A live example for people. I would first like to state this cookie has had the first 3 charetors replaced with X's and the last three charectors replaced with X's to make sure no harm comes to the inaccent. GET /mail/ru/images/logon.gif HTTP/1.1 Host: img.mail.ru User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11 Accept: image/png,*/*;q=0.5 Accept-Language: ru-ru,ru;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.7 Referer: http://mail.ru/ If-Modified-Since: Wed, 02 May 2007 17:31:16 GMT Cookie: p=XXXDAFj0BXXX; c8=XXXGRwAAAADQEgIAAAAAAd6WAQAAAAAB3wABAXXX; Mpop=XXX9953936:020340704341777119050219091d031b0b 044f6c5150445e000e03091b02007c1f5c484d585b445b105a 545e591f4XXX:XXX@mail.ru:; mrcu=XXX8478471E25D8BC4EE59DBDXXX; t=XXXD1AAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAABAAABAAAAAAAAAAAAAAkGwXXX; c56=XXXPRwAAAAHe/QEAAXXX; Mpopl=XXX760XXX Connection: close But this is just a example of how easy the data can be obtained, this was done through a unmodifyed Tor endnode.