2016-09-02 10:26:46.478966 IP 192.168.4.200.49222 > 194.165.16.204.80: Flags [P.], seq 1:391, ack 1, win 16537, length 390: HTTP: GET /qrvfiif2krei9e-ld2ket4rtnfme2f8cknbnm4ntfmmpeoifs-omb-tacbmri7mnksmpkr7si4ioblpaes9ss1din5pme6r6clcm9leeno4pnmf/ HTTP/1.1 E…..@…[……….F.Pbe.c….P.@..P..GET /qrvfiif2krei9e-ld2ket4rtnfme2f8cknbnm4ntfmmpeoifs-omb-tacbmri7mnksmpkr7si4ioblpaes9s s1din5pme6r6clcm9leeno4pnmf/ HTTP/1.1 Accept: */* Accept-Language: en-US Referer: http://www.gaapasa.com.au/ x-flash-version: 19,0,0,245 Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: sivupig.top Connection: Keep-Alive — 2016-09-02 10:26:46.774522 IP 192.168.4.200.49222 > 194.165.16.204.80: Flags [F.], seq 391, ack 5942, win 16402, length 0 E..(..@…\……….F.Pbe…..(P.@./&…….. 2016-09-02 10:26:47.007595 IP 192.168.4.200.49221 > 194.165.16.204.80: Flags [P.], seq 1:403, ack 1, win 16537, length 402: HTTP: GET /qrvfiif2krei9e-ld2ket4rtnfme2f8cknbnm4ntfmmpeoifs-omb-tacbmri7mnksmpkr7si4ioblpaes9ss1din5pme6r6clcm9leeno4pnmf/njr.gif HTTP/1.1 E….!@…[;………E.P$W…YA*P.@…..GET /qrvfiif2krei9e-ld2ket4rtnfme2f8cknbnm4ntfmmpeoifs-omb-tacbmri7mnksmpkr7si4ioblpaes9ss1din5pme6r6clcm9leeno4pnmf/njr.gif HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer: http://www.gaapasa.com.au/ Accept-Language: en-US User-Agent: Mozilla/5.0 […]