urlquery.net - Free url scanner

Overview

URL	http://stexstat1792217.ru/logstat/forum/index.php?showtopic=926565
IP	82.192.91.142
ASN	AS16265 LeaseWeb B.V.
Location	Netherlands
Report completed	2012-11-13 21:36:09 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro	No alerts detected
Snort /w Sourcefire VRT	No alerts detected

Recent reports on same IP/ASN/Domain

Last 3 reports on IP: 82.192.91.142

Date	Alerts / IDS	URL	IP
2012-11-18 03:09:18	0 / 0	http://marinstat1792233.ru/logstat/forum/index.php?showtopic=926565	82.192.91.142
2012-11-14 18:20:41	0 / 0	http://82.192.91.142	82.192.91.142
2012-11-13 23:30:49	0 / 0	http://stexstat1673217.ru	82.192.91.142

Last 6 reports on ASN: AS16265 LeaseWeb B.V.

Date	Alerts / IDS	URL	IP
2013-04-10 13:07:04	0 / 0	http://180upload.com/rngbavhuao7v	95.211.113.13
2013-04-10 12:34:07	3 / 16	http://illiyun.com/index.php?option=com_content&view=article&id=31:hz-ebubekirin-hayat& (...)	213.142.145.114
2013-04-10 12:29:24	0 / 1	http://files.astrogemini.com/screensavers/easter.exe	85.17.31.103
2013-04-10 12:19:05	0 / 2	http://www.bedworld.nl/plugins/caroufredsel/jquery.js	46.17.7.88
2013-04-10 12:18:33	0 / 1	http://rumind.net/dfiles/soft/Pdf-Converter/:295956/pdf2word.exe	46.165.240.248
2013-04-10 12:07:15	1 / 9	http://kapsalonstraal.nl/viewpage.php?page_id=1	85.17.197.5

JavaScript

Executed Scripts (15)

Executed Evals (9)

#1 JavaScript::Eval (size: 380, repeated: 1)

"\u3002\u300C\u300D\u3001\u30FB\u30F2\u30A1\u30A3\u30A5\u30A7\u30A9\u30E3\u30E5\u30E7\u30C3\u30FC\u30A2\u30A4\u30A6\u30A8\u30AA\u30AB\u30AD\u30AF\u30B1\u30B3\u30B5\u30B7\u30B9\u30BB\u30BD\u30BF\u30C1\u30C4\u30C6\u30C8\u30CA\u30CB\u30CC\u30CD\u30CE\u30CF\u30D2\u30D5\u30D8\u30DB\u30DE\u30DF\u30E0\u30E1\u30E2\u30E4\u30E6\u30E8\u30E9\u30EA\u30EB\u30EC\u30ED\u30EF\u30F3\u309B\u309C"

#2 JavaScript::Eval (size: 128, repeated: 1)

"\u30A6\u30AB\u30AD\u30AF\u30B1\u30B3\u30B5\u30B7\u30B9\u30BB\u30BD\u30BF\u30C1\u30C4\u30C6\u30C8\u30CF\u30D2\u30D5\u30D8\u30DB"

#3 JavaScript::Eval (size: 32, repeated: 1)

"\u30CF\u30D2\u30D5\u30D8\u30DB"

#4 JavaScript::Eval (size: 32, repeated: 1)

"\u30D1\u30D4\u30D7\u30DA\u30DD"

#5 JavaScript::Eval (size: 40, repeated: 1)

"\u30D1__\u30D4__\u30D7__\u30DA__\u30DD"

#6 JavaScript::Eval (size: 135, repeated: 1)

"\u30F4__\u30AC\u30AE\u30B0\u30B2\u30B4\u30B6\u30B8\u30BA\u30BC\u30BE\u30C0\u30C2\u30C5\u30C7\u30C9_____\u30D0\u30D3\u30D6\u30D9\u30DC"

#7 JavaScript::Eval (size: 161, repeated: 1)

"\u30F4____\u30AC_\u30AE_\u30B0_\u30B2_\u30B4_\u30B6_\u30B8_\u30BA_\u30BC_\u30BE_\u30C0_\u30C2__\u30C5_\u30C7_\u30C9______\u30D0__\u30D3__\u30D6__\u30D9__\u30DC"

#8 JavaScript::Eval (size: 4, repeated: 4)

([])

#9 JavaScript::Eval (size: 4217, repeated: 1)

({
    "Fa-iUMeGMc2Sswb3_IGwAg": {
        "c": {},
        "sb": {
            "agen": false,
            "cgen": true,
            "client": "hp",
            "dh": true,
            "ds": "",
            "eqch": true,
            "fl": true,
            "host": "google.no",
            "jsonp": true,
            "kbl": "no",
            "kbv": 7,
            "lyrs": 29,
            "msgs": {
                "lcky": "Jeg pr\u00f8ver lykken",
                "lml": "Les mer",
                "oskt": "Inndataverkt\u00f8y",
                "psrc": "Dette s\u00f8ket ble fjernet fra <a href=\"/history\">nettloggen</a>",
                "psrl": "Fjern",
                "sbit": "S\u00f8k med bilde",
                "srch": "Google-s\u00f8k"
            },
            "ovr": {
                "ms": 1
            },
            "pq": "",
            "psy": "p",
            "qcpw": false,
            "scd": 10,
            "sce": 4,
            "stok": "dGsgLeZWJo1ac4XxYGKcze8AS_I"
        },
        "wta": {
            "s": true
        },
        "cr": {
            "eup": false,
            "qir": true,
            "rctj": true,
            "ref": false,
            "uff": false
        },
        "cdos": {
            "bih": 778,
            "biw": 1176,
            "dima": "b"
        },
        "jsa": {},
        "sl": {},
        "nos": {},
        "sf": {},
        "rvu": {
            "rvu_report_msg": "Rapport\u00e9r",
            "rvu_reported_msg": "Rapportert"
        },
        "tbpr": {},
        "tbui": {
            "dfi": {
                "am": ["jan.", "feb.", "mars", "apr.", "mai", "juni", "juli", "aug.", "sep.", "okt.", "nov.", "des."],
                "df": ["EEEE d. MMMM y", "d. MMMM y", "d. MMM y", "d.M.yyyy"],
                "fdow": 0,
                "nw": ["S", "M", "T", "O", "T", "F", "L"],
                "wm": ["januar", "februar", "mars", "april", "mai", "juni", "juli", "august", "september", "oktober", "november", "desember"]
            },
            "g": 28,
            "k": true,
            "m": {
                "app": true,
                "bks": true,
                "blg": true,
                "dsc": true,
                "fin": true,
                "flm": true,
                "frm": true,
                "isch": true,
                "klg": true,
                "mobile": true,
                "nws": true,
                "plcs": true,
                "ppl": true,
                "prc": true,
                "pts": true,
                "rcp": true,
                "shop": true,
                "vid": true
            },
            "t": null
        },
        "tng": {
            "bd": [],
            "bk": [],
            "bu": [],
            "gl": "no",
            "mb": 500,
            "msgs": {
                "a": "Blokker alle resultater for %1$s",
                "b": "<b>Var ikke dette nyttig?</b> Du kan blokkere resultater for <b>%1$s</b> n\u00e5r du bruker Google-s\u00f8k p\u00e5logget.",
                "c": "Vi kommer ikke til \u00e5 vise deg resultater fra <b>%1$s</b> lenger.",
                "d": "Administrer blokkerte nettsteder",
                "e": "Angre",
                "f": "Opphev blokkering for %1$s",
                "g": "Blokkering opphevet for %1$s"
            },
            "q": "",
            "rb": false
        },
        "shlb": {},
        "rsn": {},
        "ob": {},
        "adsm": {},
        "mb": {
            "db": false,
            "m_errors": {
                "default": "<font color=red>Feil:</font> Tjeneren kunne ikke behandle foresp\u00f8rselen. Pr\u00f8v igjen om 30 sekunder."
            },
            "m_tip": "Klikk hvis du vil ha mer informasjon.",
            "nlpm": "-153px -84px",
            "nlpp": "-153px -70px",
            "utp": true
        },
        "lc": {},
        "lr": {},
        "hv": {},
        "ada": {},
        "ca": {},
        "bihu": {
            "MESSAGES": {
                "msg_img_from": "Bilde fra %1$s",
                "msg_ms": "Flere st\u00f8rrelser",
                "msg_si": "Lignende"
            }
        },
        "riu": {
            "cnfrm": "Rapportert",
            "prmpt": "Rapporter"
        },
        "lu": {
            "cm_hov": true,
            "tt_kft": true,
            "uab": true
        },
        "hp": {},
        "m": {
            "ab": {
                "on": true
            },
            "ajax": {
                "gl": "no",
                "gwsHost": "",
                "hl": "no",
                "maxPrefetchConnections": 2,
                "prefetchTotal": 5,
                "q": "",
                "requestPrefix": "/ajax/rd?"
            },
            "css": {
                "adpbc": "#fec",
                "adpc": "#fffbf2",
                "def": false
            },
            "elastic": {
                "js": true,
                "rhs4Col": 1088,
                "rhs5Col": 1176,
                "rhsOn": true,
                "tiny": false,
                "tinyLo": 847,
                "tinyMd": 924,
                "tinyHi": 980
            },
            "exp": {
                "lru": true,
                "larhsp": false,
                "rt": false,
                "lrt": false,
                "lur": false,
                "adu": false,
                "tnav": false,
                "esp": false
            },
            "kfe": {
                "adsClientId": 33,
                "clientId": 29,
                "kfeHost": "clients1.google.no",
                "kfeUrlPrefix": "/webpagethumbnail?r=4&f=3&s=400:585&query=&hl=no&gl=no",
                "vsH": 585,
                "vsW": 400,
                "fewTbts": true
            },
            "logging": {
                "csiFraction": 0.05
            },
            "msgs": {
                "details": "Resultatdetaljer",
                "hPers": "Skjul personlige resultater",
                "hPersD": "Skjuler personlige resultater",
                "loading": "Laster fremdeles inn \u2026",
                "mute": "Kutt lyd",
                "noPreview": "Forh\u00e5ndsvisning er ikke tilgjengelig",
                "sPers": "Vis personlige resultater",
                "sPersD": "Viser personlige resultater",
                "unmute": "Sl\u00e5 p\u00e5 lyd"
            },
            "nokjs": {
                "on": true
            },
            "time": {
                "hOff": 50,
                "hOn": 300,
                "hSwitch": 200,
                "hTitle": 1200,
                "hUnit": 1500,
                "loading": 100,
                "timeout": 2500
            }
        },
        "rv": {},
        "shb": {},
        "sfa": {},
        "hsm": {},
        "j": {
            "bpcl": 38093640,
            "cspd": 0,
            "hme": true,
            "icmt": false,
            "jck": true,
            "mcr": 5
        },
        "p": {
            "ae": true,
            "avgTtfc": 2000,
            "brba": false,
            "dlen": 24,
            "dper": 3,
            "fbdc": 500,
            "fbdu": -1,
            "fbh": true,
            "fd": 1000000,
            "focus": true,
            "ftwd": 200,
            "gpsj": true,
            "hiue": true,
            "hpt": 310,
            "iavgTtfc": 2000,
            "kn": true,
            "knrt": true,
            "maxCbt": 1500,
            "mds": "clir,clue,dfn,frim,klg,prc,rl,sp,sts,mbl_he,mbl_hs,mbl_re,mbl_rs,mbl_sv",
            "msg": {
                "dym": "Mente du:",
                "gs": "Google-s\u00f8k",
                "kntt": "Bruk piltastene opp og ned for \u00e5 velge hvert resultat. Trykk p\u00e5 Enter for \u00e5 g\u00e5 til valget.",
                "sif": "S\u00f8k heller etter",
                "srf": "Viser resultater for"
            },
            "odef": true,
            "ophe": true,
            "pmt": 250,
            "pq": true,
            "rpt": 50,
            "sc": "psy-ab",
            "sfcs": false,
            "sgcif": true,
            "tct": " \\u3000?",
            "tdur": 50,
            "ufl": true
        },
        "pcc": {},
        "csi": {
            "acsi": true
        },
        "bbd": {
            "persisted": true,
            "tbpr": {}
        }
    }
})

Executed Writes (0)

HTTP Transactions (14)

Request	Response
GET /logstat/forum/index.php?showtopic=926565 HTTP/1.1 Host: stexstat1792217.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 302 Found Content-Type: text/html Server: nginx/0.7.67 Date: Tue, 13 Nov 2012 20:32:32 GMT Connection: keep-alive X-Powered-By: PHP/5.3.3-7+squeeze13 Location: http://google.com Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 20
GET / HTTP/1.1 Host: google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PREF=ID=18d07d2c5ecbbb08:U=205ee10a10512bfa:FF=0:TM=1350344350:LM=1350344627:S=oVTvNjgbzbFNBNUF; NID=64=UOjfkeau7k9dzmFvAsFwVqmD4s7g_bdUMaEnGOlKRSTKCit3R_G5xg2kMKTOgRf2IL0DzvimBbfFpj1mIHK6cKNk76wCsEyOlULvzyFq8aklSyHHGXGPdMpqcZCr8LfK	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Location: http://www.google.com/ Date: Tue, 13 Nov 2012 20:35:33 GMT Expires: Thu, 13 Dec 2012 20:35:33 GMT Cache-Control: public, max-age=2592000 Server: gws Content-Length: 219 X-XSS-Protection: 1; mode=block x-frame-options: SAMEORIGIN
GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PREF=ID=18d07d2c5ecbbb08:U=205ee10a10512bfa:FF=0:TM=1350344350:LM=1350344627:S=oVTvNjgbzbFNBNUF; NID=64=UOjfkeau7k9dzmFvAsFwVqmD4s7g_bdUMaEnGOlKRSTKCit3R_G5xg2kMKTOgRf2IL0DzvimBbfFpj1mIHK6cKNk76wCsEyOlULvzyFq8aklSyHHGXGPdMpqcZCr8LfK	HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Location: http://www.google.no/ Cache-Control: private Set-Cookie: NID=64=SHOV6qIxVgsd6BDYoTlj4QGOd9km63nkn-92Ch9EgeC3J_UPO9AbI4sNTK2HgMgPiXR-UedMF2pABTWGjyJSEriv4P9GW8zWtTqQ2zYgfET25Vz7pvVjb4zD3UNWKZIU; expires=Wed, 15-May-2013 20:35:33 GMT; path=/; domain=.google.com; HttpOnly P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." Date: Tue, 13 Nov 2012 20:35:33 GMT Server: gws Content-Length: 218 X-XSS-Protection: 1; mode=block x-frame-options: SAMEORIGIN
GET / HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Tue, 13 Nov 2012 20:35:33 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Encoding: gzip Transfer-Encoding: chunked Server: gws X-XSS-Protection: 1; mode=block x-frame-options: SAMEORIGIN
GET /images/icons/product/chrome-48.png HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/ Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8 If-Modified-Since: Mon, 02 Apr 2012 02:13:37 GMT	HTTP/1.1 304 Not Modified HTTP/1.1 304 Not Modified Date: Fri, 09 Nov 2012 20:33:42 GMT Expires: Sat, 17 Nov 2012 20:33:42 GMT Age: 345712 Server: GFE/2.0
GET /images/srpr/logo3w.png HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/ Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Mon, 02 Apr 2012 02:13:37 GMT Date: Fri, 09 Nov 2012 20:33:34 GMT Expires: Sat, 17 Nov 2012 20:33:34 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 7007 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=691200 Age: 345720
GET /xjs/_/js/s/c,sb,wta,cr,cdos,jsa,nos,sf,tbpr,tbui,tng,rsn,ob,mb,lc,hv,ada,bihu,lu,m,shb,sfa,hsm,j,p,pcc,csi/rt=j/ver=IWiEzGBPAyA.en_US./d=1/sv=1/rs=AItRSTNCCQlsWSRNx-zZXUqsQSNWzJG9bA HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/ Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8	HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 Vary: Accept-Encoding Content-Encoding: gzip Last-Modified: Tue, 06 Nov 2012 09:15:56 GMT Date: Fri, 09 Nov 2012 20:33:38 GMT Expires: Sat, 09 Nov 2013 20:33:38 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 146558 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 345716
GET /extern_chrome/2e785fbd337f4cab.js HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/ Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8	HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 Expires: Tue, 12 Nov 2013 00:00:00 GMT Last-Modified: Tue, 15 Nov 2011 00:00:00 GMT Content-Disposition: attachment Content-Encoding: gzip Date: Tue, 13 Nov 2012 20:35:34 GMT Server: gws Cache-Control: private Content-Length: 11918 X-XSS-Protection: 1; mode=block x-frame-options: SAMEORIGIN
GET /inputtools/images/tia.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Mon, 02 Apr 2012 00:13:23 GMT Date: Fri, 09 Nov 2012 20:33:29 GMT Expires: Sat, 09 Nov 2013 20:33:29 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 151 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 345725
GET /images/swxa.gif HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/ Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Mon, 02 Apr 2012 02:13:37 GMT Date: Fri, 09 Nov 2012 20:33:40 GMT Expires: Sat, 17 Nov 2012 20:33:40 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 5223 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=691200 Age: 345714
GET /csi?v=3&s=webhp&action=&e=17259,35702,37102,39518,39523,39978,40363,4000016,4000116,4000124,4000390,4000473,4000698,4000880,4000944,4000955,4001026,4001030,4001372,4001425,4001429,4001457,4001467,4001568,4001584,4001605,4001614,4001701,4001747,4001762,4001767,4001771,4001782,4001824,4001848,4001855,4001933,4002063,4002088,4002133,4002234,4002359,4002412&ei=Fa-iUMeGMc2Sswb3_IGwAg&imc=1&imn=1&imp=1&adh=&rt=xjsls.158,prt.201,xjses.685,xjsee.831,xjs.905,ol.921,iml.461 HTTP/1.1 Host: www.google.no GET /csi?v=3&s=webhp&action=&e=17259,35702,37102,39518,39523,39978,40363,4000016,4000116,4000124,4000390,4000473,4000698,4000880,4000944,4000955,4001026,4001030,4001372,4001425,4001429,4001457,4001467,4001568,4001584,4001605,4001614,4001701,4001747,4001762,4001767,4001771,4001782,4001824,4001848,4001855,4001933,4002063,4002088,4002133,4002234,4002359,4002412&ei=Fa-iUMeGMc2Sswb3_IGwAg&imc=1&imn=1&imp=1&adh=&rt=xjsls.158,prt.201,xjses.685,xjsee.831,xjs.905,ol.921,iml.461 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/ Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8	HTTP/1.1 204 No Content Content-Type: image/gif Content-Length: 0 Date: Wed, 21 Jan 2004 19:51:30 GMT Pragma: no-cache Cache-Control: private, no-cache Expires: Wed, 17 Sep 1975 21:32:10 GMT Server: Golfe
GET /images/nav_logo114.png HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/ Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Mon, 25 Jun 2012 14:34:28 GMT Date: Fri, 09 Nov 2012 20:33:45 GMT Expires: Sat, 17 Nov 2012 20:33:45 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 28765 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=691200 Age: 345709
GET /gb/js/sem_b1e9d8cb072fc03f3f512699c8ab5e7e.js HTTP/1.1 Host: ssl.gstatic.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.google.no/	HTTP/1.1 200 OK Content-Type: text/javascript Vary: Accept-Encoding Content-Encoding: gzip Last-Modified: Fri, 26 Oct 2012 02:53:03 GMT Date: Fri, 09 Nov 2012 20:33:28 GMT Expires: Sat, 17 Nov 2012 20:33:28 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 17891 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=691200 Age: 345726
GET /favicon.ico HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PREF=ID=833f642268853dd7:U=b8513c9986712345:FF=0:TM=1350344350:LM=1350344355:S=LPv_BMBUAC2Sq6lO; NID=64=wjqq-34sbw8_xZ_YRV2WYW7fIZaBTx0lz0gBHcLIwqanxYn4oQAq91WrZ2VCsF5Rw54OTpvDvPxDz0V1G-U8l77CmHDtBoxYEO7q4xasLAaD13EdvlmdnYljh62qP_E8 If-Modified-Since: Tue, 14 Aug 2012 15:19:23 GMT	HTTP/1.1 304 Not Modified HTTP/1.1 304 Not Modified Date: Fri, 09 Nov 2012 20:33:58 GMT Expires: Sat, 17 Nov 2012 20:33:58 GMT Age: 345699 Server: GFE/2.0