urlquery.net - Free url scanner

Overview

URL	http://desperados.xlx.pl/
IP	194.9.24.158
ASN	AS41406 CR Media S.A.
Location	Poland
Report completed	2012-11-06 16:11:02 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-06 16:10:26	urlQuery Client	Internal IP	1	ET CURRENT_EVENTS Known Hostile Domain .ntkrnlpa.info Lookup
2012-11-06 16:10:27	194.213.222.29	urlQuery Client	3	FILEMAGIC Macromedia Flash data (compressed),
2012-11-06 16:10:27	62.168.44.116	urlQuery Client	3	FILEMAGIC Macromedia Flash data (compressed),

Snort /w Sourcefire VRT

No alerts detected

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 194.9.24.158

Date	Alerts / IDS	URL	IP
2013-02-15 11:23:44	2 / 7	http://baccarat.prv.pl/	194.9.24.158
2013-02-15 00:24:21	0 / 2	http://lagodnespotkaniamuzyczne.prv.pl/	194.9.24.158
2013-02-13 02:22:15	0 / 2	http://missuris.htw.pl/fabric-sports-print.html	194.9.24.158
2013-02-11 20:22:30	1 / 1	http://excessiveplus.prv.pl/	194.9.24.158
2013-02-10 08:36:45	1 / 2	http://dywodobuwu.xlx.pl/hammond-fun-folio-125-xl-organ.php	194.9.24.158
2013-02-10 08:32:41	1 / 2	http://yhahunitysyw.xlx.pl/chinese-tea-code-and-numbers.php	194.9.24.158

Last 6 reports on ASN: AS41406 CR Media S.A.

Date	Alerts / IDS	URL	IP
2013-02-15 11:23:44	2 / 7	http://baccarat.prv.pl/	194.9.24.158
2013-02-15 00:24:21	0 / 2	http://lagodnespotkaniamuzyczne.prv.pl/	194.9.24.158
2013-02-13 02:22:15	0 / 2	http://missuris.htw.pl/fabric-sports-print.html	194.9.24.158
2013-02-11 20:22:30	1 / 1	http://excessiveplus.prv.pl/	194.9.24.158
2013-02-10 08:36:45	1 / 2	http://dywodobuwu.xlx.pl/hammond-fun-folio-125-xl-organ.php	194.9.24.158
2013-02-10 08:32:41	1 / 2	http://yhahunitysyw.xlx.pl/chinese-tea-code-and-numbers.php	194.9.24.158

JavaScript

Executed Scripts (26)

Executed Evals (4)

#1 JavaScript::Eval (size: 43, repeated: 1)

({
    "data": null,
    "index": "0",
    "action": "show"
})

#2 JavaScript::Eval (size: 413, repeated: 1)

if (typeof ActiveXObject != "undefined") {
    try {
        fo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7");
    } catch (e) {
        try {
            fo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.6");
            fv = "X";
            fo.AllowScriptAccess = "always";
        } catch (e) {
            if (fv == "X") {
                fv = "WIN 6,0,20,0";
            }
        }
        try {
            fo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash");
        } catch (e) {}
    }
    if ((fv == "-" || fv == "X") && fo) {
        fv = fo.GetVariable("$version");
    }
}

#3 JavaScript::Eval (size: 122, repeated: 1)

try {
    f = (d == top.document) ? 1 : 2;
    if (typeof top.document.referrer == "string") {
        ref = top.document.referrer
    }
} catch (e) {
    f = 3;
}

#4 JavaScript::Eval (size: 73, repeated: 1)

try {
    fv = navigator.plugins["Shockwave Flash"].description;
} catch (e) {}

Executed Writes (5)

#1 JavaScript::Write (size: 856, repeated: 1)

<div id="arbobill_0.9299928430663217" style=";position: relative; top: 0; width: 750px;margin:auto;"><object style="display:block" type="application/x-shockwave-flash" data="http://bbcdn.go.arbopl.bbelements.com/logos/cdn349/b149400/motointegrator_oponyzima_triple_750x300.swf" width="750" height="300" class="arbo">
<param name="movie" value="http://bbcdn.go.arbopl.bbelements.com/logos/cdn349/b149400/motointegrator_oponyzima_triple_750x300.swf" />
<param name="allowscriptaccess" value="always" />
<param name="wmode" value="opaque" />
<param name="base" value="http://bbcdn.go.arbopl.bbelements.com/logos/cdn349/b149400/motointegrator_oponyzima_triple_750x300.swf" />
<param name="flashvars" value="click=http%3A//go.arbopl.bbelements.com/please/redirect/1612/30/1/30/%21uwi%3D1176%3Buhe%3D885%3Buce%3D0%3Bparam%3D149400/168295_1_%3F" /></object></div>

#2 JavaScript::Write (size: 1246, repeated: 1)

<script language=JavaScript>//
// Billboard, wersja 3.x
//
Â 
var ARBObillboard = {
    width        : 750,               // szerokosc
    height       : 300,               // wysokosc
    scroll       : false,             // czy scrollowac?
    id           : '',                // mozna nadac specyficzne ID billboardowi
    wmode        : ['window', 'opaque', 'transparent'][1], // wmode :-)
    margin       : ['auto', '0'][0],
    //logo       : {},
    src          : "http://bbcdn.go.arbopl.bbelements.com/logos/cdn349/b149400/motointegrator_oponyzima_triple_750x300.swf"
         + '?click=' + escape('http://go.arbopl.bbelements.com/please/redirect/1612/30/1/30/!uwi=1176;uhe=885;uce=0;param=149400/168295_1_?')
Â 
    //src        : "http://video.arbomedia.pl/bbmedia/kampania/2008/10039/750x200_baner_net.jpg",
    //clickTag   : 'clickTag=' + escape('http://go.arbopl.bbelements.com/please/redirect/1612/30/1/30/!uwi=1176;uhe=885;uce=0;param=149400/168295_1_?')
    //flashvars  : {nazwa1: "wartosc1", nazwa2: "wartosc2"}
}
Â 
document.writeln('<scr' + 'ipt type="text/javascript" src="'
    + 'http://ad.arbomedia.pl/ad/engine/billboard/3.x/3.1/billboard.js?2011-05-30'
    + '"></scr' + 'ipt>');</script>

#3 JavaScript::Write (size: 121, repeated: 1)

<script type="text/javascript" src="http://ad.arbomedia.pl/ad/engine/billboard/3.x/3.1/billboard.js?2011-05-30"></script>

#4 JavaScript::Write (size: 526, repeated: 1)

<script type='text/javascript' charset='utf-8' src='http://go.arbopl.bbelements.com/please/showit/0/0/0/1/?typkodu=js&one2n1=/1612/30/1/30/;1612.30.1.30;&one2n2=/1612/2/1/31/;1612.2.1.31;&one2n=2&ubl=undefined&ucc=undefined&ucd=24&uce=true&udx=undefined&udy=undefined&usl=undefined&uje=true&uah=855&uaw=1176&ubd=undefined&uhe=885&ulx=undefined&uly=undefined&use=undefined&uto=-60&uti=1352214626961&uui=undefined&uul=undefined&uwi=1176&bbnautg=3aa0026c23e00635&alttext=0&border=0&bust=0.12373924305052397&target=_top'></script>

#5 JavaScript::Write (size: 88, repeated: 1)

<span id="nk_fajne_0" style="line-height: 0; position: relative; display: none;"></span>

HTTP Transactions (35)

Request	Response
GET / HTTP/1.1 Host: desperados.xlx.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 15:10:25 GMT Server: Apache Set-Cookie: 1f93a1cc71ee809b84744e85bc02688f=ad; expires=Tue, 06-Nov-2012 15:10:31 GMT domain_name_desperados_xlx_pl=true; expires=Tue, 06-Nov-2012 21:10:26 GMT; path=/ SERVERID=h-f1; path=/ Connection: close Transfer-Encoding: chunked
GET /img/close.png HTTP/1.1 Host: ad.prv.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: image/png Accept-Ranges: bytes Etag: "609603266" Last-Modified: Mon, 08 Feb 2010 11:16:00 GMT Content-Length: 3273 Connection: close Date: Tue, 06 Nov 2012 15:16:20 GMT
GET /img/close_x.png HTTP/1.1 Host: ad.prv.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: image/png Accept-Ranges: bytes Etag: "1256864131" Last-Modified: Wed, 28 May 2008 06:00:01 GMT Content-Length: 620 Connection: close Date: Tue, 06 Nov 2012 15:16:20 GMT
GET /img/domain-comment.png HTTP/1.1 Host: komentarze.prv.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: image/png Expires: Tue, 27 Nov 2012 15:16:20 GMT Cache-Control: max-age=1814400 Accept-Ranges: bytes Etag: "1133920898" Last-Modified: Fri, 18 Nov 2011 13:54:54 GMT Content-Length: 1025 Connection: close Date: Tue, 06 Nov 2012 15:16:20 GMT
GET /bb/bb_one2n.js HTTP/1.1 Host: go.arbopl.bbelements.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Date: Tue, 06 Nov 2012 15:10:26 GMT Server: Apache Location: http://bbcdn.go.arbopl.bbelements.com/bb/bb_one2n.r40073.js Cache-Control: max-age=10800 Expires: Tue, 06 Nov 2012 18:10:26 GMT Content-Length: 243 Connection: close
GET /xgemius.js HTTP/1.1 Host: arbo.hit.gemius.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: application/x-javascript Date: Tue, 06 Nov 2012 15:10:26 GMT Expires: Wed, 07 Nov 2012 03:10:26 GMT Accept-Ranges: none Cache-Control: max-age=43200 Last-Modified: Wed, 31 Oct 2012 08:32:16 GMT Vary: Accept-Encoding P3P: CP="NOI DSP COR NID PSAo OUR IND" Connection: close Content-Length: 1954 Content-Encoding: gzip
GET /script/nk_widgets/nk_widget_fajne_embed HTTP/1.1 Host: 0.s-nk.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=UTF-8 Server: nginx Date: Tue, 06 Nov 2012 15:10:26 GMT Last-Modified: Tue, 06 Nov 2012 13:20:49 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=5 Vary: Accept-Encoding Expires: Tue, 13 Nov 2012 15:10:26 GMT Cache-Control: max-age=604800 Content-Encoding: gzip
GET /static/pl/css/img/bt-hide-advert-right.png HTTP/1.1 Host: www.prv.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 06 Nov 2012 15:10:25 GMT Server: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.7a PHP/4.4.4 Last-Modified: Fri, 07 May 2010 12:23:30 GMT Etag: "63c8a4-6d7-207c9480" Accept-Ranges: bytes Content-Length: 1751 Keep-Alive: timeout=50, max=5000 Connection: Keep-Alive
GET /img/prv_glow.png HTTP/1.1 Host: ad.prv.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: image/png Accept-Ranges: bytes Etag: "276370594" Last-Modified: Mon, 08 Feb 2010 11:01:00 GMT Content-Length: 12070 Connection: close Date: Tue, 06 Nov 2012 15:16:20 GMT
GET /_1352214626637/rexdot.gif?l=30&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&fr=1&tz=-60&fv=Shockwave%20Flash%2010.0%20r45&href=http%3A%2F%2Fdesperados.xlx.pl%2F&ref=&screen=1176x885&col=24&window=1176x778 HTTP/1.1 Host: arbo.hit.gemius.pl GET /_1352214626637/rexdot.gif?l=30&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&fr=1&tz=-60&fv=Shockwave%20Flash%2010.0%20r45&href=http%3A%2F%2Fdesperados.xlx.pl%2F&ref=&screen=1176x885&col=24&window=1176x778 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 301 Moved Permanently HTTP/1.1 301 Moved Permanently Date: Tue, 06 Nov 2012 15:10:26 GMT Expires: Mon, 05 Nov 2012 15:10:26 GMT Accept-Ranges: none Pragma: no-cache Cache-Control: no-store, no-cache, must-revalidate, max-age=0 Set-Cookie: Gtest=KlSguB9GQMQG5E69sQQSoeGGXBsy8iMoXBG.; Domain=hit.gemius.pl; Path=/; Expires=Wed, 30 Aug 2017 00:00:00 GMT P3P: CP="NOI DSP COR NID PSAo OUR IND" Location: /__/_1352214626637/rexdot.gif?l=30&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&fr=1&tz=-60&fv=Shockwave%20Flash%2010.0%20r45&href=http%3A%2F%2Fdesperados.xlx.pl%2F&ref=&screen=1176x885&col=24&window=1176x778 Connection: close Content-Length: 0
GET /ga.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/ If-Modified-Since: Wed, 19 Sep 2012 11:51:40 GMT	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 14888 Content-Encoding: gzip Last-Modified: Mon, 22 Oct 2012 15:51:19 GMT X-Content-Type-Options: nosniff, nosniff Date: Tue, 06 Nov 2012 13:09:19 GMT Expires: Wed, 07 Nov 2012 01:09:19 GMT Vary: Accept-Encoding Age: 7267 Cache-Control: max-age=43200, public Server: GFE/2.0
GET /fajne/widget?type=3&color=0&title=Strona%20internetowa%20desperados.xlx.pl&url=http%3A%2F%2Fdesperados.xlx.pl&index=0&image=&description= HTTP/1.1 Host: nk.pl GET /fajne/widget?type=3&color=0&title=Strona%20internetowa%20desperados.xlx.pl&url=http%3A%2F%2Fdesperados.xlx.pl&index=0&image=&description= HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Tue, 06 Nov 2012 15:10:26 GMT Set-Cookie: nk_session=LX31X3pY%2CxFYR70miZK4JdFahZ6; path=/; domain=.nk.pl basic_auth=50a262e25f515aa325d9fd4b; expires=Tue, 13-Nov-2012 15:10:26 GMT; path=/; domain=.nk.pl Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Content-Encoding: gzip Connection: close Transfer-Encoding: chunked Server: NK
GET /bb/bb_one2n.r40073.js HTTP/1.1 Host: bbcdn.go.arbopl.bbelements.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: application/javascript Server: bbcdn Date: Tue, 06 Nov 2012 15:10:26 GMT Connection: close Last-Modified: Wed, 31 Oct 2012 09:08:22 GMT Etag: "5d8622-b972-4cd573e8b2d80" Cache-Control: max-age=86400 Expires: Wed, 07 Nov 2012 15:10:26 GMT Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 13661 Accept-Ranges: bytes
GET /__/_1352214626637/rexdot.gif?l=30&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&fr=1&tz=-60&fv=Shockwave%20Flash%2010.0%20r45&href=http%3A%2F%2Fdesperados.xlx.pl%2F&ref=&screen=1176x885&col=24&window=1176x778 HTTP/1.1 Host: arbo.hit.gemius.pl GET /__/_1352214626637/rexdot.gif?l=30&id=bPA1ZotdXe3htQrOiB.DvMdRnDSwMNhFXpTX2Gu_NTz.z7&fr=1&tz=-60&fv=Shockwave%20Flash%2010.0%20r45&href=http%3A%2F%2Fdesperados.xlx.pl%2F&ref=&screen=1176x885&col=24&window=1176x778 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/ Cookie: Gtest=KlSguB9GQMQG5E69sQQSoeGGXBsy8iMoXBG.	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 15:10:26 GMT Expires: Mon, 05 Nov 2012 15:10:26 GMT Accept-Ranges: none Pragma: no-cache Cache-Control: no-store, no-cache, must-revalidate, max-age=0 Set-Cookie: Gdyn=KlxLsQoGQMQG5E69sQQSoeGGXBsy8iMoFRxSG7BLMSyGtF8CYlM1GSosxcxSY0FySssa; Domain=hit.gemius.pl; Path=/; Expires=Wed, 30 Aug 2017 00:00:00 GMT P3P: CP="NOI DSP COR NID PSAo OUR IND" Connection: close Content-Length: 43
GET /style/nk_widgets/fajne:e170 HTTP/1.1 Host: 0.s-nk.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/css,/;q=0.1 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://nk.pl/fajne/widget?type=3&color=0&title=Strona%20internetowa%20desperados.xlx.pl&url=http%3A%2F%2Fdesperados.xlx.pl&index=0&image=&description=	HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Tue, 06 Nov 2012 15:10:26 GMT Last-Modified: Tue, 06 Nov 2012 13:20:58 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=5 Vary: Accept-Encoding Expires: Tue, 13 Nov 2012 15:10:26 GMT Cache-Control: max-age=604800 Content-Encoding: gzip
GET /plugins/like.php?app_id=197483830299649&href=http://desperados.xlx.pl&send=false&layout=button_count&width=90&show_faces=false&action=like&colorscheme=light&font&height=35 HTTP/1.1 Host: www.facebook.com GET /plugins/like.php?app_id=197483830299649&href=http://desperados.xlx.pl&send=false&layout=button_count&width=90&show_faces=false&action=like&colorscheme=light&font&height=35 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Cache-Control: private, no-cache, no-store, must-revalidate Expires: Sat, 01 Jan 2000 00:00:00 GMT Pragma: no-cache X-Content-Type-Options: nosniff X-XSS-Protection: 0 Content-Encoding: gzip X-FB-Debug: oKkkpV7+lJV4A2epow3f6IjMb9M0X7YvhflHRxvJIWE= Date: Tue, 06 Nov 2012 15:10:26 GMT Transfer-Encoding: chunked Connection: keep-alive
GET /script/nk_widgets/nk_widget_fajne_run:dade HTTP/1.1 Host: 0.s-nk.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://nk.pl/fajne/widget?type=3&color=0&title=Strona%20internetowa%20desperados.xlx.pl&url=http%3A%2F%2Fdesperados.xlx.pl&index=0&image=&description=	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=UTF-8 Server: nginx Date: Tue, 06 Nov 2012 15:10:27 GMT Last-Modified: Tue, 06 Nov 2012 13:20:49 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=5 Vary: Accept-Encoding Expires: Tue, 13 Nov 2012 15:10:27 GMT Cache-Control: max-age=604800 Content-Encoding: gzip
GET /script/nk_widgets/nk_widget_fajne:2967 HTTP/1.1 Host: 0.s-nk.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://nk.pl/fajne/widget?type=3&color=0&title=Strona%20internetowa%20desperados.xlx.pl&url=http%3A%2F%2Fdesperados.xlx.pl&index=0&image=&description=	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=UTF-8 Server: nginx Date: Tue, 06 Nov 2012 15:10:27 GMT Last-Modified: Tue, 06 Nov 2012 13:20:49 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=5 Vary: Accept-Encoding Expires: Tue, 13 Nov 2012 15:10:27 GMT Cache-Control: max-age=604800 Content-Encoding: gzip
GET /script/nk:d2e1 HTTP/1.1 Host: 0.s-nk.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://nk.pl/fajne/widget?type=3&color=0&title=Strona%20internetowa%20desperados.xlx.pl&url=http%3A%2F%2Fdesperados.xlx.pl&index=0&image=&description=	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=UTF-8 Server: nginx Date: Tue, 06 Nov 2012 15:10:27 GMT Last-Modified: Tue, 06 Nov 2012 13:20:49 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=5 Vary: Accept-Encoding Expires: Tue, 13 Nov 2012 15:10:27 GMT Cache-Control: max-age=604800 Content-Encoding: gzip
GET /please/showit/0/0/0/1/?typkodu=js&one2n1=/1612/30/1/30/;1612.30.1.30;&one2n2=/1612/2/1/31/;1612.2.1.31;&one2n=2&ubl=undefined&ucc=undefined&ucd=24&uce=true&udx=undefined&udy=undefined&usl=undefined&uje=true&uah=855&uaw=1176&ubd=undefined&uhe=885&ulx=undefined&uly=undefined&use=undefined&uto=-60&uti=1352214626961&uui=undefined&uul=undefined&uwi=1176&bbnautg=3aa0026c23e00635&alttext=0&border=0&bust=0.12373924305052397&target=_top HTTP/1.1 Host: go.arbopl.bbelements.com GET /please/showit/0/0/0/1/?typkodu=js&one2n1=/1612/30/1/30/;1612.30.1.30;&one2n2=/1612/2/1/31/;1612.2.1.31;&one2n=2&ubl=undefined&ucc=undefined&ucd=24&uce=true&udx=undefined&udy=undefined&usl=undefined&uje=true&uah=855&uaw=1176&ubd=undefined&uhe=885&ulx=undefined&uly=undefined&use=undefined&uto=-60&uti=1352214626961&uui=undefined&uul=undefined&uwi=1176&bbnautg=3aa0026c23e00635&alttext=0&border=0&bust=0.12373924305052397&target=_top HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Date: Tue, 06 Nov 2012 15:10:27 GMT Server: Apache Expires: -1 Cache-Control: no-cache Set-Cookie: bbnaut=3aa0026c23e00635; path=/; domain=bbelements.com; expires=Wed, 06 Nov 2013 15:10:27 GMT bm2uu=1355524350_3716241368_0_18_0_0_(null)~*; path=/please/; domain=go.arbopl.bbelements.com; expires=Wed, 06 Nov 2013 15:10:27 GMT P3P: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID" Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Connection: close Transfer-Encoding: chunked
GET /rsrc.php/v2/yI/x/1dQf_ATK831.png HTTP/1.1 Host: static.ak.fbcdn.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.facebook.com/plugins/like.php?app_id=197483830299649&href=http://desperados.xlx.pl&send=false&layout=button_count&width=90&show_faces=false&action=like&colorscheme=light&font&height=35	HTTP/1.1 200 OK Content-Type: image/png Access-Control-Allow-Origin: * Last-Modified: Fri, 29 Jun 2012 21:48:06 GMT X-Content-Type-Options: nosniff X-FB-Debug: DROeMGRPcdwLS4zkFLAnDVu5opvpxfNclOg2Khukp6I= Content-Length: 567 Cache-Control: public, max-age=25483664 Expires: Wed, 28 Aug 2013 13:58:11 GMT Date: Tue, 06 Nov 2012 15:10:27 GMT Connection: keep-alive
GET /rsrc.php/v2/yf/r/ermz5xIRKqj.js HTTP/1.1 Host: static.ak.fbcdn.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.facebook.com/plugins/like.php?app_id=197483830299649&href=http://desperados.xlx.pl&send=false&layout=button_count&width=90&show_faces=false&action=like&colorscheme=light&font&height=35 Origin: http://www.facebook.com	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Access-Control-Allow-Origin: * Last-Modified: Fri, 26 Oct 2012 01:14:26 GMT X-Content-Type-Options: nosniff Content-Encoding: gzip X-FB-Debug: N+I8JRuT6Vc1XTfCzT6+2ZeZAilFlXFQGUdFwvperAo= Content-Length: 37956 Vary: Accept-Encoding Cache-Control: public, max-age=30923762 Expires: Wed, 30 Oct 2013 13:06:29 GMT Date: Tue, 06 Nov 2012 15:10:27 GMT Connection: keep-alive
GET /bk?nuggn=651342010&random=0.6027514589010541&nuggl=http%3A%2F%2Fgo.arbopl.bbelements.com%2Fplease%2Fshowit%2F0%2F0%2F0%2F0%2F%3Ftypkodu=js%26banhash=305451785%26banner=29061_0%26nug4bbmedia=NUGGVARS HTTP/1.1 Host: arbomedia.nuggad.net GET /bk?nuggn=651342010&random=0.6027514589010541&nuggl=http%3A%2F%2Fgo.arbopl.bbelements.com%2Fplease%2Fshowit%2F0%2F0%2F0%2F0%2F%3Ftypkodu=js%26banhash=305451785%26banner=29061_0%26nug4bbmedia=NUGGVARS HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 302 Found Content-Type: text/plain Date: Tue, 06 Nov 2012 15:10:27 GMT Status: 302 Found Location: http://go.arbopl.bbelements.com/please/showit/0/0/0/0/?typkodu=js&banhash=305451785&banner=29061_0&nug4bbmedia=NUGGVARS Cache-Control: no-store,no-cache Expires: Wed, 18 Feb 2009 11:53:30 GMT P3P: CP="NOI DSP COR NID ADMa OTPa OUR NOR" Keep-Alive: timeout=15, max=40 Connection: close Transfer-Encoding: chunked
GET /ad/engine/billboard/3.x/3.1/billboard.js?2011-05-30 HTTP/1.1 Host: ad.arbomedia.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: thttpd/2.25b 29dec2003 Date: Tue, 06 Nov 2012 15:10:26 GMT Last-Modified: Mon, 05 Nov 2012 08:46:01 GMT Accept-Ranges: bytes Connection: close Content-Length: 6919
GET /script/packs/base:7ad4 HTTP/1.1 Host: 1.s-nk.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://nk.pl/fajne/widget?type=3&color=0&title=Strona%20internetowa%20desperados.xlx.pl&url=http%3A%2F%2Fdesperados.xlx.pl&index=0&image=&description=	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=UTF-8 Server: nginx Date: Tue, 06 Nov 2012 15:10:27 GMT Last-Modified: Tue, 06 Nov 2012 13:20:49 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=5 Vary: Accept-Encoding Expires: Tue, 13 Nov 2012 15:10:27 GMT Cache-Control: max-age=604800 Content-Encoding: gzip
GET /please/showit/0/0/0/0/?typkodu=js&banhash=305451785&banner=29061_0&nug4bbmedia=NUGGVARS HTTP/1.1 Host: go.arbopl.bbelements.com GET /please/showit/0/0/0/0/?typkodu=js&banhash=305451785&banner=29061_0&nug4bbmedia=NUGGVARS HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/ Cookie: bm2uu=1355524350_3716241368_0_18_0_0_(null)~; bbnaut=3aa0026c23e00635	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=utf-8 Date: Tue, 06 Nov 2012 15:10:27 GMT Server: Apache Expires: -1 Cache-Control: no-cache Set-Cookie: bbnaut=3aa0026c23e00635; path=/; domain=bbelements.com; expires=Wed, 06 Nov 2013 15:10:27 GMT bm2uu=1355524350_3716241368_1352214627_18_0_0_NUGGVARS~*; path=/please/; domain=go.arbopl.bbelements.com; expires=Wed, 06 Nov 2013 15:10:27 GMT P3P: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID" Vary: User-Agent Connection: close Transfer-Encoding: chunked
GET /logos/cdn349/b150162/be/be2.js HTTP/1.1 Host: bbcdn.go.arbopl.bbelements.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/ Cookie: bbnaut=3aa0026c23e00635	HTTP/1.1 200 OK Content-Type: application/javascript Server: bbcdn Date: Tue, 06 Nov 2012 15:10:27 GMT Connection: close Last-Modified: Tue, 25 Sep 2012 08:12:34 GMT Etag: "3262b1-854-4ca8244b34080" Content-Length: 2132 Cache-Control: max-age=31536000 Expires: Wed, 06 Nov 2013 15:09:17 GMT Accept-Ranges: bytes
GET /flash/bbnaut.swf HTTP/1.1 Host: go.eu.bbelements.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/ Cookie: bbnaut=3aa0026c23e00635	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Date: Tue, 06 Nov 2012 15:10:27 GMT Server: Apache-Coyote/1.1 Etag: W/"3034-1272966728000" Last-Modified: Tue, 04 May 2010 09:52:08 GMT Content-Length: 3034 Cache-Control: max-age=604800 Expires: Tue, 13 Nov 2012 15:10:27 GMT Connection: close
GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 Host: fpdownload2.macromedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/xml Server: Apache Last-Modified: Wed, 03 Oct 2012 19:48:11 GMT Etag: "289dff-26c-4cb2ceb2654c0" Accept-Ranges: bytes Content-Length: 620 Date: Tue, 06 Nov 2012 15:10:27 GMT Connection: keep-alive
GET /logos/cdn349/b149400/motointegrator_oponyzima_triple_750x300.swf HTTP/1.1 Host: bbcdn.go.arbopl.bbelements.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/ Cookie: bbnaut=3aa0026c23e00635	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: bbcdn Date: Tue, 06 Nov 2012 15:10:27 GMT Connection: close Last-Modified: Fri, 14 Sep 2012 10:01:22 GMT Etag: "75c064-de54-4c9a6818b8080" Content-Length: 56916 Cache-Control: max-age=31536000 Expires: Wed, 06 Nov 2013 15:10:17 GMT Accept-Ranges: bytes
GET /img/nk_widgets/widget/fajne HTTP/1.1 Host: 0.s-nk.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://0.s-nk.pl/style/nk_widgets/fajne:e170	HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Tue, 06 Nov 2012 15:10:27 GMT Content-Length: 4958 Last-Modified: Mon, 28 Mar 2011 10:26:26 GMT Connection: keep-alive Keep-Alive: timeout=5 Expires: Tue, 13 Nov 2012 15:10:27 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes
GET /bbnaut/getBbnaut?newBbnaut=acc026047ca73b5d HTTP/1.1 Host: go.eu.bbelements.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/ Cookie: bbnaut=3aa0026c23e00635	HTTP/1.1 200 OK Content-Type: application/x-javascript;charset=UTF-8 Date: Tue, 06 Nov 2012 15:10:27 GMT Server: Apache-Coyote/1.1 P3P: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID" Content-Language: en-US Content-Length: 60 Set-Cookie: bbnaut=3aa0026c23e00635; Expires=Wed, 06-Nov-2013 15:10:27 GMT; Path=/ Connection: close
GET /favicon.ico HTTP/1.1 Host: desperados.xlx.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: domain_name_desperados_xlx_pl=true; SERVERID=h-f1; bbnaut=3aa0026c23e00635	HTTP/1.0 200 OK Content-Type: image/x-icon Date: Tue, 06 Nov 2012 15:10:47 GMT Server: Apache Vary: Host Last-Modified: Mon, 20 Jul 2009 09:23:00 GMT Etag: "d009e-37e-af25c500" Accept-Ranges: bytes Content-Length: 894 X-Cache: MISS from revproxy X-Cache-Lookup: MISS from revproxy:80 Via: 1.0 revproxy:80 (squid/2.6.STABLE21) Connection: keep-alive
GET /rc/?i=1 HTTP/1.1 Host: ntkrnlpa.info User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/
GET /static/pl/css/img/bt-hide-advert-left.png HTTP/1.1 Host: www.prv.pl User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://desperados.xlx.pl/