2020-04-13 00:28:49.420813 IP 192.168.86.25.52831 > 93.126.60.109.80: Flags [P.], seq 1:391, ack 1, win 16500, length 390: HTTP: GET /2.exe HTTP/1.1E…]R@….J..V.]~<m._.P+…80..P.@t….GET /2.exe HTTP/1.1Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, /Accept-Language: en-USUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)Accept-Encoding: gzip, deflateHost: tldrbox.topConnection: Keep-Alive 2020-04-13 00:28:49.623505 IP 93.126.60.109.80 > 192.168.86.25.52831: Flags [.], ack 391, win 237, length 0E..(..@.-..A]~ 192.168.86.25.52831: Flags [.], seq 1:1201, ack 391, win 237, length 1200: HTTP: HTTP/1.1 200 OKE…..@.-…]~<m..V..P._80..+…P… T..HTTP/1.1 200 OKServer: nginx/1.16.1Date: Mon, 13 Apr 2020 04:29:15 GMTContent-Type: application/octet-streamContent-Length: 556032Last-Modified: Wed, 08 Apr 2020 02:44:48 GMTConnection: keep-aliveETag: […]