urlquery.net - Free url scanner

Overview

URL	http://Www.fbwintday.com
IP	192.162.102.19
ASN	AS12608 MediaServicePlus Ltd.
Location	Russian Federation
Report completed	2012-11-05 10:07:17 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro	No alerts detected
Snort /w Sourcefire VRT	No alerts detected

Recent reports on same IP/ASN/Domain

Last 4 reports on IP: 192.162.102.19

Date	Alerts / IDS	URL	IP
2013-01-04 03:25:37	0 / 0	http://localbitches.w2c.ru/	192.162.102.19
2012-11-06 00:26:01	0 / 3	http://www.fbfunvidz.com	192.162.102.19
2012-10-18 17:32:58	0 / 5	http://vichatter.eu/	192.162.102.19
2012-10-18 11:03:42	0 / 2	http://getipad3now.com/	192.162.102.19

Last 6 reports on ASN: AS12608 MediaServicePlus Ltd.

Date	Alerts / IDS	URL	IP
2013-02-03 23:28:05	0 / 22	http://toolbar.fred.to/check.php?q=tjfyp	192.162.102.35
2013-02-03 12:50:23	0 / 2	http://download.rmes.ru/.sys/?getexe=fb.71.exe	192.162.100.239
2013-02-03 12:50:16	0 / 2	http://download.rmes.ru/.sys/?getexe=v2blogger.exe	192.162.100.239
2013-02-03 12:50:16	0 / 2	http://download.rmes.ru/.sys/?getexe=v2captcha.exe	192.162.100.239
2013-02-03 12:50:13	0 / 2	http://download.rmes.ru/.sys/?getexe=v2googlecheck.exe	192.162.100.239
2013-01-24 14:26:34	0 / 2	http://download.rmes.ru/.sys/?getexe=get.exe	192.162.100.239

JavaScript

Executed Scripts (7)

Executed Evals (8)

#1 JavaScript::Eval (size: 380, repeated: 1)

"\u3002\u300C\u300D\u3001\u30FB\u30F2\u30A1\u30A3\u30A5\u30A7\u30A9\u30E3\u30E5\u30E7\u30C3\u30FC\u30A2\u30A4\u30A6\u30A8\u30AA\u30AB\u30AD\u30AF\u30B1\u30B3\u30B5\u30B7\u30B9\u30BB\u30BD\u30BF\u30C1\u30C4\u30C6\u30C8\u30CA\u30CB\u30CC\u30CD\u30CE\u30CF\u30D2\u30D5\u30D8\u30DB\u30DE\u30DF\u30E0\u30E1\u30E2\u30E4\u30E6\u30E8\u30E9\u30EA\u30EB\u30EC\u30ED\u30EF\u30F3\u309B\u309C"

#2 JavaScript::Eval (size: 128, repeated: 1)

"\u30A6\u30AB\u30AD\u30AF\u30B1\u30B3\u30B5\u30B7\u30B9\u30BB\u30BD\u30BF\u30C1\u30C4\u30C6\u30C8\u30CF\u30D2\u30D5\u30D8\u30DB"

#3 JavaScript::Eval (size: 32, repeated: 1)

"\u30CF\u30D2\u30D5\u30D8\u30DB"

#4 JavaScript::Eval (size: 32, repeated: 1)

"\u30D1\u30D4\u30D7\u30DA\u30DD"

#5 JavaScript::Eval (size: 40, repeated: 1)

"\u30D1__\u30D4__\u30D7__\u30DA__\u30DD"

#6 JavaScript::Eval (size: 135, repeated: 1)

"\u30F4__\u30AC\u30AE\u30B0\u30B2\u30B4\u30B6\u30B8\u30BA\u30BC\u30BE\u30C0\u30C2\u30C5\u30C7\u30C9_____\u30D0\u30D3\u30D6\u30D9\u30DC"

#7 JavaScript::Eval (size: 161, repeated: 1)

"\u30F4____\u30AC_\u30AE_\u30B0_\u30B2_\u30B4_\u30B6_\u30B8_\u30BA_\u30BC_\u30BE_\u30C0_\u30C2__\u30C5_\u30C7_\u30C9______\u30D0__\u30D3__\u30D6__\u30D9__\u30DC"

#8 JavaScript::Eval (size: 17, repeated: 1)

/*@cc_on!@*/
false

Executed Writes (0)

HTTP Transactions (18)

Request	Response
GET / HTTP/1.1 Host: www.fbwintday.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 302 Found Content-Type: text/html Server: nginx/0.7.61 Date: Mon, 05 Nov 2012 08:43:33 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.2.4 Location: http://www.youtube/com/?asdg21241
GET /com/?asdg21241 HTTP/1.1 Host: www.youtube.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: VISITOR_INFO1_LIVE=TIoxcizkAQ0; hideBrowserUpgradeBox=True; PREF=fv=10.0.45&f4=4000	HTTP/1.1 303 See Other Content-Type: text/html; charset=utf-8 Date: Mon, 05 Nov 2012 09:06:46 GMT Server: Apache X-Content-Type-Options: nosniff Set-Cookie: use_hitbox=d5c5516c3379125f43aa0d495d100d6ddAEAAAAw; path=/; domain=.youtube.com Expires: Tue, 27 Apr 1971 19:44:06 EST Cache-Control: no-cache P3P: CP="This is not a P3P policy! See //support.google.com/accounts/bin/answer.py?answer=151657&hl=en-US for more info." X-Frame-Options: SAMEORIGIN Location: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked
GET /oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg HTTP/1.1 Host: www.youtube.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: VISITOR_INFO1_LIVE=TIoxcizkAQ0; hideBrowserUpgradeBox=True; PREF=fv=10.0.45&f4=4000; use_hitbox=d5c5516c3379125f43aa0d495d100d6ddAEAAAAw	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Date: Mon, 05 Nov 2012 09:06:46 GMT Server: Apache X-Content-Type-Options: nosniff Content-Encoding: gzip Expires: Tue, 27 Apr 1971 19:44:06 EST Cache-Control: no-cache X-Frame-Options: SAMEORIGIN Content-Length: 6253
GET /yts/img/pixel-vfl3z5WfW.gif HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: image/gif Last-Modified: Tue, 16 Oct 2012 23:01:29 GMT Date: Thu, 01 Nov 2012 01:08:56 GMT Expires: Fri, 01 Nov 2013 01:08:56 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 43 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 374270
GET /yts/cssbin/www-the-rest-vflzYVqky.css HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/css,/;q=0.1 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: text/css Vary: Accept-Encoding Content-Encoding: gzip Last-Modified: Mon, 22 Oct 2012 15:19:30 GMT Date: Thu, 01 Nov 2012 01:08:56 GMT Expires: Fri, 01 Nov 2013 01:08:56 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 1909 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 374270
GET /yts/img/silhouette48-vflLdu7sh.png HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Wed, 31 Oct 2012 16:33:48 GMT Date: Thu, 01 Nov 2012 16:00:15 GMT Expires: Fri, 01 Nov 2013 16:00:15 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 1798 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 320791
GET /yts/img/favicon_32-vflWoMFGx.png HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Tue, 16 Oct 2012 22:59:55 GMT Date: Thu, 01 Nov 2012 01:09:15 GMT Expires: Fri, 01 Nov 2013 01:09:15 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 562 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 374251
GET /yts/cssbin/www-core-vfl4U5oJf.css HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/css,/;q=0.1 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: text/css Vary: Accept-Encoding Content-Encoding: gzip Last-Modified: Thu, 01 Nov 2012 00:27:32 GMT Date: Thu, 01 Nov 2012 16:04:35 GMT Expires: Fri, 01 Nov 2013 16:04:35 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 49106 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 320531
GET /yts/jsbin/www-core-vfl63tHg3.js HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: text/javascript Vary: Accept-Encoding Content-Encoding: gzip Last-Modified: Thu, 01 Nov 2012 00:27:39 GMT Date: Thu, 01 Nov 2012 16:04:38 GMT Expires: Fri, 01 Nov 2013 16:04:38 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 79060 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 320528
GET /yts/img/refresh/body_noise-vfl_60-qt.png HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://s.ytimg.com/yts/cssbin/www-core-vfl4U5oJf.css	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Tue, 16 Oct 2012 23:01:31 GMT Date: Thu, 01 Nov 2012 01:08:59 GMT Expires: Fri, 01 Nov 2013 01:08:59 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 2978 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 374268
GET /yts/img/tv_stack-vflmeOpv_.png HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Tue, 16 Oct 2012 23:01:49 GMT Date: Sat, 03 Nov 2012 12:26:08 GMT Expires: Sun, 03 Nov 2013 12:26:08 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 180875 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 160838
GET /yts/imgbin/www-refresh-vflXi-m8w.png HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://s.ytimg.com/yts/cssbin/www-core-vfl4U5oJf.css	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Wed, 31 Oct 2012 16:33:49 GMT Date: Thu, 01 Nov 2012 16:00:13 GMT Expires: Fri, 01 Nov 2013 16:00:13 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 39608 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 320794
GET /yts/jsbin/www-searchbox-vflWtMugU.js HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: text/javascript Vary: Accept-Encoding Content-Encoding: gzip Last-Modified: Wed, 31 Oct 2012 16:38:40 GMT Date: Thu, 01 Nov 2012 16:00:29 GMT Expires: Fri, 01 Nov 2013 16:00:29 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 36490 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 320778
GET /yts/img/icons/close-vflrEJzIW.png HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Tue, 16 Oct 2012 23:00:44 GMT Date: Thu, 01 Nov 2012 01:09:12 GMT Expires: Fri, 01 Nov 2013 01:09:12 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 516 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 374255
GET /inputtools/images/tia.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg	HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Mon, 02 Apr 2012 00:13:23 GMT Date: Thu, 01 Nov 2012 01:09:07 GMT Expires: Fri, 01 Nov 2013 01:09:07 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 151 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 374260
GET /generate_204 HTTP/1.1 Host: clients1.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.youtube.com/oops?ytsession=PQffDuEffL2DafUCtuSrnGQdcjbs4S8WhKTvmgXbqwBvV_ZPKVk4loTfEV2zIB9h8dEY03F_-FGeh--AYlwhbZUsANWEYEF-t_OC6eKeVZFUx7_YzOLxHkQvKQi9t7q9GxgcN5ieYPVxRtDhTfF7dZB2gBGpvQYMFdTSzClHSQe5I8AhIM0UWGrxwpz5LjVExkpTkqwqW9SY4raYfby0dotJ2_RAIWUH_Jsty8OFMgTjCGMdr6bc4kfngHF92qxrnj2E_ilKexh4KTBYnAiYLtO1SAHlTNdg Cookie: PREF=ID=18d07d2c5ecbbb08:U=205ee10a10512bfa:FF=0:TM=1350344350:LM=1350344627:S=oVTvNjgbzbFNBNUF; NID=64=UOjfkeau7k9dzmFvAsFwVqmD4s7g_bdUMaEnGOlKRSTKCit3R_G5xg2kMKTOgRf2IL0DzvimBbfFpj1mIHK6cKNk76wCsEyOlULvzyFq8aklSyHHGXGPdMpqcZCr8LfK	HTTP/1.1 204 No Content Content-Type: text/html; charset=UTF-8 Content-Length: 0 Date: Mon, 05 Nov 2012 09:06:47 GMT Server: GFE/2.0
GET /yts/img/favicon-vfldLzJxy.ico HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: image/x-icon Last-Modified: Tue, 16 Oct 2012 22:59:55 GMT Date: Thu, 01 Nov 2012 01:08:57 GMT Expires: Fri, 01 Nov 2013 01:08:57 GMT X-Content-Type-Options: nosniff Server: sffe Content-Length: 1150 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=31536000 Age: 374272
GET /yts/img/favicon-vfldLzJxy.ico HTTP/1.1 Host: s.ytimg.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive