9 9d d2 df 93 32 ce 97 00 e9 a3 1f 63 13 96 68 46 5a f3 f3 8e bd a7 59 f7 e1 e6 23 56 7a 45 05 9e ed cf bb 1f 32 47 c5 a7 2a 82 d7 7a b9 b7 79 52 43 c5 c0 74 ad 74 55 b5 d2 2b 71 a1 09 d5 59 fb 2a db 6d 2b 45 a5 08 56 9e 48 ab 6c ee ab c7 a7 45 6f dd a5 77 b6 ee 01 df 66 16 ee 27 2c d3 ee bd 9f 3f 3d 7e df 7e 8d 46 48 2c 6f b1 38 3b 17 83 b2 5e 0e cc ef 87 d7 7b bc 3e 8d 4e 47 c9 d2 e8 38 52 73 97 23 33 50 dd c7 2d 96 21 94 01 40 d2 65 d6 b9 97 e7 c5 bd 2a 57 77 bb 80 7a 36 62 ed 63 f2 ce 54 b6 6a f0 e7 e8 7b e3 bf 46 c0 00 08 19 d2 a1 9a a9 74 4a 98 5a ab d8 c8 9a 20 50 73 eb a7 a5 e7 37 b7 ce 70 37 84 33 20 1d 9c ae 94 88 09 06 9d 09 aa cc c9 d3 a9 e6 e7 7a dc 7d f6 dd d0 3b 6c c7 d8 c6 e5 9c d9 61 9f cf cb 77 be 3b f4 f4 00 00 70 d8 6b 40 00 04 a2 6a d5 9f a3 c4 b8 15 ef c1 cf bc bb 59 fa 5b e4 da 7a c0 02 0d 00 02 72 35 90 d1 63 05 59 99 3b 19 7e 6e 7a 36 e9 dc eb bb a9 9d f6 61 6e e2 f2 cd 29 20 b5 c3 9e c4 9c 77 e8 da 0c 93 5b ac 8e ad d6 32 64 5d 23 22 c1 7c c9 8e 6b 68 a3 0d 69 99 dc 9a 5c e6 a5 d5 79 8c d3 31 67 b3 4c c8 79 6b 19 5c 59 b0 65 f3 66 b7 39 bd 1a 06 55 d9 2c a6 8c ba d7 72 fc fc ec e9 53 b9 d3 57 40 ef d0 c6 d9 c7 e5 9c a9 6c d5 e1 cf d0 32 6f 46 e2 a3 a6 6b 58 f6 6f 86 63 d2 51 99 d6 89 19 f1 6a f2 b9 8e fb b6 85 7d 77 59 76 2d b2 84 7a 61 9e b4 83 26 c5 d9 23 29 ea 29 9c c9 2f bd 33 8d 10 ce b1 68 21 72 f2 99 99 1a 94 bc bc ef 5b e7 ae db ba 07 6d 98 db 38 9c b3 9f 24 13 79 f9 fa 09 a2 97 d5 d0 02 d0 00 02 01 44 73 c5 3c 7b 7d 31 85 6d 6f f5 e6 fd 01 d4 b8 77 0b 92 64 55 37 f9 a1 d9 6e 4c 7e 4d e9 33 34 e4 00 b0 00 68 06 9a 32 f2 36 32 bc bc b4 ed 52 bb d7 77 41 77 db c2 dd c5 e5 9a 12 c1 6b 87 3d 99 a2 93 d3 d1 89 da 00 41 cb e4 e7 9e 94 3e b8 4a Data Ascii: ExifIIbj(1r2i$``PhotoFiltre 72020:11:12 11:23:020210^C !%0)!#-$9-13666 (;?:4>0563C3""33333333333333333333333333333333333333333333333333^"0R]ci5Y&,kDKgfTeE+D3duRF2chFZY#VzE2GzyRCttU+qYm+EVHlEowf',?=~~FH,o8;^{>NG8Rs#3P-!@eWwz6bcTj{FtJZ Ps7p73 z};law;pk@jY[zr5cY;~nz6an) w[2d]#"\|khi\y1gLyk\Yef9U,rSW@l2oFkXocQj}wYv-za&#))/3h!r[m8$yDs<{}1mowdU7nL~M34h262RwAwk=A>J

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
5	192.168.2.6	49718	77.222.40.109	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
May 25, 2021 10:25:18.172549009 CEST	1237	OUT	GET /assets/js/vkladki.js HTTP/1.1 Accept: application/javascript, /;q=0.8 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.268016100 CEST	1244	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: application/x-javascript Content-Length: 404 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Thu, 24 Dec 2015 10:55:53 GMT ETag: "6365659-194-527a2aeb78040" Accept-Ranges: bytes Data Raw: 24 28 64 6f 63 75 6d 65 6e 74 29 2e 72 65 61 64 79 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 20 20 0d 0a 20 20 24 28 27 75 6c 2e 74 61 62 73 27 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0d 0a 20 20 20 20 24 28 74 68 69 73 29 2e 66 69 6e 64 28 27 6c 69 27 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 69 29 20 7b 0d 0a 20 20 20 20 20 20 24 28 74 68 69 73 29 2e 63 6c 69 63 6b 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 24 28 74 68 69 73 29 2e 61 64 64 43 6c 61 73 73 28 27 61 63 74 69 76 65 27 29 2e 73 69 62 6c 69 6e 67 73 28 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 61 63 74 69 76 65 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 70 20 3d 20 24 28 74 68 69 73 29 2e 70 61 72 65 6e 74 73 28 27 64 69 76 2e 74 61 62 73 5f 63 6f 6e 74 61 69 6e 65 72 27 29 3b 0d 0a 20 20 20 20 20 20 20 20 70 2e 66 69 6e 64 28 27 64 69 76 2e 74 61 62 5f 63 6f 6e 74 61 69 6e 65 72 27 29 2e 68 69 64 65 28 29 3b 0d 0a 20 20 20 20 20 20 20 20 70 2e 66 69 6e 64 28 27 64 69 76 2e 74 61 62 5f 63 6f 6e 74 61 69 6e 65 72 3a 65 71 28 27 20 2b 20 69 20 2b 20 27 29 27 29 2e 73 68 6f 77 28 29 3b 0d 0a 20 20 20 20 20 20 7d 29 3b 0d 0a 20 20 20 20 7d 29 3b 0d 0a 20 20 7d 29 3b 0d 0a 7d 29 Data Ascii: $(document).ready(function() { $('ul.tabs').each(function() { $(this).find('li').each(function(i) { $(this).click(function() { $(this).addClass('active').siblings().removeClass('active'); var p = $(this).parents('div.tabs_container'); p.find('div.tab_container').hide(); p.find('div.tab_container:eq(' + i + ')').show(); }); }); });})
May 25, 2021 10:25:18.280710936 CEST	1264	OUT	GET /assets/images/fon1.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.377356052 CEST	1283	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 220424 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Wed, 08 Feb 2017 14:55:38 GMT ETag: "6365555-35d08-548060ebfae80" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 02 01 00 48 00 48 00 00 ff fe 00 3c 43 52 45 41 54 4f 52 3a 20 67 64 2d 6a 70 65 67 20 76 31 2e 30 20 28 75 73 69 6e 67 20 49 4a 47 20 4a 50 45 47 20 76 36 32 29 2c 20 71 75 61 6c 69 74 79 20 3d 20 31 30 30 0a ff db 00 43 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ff db 00 43 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ff c2 00 11 08 01 ca 03 e2 03 01 22 00 02 11 01 03 11 01 ff c4 00 1d 00 00 02 02 03 01 01 01 00 00 00 00 00 00 00 00 00 05 06 03 04 01 02 07 00 08 09 ff c4 00 1c 01 00 02 03 01 01 01 01 00 00 00 00 00 00 00 00 00 04 05 02 03 06 01 00 07 08 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 af 1b 86 7f 68 7e 7c 9d c4 71 c4 8c 89 28 bd ab 87 7f c3 c9 5d 83 90 7d 97 e7 b1 d9 c6 c5 57 d1 3a 20 0f a2 31 1a 7e 45 db b4 6c cb 3a 70 74 42 72 c5 68 2f 04 70 ca f2 93 c0 3c 0a 32 8e 7d 72 d9 16 41 be ba a6 bb 64 1e 58 ab 77 2b ca e7 dc a7 bb a3 68 55 fc f9 87 d5 7d 82 25 c2 3b 78 9a 99 8e ac 00 00 9e 99 57 92 c9 64 7a 02 e7 a1 b2 34 11 9a 15 9d 2f 57 b6 14 d3 b0 26 bc 40 ca f2 83 81 73 55 f7 29 4d 5e e1 55 00 a1 2c 86 8e 8a bb d0 d3 1c af 1d 8b 3a 95 4c 1a d9 d3 dc af 99 b1 de 56 c5 9d 7d ca ba db d2 51 83 4b 3a 77 d4 6b 15 82 e1 85 47 7e 22 06 ab 13 56 d5 cd 2b c7 82 99 44 11 5a d6 ca eb 69 3e 27 ca d1 d9 b1 de 0c c5 ad 3d c8 3e ad cf e9 0f cb 76 9f 98 ff 00 6e 7d 49 7b e5 9b 65 c6 2d b3 85 d2 d1 b7 2e 63 2a 73 4b 8f 76 b7 37 ea 3a df 52 8f ce 9f 5c 7c e6 f9 5f 01 47 fd 11 67 7a b3 f0 2b a7 7e ce a7 ea 12 fc 0b f2 07 ea df e7 0e a9 1b af d1 e8 8e 2a 4e 2d cb 7a a9 35 27 fc 7e a9 f6 68 7d 3a 5f 8c 28 7d 1c 89 a5 4f cb ae 3f ef 7d 7c b3 0f d4 88 ad 16 2e 80 26 fa d2 47 dc 5a 6c 0c d4 b6 c1 a3 6b 9c fb b1 c7 b6 65 ae 78 ea 52 b8 e5 5f 67 c5 7c 85 af d0 eb ef 8a 38 6d 1d 1d 65 51 3c 67 b5 a8 fe 5c 62 23 1f 23 df df 41 cb ec f0 2f ac 82 5e 8f f5 47 65 5e 31 3a 21 36 2a 37 bd bd 2d 74 4f 9a 6b e3 39 54 d2 36 2b ab 5d 04 3d b5 72 e6 09 5a 58 0d 09 7b 1b a7 3b 6f 52 c4 27 51 65 90 11 e2 f3 85 f7 85 2d 32 94 85 e3 c9 da 64 f7 0d a3 74 ab 79 26 c5 34 54 66 8a db 25 30 14 e0 55 71 cf 17 c6 59 68 d9 e2 ba 97 e6 b0 af 2b b3 a5 a7 00 ef 18 68 2f 0e 74 be 79 c1 e8 70 d3 8b 23 5e fa e9 e2 cf ad 85 6d 2d e9 df 56 d2 df bb ea 38 23 5b bc ad 89 fd ee 55 d2 ce bd 85 62 35 3e 8c 04 95 a2 9d f7 a2 7c f7 4f ce bb 86 bd 43 03 a5 fc 9a e2 1f b0 bc 77 e9 b8 df cc 7c 77 74 af a5 63 b9 dc 7d c9 da 8b 7e 54 fa a3 98 7d b2 85 9f 53 74 b7 af c1 7e 9e 41 80 1d 95 66 b1 68 b1 76 8b 1a a7 86 c0 25 63 38 f7 3b 9c 78 74 b8 43 2a ac b2 8c d8 cc 75 cf 48 85 98 b6 ba f4 27 a5 6c 2c fc 53 f5 ff 00 c9 3a f4 08 be a9 6f e8 39 33 8c 0a ee 4a ce 23 44 ac 8b 4c e6 bc cb aa f3 4d 4a 35 f5 e6 65 bd 12 95 61 8d eb 8e 00 5a 49 74 08 ed 72 3c 5d 07 53 c5 49 cb c9 48 4f 9e fb ab c0 3d dc e5 c9 d1 e1 61 a9 ee 04 49 67 9b 0e f1 bf 04 47 67 51 28 3f 36 e3 cb 25 6d 97 42 57 cb df 46 fc e7 b3 42 33 12 5b d1 a8 95 bc 7d d5 a6 f7 c3 fc 07 b0 Data Ascii: JFIFHH<CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100CC"h~\|q(]}W: 1~El:ptBrh/p<2}rAdXw+hU}%;xWdz4/W&@sU)M^U,:LV}QK:wkG~"V+DZi>'=>vn}I{e-.csKv7:R\\|_Ggz+~N-z5'~h}:_(}O?}\|.&GZlkexR_g\|8meQ<g\b##A/^Ge^1:!67-tOk9T6+]=rZX{;oR'Qe-2dty&4Tf%0UqYh+h/typ#^m-V8#[Ub5>\|OCw\|wtc}~T}St~Afhv%c8;xtCuH'l,S:o93J#DLMJ5eaZItr<]SIHO=aIgGgQ(?6%mBWFB3[}
May 25, 2021 10:25:18.794215918 CEST	1951	OUT	GET /assets/images/b-top.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289
May 25, 2021 10:25:18.888931990 CEST	2236	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:18 GMT Content-Type: image/jpeg Content-Length: 4813 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Fri, 25 Nov 2016 12:46:41 GMT ETag: "6365567-12cd-5421f837d4e40" Accept-Ranges: bytes Data Raw: ff d8 ff e1 00 c2 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 07 00 12 01 03 00 01 00 00 00 01 00 00 00 1a 01 05 00 01 00 00 00 62 00 00 00 1b 01 05 00 01 00 00 00 6a 00 00 00 28 01 03 00 01 00 00 00 02 00 00 00 31 01 02 00 0e 00 00 00 72 00 00 00 32 01 02 00 14 00 00 00 80 00 00 00 69 87 04 00 01 00 00 00 94 00 00 00 00 00 00 00 48 00 00 00 01 00 00 00 48 00 00 00 01 00 00 00 50 68 6f 74 6f 46 69 6c 74 72 65 20 37 00 32 30 31 36 3a 31 31 3a 32 35 20 31 35 3a 34 36 3a 34 31 00 03 00 00 90 07 00 04 00 00 00 30 32 31 30 02 a0 03 00 01 00 00 00 3c 00 00 00 03 a0 03 00 01 00 00 00 3c 00 00 00 ff db 00 43 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ff db 00 43 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ff c2 00 11 08 00 3c 00 3c 03 01 22 00 02 11 01 03 11 01 ff c4 00 1e 00 00 02 01 04 03 01 00 00 00 00 00 00 00 00 00 00 08 09 07 02 05 06 0a 00 01 04 03 ff c4 00 1a 01 00 03 01 00 03 00 00 00 00 00 00 00 00 00 00 00 05 06 07 04 00 02 08 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 7e 16 4e 92 eb 2a d1 bf 81 f8 88 aa 12 10 da 54 45 c1 17 7e 3b 7e 08 65 f4 8e a0 ae 04 59 10 61 f4 34 61 af 9a a1 d1 c3 1d aa c6 0b 65 a2 a7 06 90 58 53 ed d6 c9 ed 6c 04 23 a8 2d a0 d1 5b 18 1f b3 c7 4e e6 40 e6 49 67 5c e7 34 b6 99 41 78 b6 31 59 0d d2 76 72 91 bc 90 aa 65 47 4c 59 1b 72 8c 69 53 95 ad 2c b0 5c 87 0e 9b 55 d7 94 4e 29 9f ff c4 00 24 10 00 01 04 02 01 04 02 03 00 00 00 00 00 00 00 00 05 02 03 04 06 01 07 00 08 10 12 16 11 14 15 17 23 ff da 00 08 01 01 00 01 05 02 e1 22 70 04 43 2d b7 5c 54 bc d8 f6 dc ac fe cb d9 20 33 4c d9 d5 9b a2 7b 14 27 08 30 e2 17 23 7b 3a c6 0a 3c 01 b1 86 c6 7a 53 24 bc db 72 e3 5e cb ce 6a 6d 8a dd d4 37 3a 98 b4 3d 08 4d 3b 08 18 16 8e 06 41 b4 26 3e 13 83 60 1b 31 18 f2 a5 8d 9b 5f 2e aa e1 88 92 99 9b 17 a8 04 2a 56 c5 8f 66 12 24 85 03 72 40 b8 17 f2 4f 2c 06 10 04 26 c6 dc 35 eb 6c 36 e6 36 fa 75 a3 ee b9 af ba 80 af 2f 2e 58 19 fe da 0f 0b 62 ef f7 b9 b1 66 79 d1 27 34 ac 49 1c c2 de 4d 68 4f e1 6b d6 20 ed 1d 11 67 a3 3d 01 fa 24 1c d7 a5 7b 9b 5f 16 1b 36 0a 88 32 09 6d 4a d2 74 17 26 4c ed 76 a2 7b 02 24 17 2b 4c 71 9b f5 49 c4 fb 70 99 eb 01 ab 49 9f 97 12 24 78 11 fb b8 d3 6e a1 ea 45 35 e5 c2 14 30 72 7b ff 00 ff c4 00 30 11 00 02 02 01 02 04 05 03 01 09 00 00 00 00 00 00 01 02 03 04 05 11 12 00 06 13 21 07 14 22 31 41 15 23 32 34 42 51 52 53 62 63 71 72 b1 ff da 00 08 01 03 01 01 3f 01 e6 1e 61 4c 32 45 04 28 b6 32 56 c3 f9 5a ec 48 8d 11 34 df 66 c1 5f 50 82 32 40 0a ba 3c d2 11 1a 94 1b e5 8f a5 9b cc cb ba c7 30 e6 56 43 ab 08 71 56 06 2e 08 c7 ca a8 ac ab 23 22 fb 06 9e 57 7f 60 ce c7 88 b2 3c c1 82 7d d0 e4 ec 65 a0 8c fd ca 19 86 59 64 70 3f 31 15 e5 45 b5 14 df 0b d5 33 46 0f e5 13 f1 89 ca 55 cc d0 87 21 4d 89 8a 51 ea 47 ed 2c 12 af 69 20 99 7b ed 96 26 f4 b0 f6 f6 65 25 59 49 ce 5e f3 3c cd 91 96 49 15 42 59 fa 6c 65 c9 db 0c 75 59 61 3a ed 0c db 04 bd 69 db 6a 96 fb cf b4 12 74 e3 97 eb e3 7c Data Ascii: ExifIIbj(1r2iHHPhotoFiltre 72016:11:25 15:46:410210<<CC<<"~NTE~;~eYa4aeXSl#-[N@Ig\4Ax1YvreGLYriS,\UN)$#"pC-\T 3L{'0#{:<zS$r^jm7:=M;A&>`1_.*Vf$r@O,&5l66u/.Xbfy'4IMhOk g=${_62mJt&Lv{$+LqIpI$xnE50r{0!"1A#24BQRSbcqr?aL2E(2VZH4f_P2@<0VCqV.#"W`<}eYdp?1E3FU!MQG,i {&e%YI^<IBYleuYa:ijt\|

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
6	192.168.2.6	49730	77.222.40.109	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
May 25, 2021 10:25:39.527590990 CEST	2709	OUT	GET / HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:39.671211004 CEST	2715	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 66 64 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 3d 69 73 1b c7 95 9f c5 aa fc 87 16 ec 98 c4 06 83 8b 87 48 8a 44 6a 6d 67 2b aa cd b1 9b 38 59 a7 52 29 d5 00 18 10 43 0c 66 90 99 01 24 c8 56 15 a9 c3 c7 ca 6b 4a b2 b5 2b c7 b6 64 d9 ce 26 29 6f 12 88 12 24 88 97 aa fc 0b 06 7f 21 bf 64 df 7b dd 73 01 03 10 a4 48 89 56 49 07 09 f4 f4 74 bf 7e fd ee ee 7e bd 70 fc f5 9f bf f6 c6 6f fe ed 47 ec c7 6f fc f4 27 b9 b1 85 b2 5d d5 f0 97 22 17 e1 97 ad da 9a 92 fb b1 51 55 98 c4 14 b5 9e af 25 cd fa 42 8a 17 8f 2d 54 15 5b 66 ba 5c 55 16 63 4d 59 2f 2a 67 a5 86 62 aa 25 b5 20 db aa a1 c7 58 c1 d0 6d 45 b7 17 63 d9 d9 f4 f4 54 ba 30 53 98 9c 53 4a c5 d9 62 8c a5 72 63 8c b1 85 bc 6c 29 ac 6c 2a a5 c5 58 d9 b6 6b f3 a9 94 db 4b ca ad c3 78 37 85 b2 6c 5a 0a b4 f5 ab 37 fe 45 9a f5 1e 8e 2d 68 aa 5e 61 a6 a2 2d c6 2c bb a9 29 56 59 51 ec 18 b3 9b 35 80 ca 56 ce da a9 82 65 c5 44 1f 29 d9 82 36 2c 2c 4a 51 ed 24 3d 84 b6 e0 0f 6f 89 2a 8e 23 30 16 40 53 82 11 58 c9 25 c3 58 d2 14 b9 a6 5a c9 82 51 c5 b7 7f 58 92 ab aa d6 5c fc 85 91 37 6c e3 6d fe eb 07 af 19 80 04 dd 52 8a e3 04 d0 b8 0f d0 38 07 68 dc 05 68 1c 7a 3c 36 b6 60 15 4c b5 66 07 81 5d 96 1b 32 2f 8d 31 cb 2c 00 c8 cb 56 6a f9 f7 75 c5 6c 4a 99 64 26 9b 9c 4c 56 55 3d b9 6c c5 72 0b 29 5e 11 9a 5a 38 2e 49 ec 37 34 05 c9 9f 2a b6 a9 56 00 61 46 1d b0 6f 32 49 ca ed d6 11 a1 72 a2 54 d7 0b 38 6f 13 d5 84 92 b0 13 66 42 4d 54 12 72 fc ad ea 6f d5 df 2d e2 8f b7 df f6 aa c4 df 9a c0 92 a4 bc c8 7f bd fd f6 6f 7f 17 4f d6 ea 56 79 42 36 97 ea 55 98 75 2b 7e fe 24 b6 4b 15 b4 c5 cc 3f e9 ca 19 f6 ba 6c 2b 13 f1 93 95 45 c0 bc a9 c0 97 1f 69 0a 56 9e b0 e3 09 19 0a 97 14 5b 94 58 af 36 df 90 97 7e 06 c4 05 cf 7e 9b fe 5d a2 92 94 ad a6 5e 58 cc c0 27 c4 8c 99 90 93 35 d9 84 aa 3f 33 8a 4a 52 05 bc 9b f6 ab 4a c9 30 95 09 84 fb 7c 9c 46 75 46 d5 8b c6 99 04 2b 1a 05 02 2b c1 62 62 d8 f0 c9 9d e6 6a 21 c9 09 18 09 af ca 11 98 b2 e5 25 c4 33 54 6b 56 63 f1 93 63 d8 5c b3 3a 31 33 35 7d 62 72 72 2e 0d e5 aa ae 62 33 6f 11 25 e2 9f 82 a6 16 2a 55 b9 36 6f 9b 75 25 e1 15 db a6 5c a8 fc 04 a8 cb ea 79 20 17 0a 75 13 b0 f0 06 56 78 15 26 ac a0 f4 d4 38 a3 e4 1b aa 65 98 54 8c a5 e7 01 12 7f e6 17 74 43 7c 5c 28 aa 8d dc 82 5a 5d e2 64 13 39 b2 33 b2 5d 28 a7 dc 01 00 81 21 7d 2e c6 6a 86 a5 e2 ac ce cb 79 cb d0 ea b6 72 92 69 4a c9 9e 97 e6 e0 4f ed ec c9 18 93 35 60 3c e4 93 85 14 75 93 f2 ba e5 a4 97 1a 42 7b 1e 67 f5 f1 68 3f 4f c2 58 89 bc 89 2b 7b 58 18 5b 5a 48 09 c1 94 37 8a 4d 21 1d b0 44 31 73 63 c7 e8 1b 80 07 b3 00 4d 2e c6 0a 0a c2 20 e5 35 a3 50 91 aa b2 aa c7 44 25 af a2 6a 2b d5 9a 69 d4 a0 ae 51 6b ba 00 bd 14 63 6e 13 00 8f 54 93 75 45 93 8c 9a a2 b3 7c 7d 29 16 c0 b1 00 5c ad ca 4b 8a 95 82 69 52 8d e4 72 6d 49 a0 cb b9 ee dc 70 be 70 ee 38 37 9d bf 33 e7 96 f3 35 7c f8 5f f8 7f d5 f9 d4 f9 3f e7 73 28 f9 c8 b9 c5 e0 f9 55 e7 13 e7 4b e7 2a 73 3e 86 27 7f c7 Data Ascii: 1fd3=isHDjmg+8YR)Cf$VkJ+d&)o$!d{sHVIt~~poGo']"QU%B-T[f\UcMY/gb% XmEcT0SSJbrcl)lXkKx7lZ7E-h^a-,)VYQ5VeD)6,,JQ$=o#0@SX%XZQX\7lmR8hhz<6`Lf]2/1,VjulJd&LVU=lr)^Z8.I74VaFo2IrT8ofBMTro-oOVyB6Uu+~$K?l+EiV[X6~~]^X'5?3JRJ0\|FuF++bbj!%3TkVcc\:135}brr.b3o%U6ou%\y uVx&8eTtC\|\(Z]d93](!}.jyriJO5`<uB{gh?OX+{X[ZH7M!D1scM. 5PD%j+iQkcnTuE\|})\KiRrmIpp8735\|_?s(UKs>'
May 25, 2021 10:25:42.029297113 CEST	2809	OUT	GET /sveden/ HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:42.165338993 CEST	2812	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 33 39 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 3c fd 73 1b 45 96 3f db 55 f7 3f 34 82 c2 d2 ad 66 24 7f 10 e2 58 d6 d5 f1 71 05 75 2c 7b b7 9b bd 2b 8a a2 52 2d a9 6d b5 35 9a 99 9d 19 29 91 21 55 36 01 96 ad 70 04 b2 e4 0e 8e 23 90 5d ee a8 ad bd 2b 8c 13 07 e1 38 4e 15 7f c1 e8 5f b8 bf e4 de 7b dd 33 1a 49 33 b2 4c c2 de ae c0 d2 4c 7f bc 7e fd be fb 75 77 2a 8f 3d f7 b3 67 cf bf f2 0f cf b3 17 ce ff f4 a5 ea 7c a5 19 b4 2d fc 11 bc 01 3f 81 0c 2c 51 0d 6f 85 fb e1 41 78 07 fe ee 87 fd c1 35 16 1e 87 df d0 d7 60 27 dc 0b bf 85 a7 fd 70 6f f0 26 d4 df 1b bc 07 6d 8e c3 ef a0 1a 2a 6f 43 35 74 81 26 7b 83 77 e0 b7 cf 0c 26 64 a7 e6 9a 5e a7 52 52 d0 e7 2b 6d 11 70 66 f3 b6 58 cf f5 b8 dd 10 97 8c ae f0 e4 86 ac f3 40 3a 76 8e d5 1d 3b 10 76 b0 9e 5b 3a 5b 7e 6a a5 5c 3f 53 5f 5e 15 1b 8d b3 8d 1c 2b 55 e7 19 63 95 1a f7 05 6b 7a 62 63 3d d7 0c 02 f7 5c a9 14 8d 52 8a da 30 35 4c bd c9 3d 5f 00 ac 5f 9e ff 3b e3 6c 5c 39 5f b1 a4 dd 62 9e b0 d6 73 7e d0 b3 84 df 14 22 c8 b1 a0 e7 02 56 81 b8 14 94 ea be 9f d3 63 94 b8 0f 30 7c 2c 2a 51 6b 93 2a 01 16 7c 14 24 6a b8 80 c8 f8 80 cd 06 cc c0 37 37 1d 67 d3 12 dc 95 be 59 77 da d8 fb 6f 36 78 5b 5a bd f5 9f 3b 35 27 70 de 50 3f 3f 79 d6 01 22 d8 be 68 2c 10 42 0b 43 84 16 14 42 0b 11 42 0b 30 e2 dc 7c c5 af 7b d2 0d 92 c8 6e f1 2e 57 a5 39 e6 7b 75 40 79 cb 2f 6d fd aa 23 bc 9e b1 68 2e 2e 99 cb 66 5b da e6 96 9f ab 56 4a aa 21 80 aa 3c 66 18 ec 15 62 81 f9 53 11 78 b2 05 04 73 3a 40 7d 8f 19 46 f5 a4 81 88 94 f9 8d 8e 5d 47 be e5 db 45 51 0c 8a 5e 51 16 5b 45 5e 78 bd fd aa 7c 6d 1d bf de 78 23 6e 52 78 3d 8f 25 26 5f 57 3f 6f bc f1 ea 6b 05 d3 ed f8 cd 3c f7 36 3b 6d e0 ba 5f b8 bc 86 70 a9 81 b5 be f8 d7 b6 b8 c8 9e e3 81 c8 17 d6 5a eb 40 79 4f c0 cb f3 96 c0 c6 f9 a0 50 e4 50 b8 29 02 5d e2 3f d3 3b cf 37 5f 06 e1 82 ba 57 cb af 15 5b 26 f7 7b 76 7d 7d 11 9e 90 32 5e 91 9b 2e f7 a0 e9 cb 4e 43 98 12 e8 ee 05 cf 88 0d c7 13 79 c4 fb 72 81 66 75 51 da 0d e7 62 91 35 9c 3a a1 55 64 39 3d 6d 78 8a d8 dc ae 9b 4a 80 51 f0 da 8a 80 a5 80 6f 22 9d a1 59 af 9d 2b ac cd 23 b8 5e 3b 7f 66 e5 a9 a7 97 97 57 cb 50 2e 6d 89 60 5e 27 49 c4 4f dd 92 f5 56 9b bb e7 02 af 23 8a 71 71 e0 f1 7a eb 25 90 2e 7f ac 82 d7 eb 1d 0f a8 70 1e 1b 3c 03 0c ab 8b b1 16 17 45 ad 2b 7d c7 a3 62 2c bd 0c 98 0c 39 5f b1 1d fd 58 69 c8 6e b5 22 db 9b 4a 6c 52 67 76 91 07 f5 66 29 9a 00 08 18 ca e7 7a ce 75 7c 89 5c 3d c7 6b be 63 75 02 b1 c6 2c b1 11 9c 33 56 e1 e3 5e 5a cb 31 6e 81 e2 a1 9e 54 4a 34 4c 29 1e 56 89 5e 69 8a ec c5 9a 35 a1 a3 93 3a 09 73 25 f1 26 ad 1c 53 61 84 54 29 69 fb 56 73 1a 3d 6d 1d b0 44 78 d5 f9 39 7a 03 f4 80 0b 00 72 3d 57 17 88 83 51 b3 9c 7a cb 68 73 69 e7 74 a3 b8 a1 0c 44 db f5 1c 17 da 3a 6e 2f 42 e8 f1 1c 8b 40 00 3e 86 cb 6d 61 19 8e 2b 6c 56 eb 6c e6 12 34 d6 88 cb 36 df 14 7e 09 d8 24 1d 73 cb dd d4 e4 0a af 87 37 c2 2f c0 04 7f 1c 7e cd c2 9b e1 97 f0 f0 5f Data Ascii: 1394<sE?U?4f$Xqu,{+R-m5)!U6p#]+8N_{3I3LL~uw=g\|-?,QoAx5`'po&moC5t&{w&d^RR+mpfX@:v;v[:[~j\?S_^+Uckzbc=\R05L=__;l\9_bs~"Vc0\|,Qk\|$j77gYwo6x[Z;5'pP??y"h,BCBB0\|{n.W9{u@y/m#h..f[VJ!<fbSxs:@}F]GEQ^Q[E^x\|mx#nRx=%&_W?ok<6;m_pZ@yOPP)]?;7_W[&{v}}2^.NCyrfuQb5:Ud9=mxJQo"Y+#^;fWP.m`^'IOV#qqz%.p<E+}b,9_Xin"JlRgvf)zu\|\=kcu,3V^Z1nTJ4L)V^i5:s%&SaT)iVs=mDx9zr=WQzhsitD:n/B@>ma+lVl46~$s7/~_
May 25, 2021 10:25:44.243750095 CEST	2912	OUT	GET /sveden/common HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:44.380479097 CEST	2920	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 30 37 30 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 1c 69 6f 1b c7 f5 73 04 e4 3f 4c b6 41 24 35 bc 74 d8 b2 24 8a 0d 72 21 01 72 35 71 3e 04 41 50 0c c9 91 b4 d2 72 77 bb bb 94 cc d8 06 24 f9 8a a1 d4 56 5c bb 48 73 f8 68 dc 14 41 8a 86 96 25 9b 3a 03 f8 17 2c ff 42 7f 49 df 7b 33 bb 5c 92 4b 4a b2 2d 17 0e 2c 5b e4 ee ec cc 9b 77 bf 37 6f 76 94 7d e1 f5 f7 5f 3b fe c9 07 6f b0 b7 8e bf fb 4e ae 27 3b ed 95 0c fc 12 bc 08 5f 9e ee 19 22 e7 5f af 2f fa 3b fe ae bf ea ef d4 97 fd 75 06 b7 ab fe ba bf 06 bf 3b 7e ad 7e 99 25 99 d0 cb 79 3b e5 94 b3 69 39 a6 87 c1 4f 8f fa cd e6 b9 2b d8 b4 23 26 27 b4 69 cf b3 c7 d2 e9 a0 7f 5a 63 69 d9 39 5b 12 1e 67 85 69 ee b8 c2 9b d0 3e 3e fe 66 f2 18 3d cc 1a ba 39 cb 1c 61 4c 68 ae 57 31 84 3b 2d 84 a7 31 af 62 8b 09 cd 13 27 bc 74 c1 75 35 05 3e cd 5d 18 ee 62 53 9a 7a 27 5d 5b 14 52 d4 03 60 29 60 d4 b7 17 51 71 01 97 49 cb f4 dc d4 94 65 4d 19 82 db ba 9b 2a 58 25 04 f0 87 49 5e d2 8d ca c4 87 56 de f2 ac 53 f2 eb e5 d7 2c b3 28 4c 57 14 7b 09 a7 de 06 4e bd 12 a7 de 00 a7 5e c0 dd 2d 38 ba ed 45 91 9d e1 73 5c b6 6a cc 75 0a 80 f2 8c 9b 9e f9 73 59 38 95 e4 40 6a 60 30 35 94 2a e9 66 6a c6 d5 72 d9 b4 ec 88 78 bf 90 4c b2 4f 38 4c 7d 22 f5 ae f0 1c 7d 16 78 65 95 4d 4f 38 2c 99 dc 73 22 62 71 df 64 d9 2c 78 ba 65 f6 95 12 22 e1 25 9c 84 9e 98 4d f0 fe 93 a5 4f f5 cf 26 f0 e3 d4 a9 b0 4b ff c9 3e 6c 49 f1 09 f9 75 ea d4 a7 9f f5 a7 ec b2 3b dd c7 9d a9 72 49 00 cf fa 4f 8f 23 5c ea 60 4c 0c fc de 14 f3 ec 75 ee 89 be fe f1 d9 09 91 2a 38 02 6e de 30 04 76 ee f3 fa 13 1c 1a a7 84 a7 5a dc 57 2b c7 f9 d4 7b bc 24 e0 d9 a7 99 cf 12 b3 29 ee 56 cc c2 c4 00 5c 21 67 9c 04 4f d9 dc 81 ae ef 59 45 91 d2 81 e9 8e f7 aa 98 b4 1c d1 87 78 9f ee 27 aa e6 75 b3 68 cd 27 58 d1 2a 10 5a 09 a6 29 b2 e1 2a 90 71 a9 90 aa 48 ee 81 ce 95 24 03 d3 1e 9f 42 3e 43 b7 4a 49 eb 1f ef 41 70 95 52 df d1 e1 23 23 43 43 a3 19 68 d7 4d 1d c1 9c 24 0d c5 9f 82 a1 17 66 4b dc 1e f3 9c b2 48 84 cd 9e c3 0b b3 ef 80 6a b9 2d 0f 78 a1 50 76 80 0b c7 b1 c3 ab 20 b0 82 68 e9 31 2f f2 73 ba 6b 39 d4 8c ad a7 01 93 86 e4 b3 a6 a5 2e b3 45 7d 2e 97 d5 4b 53 52 6d 62 29 9b e7 5e 61 3a 1d 10 00 0a 86 ca 39 a1 d9 96 ab a3 54 c7 78 de b5 8c b2 27 c6 99 21 26 bd b1 e4 28 fc d8 27 c6 35 c6 0d b0 39 34 91 6c 9a a6 49 87 d3 4a d5 4b 77 d1 bd 9e 4e 26 da 6e 92 40 2a 69 37 d9 63 8b 05 c3 4c 69 e5 77 f2 56 b1 a2 bc 02 b6 08 27 d7 f3 1c 5c 03 66 20 00 00 37 a1 15 04 4e 9f cc 1b 56 61 36 59 e2 ba a9 51 17 16 b8 9d f0 87 06 e9 9e 28 d9 8e 65 c3 38 cb ae 04 88 fd 4e 63 01 38 c0 2b 69 73 53 18 49 cb 16 26 cb 97 a7 b4 08 ab 15 01 7a 89 4f 09 37 0d d2 d2 ad d4 8c 3d a5 b8 e6 5f f1 af f9 37 fd 5b fe d7 fe 2f cc bf ee df 86 8b 1f e1 77 c5 ff d6 ff b7 ff 3d b4 fc d5 bf ce e0 f9 8a ff 77 ff 1f fe 0a f3 af c2 93 5f b0 e5 5b 68 fb 0a 3a 5c 81 ee 57 fd 5f fc 9f e0 fb 9f 5a ee 25 33 ef da e3 d0 ba 5e 5f 00 5f 8b 1e 16 be aa fe 46 7d c9 af Data Ascii: 1070ios?LA$5t$r!r5q>APrw$V\HshA%:,BI{3\KJ-,[w7ov}_;oN';_"_/;u;~~%y;i9O+#&'iZci9[gi>>f=9aLhW1;-1b'tu5>]bSz'][R`)`QqIeMX%I^VS,(LW{N^-8Es\jusY8@j`05fjrxLO8L}"}xeMO8,s"bqd,xe"%MO&K>lIu;rIO#\`Lu8n0vZW+{$)V\!gOYEx'uh'XZ)qH$B>CJIApR##CChM$fKHj-xPv h1/sk9.E}.KSRmb)^a:9Tx'!&('594lIJKwN&n@i7cLiwV'\f 7NVa6YQ(e8Nc8+isSI&zO7=_7[/w=w_[h:\W_Z%3^__F}
May 25, 2021 10:25:44.386421919 CEST	2924	OUT	GET /assets/css/style-spec.css HTTP/1.1 Accept: text/css, / Referer: http://eiubp.ru/sveden/common Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:44.484211922 CEST	2926	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:44 GMT Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding Last-Modified: Thu, 01 Apr 2021 09:13:41 GMT ETag: W/"636554e-65e1-5bee5a5c09dff" Content-Encoding: gzip Data Raw: 31 62 66 38 0d 0a 1f 8b 08 00 00 00 00 00 00 03 e5 3c 6b 73 db 56 76 9f c9 5f 71 1b 8f 26 96 2b 42 00 48 4a 94 38 cd d4 89 ad 76 3a e9 97 a6 9d b6 d3 d9 d9 01 09 50 c4 0a 24 30 00 28 c9 e1 a8 63 27 9b 64 77 9c 26 db 6d 77 66 67 db cd 76 db af 7d d8 8e 1d 2b 8e e5 fc 05 f2 1f f5 9c 73 1f b8 17 00 29 39 76 b6 9d 96 1e 59 22 70 ef b9 e7 75 cf eb 3e b6 6f b0 96 f9 61 69 90 05 b9 35 cc b2 ca 9b 1b db cd 71 3e 89 b6 d8 20 f6 ef 6c 31 3f 3c de 62 59 e2 4d b7 d8 d8 81 1f 17 7e da f0 d3 81 9f 2e fc ec 6c b1 64 8b 05 93 2d 16 4e 0e a1 65 9e c6 53 fc 3d 1b e0 7f f0 0a 7e cf e0 e5 16 63 3e 00 f5 73 f8 f1 b7 58 0c 7f cf e0 27 82 17 a3 30 88 7c 40 07 fe 8a 53 00 14 79 83 00 5e e5 de 20 0a e0 17 c7 23 1f c5 31 b4 c8 c7 81 07 dd f3 14 ff 84 1f f8 db 4b f3 70 88 2d bd 2c f4 e1 d7 d0 9b 1e 7b 19 0c 13 e4 5e 18 65 08 ff 70 e8 25 79 18 4f e9 ef 59 1a e0 48 71 1e 00 10 04 47 bf 0f d3 18 b1 9d 04 53 c0 76 ea 21 d1 c1 90 f7 c9 66 93 89 97 22 0e e1 04 ba c2 df 47 30 d8 cc 0f e3 2d 76 0c 43 c6 6c de 6c c0 d3 c3 70 ba cf ec 7e b3 91 78 be 1f 4e 0f f9 97 41 9c c2 08 fc ef 78 96 47 e1 34 c0 2f 6c fd 67 fb 06 5b bc 58 3c 5c 5c 2c 3f 5c 7c b3 fc 7c f1 64 f1 1c 1e 2c 3f 58 de 83 9f 0f 17 df 2e ef b3 c5 39 83 bf 1e 2e ce 97 77 17 0f 78 83 87 d0 e4 ee e2 f1 f2 b3 e5 5d 68 00 92 6c 1c 07 c8 1d 2f 6a 79 51 78 08 e8 0d bc 2c 40 14 fa e6 50 df 42 b7 f3 c5 23 18 f2 31 fc 06 48 8f 96 f7 16 4f d8 e2 19 a3 47 17 f0 ff d7 08 fe c1 e2 29 fc f9 88 7f fd 06 9a 5e c0 cf 39 8d 34 f0 86 47 c8 c4 a9 bf 0f e2 f1 a6 a0 33 69 30 cd fb 6a 90 e5 27 cb 0f 90 26 44 fd 02 81 e3 a0 2f 60 9c 67 00 f6 19 0d ff 00 61 22 e0 27 80 c0 7d 68 b3 fc 31 f4 b8 58 de df 02 52 91 74 68 71 41 08 60 93 0b 7c 43 80 16 2f 90 15 cf e1 cd 37 cb 4f a8 cd f9 f2 33 c2 6a 14 4f f3 56 16 be 0f 3c 77 6c 7b a3 9e ed 88 dc 5d a2 ed f9 e2 c9 f2 2e 5b fe 04 d9 b1 fc 31 8e 27 58 41 ec 27 e6 5c 10 b6 2f 08 c1 af 71 8c b3 a6 c7 e6 97 88 53 7c 1a 6a b8 7b f0 ef 3e 50 f1 0c 47 20 6e 3c 22 81 2f 7f 4a 63 c1 90 df 02 06 c8 9b 27 15 c6 c1 e3 87 88 2f 81 00 a6 81 46 7c ca 84 6a ad 65 86 d0 51 5d 45 f1 ef 82 47 c4 a2 8a d2 28 9d 31 84 ac cb b8 d0 ec 69 8c ed ce 9a 4d 9a bd 6c de a0 0f 52 4c f2 23 36 5f ac d0 67 60 fe e2 2b d0 de 0f d9 f2 73 c0 fc c9 e2 6b 52 8d e7 a8 e8 28 f9 87 a8 1d cb 8f 85 66 f3 79 d5 1a c6 51 e4 25 19 c8 37 0b 00 1b 2f a7 e1 d1 2e e4 3e 9a 24 9c 9b e5 49 90 c7 49 9f d4 1e 15 f9 29 48 12 99 f9 53 39 89 c4 5c 58 de 07 1c 50 d9 50 36 a8 16 80 c3 39 21 f4 cd f2 53 f5 02 5a 21 49 8f 68 22 3c e2 dc 86 17 a8 16 ac 09 9f ed 1b e1 34 99 e5 68 4d 22 b0 27 60 0e 67 79 8e 46 25 0f 4e 73 60 9e 67 da 0e a6 b8 65 4e ec 12 a7 56 c8 18 f4 13 6c 05 5b fe 1d 4d 0f 64 e7 05 69 ce 23 9a 47 00 ed 39 bb 8e 5f 3e 21 dd f9 00 89 a0 df e7 b2 e7 70 1c 0c 8f 06 f1 29 da 96 d4 03 03 b7 49 ac de be 51 99 46 1c 4d e8 f6 04 c6 e2 48 ae 9a 42 38 3e 72 10 de 3d 46 9e 55 a7 d1 73 31 8a 32 8f 42 8b f0 31 b1 ef 6f f2 3b 49 f0 07 6f 20 cf de f8 01 38 13 ed 59 e2 65 d9 09 a8 02 3e d7 79 aa d9 e0 55 4c 7d 84 d6 95 74 92 6c 09 09 ae cc 69 c1 d1 0f a0 c9 33 e2 15 61 bc fc 88 64 40 6c 16 36 40 c7 49 b2 f1 8d 1f 80 61 e0 8c 7a 69 0d a2 09 f0 0c 2d Data Ascii: 1bf8<ksVv_q&+BHJ8v:P$0(c'dw&mwfgv}+s)9vY"pu>oai5q> l1?<bYM~.ld-NeS=~c>sX'0\|@Sy^ #1Kp-,{^ep%yOYHqGSv!f"G0-vCllp~xNAxG4/lg[X<\\,?\\|\|d,?X.9.wx]hl/jyQx,@PB#1HOG)^94G3i0j'&D/`ga"'}h1XRthqA`\|C/7O3jOV<wl{].[1'XA'\/qS\|j{>PG n<"/Jc'/F\|jeQ]EG(1iMlRL#6_g`+skR(fyQ%7/.>$II)HS9\XPP69!SZ!Ih"<4hM"'`gyF%Ns`geNVl[Mdi#G9_>!p)IQFMHB8>r=FUs12B1o;Io 8Ye>yUL}tli3ad@l6@Iazi-
May 25, 2021 10:25:45.722495079 CEST	3034	OUT	GET /sveden/struct HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:45.856007099 CEST	3062	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 37 62 31 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 5d 7b 73 1b c7 91 ff db ac ca 77 58 23 ae 90 bc 10 0f 92 92 4c 53 20 ee ce 8f ab 5c 55 12 df 9d 95 3f 52 2e 97 6b 01 2c c9 25 17 d8 cd ee 82 12 23 bb 8a a4 5e 71 c9 31 25 59 8a 15 5b 12 25 db b1 2f 95 87 21 92 b0 20 12 84 aa f4 09 06 5f e1 3e c9 75 f7 cc 3e 00 2c 40 10 12 29 92 1a d9 04 16 b3 f3 e8 99 ee fe 75 cf ec 4c 6f fa d5 b7 df 7d eb cc 6f ff eb 1d e5 17 67 7e f5 cb cc 40 7a d6 2d 18 f8 a5 a9 79 f8 72 75 d7 d0 32 ec 41 63 a5 b1 d4 b8 c0 b6 e0 fb 42 63 89 95 15 56 55 58 1d ae 36 58 99 ed 34 ae 2a 70 f3 09 de 60 eb 6c 9b 55 d8 0e ab 36 56 21 07 7b 48 89 8f e0 6a 9d 95 1b 2b 70 6b bb f1 29 dc ae b3 c7 a1 0a 58 15 b2 94 1b 97 e1 bb 02 37 e2 8a a6 97 b2 56 c2 2e a5 93 9c 82 01 05 fe 0d 88 bf 74 56 75 34 65 d6 d6 a6 a7 62 b3 ae 6b 4d 26 93 5e fe 64 4c 49 f2 cc e9 82 e6 aa 4a 6e 56 b5 1d cd 9d 8a fd e6 cc 7f c4 27 e8 66 da d0 8b f3 8a ad 19 53 31 c7 5d 34 34 67 56 d3 dc 98 e2 2e 5a da 54 cc d5 ce b9 c9 9c e3 c4 44 f5 49 d5 81 e2 0e 26 25 29 77 dc b1 b4 5c 82 72 40 5d a2 32 ca 3b 88 a4 38 40 cb b4 59 74 9d c4 8c 69 ce 18 9a 6a e9 4e 22 67 16 b0 82 7f 9d 56 0b ba b1 38 f5 3f 66 d6 74 cd 8f f8 d7 cf df 32 8b 79 ad e8 68 f9 41 a2 69 30 a0 69 90 d3 34 e8 d1 34 08 b4 3b 39 5b b7 dc 30 b1 73 ea 82 ca 53 63 8a 63 e7 80 e4 39 27 39 f7 bb 92 66 2f c6 47 13 a3 63 89 f1 44 41 2f 26 e6 9c 58 26 9d e4 19 91 ee 57 e3 71 e5 b7 2a 34 7d 2e f1 2b cd b5 f5 79 18 2b b3 54 74 35 5b 89 c7 77 6d 88 86 78 68 ba 54 cc b9 ba 59 1c 2a 8c 68 23 ee 88 3d a2 8f cc 8f a8 c3 e7 0b ef eb 1f 4c e1 c7 47 1f f9 59 86 cf 0f 61 4a 42 9d e2 5f 1f 7d f4 fe 07 c3 09 ab e4 cc 0e a9 f6 4c a9 a0 c1 98 0d 7f 7c 1a eb a5 0c c6 d4 e8 bf 14 b5 b3 ca db aa ab 0d 0d 9f 9e 9f d2 12 39 5b 83 1f ef 18 1a 66 1e 72 87 47 54 48 9c d1 5c 91 e2 bc b9 78 46 9d f9 b5 5a d0 e0 de fb a9 0f 46 e6 13 aa b3 58 cc 4d 8d c2 15 8e 8c 3d a2 26 2c d5 86 ac bf 36 f3 5a 42 87 41 b7 dd 37 b5 69 d3 d6 86 90 ee 8f 87 a9 57 67 f5 62 de 3c 3b a2 e4 cd 1c 91 35 a2 c4 44 b7 e1 ca e3 71 21 97 58 e4 a3 07 32 57 e0 03 98 74 d5 19 1c 67 c8 b6 58 88 0d 9f 1e c0 ea 16 0b 43 a7 4e 9c 7c 7d 7c fc 8d 14 a4 eb 45 1d ab 39 4f 12 8a ff 72 86 9e 9b 2f a8 d6 a4 6b 97 b4 11 3f d9 b5 d5 dc fc 2f 41 b4 9c 96 1b 6a 2e 57 b2 61 14 ce 60 86 37 81 61 39 ad 25 c7 59 2d bb a0 3b a6 4d c9 98 fa 31 50 12 70 3e 5d 34 c5 65 3a af 2f 64 d2 7a 61 86 8b 4d 64 cf ce aa 6e 6e 36 e9 75 00 04 0c 85 73 2a 66 99 8e 8e 5c 9d 54 b3 8e 69 94 5c ed b4 62 68 d3 ee 64 fc 0d f8 67 9d 3b 1d 53 54 03 74 0e 55 24 9d a4 66 92 7e b3 5c f4 92 5d 64 6f a0 93 8a b6 ab 24 74 95 a4 9b f4 b1 45 83 a1 a5 a4 40 b1 ac 99 5f 14 a8 80 29 9a 9d 19 78 05 ae 81 32 60 00 54 37 15 cb 69 d8 7c 3c 6b 98 b9 f9 78 41 d5 8b 31 ca a2 78 b0 e3 ff a3 42 ba ab 15 2c db b4 a0 9c 69 2d 7a 84 fd 34 a6 78 d5 01 5d 71 4b 2d 6a 46 dc b4 b4 a2 92 2d cd c4 42 43 2d 3a a0 17 d4 19 cd 49 02 b7 74 33 31 67 cd 88 51 63 37 d8 2d Data Ascii: 17b1]{swX#LS \U?R.k,%#^q1%Y[%/! _>u>,@)uLo}og~@z-yru2AcBcVUX6X4p`lU6V!{Hj+pk)X7V.tVu4ebkM&^dLIJnV'fS1]44gV.ZTDI&%)w\r@]2;8@YtijN"gV8?ft2yhAi0i44;9[0sScc9'9f/GcDA/&X&Wq4}.+y+Tt5[wmxhTYh#=LGYaJB_}L\|9[frGTH\xFZFXM=&,6ZBA7iWgb<;5Dq!X2WtgXCN\|}\|E9Or/k?/Aj.Wa`7a9%Y-;M1Pp>]4e:/dzaMdnn6usf\Ti\bhdg;STtU$f~\]do$tE@_)x2`T7i\|<kxA1xB,i-z4x]qK-jF-BC-:It31gQc7-
May 25, 2021 10:25:46.036640882 CEST	3086	OUT	GET /assets/images/document.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/sveden/struct Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:46.132917881 CEST	3115	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:46 GMT Content-Type: image/jpeg Content-Length: 926 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Fri, 28 Feb 2014 09:06:52 GMT ETag: "6365568-39e-4f373c236c300" Accept-Ranges: bytes Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 00 14 00 14 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08 23 42 b1 c1 15 52 d1 f0 24 33 62 72 82 09 0a 16 17 18 19 1a 25 26 27 28 29 2a 34 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e1 e2 e3 e4 e5 e6 e7 e8 e9 ea f1 f2 f3 f4 f5 f6 f7 f8 f9 fa ff c4 00 1f 01 00 03 01 01 01 01 01 01 01 01 01 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 11 00 02 01 02 04 04 03 04 07 05 04 04 00 01 02 77 00 01 02 03 11 04 05 21 31 06 12 41 51 07 61 71 13 22 32 81 08 14 42 91 a1 b1 c1 09 23 33 52 f0 15 62 72 d1 0a 16 24 34 e1 25 f1 17 18 19 1a 26 27 28 29 2a 35 36 37 38 39 3a 43 44 45 46 47 48 49 4a 53 54 55 56 57 58 59 5a 63 64 65 66 67 68 69 6a 73 74 75 76 77 78 79 7a 82 83 84 85 86 87 88 89 8a 92 93 94 95 96 97 98 99 9a a2 a3 a4 a5 a6 a7 a8 a9 aa b2 b3 b4 b5 b6 b7 b8 b9 ba c2 c3 c4 c5 c6 c7 c8 c9 ca d2 d3 d4 d5 d6 d7 d8 d9 da e2 e3 e4 e5 e6 e7 e8 e9 ea f2 f3 f4 f5 f6 f7 f8 f9 fa ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 fd 13 d4 f5 c7 4d 67 57 5b bb db bb 5b 4b 3f 21 23 4b 18 c3 31 2e 85 89 6f 94 93 d3 1d 87 e7 5e 73 e3 5f 8f 27 e1 b7 8a 7c 3a 5a 1d 5b 59 f0 e6 a7 13 0b 87 36 a5 e5 b7 60 f8 0e 02 a0 23 03 24 a9 ea 39 1c 8c 18 3e 36 ea 77 16 9a 86 af 05 b5 bc 97 32 49 3d a3 95 8e 13 29 50 21 7e 76 88 65 c7 5e bb 47 d7 b1 f2 ef 0e 6b fa f2 6a f6 56 b2 be a7 1e 9f 1e e1 e4 3c 52 47 0a 8c 13 d3 ec b1 a8 19 e7 ef 0e 7d 7b fd 96 0f 01 0a 94 d5 59 c6 ea db 6d f6 7b db 7b ea 7c b6 2b 1b 28 4d d2 8b b3 be fb f5 fc ac 7d 97 67 77 0e a1 69 05 d5 bc 82 5b 79 d1 64 8d c7 46 52 32 0f e4 68 ac ef 08 7f c8 a7 a2 f6 ff 00 42 87 ff 00 40 14 57 c9 4d 72 c9 a4 7d 24 5d e2 99 4f 5e f0 0e 8f e2 3b c3 75 77 14 cb 3b 28 47 68 27 78 f7 81 d3 70 53 ce 32 6b 2c fc 1e f0 e1 ff 00 96 77 9e bf f1 f9 27 f8 d1 45 77 53 ad 56 31 49 49 fd e7 2c e9 53 72 6d c5 7d c7 63 6b 6b 15 95 b4 56 f0 20 8e 18 90 22 20 e8 aa 06 00 a2 8a 2b cf dc ec d8 ff d9 Data Ascii: JFIFHHCC"}!1AQa"q2#BR$3br%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzw!1AQaq"2B#3Rbr$4%&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz?MgW[[K?!#K1.o^s_'\|:Z[Y6`#$9>6w2I=)P!~ve^GkjV<RG}{Ym{{\|+(M}gwi[ydFR2hB@WMr}$]O^;uw;(Gh'xpS2k,w'EwSV1II,Srm}ckkV " +
May 25, 2021 10:25:50.910228968 CEST	3297	OUT	GET /assets/images/icon-document.gif HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/sveden/education/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:51.007396936 CEST	3299	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:50 GMT Content-Type: image/gif Content-Length: 1212 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Fri, 20 Jan 2017 13:43:09 GMT ETag: "6365566-4bc-54686d48b1540" Accept-Ranges: bytes Data Raw: 47 49 46 38 37 61 28 00 28 00 ee 00 00 f8 f9 fa a1 c1 e9 f6 f8 fa 9a bd e8 be d3 f0 00 5a c1 c8 da f2 e9 f0 f9 60 9e de e1 ea f8 42 89 d2 a8 c6 ea 9a c0 e8 38 83 d0 3f 88 d3 aa c9 ea ad cd f1 b1 cb eb 69 a4 df d1 e1 f5 c3 d8 f1 b1 d0 f2 c5 db f5 c1 d6 f0 88 b4 e3 8a b9 e8 02 61 c5 93 bc e6 d0 e2 f8 82 b0 e2 f1 f0 f1 59 98 d8 f1 f3 fb 1a 70 c9 32 80 d0 05 65 c8 89 b6 e5 b2 cf ed 79 ab e0 48 8e d7 69 a1 db de e8 f7 a0 bf e9 41 89 d4 61 9d da 51 94 d9 7b ae e2 dd e9 f9 89 b1 dc ca e0 f8 ba d1 ee aa ca ee e8 eb f2 91 b9 e4 b0 c0 db 26 78 cd 68 a2 de 2c 7c ce ca d7 e9 db e4 f2 d0 df f4 72 a6 de 10 6b c9 bb ca e4 0e 6a cb ad c9 eb 31 7f d0 ab c0 dd 58 96 d8 ee f0 f3 b2 c9 e6 09 66 c8 da e1 ed 4e 90 d5 d1 da ea b4 d0 ed 00 56 c0 40 86 d2 5a 91 cf 29 7a cd 20 74 cb 77 a4 d6 6a 9e d6 68 9e d9 c0 ce e4 8c b8 e5 ac c2 e2 b0 c5 e4 bf d8 f4 c9 e0 f7 a7 c3 e7 bd cf e8 78 aa df 62 a0 de 76 a9 de 87 b0 db 9a b8 dc 18 6f c9 e7 f0 fa f0 ef f2 af d0 f3 f9 f8 f7 55 98 db e5 ec f6 e8 ef f9 e2 e6 f0 51 92 d6 82 ae de bc c7 de 66 99 d2 c6 d4 e9 c2 d6 ef e4 e8 ef 58 8f ce cf d8 e9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2c 00 00 00 00 28 00 28 00 00 07 ff 80 00 82 83 84 85 86 87 88 89 8a 8b 8c 8d 8e 8f 87 13 15 04 04 93 95 94 93 3f 6e 54 6f 4a 90 86 1d 2d 18 1d 5c 5f 2e 26 2e a9 a9 26 ac 26 0a 30 00 1e 9f 00 3d 28 90 01 22 5f 1e 20 9f 0d 33 8e 07 34 5a 3d 22 30 1e b2 8e 02 0e bf 8c 20 34 70 55 12 28 c5 bb 8f 0e 0c 8c 02 c1 48 6b 66 5d 44 4f c6 1e 02 d9 cb 89 02 e8 20 07 69 48 5c 49 2d 6a 0a 50 c6 bc 8c d7 d9 62 3b 72 53 0a fd 0a 37 21 8c 15 59 a4 8c d9 01 0e 13 26 18 a0 40 01 0b 81 08 59 0e 28 d1 c1 a2 81 03 11 39 42 68 14 b7 e8 1e 80 2c 1d 3a 78 41 81 82 05 91 16 0d 02 80 40 a2 a4 07 94 1c 19 43 00 0c 01 a6 8c 22 65 01 04 bd 88 b0 a4 c2 83 00 33 b4 30 c8 60 80 c6 04 1d 43 9a f8 00 32 02 88 8f 30 3e 7c 80 e9 88 8d e0 8b a3 3f 86 44 89 43 c4 89 93 36 51 58 9c 18 73 ce 41 4e 00 09 18 62 2a f1 e0 01 03 02 29 ff 0c e8 a0 f2 c3 c6 10 1b 78 6d b0 b1 22 65 60 22 8f 15 de f5 13 21 42 c8 8d 11 55 12 28 a4 20 e3 87 11 23 57 ae 58 89 f0 40 0a 8d 73 0a b0 09 30 b0 81 c1 86 0d 1d 30 b8 e8 20 81 c0 0e 03 06 2e 5c 90 11 61 cb 92 08 46 64 40 98 e2 17 d1 bd 03 e4 0c a1 3b 90 50 21 ea d4 17 22 44 20 40 06 c5 99 b2 d8 0e bc 60 a8 ba c2 12 08 3f 03 44 0f c0 a0 fa 00 06 c2 09 40 90 70 40 91 83 0d 00 40 30 b8 11 13 08 10 0d 1a 0a a8 5f bf 9e c9 13 03 0f 2a 54 e8 92 e0 dc 0a f0 09 1e 48 30 41 92 05 8b 0f 00 06 28 e0 07 2d 74 90 c2 02 11 54 80 42 77 7f 6d 20 c0 0b 09 80 20 00 08 ea 1c 60 e1 01 09 24 80 46 86 10 a6 b0 c3 0e 15 04 10 41 09 38 d4 87 88 32 1b 80 30 01 0f 15 94 c0 d6 03 0b 4c 47 dd 00 03 7c b6 41 0d 35 04 b0 c0 02 db 31 88 88 02 19 28 67 42 01 23 b0 87 9e 7a 45 a6 d7 de ff 0d 04 0c c0 63 89 98 05 39 41 0d 0d 9c 70 c2 0a 49 f4 b3 c2 96 27 28 70 a5 95 27 34 e1 c5 04 4e f6 e8 5d 06 69 19 d0 61 0a 29 70 d0 66 9b 1c f0 20 e7 6f a8 45 50 a6 04 26 1e 22 c0 0a 68 5e f0 10 65 6d 2d a0 63 00 84 d2 48 e3 8d 35 6c 30 00 a1 66 9e 08 24 07 31 f4 50 c0 11 47 8c 70 04 91 23 a0 a7 41 a6 9b 1e 99 43 09 2a f0 88 67 94 1c 5c 60 82 10 0d 10 96 6a 03 ac 8a c0 ea ab ac 0a c1 02 99 a2 fa 78 c8 a3 04 c8 70 c1 6f Data Ascii: GIF87a((Z`B8?iaYp2eyHiAaQ{&xh,\|rkj1XfNV@Z)z twjhxbvoUQfX,((?nToJ-\_.&.&&0=("_ 34Z="0 4pU(Hkf]DO iH\I-jPb;rS7!Y&@Y(9Bh,:xA@C"e30`C20>\|?DC6QXsANb)xm"e`"!BU( #WX@s00 .\aFd@;P!"D @`?D@p@@0_TH0A(-tTBwm `$FA820LG\|A51(gB#zEc9ApI'(p'4N]ia)pf oEP&"h^em-cH5l0f$1PGp#AC*g\`jxpo
May 25, 2021 10:25:53.052598000 CEST	3393	OUT	GET /sveden/eduStandarts/ HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:53.186841011 CEST	3394	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 65 31 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 d5 5b 7b 6f db d6 15 ff 3b 02 fa 1d 58 f5 61 7b 91 28 4a 94 64 29 96 54 20 69 b3 0e 68 9a 6d cd 0a 14 45 11 5c 49 57 32 6d 8a e4 48 4a 89 9a 04 b0 93 36 5d 91 a2 79 ac dd ba 35 4d da b5 db 30 ec 51 d7 b1 1b 25 b1 5d a0 9f 80 fa 0a fb 24 3b e7 5c 52 a2 2d 4a 4e 1c 05 e9 04 5b a2 ee bd 3c f7 9c 73 7f e7 71 2f 8f 4a cf be 7c f2 d8 a9 b7 7e f9 8a f4 ea a9 13 af 55 62 a5 45 b7 a5 e3 07 67 75 f8 70 35 57 e7 15 ef 96 f7 5d 7f c5 5b f3 ee 7a 3b de ba b7 d6 bf e8 6d 7a 0f fa 1f 79 db fd 2b de a6 d4 5f 85 86 35 6f db db 80 ae 95 fe c5 fe 15 29 29 71 ad 5d b5 64 bb 5d 4a 09 1a 31 09 5e 31 ff bf 54 65 0e 97 16 6d de 28 c7 17 5d d7 3a 92 4a 05 e3 53 71 29 25 06 97 5a dc 65 52 6d 91 d9 0e 77 cb f1 df 9c 3a 9e 2c 50 67 49 d7 8c 65 c9 e6 7a 39 ee b8 5d 9d 3b 8b 9c bb 71 c9 ed 5a bc 1c 77 f9 59 37 55 73 9c b8 4f 3e c5 1c b8 dd c1 a6 14 8d 4e 3a 16 af c9 34 02 68 f9 c4 68 ec 0c b2 e2 00 2f 0d d3 70 1d b9 69 9a 4d 9d 33 4b 73 e4 9a d9 42 02 2f 35 58 4b d3 bb e5 5f 9b 55 d3 35 cf 8b 8f c3 c7 4c a3 ce 0d 87 d7 67 88 a7 99 21 4f 33 82 a7 99 80 a7 19 e0 dd a9 d9 9a e5 86 99 5d 62 1d 26 5a e3 92 63 d7 80 e5 25 27 b5 f4 db 36 b7 bb c9 b4 9c ce c8 aa dc d2 0c 79 c9 89 57 4a 29 31 10 f9 7e 36 99 94 de 62 30 f5 59 f9 04 77 6d 6d 19 74 65 b6 0d 97 db 52 32 b9 ef 44 a4 e2 d9 46 db a8 b9 9a 69 cc b6 12 3c e1 26 ec 84 96 58 4e b0 b9 73 ad b7 b5 77 ca f8 76 fe fc 60 c8 dc b9 59 6c 91 59 59 7c 9c 3f ff f6 3b 73 b2 d5 76 16 67 99 dd 6c b7 38 e8 6c ee c2 02 d2 a5 01 7a 39 fd 33 83 9f 91 5e 66 2e 9f 9d 5b 58 2e 73 b9 66 73 f8 f2 8a ce 71 f0 ac 3b 97 60 d0 d8 e4 ae df e2 1c ed 9e 62 cd d7 59 8b 43 df db ca 3b 89 65 99 39 5d a3 56 4e c3 15 6a c6 4e 30 d9 62 36 0c 7d dd ac 73 59 03 a5 db ee 51 de 30 6d 3e 8b 7c 5f 98 23 a9 ce 68 46 dd 3c 93 90 ea 66 8d d8 4a 48 71 5f 6c b8 0a d6 b8 55 93 bb 42 7b 80 b9 96 50 60 ca 65 4d d4 33 0c eb b6 e2 73 0b 31 24 d7 6d cd e6 b3 b9 79 55 2d 2a d0 ae 19 1a 92 39 47 08 c5 57 4d d7 6a cb 2d 66 1d 71 ed 36 4f 0c 9a 5d 9b d5 96 5f 03 68 39 7b 3a 58 ad d6 b6 41 0b a7 70 c0 51 58 b0 1a df 33 e2 0c af 76 34 c7 b4 a9 19 5b 2f 00 27 c3 95 2f 19 a6 7f 59 aa 6b 9d 4a 49 6b 35 05 6c 22 25 3b c3 dc da 62 2a 10 00 00 86 e0 2c c7 2d d3 d1 70 55 8f b0 aa 63 ea 6d 97 2f 48 3a 6f b8 47 92 45 78 59 67 17 e2 12 d3 c1 e6 d0 44 4a 29 9a 26 35 98 56 40 2f 35 01 7b b1 71 26 3a 6a 92 20 2a a1 9b ec 71 8f 05 c3 4c 29 df 0f 55 cd 7a d7 f7 0a d8 c2 ed 4a ec 10 5c 03 67 b0 00 40 ae 1c af 71 9c 3e 59 d5 cd da 72 b2 c5 34 23 4e 43 a4 c0 ed 0c 5e 74 93 e6 f2 96 65 9b 16 dc 67 5a dd 80 b1 e7 e2 52 40 0e f8 4a 5a cc e0 7a d2 b4 b8 21 55 db cd 78 48 d5 be 00 5a 8b 35 b9 93 82 d5 d2 4c 79 c9 6a fa 5a f3 6e 78 9f 7a 5f 7a 5f 79 9f 79 df 4a e0 3b bf 81 8b bf c1 ff 35 ef 73 ef 5f de 17 d0 f2 7b ef 96 04 fd d7 bc 3f 79 7f f1 ae 49 de 27 d0 f3 2d b6 7c 0e 6d d7 61 c0 0d 18 fe 89 f7 ad f7 0f f8 fc 6b bc f2 a2 51 75 ac Data Ascii: e17[{o;Xa{(Jd)T ihmE\IW2mHJ6]y5M0Q%]$;\R-JN[<sq/J\|~UbEgup5W][z;mzy+_5o))q]d]J1^1Tem(]:JSq)%ZeRmw:,PgIez9];qZwY7UsO>N:4hh/piM3KsB/5XK_U5Lg!O3]b&Zc%'6yWJ)1~6b0YwmmteR2DFi<&XNswv`YlYY\|?;svgl8lz93^f.[X.sfsq;`bYC;e9]VNjN0b6}sYQ0m>\|_#hF<fJHq_lUB{P`eM3s1$myU-9GWMj-fq6O]_h9{:XApQX3v4[/'/YkJIk5l"%;b,-pUcm/H:oGExYgDJ)&5V@/5{q&:j *qL)UzJ\g@q>Yr4#NC^tegZR@JZz!UxHZ5LyjZnxz_z_yyJ;5s_{?yI'-\|makQu
May 25, 2021 10:25:57.391239882 CEST	3481	OUT	GET /sveden/employees/ HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:57.554311037 CEST	3482	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 38 30 30 30 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ec bd eb 72 1c 47 96 26 f8 bb 64 56 ef 10 c5 35 db 26 b7 90 60 26 6e 24 28 8a 3b d6 d3 3d 36 3f 7a 66 2f d3 fb 63 b6 ad ad 0c 24 21 11 55 24 c1 25 21 55 ab 2f 66 00 49 49 54 53 12 49 49 55 c5 65 49 04 21 b2 aa 7a 6d a6 a6 93 00 92 48 24 12 49 b3 7a 82 c8 57 e8 27 59 3f 17 8f 70 f7 70 cf 8c c8 88 c8 1b 5c dd 25 91 79 89 f4 f0 70 3f 7e be ef 7c e7 9c 8b 3f f9 8b ff ed df ff f5 7f fd df ff 32 f8 8f 7f fd 9f fe ea d2 3b 17 af 6d dc b8 0e ff 59 5d b9 2a fe b3 b1 b6 71 7d f5 52 f8 a2 7b 2f 6c 85 9d 70 57 fc 6f bf bb d5 bd 0b 7f 9a 0d c2 ed b0 11 ee 87 f5 70 4f bc be 17 36 bb 9f 85 8d ee 96 f8 64 33 3c 0c 4e 87 c7 61 bd 7b 4f bc 76 1c 76 2a e1 5b f7 47 cf 04 e2 4f 1d bc 6c 3d dc 0d 2a c1 ea da 87 97 6f cd de fe f0 e2 59 fa fd 77 02 f1 cf 3b fc bf 8b 97 57 ee ac 06 d7 6e af be ff de a9 6b 1b 1b b7 2e 9c 3d 2b 3f 7f f6 54 70 96 3e 7c f1 c6 ea c6 4a 70 e5 da ca ed 3b ab 1b ef 9d fa bf fe fa 3f 54 ce e3 9b 17 af af dd fc 45 70 7b f5 fa 7b a7 ee 6c 7c 7c 7d f5 ce b5 d5 d5 8d 53 c1 c6 c7 b7 56 df 3b b5 b1 fa 77 1b 67 af dc b9 73 8a 2f 7f 76 e5 8e f8 fa 1d 78 e9 2c 7e ba 72 e7 d6 ea 95 59 fc 84 b8 16 5f 0c 3f fb 67 30 94 3b 62 2c ef af df dc b8 33 fb c1 fa fa 07 d7 57 57 6e ad dd 99 bd b2 7e 03 2e f0 bf be bf 72 63 ed fa c7 ef fd 9f eb 97 d7 37 d6 ff 91 fe f3 d3 7f bf 7e f3 ea ea cd 3b ab 57 ff 0c c7 f4 67 f1 98 fe 8c c6 f4 67 72 4c 7f 26 c6 7e e7 ca ed b5 5b 1b ea 60 7f be f2 d1 0a bd 7a 2a b8 73 fb 8a 18 f2 cf ef 9c fd f9 ff f3 e1 ea ed 8f 2b b5 d9 da dc ec fc ec 8d b5 9b b3 3f bf 73 ea d2 c5 b3 f4 41 18 f7 4f 2a 95 e0 bf ae 88 9f fe bb d9 ff b4 ba 71 7b ed 17 62 ae d6 3f bc b9 b1 7a 3b a8 54 fa fe 10 4e f1 e9 f7 3f bc 79 65 63 6d fd e6 e9 1b 33 ab 33 1b 33 b7 67 d6 66 7e 31 b3 72 e6 1f 6e fc cd da df be 07 ff fa c7 7f 8c 3e 72 e6 1f 4e c3 2b b3 2b ef d1 7f fe f1 1f ff e6 6f cf cc de fa f0 ce b5 d3 2b b7 3f f8 f0 c6 aa 98 b3 33 ff f4 2e 5c 17 3f 70 fd bd da ff 72 73 f5 97 c1 5f ac 6c ac 9e 3e f3 ee 2f de 5b 9d bd 72 7b 55 fc e5 2f af af c2 87 4f 6f 9c 99 59 11 2f 7e b0 ba c1 af dc f9 f3 8f ff 7a e5 83 ff bc 72 63 55 bc f7 37 d5 bf 9d f9 c5 ec ca 9d 8f 6f 5e 79 af 26 fe 04 33 73 7b 66 65 f6 d6 ca 6d f1 d1 ff bc 7e 75 75 76 4d 4c fa ed 8d 3f 5f 7d 7f fd f6 ea 69 18 f7 3f 9d c1 bb fa e5 da cd ab eb bf 9c 09 ae ae 5f c1 61 cd 04 a7 f8 b6 c5 9f e4 33 be 71 65 f6 63 9a 3d b1 e6 6e d0 04 9e dd 58 f9 00 e6 59 7c ec e3 1b a7 ce bc fb 0e 5c ee e3 1b a7 97 16 16 cf cd cf 2f 57 c5 eb 6b 37 d7 e0 32 ff 80 2b 14 fe b9 72 7d ed ca 2f 6e ac dc ba b0 71 fb c3 d5 99 e8 e5 8d db 2b 57 7e f1 57 62 69 dd 31 de 58 b9 72 e5 c3 db 62 16 fe 1a 3e f0 e7 e2 81 5d 59 35 3e f1 cb d5 cb 1f ad dd 59 bf 8d 2f c3 ab ff 24 46 12 3f f9 8b 37 d7 f9 8f 17 af ae 7d 74 e9 e2 da 8d 0f 68 d9 58 ef ec 97 2b 1b 57 ae 9d 95 37 20 16 18 2c ce f7 4e dd 5a bf b3 06 4f f5 c2 ca e5 3b eb d7 3f dc 58 7d 37 b8 be fa fe c6 85 ca b2 Data Ascii: 8000rG&dV5&`&n$(;=6?zf/c$!U$%!U/fIITSIIUeI!zmH$IzW'Y?pp\%yp?~\|?2;mY]q}R{/lpWopO6d3<Na{Ovv[GOl=oYw;Wnk.=+?Tp>\|Jp;?TEp{{l\|\|}SV;wgs/vx,~rY_?g0;b,3WWn~.rc7~;WggrL&~[`zs+?sAO*q{b?z;TN?yecm333gf~1rn>rN++o+?3.\?prs_l>/[r{U/OoY/~zrcU7o^y&3s{fem~uuvML?_}i?_a3qec=nXY\|\/Wk72+r}/nq+W~Wbi1Xrb>]Y5>Y/$F?7}thX+W7 ,NZO;?X}7
May 25, 2021 10:25:59.361188889 CEST	3618	OUT	GET /sveden/objects/ HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:59.523531914 CEST	3619	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:59 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 32 31 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 3c 6b 73 1b c7 91 9f cd 2a fd 87 f1 c6 15 12 17 2c 1e 7c 89 0f 10 57 67 c5 a9 5c 95 63 e7 62 dd 87 94 cb 95 1a 00 43 72 89 05 76 bd bb a0 08 3d aa 48 d9 8a e3 a3 23 ca 3a 2b 77 17 c7 92 15 e7 51 a9 24 65 90 22 24 90 04 c1 2a fd 82 c5 5f c8 2f 49 77 cf 2c b0 00 16 20 45 59 39 a7 6c 96 48 2c 66 66 7b ba 7b fa 3d 33 ca bc fc fd 37 2f 5d fe e9 8f 5f 63 3f bc fc a3 d7 b3 63 99 55 af 64 e2 87 e0 05 f8 f0 0c cf 14 59 ff 37 7e ad 7d d3 af b7 37 fd 86 5f f3 8f da 1f f9 c7 7e 4b a7 a6 5b f0 d8 68 7f 00 4f 5b fe a1 df f2 eb 0c fe ec d2 d7 13 f8 0b 1d 38 00 9b 1b d0 03 ad c7 00 eb c3 f6 c7 f0 79 8c df db 37 db 1f d1 2b 00 bc e6 3f 81 a7 3d 39 59 30 8d ff c8 6f 31 ff 04 ba 5b ed 9f 23 5c 80 51 63 3a 13 46 25 67 27 9c 4a 26 29 91 1c 63 f0 33 a6 7e 33 39 ee 0a b6 ea 88 e5 25 6d d5 f3 ec 85 64 32 18 9f d4 58 52 0e ce 94 84 c7 59 7e 95 3b ae f0 96 b4 ff bc fc 03 7d 8e 3a 33 a6 51 2e 32 47 98 4b 9a eb 55 4d e1 ae 0a e1 69 cc ab da 62 49 f3 c4 86 97 cc bb ae a6 c0 27 b9 0b af bb d8 94 a4 d1 ba 6b 8b 7c 82 46 00 2c 05 8c c6 8e 23 2a 2e e0 b2 6c 95 3d 37 b1 62 59 2b a6 e0 b6 e1 26 f2 56 09 01 fc eb 32 2f 19 66 75 e9 27 56 ce f2 ac eb f2 e3 7b 97 ac 72 41 94 5d 51 18 27 9c c6 bb 38 8d 4b 9c c6 03 9c c6 01 77 37 ef 18 b6 17 46 76 8d af 73 d9 aa 31 d7 c9 03 ca 6b 6e 72 ed dd 8a 70 aa 7a 3a 91 9e 4c 4c 25 4a 46 39 b1 e6 6a d9 4c 52 0e 44 bc 5f d6 75 f6 53 0e 53 6f 24 7e 24 3c c7 28 02 af ac 4a d9 13 0e d3 f5 53 27 22 16 4f 2c 57 ca 79 cf b0 ca 13 a5 b8 88 7b 71 27 6e c4 8b 71 1e bb 56 7a db 78 67 09 ff 5c bf de 19 12 bb 36 81 2d 09 be 24 3f ae 5f 7f fb 9d 58 c2 ae b8 ab 13 dc 59 a9 94 04 f0 2c 76 63 11 e1 d2 00 73 29 fd 2f 65 71 85 7d 9f 7b 62 22 b6 58 5c 12 89 bc 23 e0 cb 6b a6 c0 c1 13 5e 2c ce a1 71 45 78 aa c5 7d b5 7a 99 af bc c1 4b 02 fa de 4e bd 13 2f 26 b8 5b 2d e7 97 d2 f0 84 9c 71 e2 3c 61 73 07 86 be 61 15 44 c2 00 a6 3b de ab 62 d9 72 c4 04 e2 7d 23 46 54 5d 31 ca 05 eb 4a 9c 15 ac 3c a1 15 67 9a 22 1b 9e 82 35 2e e5 13 55 c9 3d 90 b9 92 64 60 d2 e3 2b c8 67 18 56 2d 69 b1 c5 31 04 57 2d 4d cc 4e cf 5c 9c 9a 9a 4f 41 bb 51 36 10 cc 35 92 50 fc c9 9b 46 be 58 e2 f6 82 e7 54 44 bc d3 ec 39 3c 5f 7c 1d 44 cb ed eb e0 f9 7c c5 01 2e 5c c6 01 af c2 82 e5 45 df 88 2b 22 b7 6e b8 96 43 cd d8 7a 03 30 e9 ae 7c a6 6c a9 c7 4c c1 58 cf 66 8c d2 8a 14 9b 48 ca ae 70 2f bf 9a 0c 08 00 01 43 e1 5c d2 6c cb 35 70 55 17 78 ce b5 cc 8a 27 16 99 29 96 bd 05 7d 1e 7e ec 8d 45 8d 71 13 74 0e 55 24 93 a4 69 92 9d 69 a5 e8 25 47 c8 de d8 30 15 1d 54 49 20 95 a4 9b f4 b1 4f 83 61 a6 a4 32 74 39 ab 50 55 56 01 5b 84 93 1d 7b 09 9e 01 33 58 00 00 b7 a4 e5 05 4e af e7 4c 2b 5f d4 4b dc 28 6b 34 84 05 66 a7 f3 43 2f 19 9e 28 d9 8e 65 c3 7b 96 5d 0d 10 fb 8e c6 02 70 80 97 6e f3 b2 30 75 cb 16 65 96 ab ac 68 21 56 2b 02 8c 12 5f 11 6e 12 56 cb b0 12 6b f6 8a e2 9a 7f d7 bf e7 7f ee 3f f4 ff d7 ff 92 f9 f7 Data Ascii: 121e<ks,\|Wg\cbCrv=H#:+wQ$e"$_/Iw, EY9lH,ff{{=37/]_c?cUdY7~}7_~K[hO[8y7+?=9Y0o1[#\Qc:F%g'J&)c3~39%md2XRY~;}:3Q.2GKUMibI'k\|F,#*.l=7bY+&V2/fu'V{rA]Q'8Kw7Fvs1knrpz:LL%JF9jLRD_uSSo$~$<(JS'"O,Wy{q'nqVzxg\6-$?_XY,vcs)/eq}{b"X\#k^,qEx}zKN/&[-q<asaD;br}#FT]1J<g"5.U=d`+gV-i1W-MN\OAQ65PFXTD9<_\|D\|.\E+"nCz0\|lLXfHp/C\l5pUx')}~EqtU$ii%G0TI Oa2t9PUV[{3XNL+_K(k4fC/(e{]pn0ueh!V+_nVk?
May 25, 2021 10:26:01.836098909 CEST	3720	OUT	GET /sveden/grants/ HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:26:01.975925922 CEST	3726	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:26:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 31 32 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 3b 69 6f 1b d7 b5 9f 23 a0 ff e1 86 4d 2b ea 95 c3 55 d6 66 8a 45 93 b6 48 8a 34 e9 7b 71 3f 14 41 50 5c 0e 2f c5 91 66 eb cc 90 36 65 1b 90 9c c4 69 e0 20 76 5c a7 48 37 27 79 e9 82 a2 7d 2f 8c 2c c6 b4 36 03 f9 05 c3 bf d0 5f d2 73 ce 9d 21 87 e4 cc 48 76 ec 7e 69 05 9b 1c de 7b e7 dc b3 2f 77 a9 3e fb fd 57 5f b8 f0 b3 9f fc 80 bd 78 e1 c7 2f d7 e6 aa 2d cf d0 f1 4b f0 06 7c 79 9a a7 8b 9a ff e9 f0 9a 3f f0 1f fa 7d ff d8 df 87 a7 01 c3 7f 47 7e 7f b8 33 bc c1 a0 e3 04 9a f7 f1 a7 ff a5 7f 80 7d 27 fe 17 c3 37 87 ef f8 bd e1 fb c3 77 fd c1 f0 ed e1 ee f0 26 53 98 d0 da 75 3b ef b4 ab 05 09 7a 8e c1 df 5c f0 bf 5a e7 ae 60 2d 47 34 d7 33 2d cf b3 d7 0a 85 70 7c 21 c3 0a 72 70 d5 10 1e 67 6a 8b 3b ae f0 d6 33 3f bd f0 43 65 85 3a ab ba 66 6e 31 47 e8 eb 19 d7 eb ea c2 6d 09 e1 65 98 d7 b5 c5 7a c6 13 97 bc 82 ea ba 99 00 7c 81 bb f0 ba 8b 4d 05 1a ad b8 b6 50 f3 34 02 60 05 c0 68 ec 3c a2 e2 02 2e 4d cb f4 dc fc 86 65 6d e8 82 db 9a 9b 57 2d 03 01 7c b7 c9 0d 4d ef ae ff 8f 55 b7 3c eb 8a fc fa ce 0b 96 d9 10 a6 2b 1a f3 84 d3 fc 18 a7 79 89 d3 7c 88 d3 3c e0 ee aa 8e 66 7b 51 64 37 79 87 cb d6 0c 73 1d 15 50 de 74 0b 9b bf 68 0b a7 ab 94 f2 a5 72 be 92 37 34 33 bf e9 66 6a d5 82 1c 88 78 3f ab 28 ec 67 1c a6 be 94 ff b1 f0 1c 6d 0b 78 65 b5 4d 4f 38 4c 51 4e 9d 88 58 9c 6d b6 4d d5 d3 2c 33 6b e4 44 ce cb 39 39 2d b7 95 e3 0b 97 8d d7 b5 37 d6 f1 e3 ca 95 d1 90 85 cb 59 6c c9 f3 75 f9 75 e5 ca eb 6f 2c e4 ed b6 db ca 72 67 a3 6d 08 e0 d9 c2 d5 f3 08 97 06 e8 eb a5 ff 32 c5 45 f6 7d ee 89 ec c2 f9 ad 75 91 57 1d 01 3f 7e a0 0b 1c 9c f5 16 72 1c 1a 37 84 17 b4 b8 cf 77 2f f0 8d 57 b8 21 a0 ef f5 e2 1b b9 ad 3c 77 bb a6 ba 5e 82 27 e4 8c 93 e3 79 9b 3b 30 f4 15 ab 21 f2 1a 30 dd f1 9e 17 4d cb 11 59 c4 fb ea 02 51 75 51 33 1b d6 c5 1c 6b 58 2a a1 95 63 99 80 6c 78 0a 65 6c a8 f9 ae e4 1e e8 9c 21 19 58 f0 f8 06 f2 19 86 75 8d cc c2 f9 39 04 d7 35 b2 4b 8b e7 96 2b 95 d5 22 b4 6b a6 86 60 2e 93 86 e2 9f aa 6b ea 96 c1 ed 35 cf 69 8b dc a8 d9 73 b8 ba f5 32 a8 96 3b d5 c1 55 b5 ed 00 17 2e e0 80 e7 41 60 aa 98 1a 71 51 d4 3b 9a 6b 39 d4 8c ad 57 01 93 b1 e4 ab a6 15 3c 56 1b 5a a7 56 d5 8c 0d a9 36 b1 94 5d e4 9e da 2a 84 04 80 82 a1 72 ae 67 6c cb d5 50 aa 6b bc ee 5a 7a db 13 e7 99 2e 9a de 9a b2 0a 7f f6 a5 f3 19 c6 75 b0 39 34 91 6a 81 a6 29 8c a6 95 aa 57 48 d1 bd b9 24 13 9d 35 49 20 95 b4 9b ec 71 ca 82 61 a6 42 e0 9e ea 56 a3 1b 78 05 6c 11 4e 6d ee 19 78 06 cc 40 00 00 6e 3d a3 0a 9c 5e a9 eb 96 ba a5 18 5c 33 33 34 84 85 6e 67 f4 47 2f 69 9e 30 6c c7 b2 e1 3d cb ee 86 88 7d 33 c3 42 70 80 97 62 73 53 e8 8a 65 0b 93 d5 db 1b 99 08 ab 03 02 34 83 6f 08 b7 00 d2 d2 ac fc a6 bd 11 70 cd bf ed 7f e8 7f e2 7f ea 7f e4 7f ce fc bb fe 1f e1 e1 cf f0 ff 96 ff 3b ff ef fe 1f a0 e5 57 fe 5d 06 fd b7 fc df f8 ff eb df 62 fe 1d e8 f9 1c 5b 7e 07 6d 1f c0 80 db 30 fc 8e ff Data Ascii: 1122;io#M+UfEH4{q?AP\/f6ei v\H7'y}/,6_s!Hv~i{/w>W_x/-K\|y?}G~3}'7w&Su;z\Z`-G43-p\|!rpgj;3?Ce:fn1Gmez\|MP4`h<.MemW-\|MU<+y\|<f{Qd7ysPthr743fjx?(gmxeMO8LQNXmM,3kD99-7Yluuo,rgm2E}uW?~r7w/W!<w^'y;0!0MYQuQ3kXclxel!Xu95K+"k`.k5is2;U.A`qQ;k9W<VZV6]rglPkZz.u94j)WH$5I qaBVxlNmx@n=^\334ngG/i0l=}3BpbsSe4op;W]b[~m0
May 25, 2021 10:26:03.856405020 CEST	3827	OUT	GET /sveden/paid_edu/ HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:26:03.988814116 CEST	3831	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:26:03 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 65 62 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 5b 7b 6f 1b c7 11 ff 3b 04 f2 1d 2e 6c 10 91 0d ef 48 4a b2 2c 4b 94 0a 24 4e 91 02 79 b8 ad fb 47 10 04 c6 92 5c 52 27 dd ab 77 47 da f4 03 90 ec 38 89 e1 c0 76 5c a7 48 91 d6 76 ea b4 41 d0 02 a1 65 d1 a6 f5 32 90 4f 70 f7 15 fa 49 3a 33 bb 47 1e 9f 92 65 3b 6e 50 d3 16 79 b7 8f d9 d9 d9 df cc ce ec a3 f0 ca d1 f7 df 3c fe c1 b1 b7 94 b7 8f bf fb ce 62 a2 b0 e4 9b 06 fe 70 56 86 1f 5f f7 0d be 18 dc 0a b6 82 66 78 3e d8 09 2f 07 2d 25 d8 0d ee 86 ab 41 33 78 00 4f eb 94 d1 0a b6 c2 cf 65 76 78 21 5c 83 d7 0b c1 bd a0 ad a8 0a d7 6b 45 47 73 6b 85 ac 20 96 50 e0 93 90 7f 85 22 f3 b8 b2 e4 f2 ca 42 72 c9 f7 9d b9 6c 36 2a 9f 4d 2a 59 51 b8 60 72 9f 29 a5 25 e6 7a dc 5f 48 fe e1 f8 af d5 59 ca 2c 18 ba b5 a2 b8 dc 58 48 7a 7e c3 e0 de 12 e7 7e 52 f1 1b 0e 5f 48 fa fc 94 9f 2d 79 5e 52 92 cf 32 0f aa 7b 98 94 a5 d2 aa e7 f0 92 46 25 80 96 24 46 65 27 90 15 0f 78 a9 d8 96 ef 69 55 db ae 1a 9c 39 ba a7 95 6c 13 09 fc aa c2 4c dd 68 2c fc ce 2e da be 7d 56 fc bc fe a6 6d 95 b9 e5 f1 f2 04 f1 34 d1 e5 69 42 f0 34 11 f1 34 01 bc 7b 25 57 77 fc 38 b3 cb ac ce 44 6a 52 f1 dc 12 b0 bc ec 65 97 ff 58 e3 6e 43 cd 6b f9 49 6d 4a 33 75 4b 5b f6 92 8b 85 ac 28 88 7c bf a2 aa ca 07 0c 9a 3e a5 bd cb 7d 57 5f 01 59 d9 35 cb e7 ae a2 aa 7b 36 44 22 4e 55 6a 56 c9 d7 6d 2b 65 66 78 c6 cf b8 19 3d b3 92 61 e9 33 e6 87 fa 47 0b f8 75 f6 6c a7 48 fa 4c 0a 53 34 b6 20 7e ce 9e fd f0 a3 b4 e6 d4 bc a5 14 73 ab 35 93 83 cc d2 e7 e6 91 2e 15 30 16 f2 bf b4 f8 49 e5 28 f3 79 2a 3d bf b2 c0 b5 92 cb e1 e5 2d 83 63 e1 94 9f ce 30 48 ac 72 5f a6 78 6f 34 8e b3 ea 7b cc e4 90 f7 61 ee a3 cc 8a c6 bc 86 55 5a c8 c3 13 4a c6 cd 30 cd 61 2e 14 7d cf 2e 73 4d 07 a1 bb fe 1b bc 62 bb 3c 85 7c 9f 4b 53 af 4e ea 56 d9 3e 99 51 ca 76 89 d8 ca 28 49 d9 6d 78 8a c6 d8 2c 69 0d 21 3d c0 9c 29 04 98 f5 59 15 e5 0c c5 1a 66 32 3d 9f 40 72 0d 33 35 33 7d e8 f0 d4 d4 91 1c a4 eb 96 8e 64 ce 10 42 f1 53 32 f4 d2 8a c9 9c 39 df ad f1 4c 27 d9 77 59 69 e5 1d 80 96 d7 97 c1 4a a5 9a 0b 52 38 8e 05 de 80 01 2b f1 be 12 27 79 b1 ae 7b b6 4b c9 98 7a 0e 38 e9 8e 7c c1 b2 e5 63 a1 ac d7 17 0b ba 59 15 b0 19 da b3 93 cc 2f 2d 65 a3 0e 00 c0 10 9c 0b 49 c7 f6 74 1c d5 39 56 f4 6c a3 e6 f3 79 c5 e0 15 7f 4e 3d 02 1f e7 d4 7c 52 61 06 e8 1c aa 48 21 4b cd 64 3b cd 0a e8 65 c7 60 2f 31 4a 45 07 55 12 ba 4a e8 26 7d ec d3 60 68 29 2b 0d 52 d1 2e 37 a4 55 c0 14 ee 2e 26 5e 82 67 e0 0c 06 00 c8 2d 24 4b 1c 9b 57 8b 86 5d 5a 51 4d a6 5b 49 2a a2 44 66 a7 f3 a1 4a ba cf 4d c7 b5 1d a8 67 3b 8d 88 b1 5f 24 95 88 1c f0 a5 3a cc e2 86 6a 3b dc 52 8a b5 6a 32 26 6a d9 01 dd 64 55 ee 65 61 b4 74 5b 5b 76 aa 52 6a c1 f5 e0 cb e0 76 f0 4d f0 55 f0 83 12 dc 0c be 85 87 7f c2 df b5 e0 eb e0 df c1 df 20 e5 4f c1 4d 05 f2 af 05 7f 09 fe 1e 5c 53 82 1b 90 f3 03 a6 7c 0d 69 5f 40 81 eb 50 fc 46 f0 43 f0 3d fc fe 23 b9 f8 9a 55 f4 9c 79 48 6d 85 Data Ascii: eba[{o;.lHJ,K$NyG\R'wG8v\HvAe2OpI:3Ge;nPy<bpV_fx>/-%A3xOevx!\kEGsk P"Brl6MYQ`r)%z_HY,XHz~~R_H-y^R2{F%$Fe'xiU9lLh,.}Vm4iB44{%Ww8DjReXnCkImJ3uK[(\|>}W_Y5{6D"NUjVm+efx=a3GulHLS4 ~s5.0I(y=-c0Hr_xo4{aUZJ0a.}.sMb<\|KSNV>Qv(Imx,i!=)Yf2=@r353}dBS29L'wYiJR8+'y{Kz8\|cY/-eIt9VlyN=\|RaH!Kd;e`/1JEUJ&}`h)+R.7U.&^g-$KW]ZQM[IDfJMg;_$:j;Rj2&jdUeat[[vRjvMU OM\S\|i_@PFC=#UyHm

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
7	192.168.2.6	49731	77.222.40.109	80	C:\Program Files (x86)\Internet Explorer\iexplore.exe

Timestamp	kBytes transferred	Direction	Data
May 25, 2021 10:25:46.038156033 CEST	3086	OUT	GET /assets/images/pep1.jpg HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/sveden/struct Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:46.134890079 CEST	3117	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:46 GMT Content-Type: image/jpeg Content-Length: 2201 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Fri, 05 Feb 2021 12:01:07 GMT ETag: "63600ce-899-5ba9593438420" Accept-Ranges: bytes Data Raw: ff d8 ff e1 00 18 45 78 69 66 00 00 49 49 2a 00 08 00 00 00 00 00 00 00 00 00 00 00 ff db 00 43 00 08 06 06 07 06 05 08 07 07 07 09 09 08 0a 0c 15 0e 0c 0b 0b 0c 19 12 13 0f 15 1e 1b 20 1f 1e 1b 1d 1d 21 25 30 29 21 23 2d 24 1d 1d 2a 39 2a 2d 31 33 36 36 36 20 28 3b 3f 3a 34 3e 30 35 36 33 ff db 00 43 01 09 09 09 0c 0b 0c 18 0e 0e 18 33 22 1d 22 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33 ff c2 00 11 08 00 4b 00 4b 03 01 22 00 02 11 01 03 11 01 ff c4 00 1a 00 00 02 03 01 01 00 00 00 00 00 00 00 00 00 00 00 00 05 01 04 06 02 03 ff c4 00 19 01 00 03 01 01 01 00 00 00 00 00 00 00 00 00 00 00 00 03 04 01 02 05 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 dd 00 05 43 36 e4 68 38 47 db 53 ab 10 bd 9e a9 98 38 ec e7 a0 32 15 d9 d0 f4 7c ba ad 19 a1 cd f7 d4 e5 5f a5 f7 c2 65 b2 00 0c 9f 5a ac e5 71 28 b5 64 72 67 43 5e ec 76 81 2a 74 07 91 88 3b f3 5d 7f 9f af 5a d5 14 d5 2c d5 e7 ef b9 0e 80 8e e0 00 28 de 37 92 bf bf 59 b5 fd e2 40 0e 8d ff c4 00 24 10 00 02 02 02 02 01 03 05 00 00 00 00 00 00 00 00 02 03 01 04 00 13 11 20 05 10 12 14 21 22 23 24 30 ff da 00 08 01 01 00 01 05 02 f5 9b 29 13 65 c4 84 26 e8 38 fb 58 6c 25 20 88 80 d9 5b 21 6b 64 af c8 71 3d 0a 78 15 73 66 c3 59 2d 66 4d 5d 55 ec 7e 45 04 70 1d 00 60 6f 57 30 5b b5 d7 af 8e 71 3c cb e9 42 9b 25 95 fa 58 16 26 d1 aa 2c 64 c1 e2 eb 4c e0 af e6 b5 61 0b 0e b6 eb 92 d8 a6 5c 6e 32 a5 a2 2a e9 f8 e9 eb 76 c1 6f 5f 91 98 c5 36 1c 0e bf ac 9b 61 8e 94 33 6a 7d 58 7e c5 ae 8b 19 24 a9 87 80 42 c3 c8 ab ee 45 3d c9 a8 2c 43 3a e8 fd cc 72 f6 a9 21 ad 3f d7 ff c4 00 20 11 00 02 02 01 04 03 01 00 00 00 00 00 00 00 00 00 01 02 00 03 11 10 12 31 41 13 21 22 51 ff da 00 08 01 03 01 01 3f 01 96 da 54 e1 67 99 c9 f5 12 c5 7e 35 23 a3 0a 0a c7 d7 32 83 f7 ad 94 ed c9 ea 04 ec 02 65 49 b4 64 f3 a9 6b 54 ee fd 96 97 54 c8 94 6f 0d 96 ef 52 a0 c2 33 ea 01 8d 3f ff c4 00 20 11 00 01 04 02 03 00 03 00 00 00 00 00 00 00 00 00 01 00 02 03 11 10 21 12 31 41 13 22 51 ff da 00 08 01 02 01 01 3f 01 51 c6 1c 2c af 85 b5 b4 e6 16 f7 90 7d 08 3c c8 75 d2 98 7d 73 1c bc b5 ea 2f f0 9a 52 3e f4 3a c8 6c 64 71 fc 51 06 17 d1 53 70 2d a1 e6 41 21 03 48 9b c7 ff c4 00 31 10 00 01 02 04 03 05 05 09 01 00 00 00 00 00 00 00 01 00 02 03 11 12 41 10 21 31 13 20 22 51 61 04 42 71 81 91 23 30 32 33 52 62 82 b1 e1 a1 ff da 00 08 01 01 00 06 3f 02 c6 93 10 4d 7c 55 74 6a a6 45 ae df 2e bd 96 d2 33 a9 69 d0 5c af 90 e3 d4 b9 4f b3 b8 b5 ff 00 4b 95 31 99 9d c8 c7 fb 81 3c 90 31 4c c6 a5 17 9c 36 8f 7d 2f b0 4c 8f 73 93 bc 53 47 4d d8 d0 db 70 40 40 c4 6c c7 e9 1e d1 6e ea a9 de 41 30 1e f3 c9 40 9d 46 5b a5 f9 eb 30 56 d6 0e bd e6 72 54 90 ec ac ab 89 c1 0f 99 59 70 c2 66 41 06 37 41 85 b7 36 90 81 97 db 65 26 38 f8 95 c5 c7 f9 29 13 9d ce 37 c4 06 3a 54 7e d7 b4 64 fa 85 5b 67 2e a8 b0 43 33 1c d7 13 bc 82 6b fd 77 0b a5 3e 8a a8 a6 99 fa a3 08 6b 39 20 d1 a0 4d 8a 2f 91 55 d5 23 3c 91 87 10 64 74 3b db 6e 9f ee 0e 67 34 d6 72 18 ff 00 7d df ff c4 00 25 10 00 01 03 03 04 02 03 01 01 00 00 00 00 00 00 00 01 00 11 21 31 41 51 10 71 81 91 20 61 c1 d1 e1 a1 f0 ff da 00 08 01 01 00 01 3f 21 d5 b8 83 5f 49 ce d2 dc Data Ascii: ExifIIC !%0)!#-$9-13666 (;?:4>0563C3""33333333333333333333333333333333333333333333333333KK"C6h8GS82\|_eZq(drgC^vt;]Z,(7Y@$ !"#$0)e&8Xl% [!kdq=xsfY-fM]U~Ep`oW0[q<B%X&,dLa\n2*vo_6a3j}X~$BE=,C:r!? 1A!"Q?Tg~5#2eIdkTToR3? !1A"Q?Q,}<u}s/R>:ldqQSp-A!H1A!1 "QaBq#023Rb?M\|UtjE.3i\OK1<1L6}/LsSGMp@@lnA0@F[0VrTYpfA7A6e&8)7:T~d[g.C3kw>k9 M/U#<dt;ng4r}%!1AQq a?!_I
May 25, 2021 10:25:47.105704069 CEST	3189	OUT	GET /sveden/document/ HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:47.241729975 CEST	3195	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:47 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 37 64 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 3d 6b 6f 1b d7 95 9f 43 c0 ff 61 c2 06 95 b4 e5 f0 21 59 b2 2c 4b 2a 9a d8 41 8a 4d 1b 6f e3 7c 28 82 40 b8 1c 5e 51 23 0e e7 4e 67 86 b4 29 27 80 64 27 71 82 74 63 27 4d 16 bb 9b 5d c7 d9 64 b7 28 76 81 ca b2 68 d3 7a 19 c8 2f 18 fe 85 fe 92 3d e7 dc 3b e4 f0 4d c9 96 a5 b8 14 6c 89 bc 73 9f e7 9e f7 3d f7 cc fc cb 17 df 7a ed ca ef 2f 5f d2 de b8 f2 9b 37 17 63 f3 2b 7e d1 c2 3f 9c e5 e0 8f 6f fa 16 5f 0c be 0a 0e 82 9d fa cd 60 2f a8 06 fb f5 1b f5 cf 34 5d e3 66 29 eb 24 dd d2 7c 4a 56 8a 69 f0 13 53 ff e7 b3 cc e3 da 8a cb 97 17 e2 2b be ef cc a5 52 61 fd 54 5c 4b c9 ca f3 45 ee 33 cd 58 61 ae c7 fd 85 f8 3b 57 5e d7 67 e9 e1 bc 65 da 05 cd e5 d6 42 dc f3 2b 16 f7 56 38 f7 e3 9a 5f 71 f8 42 dc e7 d7 fc 94 e1 79 71 d5 7d 8a 79 d0 dc c3 a2 14 d5 d6 3d 87 1b 49 aa 01 7d a9 ce a8 ee 18 4e c5 83 b9 2c 0b db f7 92 79 21 f2 16 67 8e e9 25 0d 51 c4 0e 7e b9 cc 8a a6 55 59 f8 9d c8 0a 5f bc 2f ff fc e2 35 61 e7 b8 ed f1 dc 18 cd 69 ac 39 a7 31 39 a7 b1 70 4e 63 30 77 cf 70 4d c7 8f 4e 76 95 95 99 2c 8d 6b 9e 6b c0 94 57 bd d4 ea 1f 4a dc ad e8 99 64 66 32 39 95 2c 9a 76 72 d5 8b 2f ce a7 64 45 9c f7 cb ba ae fd 9e c1 d0 d7 92 bf e1 be 6b 16 00 56 a2 64 fb dc d5 74 7d e0 40 04 e2 f1 e5 92 6d f8 a6 b0 c7 8b 09 9e f0 13 6e c2 4c 14 12 6c e2 7a f1 5d f3 bd 05 fc f5 fe fb 8d 2a 13 d7 c7 b1 24 c9 16 e4 9f f7 df 7f f7 bd 89 a4 53 f2 56 c6 99 9b 2f 15 39 c0 6c e2 83 0b d8 2f 55 b0 16 32 ff 60 f3 ab da 45 e6 f3 f1 89 0b 85 05 9e 34 5c 0e 5f 2e 59 1c 2b 8f fb 13 09 06 85 79 ee ab 12 ef d5 ca 15 96 ff 2d 2b 72 78 f6 6e fa bd 44 21 c9 bc 8a 6d 2c 64 e0 13 42 c6 4d b0 a4 c3 5c a8 fa 5b 91 e3 49 13 80 ee fa af f2 65 e1 f2 71 9c f7 07 13 b4 aa ab a6 9d 13 57 13 5a 4e 18 34 ad 84 16 57 cb 86 4f e1 1e 17 8d 64 45 42 0f 70 ae 28 01 98 f2 59 1e e1 0c d5 2a c5 f8 c4 85 18 76 57 29 8e cf 9c 9d 3e 37 35 75 3e 0d e5 a6 6d 62 37 d7 09 43 f1 c7 b0 4c a3 50 64 ce 9c ef 96 78 a2 51 ec bb cc 28 bc 09 a8 e5 b5 3d 60 86 51 72 01 0a 57 b0 c2 ab b0 61 06 6f ab 71 95 67 cb a6 27 5c 2a c6 d2 0f 60 26 cd 9d 9f b7 85 fa 38 9f 33 cb 8b f3 66 31 2f d1 a6 eb ca ae 32 df 58 49 85 0b 00 04 43 e4 5c 88 3b c2 33 71 57 e7 58 d6 13 56 c9 e7 17 34 8b 2f fb 73 fa 79 f8 71 ae 5d 88 6b cc 02 9a 43 12 99 4f d1 30 a9 c6 b0 12 f5 52 7d 70 2f d6 8b 44 3b 49 12 96 4a d8 4d f4 d8 46 c1 30 52 4a 31 9a ac c8 55 14 57 c0 12 ee 2e c6 5e 82 cf 30 33 d8 00 e8 6e 21 6e 70 1c 5e cf 5a c2 28 e8 45 66 da 71 aa a2 85 6c a7 f1 43 8d 4c 9f 17 1d 57 38 d0 4e 38 95 70 62 3f 8b 6b 61 77 30 2f dd 61 36 b7 74 e1 70 5b cb 96 f2 f1 08 a8 d5 02 cc 22 cb 73 2f 05 bb 65 8a e4 aa 93 57 50 0b be 0c be 0e ee 05 df 05 ff 1a fc 55 0b ee 06 3f c0 87 ff 81 ff 77 82 6f 82 ff 0b fe 13 4a fe 14 dc d5 e0 f9 9d e0 df 82 ff 0a ee 68 c0 40 bf c1 aa df c1 9f 3b c1 17 50 e1 4b a8 fe 55 f0 d7 e0 2f f0 f7 bf e3 8b 3f b7 b3 9e 73 01 4a ab f5 f5 fa 46 50 ab df d6 e0 Data Ascii: 17da=koCa!Y,KAMo\|(@^Q#Ng)'d'qtc'M]d(vhz/=;Mls=z/_7c+~?o_`/4]f)$\|JViS+RaT\KE3Xa;W^geB+V8_qByq}y=I}N,y!g%Q~UY_/5ai919pNc0wpMNv,kkWJdf29,vr/dEkVdt}@mnLlz]$SV/9l/U2`E4\_.Y+y-+rxnD!m,dBM\[IeqWZN4WOdEBp(YvW)>75u>mb7CLPdxQ(=`QrWaoqg'\`&83f1/2XIC\;3qWXV4/syq]kCO0R}p/D;IJMF0RJ1UW.^03n!np^Z(EfqlCLW8N8pb?kaw0/a6tp["s/eWPU?woJh@;PKU/?sJFP
May 25, 2021 10:25:50.742253065 CEST	3291	OUT	GET /sveden/education/ HTTP/1.1 Accept: text/html, application/xhtml+xml, image/jxr, / Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:50.888494968 CEST	3292	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=10 Vary: Accept-Encoding X-Powered-By: MODX Revolution Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Encoding: gzip Data Raw: 31 33 37 31 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 3d fd 73 db 46 76 3f 87 33 fe 1f 10 26 73 12 7b 24 48 59 be 7c 58 94 3a 89 2f 37 77 33 c9 39 bd 73 7f b8 c9 64 32 4b 72 45 42 04 01 14 00 65 d3 1f 33 fa 48 9c a6 4a 63 c7 4d da b4 b9 b3 93 fa da 9b 9b 7e 84 96 45 8b 92 45 79 26 7f 01 f8 2f f4 2f b9 f7 de 2e 48 90 00 28 92 b6 dc a6 47 25 26 c1 dd c5 ee db f7 fd 1e b0 bb f9 17 7f 7a f1 c2 a5 df bc fb 96 f2 f3 4b ef bc bd 92 c8 57 dc 9a 8e 5f 9c 95 e0 cb d5 5c 9d af 78 77 bd 07 dd 0d af e9 ed 7b c7 de 2e 7c 77 bc b6 d7 52 32 0a d7 ea 05 4b b5 eb f9 ac 68 98 50 e0 2f 21 ff e5 0b cc e1 4a c5 e6 ab cb c9 8a eb 5a e7 b3 59 bf 7d 36 a9 64 45 e3 7c 8d bb 4c 29 56 98 ed 70 77 39 f9 d7 97 7e 96 79 8d 2a f3 ba 66 54 15 9b eb cb 49 c7 6d e8 dc a9 70 ee 26 15 b7 61 f1 e5 a4 cb af b8 d9 a2 e3 24 65 f7 59 e6 c0 ed 0e 16 65 a9 75 c6 b1 78 51 a5 16 d0 97 ec 8c da ce 21 28 0e c0 b2 6a 1a ae a3 96 4d b3 ac 73 66 69 8e 5a 34 6b d8 c1 5f ae b2 9a a6 37 96 7f 65 16 4c d7 bc 2e be 7e 7c c1 34 4a dc 70 78 69 8e 60 9a eb c3 34 27 60 9a f3 61 9a 03 d8 9d a2 ad 59 6e 10 d8 35 b6 ce 44 69 52 71 ec 22 80 bc e6 64 d7 fe a6 ce ed 46 66 41 5d 38 ab 2e aa 35 cd 50 d7 9c e4 4a 3e 2b 1a 22 dc 2f 66 32 ca 6f 18 0c 7d 45 7d 87 bb b6 56 05 5c 99 75 c3 e5 b6 92 c9 9c 38 10 a1 78 7e b5 6e 14 5d cd 34 e6 6b 69 9e 76 d3 76 5a 4b 57 d3 2c 75 ad f6 9e f6 fe 32 7e 5c bf de 6b 92 ba 36 8f 25 2a 5b 16 5f d7 af bf f7 7e 4a b5 ea 4e 65 9e d9 e5 7a 8d 03 ce 52 37 96 b0 5f 6a a0 2f 2f fc 85 c1 2f 2b 3f 65 2e 9f 4f 2d 55 97 b9 5a b4 39 fc 78 4b e7 d8 78 de 4d a5 19 14 96 b9 2b 4b 9c 37 1b 97 58 f9 97 ac c6 a1 ee bd dc fb e9 aa ca 9c 86 51 5c 5e 80 2b c4 8c 9d 66 aa c5 6c 68 fa 4b b3 c4 55 0d 90 6e bb 6f f2 55 d3 e6 f3 08 f7 8d 14 cd ea b2 66 94 cc cb 69 a5 64 16 09 ac b4 92 94 d3 86 2b 9f c6 b5 a2 da 10 d8 03 9e ab 09 04 66 5d 56 46 3c 43 b3 46 2d 99 5a 4a 60 77 8d da fc 2b e7 7e f2 ea e2 e2 eb 39 28 d7 0c 0d bb b9 46 1c 8a 7f 45 5d 2b 56 6b cc 3a ef da 75 9e ee 15 bb 36 2b 56 df 06 d6 72 86 2a 58 b1 58 b7 01 0b 97 b0 c1 9b 40 b0 22 1f 6a 71 99 17 d6 35 c7 b4 a9 18 4b 6f 00 24 7d ca e7 0d 53 5e e6 4b da fa 4a 5e ab 95 05 db 44 ce ec 32 73 8b 95 ac 3f 01 60 30 64 ce e5 a4 65 3a 1a 52 f5 3c 2b 38 a6 5e 77 f9 92 a2 f3 55 f7 7c e6 75 f8 b3 ae 2c 25 15 a6 83 cc a1 88 e4 b3 34 4c b6 37 ac 60 bd ec 08 de 4b c4 89 68 58 24 61 aa c4 dd 24 8f 43 12 0c 23 65 a5 b2 29 98 a5 86 d4 0a 58 c2 ed 95 c4 0b 70 0d 90 01 01 a0 bb e5 64 91 e3 f0 99 82 6e 16 ab 99 1a d3 8c 24 35 51 7c b5 d3 fb a3 9b 34 97 d7 2c db b4 e0 3e d3 6a f8 80 bd 94 54 fc ee 00 ae 8c c5 0c ae 67 4c 8b 1b 4a a1 5e 4e 06 50 2d 27 a0 d5 58 99 3b 59 a0 96 66 aa 6b 56 59 62 cd bb e3 7d e9 7d e3 7d eb 7d e5 7d a7 80 82 fc 3d 5c fc 3b fc bb ed 7d ed fd a7 f7 3b 28 f9 07 ef ae 02 f5 b7 bd 7f f6 fe d5 bb ad 78 5f 40 cd 77 58 f2 35 94 7d 0e 0d ee 40 f3 2f bc ef bc 3f c2 f7 bf 25 57 7e 64 14 1c 6b 09 4a 5b dd 8d ee a6 d7 ee de Data Ascii: 1371=sFv?3&s{$HY\|X:/7w39sd2KrEBe3HJcM~EEy&//.H(G%&zKW_\xw{.\|wR2KhP/!JZY}6dE\|L)Vpw9~yfTImp&a$eYeuxQ!(jMsfiZ4k_7eL.~\|4Jpxi`4'`aYn5DiRq"dFfA]8.5PJ>+"/f2o}E}V\u8x~n]4kivvZKW,u2~\k6%[_~JNezR7_j///+?e.O-UZ9xKxM+K7XQ\^+flhKUnoUfid+f]VF<CF-ZJ`w+~9(FE]+Vk:u6+Vr*XX@"jq5Ko$}S^KJ^D2s?`0de:R<+8^wU\|u,%4L7`KhX$a$C#e)Xpdn$5Q\|4,>jTgLJ^NP-'X;YfkVYb}}}}}=\;};(x_@wX5}@/?%W~dkJ[
May 25, 2021 10:25:50.909071922 CEST	3297	OUT	GET /assets/images/pdf.gif HTTP/1.1 Accept: image/png, image/svg+xml, image/jxr, image/;q=0.8, /*;q=0.5 Referer: http://eiubp.ru/sveden/education/ Accept-Language: en-US User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko Accept-Encoding: gzip, deflate Host: eiubp.ru Connection: Keep-Alive Cookie: PHPSESSID=2d46b485f1de1b8d2c6f6cfbef5b3289; _ym_uid=1621963520683999811; _ym_d=1621963520; _ym_isad=2; _ym_visorc=w
May 25, 2021 10:25:51.007936001 CEST	3301	IN	HTTP/1.1 200 OK Server: nginx/1.19.1 Date: Tue, 25 May 2021 08:25:50 GMT Content-Type: image/gif Content-Length: 1502 Connection: keep-alive Keep-Alive: timeout=10 Last-Modified: Fri, 13 Oct 2017 13:01:49 GMT ETag: "6365563-5de-55b6d42830940" Accept-Ranges: bytes Data Raw: 47 49 46 38 37 61 1d 00 1e 00 77 00 00 2c 00 00 00 00 1d 00 1e 00 87 6c 00 00 7f 00 00 76 3f 3e 56 56 57 5d 5f 5f 5e 60 5f 5f 60 60 63 65 65 6d 6e 6e 73 74 74 77 78 78 7b 7b 7b 7f 80 7f 7f 80 80 82 00 00 8a 00 00 89 06 08 81 12 14 8a 16 17 93 01 01 91 09 08 99 00 00 99 0f 0e 92 11 10 8b 3f 3d 92 22 21 98 2d 30 97 33 34 9d 3e 3d a3 02 02 a5 07 08 a8 00 00 a4 1d 1e b1 01 01 ba 03 03 b9 0a 09 b6 1c 20 bf 27 22 b8 34 34 89 41 41 84 5b 58 8f 54 54 89 5d 57 8b 5c 5a 94 42 43 93 56 55 90 5a 5a 8c 65 60 90 68 64 9d 64 63 99 6a 6c a6 4e 4c b8 4d 49 b2 54 54 b8 54 57 bc 57 58 b9 59 5a a0 66 66 a6 77 78 c2 03 04 c3 0a 0a ce 06 06 cb 09 0a c5 17 13 c1 1c 18 d2 05 06 d2 0b 0c d0 10 11 dc 1f 20 c3 2c 2c ca 36 35 d0 2c 24 d4 2a 29 de 26 26 dd 2c 2d d5 35 33 d4 35 3c dd 39 3e e7 1b 1d e6 23 24 ec 37 3a f2 34 35 f1 3a 3a dc 3d 41 e0 3d 41 d3 43 3f cd 40 46 c3 4e 52 c7 5d 5d d6 46 49 d9 4f 52 da 55 4b d2 51 55 d1 56 58 d5 58 57 da 51 54 cd 5c 60 cd 62 63 cd 6b 6b cc 78 78 d5 68 6b d8 61 67 dc 6d 6b d7 6d 70 db 71 6f d0 78 70 dc 77 78 e1 41 43 e6 47 49 e3 59 58 f2 42 40 e9 65 57 e1 62 62 e6 6b 6a e6 7b 76 81 83 81 87 89 87 89 8b 8a 8e 90 8e 92 93 93 9a 9b 9b a2 8a 89 a3 a3 a4 ab ad ac af af b0 b4 ae af b3 b4 b4 b3 b6 b8 ba ba ba be c0 c0 d7 8a 85 d5 8f 8f dc 82 84 db 8c 8a db 92 91 d8 9f 9e d7 9c a1 dc a6 a3 df a6 ac d8 a9 a4 dc aa ac e1 82 81 e3 8f 8b eb 83 81 e3 8f 92 e4 90 8b e6 96 95 e1 96 99 e4 9a 9b e8 96 90 ea 9d 9f e0 a3 99 e4 a2 a4 e6 a7 ab e3 ab ac ea a1 a1 eb ad ab e2 af b1 e3 b4 aa e5 b1 b2 e4 b3 b8 e1 bc b1 e0 bb bc ea b4 b3 ef b5 ba ec ba b9 f2 ae b1 c0 bf c1 db c0 be e4 c2 b9 ed c0 be c3 c3 c4 c6 c6 c8 ca cb cb cf d1 cf ce d0 d0 d0 cd ce dc c6 c5 da ca c1 d3 d4 d4 d5 d8 d6 d7 dc db d8 d7 d6 da d9 d7 dc dc dc df e2 e3 e3 c6 c5 ec c3 c4 e9 c5 c8 ed ca c3 ee cb cb e2 da dc ec dc dc f1 d6 da f4 da db ec e2 dd e1 e1 e1 e2 e2 e4 e2 e4 e3 e2 e4 e4 e5 e2 e2 e6 e3 e4 e5 e4 e3 e6 e6 e6 e6 e8 e7 e4 ea eb ea e3 e2 e8 e6 e6 ee e3 e2 ed e5 e7 e9 e7 e8 ea e8 e7 e9 e9 e9 ea e9 ec e9 ec ec ec e9 ea ec eb ec ed ed ed ed f0 ee ee f4 f2 ef fa f8 f3 e5 e4 f7 e7 e8 f0 ed ee f5 e9 e9 f6 eb ec f4 ee ed f9 e4 e6 f9 ec e9 f3 ee f0 f2 f1 f1 f0 f3 f4 f1 f4 f3 f2 f6 f5 f4 f2 f2 f4 f3 f4 f5 f4 f2 f5 f5 f5 f2 f6 f8 f5 f8 f7 f2 f9 fa f0 fb fc f5 f9 f9 f6 fc fa f6 fe fd f8 f2 f3 f8 f5 f2 f9 f5 f5 fb f7 f8 f9 f8 f7 f9 f9 f9 f8 fb fc f8 fc fa f9 fd fe fc fa fa fd fd fd 08 ff 00 f5 d5 ab 27 70 a0 39 6a 08 11 4e 73 86 90 18 35 62 e6 f4 49 9c 48 51 22 3c 7d f0 9a 35 cb d6 8c 9a c6 66 c4 70 e1 a2 35 cb d5 b6 8a 12 81 15 6a 54 c8 91 23 35 65 d0 90 01 13 46 0c 98 2b 38 70 dc a8 31 43 c6 29 69 28 77 4d 89 12 45 4a 14 36 6f 94 28 d9 b2 c4 c7 91 2a 3f 44 88 08 d1 61 43 9f 56 ce 2a ea aa 12 c5 8d 14 28 a4 52 69 82 d4 4b 15 19 4d 9f 9a fa 98 ca 81 cf ab 5f b3 28 ea 2a e2 e4 89 93 24 9c 0c 71 aa 84 26 4b 28 4d 83 80 f8 d8 31 e2 03 8b 3f 71 67 11 9b 18 8b 44 90 21 42 7c 68 1a 65 84 d0 98 2e 9e 18 2d 2a b1 23 44 88 0a 2c 58 9d c2 45 6c 16 50 7d b2 40 ec e0 d1 63 84 26 2b 21 d2 f8 ea 44 e3 92 89 0f 1e 3a 78 98 70 62 d6 9e 3a 75 f0 fc a1 a6 0f 55 84 09 13 1e 4c b0 80 9c 82 06 09 0f 2e 40 70 40 dd 01 00 01 c4 5a 05 f2 a3 47 8f 1f 73 bf 74 c4 ff c8 31 de c5 0a 17 2e 52 ac 78 b1 be 45 Data Ascii: GIF87aw,lv?>VVW]__^`__``ceemnnsttwxx{{{?="!-034>= '"44AA[XTT]W\ZBCVUZZe`hddcjlNLMITTTWWXYZffwx ,,65,$)&&,-535<9>#$7:45::=A=AC?@FNR]]FIORUKQUVXXWQT\`bckkxxhkagmkmpqoxpwxACGIYXB@eWbbkj{v'p9jNs5bIHQ"<}5fp5jT#5eF+8p1C)i(wMEJ6o(?DaCV(RiKM_($q&K(M1?qgD!B\|he.-*#D,XElP}@c&+!D:xpb:uUL.@p@ZGst1.RxE

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
May 25, 2021 10:25:18.794509888 CEST	87.250.251.119	443	192.168.2.6	49724	CN=mc.yandex.ru, O=Yandex LLC, OU=ITO, L=Moscow, C=RU CN=Yandex CA, OU=Yandex Certification Authority, O=Yandex LLC, C=RU CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL	CN=Yandex CA, OU=Yandex Certification Authority, O=Yandex LLC, C=RU CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL CN=Certum CA, O=Unizeto Sp. z o.o., C=PL	Sat Feb 27 22:04:27 CET 2021 Wed Jan 21 13:00:00 CET 2015 Wed Oct 22 14:07:37 CEST 2008	Mon Aug 09 23:04:27 CEST 2021 Sat Jan 18 13:00:00 CET 2025 Thu Jun 10 12:46:39 CEST 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=Yandex CA, OU=Yandex Certification Authority, O=Yandex LLC, C=RU	CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL	Wed Jan 21 13:00:00 CET 2015	Sat Jan 18 13:00:00 CET 2025
					CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL	CN=Certum CA, O=Unizeto Sp. z o.o., C=PL	Wed Oct 22 14:07:37 CEST 2008	Thu Jun 10 12:46:39 CEST 2027
May 25, 2021 10:25:18.795784950 CEST	87.250.251.119	443	192.168.2.6	49725	CN=mc.yandex.ru, O=Yandex LLC, OU=ITO, L=Moscow, C=RU CN=Yandex CA, OU=Yandex Certification Authority, O=Yandex LLC, C=RU CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL	CN=Yandex CA, OU=Yandex Certification Authority, O=Yandex LLC, C=RU CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL CN=Certum CA, O=Unizeto Sp. z o.o., C=PL	Sat Feb 27 22:04:27 CET 2021 Wed Jan 21 13:00:00 CET 2015 Wed Oct 22 14:07:37 CEST 2008	Mon Aug 09 23:04:27 CEST 2021 Sat Jan 18 13:00:00 CET 2025 Thu Jun 10 12:46:39 CEST 2027	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-16-23-24-65281,29-23-24,0	9e10692f1b7f78228b2d4e424db3a98c
					CN=Yandex CA, OU=Yandex Certification Authority, O=Yandex LLC, C=RU	CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL	Wed Jan 21 13:00:00 CET 2015	Sat Jan 18 13:00:00 CET 2025
					CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL	CN=Certum CA, O=Unizeto Sp. z o.o., C=PL	Wed Oct 22 14:07:37 CEST 2008	Thu Jun 10 12:46:39 CEST 2027

Code Manipulations

Statistics

Behavior

Click to jump to process

System Behavior

Analysis Process: iexplore.exe PID: 3548 Parent PID: 792

General

Start time:	10:25:14
Start date:	25/05/2021
Path:	C:\Program Files\internet explorer\iexplore.exe
Wow64 process (32bit):	false
Commandline:	'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding
Imagebase:	0x7ff721e20000
File size:	823560 bytes
MD5 hash:	6465CB92B25A7BC1DF8E01D8AC5E7596
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Analysis Process: iexplore.exe PID: 4400 Parent PID: 3548

General

Start time:	10:25:15
Start date:	25/05/2021
Path:	C:\Program Files (x86)\Internet Explorer\iexplore.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:3548 CREDAT:17410 /prefetch:2
Imagebase:	0x100000
File size:	822536 bytes
MD5 hash:	071277CC2E3DF41EEEA8013E2AB58D5A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Disassembly

Reset < >

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Analysis Report http://eiubp.ru

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Sigma Overview

Signature Overview

Compliance:

Networking:

System Summary:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

No static file info

Network Behavior

Snort IDS Alerts

Network Port Distribution

TCP Packets

UDP Packets

ICMP Packets

DNS Queries

DNS Answers

HTTP Request Dependency Graph

HTTP Packets

HTTPS Packets

Code Manipulations

Statistics

Behavior

System Behavior

Analysis Process: iexplore.exe PID: 3548 Parent PID: 792

General

Analysis Process: iexplore.exe PID: 4400 Parent PID: 3548

General

Disassembly