forum.kasperskyclub.ru Open in urlscan Pro
2606:4700:3030::ac43:aedf  Public Scan

56 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9604.3aCLZXz_T-7SOI6MCfMlT4aQMOrYzaNZNrTvEsLqBo34_0LOvkyhiyk9KD2sWdTB.o5oKBejdZ8ltpusvkB_9M8RM28s%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9604.bcen07PlMFakXMcPErckaZto_zxNm7y-cNVQM08XZg8ZqXkAB3eYZnLxCvqYvQi_pk0wXb_XK2yFhSL2-8sA3A%2C%2C.376UlOdyBr4uFyHy_ZYwSHkLz-c%2C

Request Chain 51

• https://unpkg.com/web-vitals HTTP 302
• https://unpkg.com/web-vitals@2.1.4 HTTP 302
• https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Request Chain 65

• https://secure.adnxs.com/px?id=1565477&seg=29456386&t=2 HTTP 307
• https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565477%26seg%3D29456386%26t%3D2

Request Chain 66

• https://ad.doubleclick.net/ddm/activity/src=11733622;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7218644194035.235 HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7218644194035.235 HTTP 302
• https://adservice.google.com/ddm/fls/p/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7218644194035.235;~oref=https://forum.kasperskyclub.ru/ HTTP 302
• https://adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7218644194035.235;~oref=https://forum.kasperskyclub.ru/

Request Chain 67

• https://secure.adnxs.com/px?id=1565568&seg=29457237&order_id=undefined&value=0&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3Dundefined%26u2%3DProduct_Name%26u3%3D0%26u4%3DTransaction_Date%26u5%3DPromo_Code%26u6%3DDiscount%26u7%3DLifetime%26u8%3DProduct_family%26u9%3DCategory%26u10%3DBusiness_Segment%26u11%3DQuantity%26u12%3Dru_RU%26u13%3DSite_Region%26u14%3DPage_Type%26u15%3DIs_test_order%26u16%3Dsite_id%26u17%3DPlaceholder1%26u18%3DPlaceholder2%26u19%3DPlaceholder3%26u20%3DPlaceholder4%26u21%3DPlaceholder5%26pixel_id%3D1565555%26uid%3D%24%7BUID%7D&t=2 HTTP 302
• https://pixel.mediaiqdigital.com/pixel?u1=undefined&u2=Product_Name&u3=0&u4=Transaction_Date&u5=Promo_Code&u6=Discount&u7=Lifetime&u8=Product_family&u9=Category&u10=Business_Segment&u11=Quantity&u12=ru_RU&u13=Site_Region&u14=Page_Type&u15=Is_test_order&u16=site_id&u17=Placeholder1&u18=Placeholder2&u19=Placeholder3&u20=Placeholder4&u21=Placeholder5&pixel_id=1565555&uid=5376892401598139798

Request Chain 68

• https://ad.doubleclick.net/ddm/activity/src=11733622;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3080484984545.857 HTTP 302
• https://ad.doubleclick.net/ddm/activity/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3080484984545.857 HTTP 302
• https://adservice.google.com/ddm/fls/p/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3080484984545.857;~oref=https://forum.kasperskyclub.ru/ HTTP 302
• https://adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3080484984545.857;~oref=https://forum.kasperskyclub.ru/

Request Chain 69

• https://s.tribalfusion.com/i.cid?c=705083&ev=0&page=Global HTTP 302
• https://s.tribalfusion.com/z/i.cid?c=705083&ev=0&page=Global HTTP 302
• https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://a.tribalfusion.com/i.match?p=b26&u=5376892401598139798&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://ib.adnxs.com/setuid?entity=305&code=18072662287868296039

Request Chain 73

• https://mc.yandex.com/watch/154428?wmode=7&page-url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A1%3Adp%3A0%3Als%3A649398362600%3Ahid%3A802269179%3Az%3A0%3Ai%3A20220411000105%3Aet%3A1649635265%3Ac%3A1%3Arn%3A282646093%3Arqn%3A1%3Au%3A16496352651019039495%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649635263950%3Ads%3A162%2C62%2C391%2C49%2C0%2C0%2C%2C19%2C0%2C870%2C870%2C1%2C870%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649635266%3At%3A%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&t=gdpr(14)aw(1)ti(2) HTTP 302
• https://mc.yandex.com/watch/154428/1?wmode=7&page-url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A1%3Adp%3A0%3Als%3A649398362600%3Ahid%3A802269179%3Az%3A0%3Ai%3A20220411000105%3Aet%3A1649635265%3Ac%3A1%3Arn%3A282646093%3Arqn%3A1%3Au%3A16496352651019039495%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649635263950%3Ads%3A162%2C62%2C391%2C49%2C0%2C0%2C%2C19%2C0%2C870%2C870%2C1%2C870%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649635266%3At%3A%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 75

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649635265590&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D39138%26time%3D1649635265590%26url%3Dhttps%253A%252F%252Fforum.kasperskyclub.ru%252Ftopic%252F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%252F%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649635265590&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649635265590&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&liSync=true&e_ipv6=AQIPWUaW0POm-gAAAYAV7I2-aM26ih8-VnND0I8dzhWrnazi_CKv_HcZCggP1MoqWCaS8kFA5eHoWD97FaLbIwD8FFp4Mg

Request Chain 82

• https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220721&bt=62&custom=206%3DDSPCounter&ph=0&rnd=113504&tail256=unknown HTTP 302
• https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220721&bt=62&custom=206%3DDSPCounter&ph=0&rnd=113504&tail256=unknown&tuid=-5415310863

Request Chain 85

• https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=18742308690332844000&__location=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&__referrer=&__title=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&__keywords=%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D1%82%D1%80%D0%BE%D1%8F%D0%BD%2C%20Win32.SEPEH.gen%2C%20Win7x64&_usertz=0 HTTP 302
• https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=18742308690332844000&__location=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&__referrer=&__title=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&__keywords=%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D1%82%D1%80%D0%BE%D1%8F%D0%BD%2C%20Win32.SEPEH.gen%2C%20Win7x64&_usertz=0&check-cookie=true

Request Chain 86

• https://9582686.fls.doubleclick.net/activityi;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=1949690023.1649635266;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F;u6=;u7=undefined-1659588515.1649635265;u9=_topic_61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen_;~oref=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F HTTP 302
• https://9582686.fls.doubleclick.net/activityi;dc_pre=CM64m6DaivcCFQThUQodj-kBxQ;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=1949690023.1649635266;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F;u6=;u7=undefined-1659588515.1649635265;u9=_topic_61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen_;~oref=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F

Request Chain 105

• https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=Zt7aiq7Y7_PU HTTP 307
• https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=Zt7aiq7Y7_PU

Request Chain 106

• https://an.yandex.ru/mapuid/rutargetis/Zt7aiq7Y7_PU HTTP 302
• https://an.yandex.ru/mapuid/rutargetis/Zt7aiq7Y7_PU?redir-setuniq=1

Request Chain 109

• https://ads.betweendigital.com/match?bidder_id=12&external_user_id=Zt7aiq7Y7_PU HTTP 302
• https://ads.betweendigital.com/match?bidder_id=12&external_user_id=Zt7aiq7Y7_PU&crf=1

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/	216 KB 30 KB	616ms 391ms	Document text/html	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.33 PleskLin Resource Hash ae24f2879d2d2933088d7fcf813791c4b546e884d0792d6c1c4bdbcca73962f8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 6f9f721128005a2b-MXP content-encoding br content-type text/html;charset=UTF-8 date Mon, 11 Apr 2022 00:01:04 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma9ZOdwIytG6x%2FEQgwaYtEixotTXxbksfoTZWiCAOfvaSXPXwBTNgrdBBLlyMig6WaLsThBIptviLVTQ5IoH2EYr1wo5Kl%2FcuzWGt5dhKhBnyVfpGGwqxPEjLVWdv9%2FK5AlehS%2FQgghxzoBceTMdHYWRmJgG"}],"group":"cf-nel","max_age":604800} server cloudflare vary cookie,Accept-Encoding x-content-type-options nosniff x-frame-options sameorigin x-ips-loggedin 0 x-powered-by PHP/7.3.33 PleskLin x-xss-protection 0
GET H2	200	editor.css forum.kasperskyclub.ru/applications/core/interface/ckeditor/ckeditor/skins/ips/	28 KB 5 KB	37ms 33ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/applications/core/interface/ckeditor/ckeditor/skins/ips/editor.css?t=L3MD Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ce6813ecb1f0f95109290de358bff838df0cd95c1ffd3c65be403f5c119ecf8e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 18 May 2021 19:13:37 GMT server cloudflare etag W/"60a411e1-70e8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Og2a24MZCb54%2FjzmzCkPddyLM9lyDzHS8hXlT5IlerUVJheroB89FvCxF6peGNYy1K9MB6qYoBGt0ukNI7Axnnv4bQNPVs0hw297mlUciSsNzBBZBIqYfSK7nEZ7T28%2FZQLabumXf5NykqzQeNSb7Hg0xe1L"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=28904 cf-ray 6f9f7213cbb95a2b-MXP cf-bgj minify
GET H2	200	341e4a57816af3ba440d891ca87450ff_framework.css forum.kasperskyclub.ru/uploads/css_built_6/	289 KB 55 KB	41ms 38ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/341e4a57816af3ba440d891ca87450ff_framework.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 6965b683a53a1e116067173b923672897f3ade07149e6582fef65768a4b716bb Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-4852e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9QRSPzzlNbkrt%2BjCK0TSG3KLOJ77VqxWM%2FmaxRWi0pma86k6yzNEaAvBGWjt%2B32cZSPXq1Uhw8dssfLmdf1bPzJ26ROBx48YHQXHJv2AqHmipnpshWUSCY9aRV9TW8fM%2BgWWIuZuvK%2BszOWKQrE1ROlvZ43"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished status=cannot_optimize cf-ray 6f9f7213cbbb5a2b-MXP cf-bgj minify
GET H2	200	05e81b71abe4f22d6eb8d1a929494829_responsive.css forum.kasperskyclub.ru/uploads/css_built_6/	34 KB 7 KB	39ms 36ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/05e81b71abe4f22d6eb8d1a929494829_responsive.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash a6e200a299dcb02f9bb195a9502303bd6e26b6be6974ce9771e9b164955656ec Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-8c43" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNV0Dbbi%2FFXrTVlPHEnl66jrggCYqkqRvU3xPTBMW8sUQWhaitvO9FOOtmiAgog%2FKNU7KUEyAeijOgMWK6BUu%2FiBPBfbb3bvuUaj0j%2FRZdtzh6RuBQMHfmT3kcyfhY21Hb6qAL%2Bl0ngShOeDOQBa5Z8L1jQP"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=35907 cf-ray 6f9f7213cbbe5a2b-MXP cf-bgj minify
GET H2	200	20446cf2d164adcc029377cb04d43d17_flags.css forum.kasperskyclub.ru/uploads/css_built_6/	12 KB 2 KB	39ms 36ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/20446cf2d164adcc029377cb04d43d17_flags.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 77da945665d9b6f50c886487d0349553f59e90b54ec745833043197f31af88c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-30a5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFs6SDtfc5DI788Sa1R%2BC3Xe%2Fgdc8kYFMeigYh0q%2FqLOQ5aKxYcQudlkLSD8Fk9ZRuQl2oAC0OGT9f2Q1%2FyBS4hmdKG0ghYbs13QiPCpvGVVOQDDCGlm%2F7T7ydTNogonzjZM%2BRxNCOjrXSCQnOrCohXV%2FC4G"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=12453 cf-ray 6f9f7213cbc05a2b-MXP cf-bgj minify
GET H2	200	90eb5adf50a8c640f633d47fd7eb1778_core.css forum.kasperskyclub.ru/uploads/css_built_6/	19 KB 5 KB	66ms 63ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/90eb5adf50a8c640f633d47fd7eb1778_core.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash aa18691c0fd5dedce729ca29d41e4ec0011ecae05202ca86782bce8b4d83b2a8 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-4d79" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0RUy1YbmdL998%2FdtFpQZHiO3Avs4CikeBMtYXi%2FokputhkLT90s3E%2BnHpLlF6TdMmbcE8G%2ByfXHehPVYcLxt9KKtDZWR%2Bshc2sYGPeFzaiwtS9kUMnCLe1RJJlcjfHSZ5h1gsDDtq7el3eSTO67M5w7kzXZ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=19833 cf-ray 6f9f7213cbc15a2b-MXP cf-bgj minify
GET H2	200	5a0da001ccc2200dc5625c3f3934497d_core_responsive.css forum.kasperskyclub.ru/uploads/css_built_6/	5 KB 1 KB	38ms 35ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash db63c6f0a4b2975c893e2dcefd885ac39e52ab4eaca6a31d058945605d47b17d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-13d4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4rTiIgYfKo%2BH%2F%2BzPnDP3BS%2BaGT04J6LsWniKKNAdCamHa3zZsWip63cXzRlIu13hWbCP%2Fzn9h4iurUBVnYBaZzBvpzcpTNuS4K30eG51yYBR04f7nuT8tXLIPUGPcCUJ%2F9TbPyBXowm3m4oF%2B3X5znRWkQC"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=5076 cf-ray 6f9f7213cbc25a2b-MXP cf-bgj minify
GET H2	200	ec0c06d47f161faa24112e8cbf0665bc_chatbox.css forum.kasperskyclub.ru/uploads/css_built_6/	3 KB 1 KB	39ms 37ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/ec0c06d47f161faa24112e8cbf0665bc_chatbox.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash b218b99a31afadeb29f4523000d1c8facc868c947d73cfeca344c4c60517a291 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-a93" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIN5zOMv4QPpMMj0%2B8xx%2FV%2BGfzodx32eF2pK2o%2BZWRYofGMPm%2FdqVfhVxhnUCeQ%2Fmqipq%2FCeSyjNS4SohPaELlo%2F3cKlTVQOI2D3UeYk0HO0EQWe1%2BrTTRrAL7tDeGjAEh0H%2FC1hZ1JRpqcAlmlo43cabqQH"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=2707 cf-ray 6f9f7213cbc35a2b-MXP cf-bgj minify
GET H2	200	62e269ced0fdab7e30e026f1d30ae516_forums.css forum.kasperskyclub.ru/uploads/css_built_6/	17 KB 4 KB	40ms 37ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/62e269ced0fdab7e30e026f1d30ae516_forums.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 98cd62564959fc637ff1904addc85ca00281e3daf8344d279b6d4d44c3eef115 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-44cc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rx5D13m3h%2FpbDXVuEyoKH9BDkjpyp%2BWeJvGLH4ENB1s4dzsmOpkzUFcK25dN7sCnO0ZLZQ84el1nlfWJt2gwqsXIyM%2FZ2qTL8IhzcaKjNe7AW7ptjYDbmclN4mIlV4wIr1YW46q%2F8LgflVvqfwVBL%2FQ7tGa8"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=17612 cf-ray 6f9f7213cbc45a2b-MXP cf-bgj minify
GET H2	200	76e62c573090645fb99a15a363d8620e_forums_responsive.css forum.kasperskyclub.ru/uploads/css_built_6/	6 KB 2 KB	40ms 38ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/76e62c573090645fb99a15a363d8620e_forums_responsive.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ff18445619f139b4040aaa94d262827b130344bb30f9e6fe3a5f5517620c6bed Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-1a9a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Faj8i1CwzJeqcivxjx7ol00%2FuBEdNiQSi6ZIAdiCEtL0mmGU0W72R%2FqZxGnw6XwuvrnbrL5IFFiSDRS0XgGVBVOgPOqiu%2BTxRGz9TaDm7VqflstUjORNNeDSbaXbHrMUpVb88rxPNIC3kiCpmUSXWqscKhgW"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=6810 cf-ray 6f9f7213cbc55a2b-MXP cf-bgj minify
GET H2	200	ebdea0c6a7dab6d37900b9190d3ac77b_topics.css forum.kasperskyclub.ru/uploads/css_built_6/	3 KB 1 KB	39ms 37ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/ebdea0c6a7dab6d37900b9190d3ac77b_topics.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ff1bf3a543a18ba7140f9bb9c87782a6191f20bf40cb382f8c11da681409baee Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:30 GMT server cloudflare etag W/"6231c3c6-b7d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDYmpu%2BDyuggYm9mIYXYjhj6HupCyhtC4SfVBgsLohdtOwvNeml4lf94vTeuWqpYq6q1qHfu8mlT1LtP0%2FmplqZ0C4LjAdlGRT%2FcAIC1YyPJaE0IF6%2FuQUEjADSdEeP4fOdRMoq0v7K%2FEqGDt8PZ6XWZeYvD"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=2941 cf-ray 6f9f7213cbc65a2b-MXP cf-bgj minify
GET H2	200	258adbb6e4f3e83cd3b355f84e3fa002_custom.css forum.kasperskyclub.ru/uploads/css_built_6/	829 B 652 B	66ms 64ms	Stylesheet text/css	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/css_built_6/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=c5eaf0fd1a1647428550 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 8f11350f9500e9ea9141322ebf53892598209eb9e6cc0d3adcc57b1bba750c1e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 16 Mar 2022 11:02:31 GMT server cloudflare etag W/"6231c3c7-355" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUlwqfJfEBwxp4WyQVJo0y%2F%2BIZduF6VWj2N46L6lrYsFtuZ1n95dG9wuhE1TIoaCPbug6ZbcEhVDKB3PTK1aeBSiyO00soI7%2FNdlnoJod7vWrw9slFaEnC1U94ax%2Bgr3UYPZ5gi3ex%2F%2FMFpYQTSBCqmDRb0L"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-polished origSize=853 cf-ray 6f9f7213ebf05a2b-MXP cf-bgj minify
GET H2	200	fontawesome-webfont.woff2 forum.kasperskyclub.ru/applications/core/interface/font/	75 KB 76 KB	66ms 64ms	Font font/woff2	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Origin https://forum.kasperskyclub.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 last-modified Tue, 17 Mar 2020 08:05:52 GMT server cloudflare etag "5e7084e0-12d68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEr5XPcK9YHLaEt5%2F0w38slU%2FesrBm4lxpVWRV%2BVQ0cR3dTaRV%2FTT%2BwwD6elCXzpWBb5BIQ0QjnBIRX4j7VALiZOuHz%2BtV2AmnfGqlwSrvD0XphbE8nOFtybWT5l8hFEkWWEMbtIg5Uwjk%2BfQ1UsDs1x5Z1w"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=432000 accept-ranges bytes cf-ray 6f9f7213ebf15a2b-MXP
GET H2	200	icomoon.woff forum.kasperskyclub.ru/applications/core/interface/font/	3 KB 3 KB	71ms 69ms	Font font/woff	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/applications/core/interface/font/icomoon.woff?v=-29n77j Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash c4dc92b008688c213242cfaf0cbe2bfd0fc689326a7b878cbc1cfa8afd87b763 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Origin https://forum.kasperskyclub.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2676 last-modified Tue, 17 Mar 2020 08:05:52 GMT server cloudflare etag "5e7084e0-a74" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8O8F8x02LmDgOyiLsN0kynUD6i0%2Fa0XbmLPDLHN3ohwjP6%2Fjlp1OtGDF32yEjeIjy8%2BpwA%2B3I0%2FGvSdBXxBcExiRBMomKpn4rP%2F%2FEnJpSg6rxqxeWMXiqMPx%2B5RK62FJdYCfdx4SZQjXqD%2Bea3RWoU84T0o"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=432000 accept-ranges bytes cf-ray 6f9f7213ebf35a2b-MXP
GET H2	200	1545576735_KasperskyCLubLogoBG.png.502dafb5c25b69925ef9ecf262f8dd64.png forum.kasperskyclub.ru/uploads/monthly_2022_02/	17 KB 17 KB	70ms 69ms	Image image/png	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forum.kasperskyclub.ru/uploads/monthly_2022_02/1545576735_KasperskyCLubLogoBG.png.502dafb5c25b69925ef9ecf262f8dd64.png Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 646e3dfd57230a1711a5d2e076ed8eb647b1dd0ac51b52da72ea1ab99721475c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17388 last-modified Sun, 13 Feb 2022 18:34:54 GMT server cloudflare etag "62094f4e-43ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZKOpMDw9UbxcbInMKLbf6ilDUnnZxHI%2BmEUR4%2B8Z94E%2FUrP0uI1D%2FXGTNWKXyDA69D3O7uwpfmhhLCrY3xFjaojXR8LSoEKV1hAxmTdiS0hiGZ8%2FxzPR4ty%2FAfG2i9E9l9pYk%2FOqf%2BZacqJCvRpURPhr6fE"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=432000 accept-ranges bytes cf-ray 6f9f7213ebf55a2b-MXP
GET DATA	200 OK	truncated /	983 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a9680eff470e3e17c14823162471e13d7a5bace7363d5f532ee99d3ebe99f88a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET H2	200	photo-thumb-52864.jpg forum.kasperskyclub.ru/uploads/profile/	9 KB 10 KB	39ms 38ms	Image image/jpeg	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forum.kasperskyclub.ru/uploads/profile/photo-thumb-52864.jpg Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 99f98dcda841b47539737f76344ee5dd7774a1a774073aac1207db24ea72931f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 393 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9631 last-modified Fri, 01 Feb 2019 15:11:30 GMT server cloudflare etag "5c5461a2-259f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CimTpv5zAv%2Fer2spO16LPbw1BZojN2Qzq%2FSOzrhGkxdsi%2F2G%2B6xTgkzoVryJ2iTdH3s5di3LE98VI%2BE1iIu6exR5vGZ1J%2BQxrddNWueTi3j4Jxhg8yJwLhMShtcjP0F10kDtGHQotUUxlNqT4YqXmJv%2FYufC"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=432000 accept-ranges bytes cf-ray 6f9f7213ebf75a2b-MXP
GET DATA	200 OK	truncated /	283 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a8c35eedc87456e5d6d53fe546138683413887b6c23516666002cda4d658514b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	84c1e40ea0e759e3f1505eb1788ddf3c_default_photo.png forum.kasperskyclub.ru/uploads/set_resources_6/	1 KB 2 KB	38ms 38ms	Image image/png	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forum.kasperskyclub.ru/uploads/set_resources_6/84c1e40ea0e759e3f1505eb1788ddf3c_default_photo.png Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash c9b19667188a7a142b2f9e0841928d3a2137bf476d158c86fa58f6bfb05a5f68 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1290 last-modified Thu, 17 Jun 2021 20:36:53 GMT server cloudflare etag "60cbb265-50a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qU6MDVcCocbRyFrvZhgNM%2BVm46UEqxen0EfX8urHmKOE3%2BqtWCwPuoSwM7SgeRyXUuWc9TcaOGeVDzPUYPAM4ekF3nolCzyHn85ZQT9FYe%2Brmgnc%2BeNgw46USsKGWVjGy45hthELgRxCUyAohZFau%2FjpaV0"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=432000 accept-ranges bytes cf-ray 6f9f7213f8a15a43-MXP
GET DATA	200 OK	truncated /	283 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 154937635b18ea749111ad0e15fbc85ac394f9a3c829b077edc49c1431aa086d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	283 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 69d40b100fbc012428e4fdb80ad87b25b061413eb122644ec63cc1b197723783 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	283 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd5c882c67f9fc01a55b7667dcc576d4a73a0676e03b830fdaab4799f5af005d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	283 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ac2208ccd822626af84363dfef0bf79f71bc00f57e8f6120733d64fb97cf5f4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	imported-photo-64226.thumb.jpeg.82cf80a757474fbbcfc94e81c7ec72ae.jpeg forum.kasperskyclub.ru/uploads/monthly_2022_04/	6 KB 6 KB	36ms 34ms	Image image/jpeg	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forum.kasperskyclub.ru/uploads/monthly_2022_04/imported-photo-64226.thumb.jpeg.82cf80a757474fbbcfc94e81c7ec72ae.jpeg Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 05e436523fa53a226f21e59397ec2b3e464f058ee61c6c35b6616ba33c37cc5d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 393 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5942 last-modified Mon, 04 Apr 2022 03:49:56 GMT server cloudflare etag "624a6ae4-1736" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0wJ2A%2BnXv4%2FNHUf%2F9NgoAWWQe%2FupYvGzHdNQyw%2FJeJ6WzxCecLnG%2FzXGXxq9twTPyPnRUk37JgV5XF3o7yTWkdHtuqWI573XJkSBAnOuCkntEIUsCXGwvUM1N8I6lA6JOEJLdXzKLh%2BCSl6rzyK0VAjY8j8"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=432000 accept-ranges bytes cf-ray 6f9f721408b25a43-MXP
GET H3	200	rocket-loader.min.js Show response forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	33ms 32ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 24 Mar 2022 11:29:35 GMT server cloudflare etag W/"623c561f-302c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFpFOEmWc0%2FRdGW0wRbCq1sWiZ6nTv2fsyjk03ExsCaAQjAAHjWXseIxcSYICWfex7o9B6yIo%2FuFqbhPxfG9e6qnAxEvrOeEUdF%2FLj%2FuNPhyLOBvEPXIAFceyhK07Lh5i2zSLYQ8GIZkmVcVP3x5OInfEEcd"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f9f721408b55a43-MXP vary Accept-Encoding expires Wed, 13 Apr 2022 00:01:04 GMT
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/	14 KB 5 KB	92ms 45ms	Script text/javascript	2606:4700:440e::6812:2fe6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://forum.kasperskyclub.ru/ Origin https://forum.kasperskyclub.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6f9f72145f460f86-MXP
GET H3	200	root_map.js Show response forum.kasperskyclub.ru/uploads/javascript_global/	2 KB 1003 B	97ms 96ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_global/root_map.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ca4bab292bc2362f0fb56e10066e4dbe10509222c58cc7fbcf629ed3606aa568 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 09 Apr 2022 10:08:22 GMT server cloudflare etag W/"62515b16-9e5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYo%2BWbxapSJdEjEn9ioj8ArbJLWSB0aEbmDQBwRQdqngPkKMRI8qpWUUttO8tq%2Bb7zuj6LnXkmhrVjfe2gfN0OXxzrVkmla6ESKWlbdK7xBV3654v2Pxa0JKxXYC3a8ssEs7EEhfb5VV9Lc0bBcmyBixGog1"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-ray 6f9f72151a295a43-MXP cf-bgj minify
GET H3	200	front_front_topic.js Show response forum.kasperskyclub.ru/uploads/javascript_forums/	4 KB 2 KB	125ms 123ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_forums/front_front_topic.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash c2d3e55e61ab83cadb0468731843c05bc82b6913516c3aae26dc77cbe820b888 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:07 GMT server cloudflare etag W/"6250aa8b-111d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN0rynjD%2FK%2BvPX5jLXyEBBw4ecuX4d%2FWEUK0SchroPrxpTnQqZ2fQiA1v0ilX0RpW9NxJDiBzz4LzDTGtNalcXUwSGOi9m%2FJx3LwSQPeThoye%2FvxE%2FEHzQ1jssGA3tEf0uLGEsh0e00rfS0SAPJ%2BqI0Nb4RB"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-polished origSize=4381 cf-ray 6f9f72151a2e5a43-MXP cf-bgj minify
GET H3	200	front_front_chatbox.js Show response forum.kasperskyclub.ru/uploads/javascript_bimchatbox/	26 KB 8 KB	38ms 35ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_bimchatbox/front_front_chatbox.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ea578872d1f5105d570724a0e6cc7c4d17b224c81e7b8f98018bb62c9ac384ed Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:07 GMT server cloudflare etag W/"6250aa8b-6889" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6Bv7lryEhfLsxPUNSA4ssOIg3LCS2GJEDPqmoCbsESCGiml3TpPRn3FUjuNQbOgxsm%2BRdc1F4Mt3WYFEQY7GLgBldqMRjNhZeRuQo%2BbQVnxbbJmXhjQt40MYRmZSyptnxvlcx7w7vXHrF490cDtqm9pI8Lr"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-ray 6f9f72151a305a43-MXP cf-bgj minify
GET H3	200	front_front_core.js Show response forum.kasperskyclub.ru/uploads/javascript_core/	26 KB 7 KB	37ms 35ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_core/front_front_core.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash eabeb7a75c8848f482bad5a4ff11c916b05a8ec80ec1f378316b7505a7370017 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:07 GMT server cloudflare etag W/"6250aa8b-6914" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9aRulmGoSqO7RKcOCnf4mE8utIXA2hmC5dfsbU90oGsZMwXhJkNjmpYu8eqk6oOU%2BXxL0wIdDRmjoCLX%2F6U3Ei5Z2iK%2BEgh7BLoNuWORpdQcoPtRJbGC15%2F1mXfZCwxXuAgDgeO97%2FvvDL%2BmtfOq8FNGvgI"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-polished origSize=26900 cf-ray 6f9f72151a315a43-MXP cf-bgj minify
GET H3	200	root_front.js Show response forum.kasperskyclub.ru/uploads/javascript_global/	100 KB 23 KB	97ms 95ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_global/root_front.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash e922a676b060a03222815d3338346bbcd47819fc86f6afb1de262256df864a0b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:07 GMT server cloudflare etag W/"6250aa8b-1918d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sgnpi8XvYC8BAsYHXG2UDgVPpT5nZg2QEJYHlD36imj9YEezFGUW3UT8gs2Sh%2F1CYPL7Jk9w5ByrACiAZie3Zw%2F0jdCfcQ0MRvD5VEj9doQGW07Q4hC558hPTCms9YR6WA3UaRgbsNdnffLy%2BlyVZpb1dYkl"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-polished origSize=102797 cf-ray 6f9f72151a325a43-MXP cf-bgj minify
GET H3	200	plugins_plugins.js Show response forum.kasperskyclub.ru/uploads/javascript_core/	1 KB 1 KB	37ms 36ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_core/plugins_plugins.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 38dee4d221d33b2a7ebd7cb21fccf02ee4fc1c81f1add9a6503f6f76b01cd520 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:07 GMT server cloudflare etag W/"6250aa8b-41f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BEXYoPq6rqyh5NpwImqeCer3lyuNbfYDR%2B%2Fk5SBBK9vzSqMRLTS15ivKZCZZQhScXHN6YVyZZ9%2B5j3UgWacRZqd67OkUkjMcm8Yotd3JJLVp9fmqQyL96lwZIubFanQONRP7Q5MT0Bm%2BOGLe1LHIsfQp25%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-ray 6f9f72151a335a43-MXP cf-bgj minify
GET H3	200	global_global_core.js Show response forum.kasperskyclub.ru/uploads/javascript_core/	36 KB 10 KB	97ms 96ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_core/global_global_core.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 084a69b8a10c3375e9871f8c166ebcab053aff4c44dfc550094c0ca37ec9abda Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:07 GMT server cloudflare etag W/"6250aa8b-8ee7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRxCYd6HsT9VfKR5fnN4shu4Urt5XZr6UUuSin9MXWqihVcGweeGYZWn6%2BuDInd8oXhnD1zZqMS2EGe77Qb3nL9ml1O3%2BCmbcy8SwGEke3hy6OdrlOVrnkxE%2FooFMZtOZJgbCtl7NAsAgNjnGkJWs7lmJ3Hb"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-polished origSize=36583 cf-ray 6f9f72151a345a43-MXP cf-bgj minify
GET H3	200	root_framework.js Show response forum.kasperskyclub.ru/uploads/javascript_global/	409 KB 96 KB	98ms 97ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_global/root_framework.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 0d9ea5b7f10aad74ac822957e1cdf5ca794284cae831eafc88bdec74573b288c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:07 GMT server cloudflare etag W/"6250aa8b-66670" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4H%2BQQLHNbucCG8%2F5z%2F6%2ByWPYbAD3lQnCzT038epqoyXGOwjlJqEZbUC8ZqySYhagZ9gp0TOLsxIuecmP7By4YKyKC0doBgGZl3wuyykP9uWqMd%2F1Op0iiWNc%2BQv0Yy%2BtIDomGCjd0zXVxg1W7N%2Bl8JeQaNOu"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-polished origSize=419440 cf-ray 6f9f72151a355a43-MXP cf-bgj minify
GET H3	200	root_js_lang_2.js Show response forum.kasperskyclub.ru/uploads/javascript_global/	244 KB 49 KB	66ms 65ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_global/root_js_lang_2.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 4d665287bd3341e4d3816df67ecc65e8d50617f3f4595a1aa82ab6eec240bca9 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:07 GMT server cloudflare etag W/"6250aa8b-3d064" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkc7NAZqPGhygWj5TPcOVzxRP%2FtYjMLCQN6m52HBTDfX5H%2BvmXjwgaOgHzPIPRgeiCKPb%2FL0FpDBrUdbBhk79baT9x55gmHUus1FWARjMY4CZRkAheV2wnHnG8KEq6Wfl1b5VbvMzaXFMELvYJyFScFCAql5"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-ray 6f9f72151a365a43-MXP cf-bgj minify
GET H3	200	root_library.js Show response forum.kasperskyclub.ru/uploads/javascript_global/	383 KB 119 KB	152ms 152ms	Script application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_global/root_library.js?v=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash ceb6c8882d9bc2794f5b173df6a16482b3083ccfc0e0613953674558b29de460 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1211 x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 21:35:06 GMT server cloudflare etag W/"6250aa8a-5fe05" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1hfo12T4YcFuLzRxAHyENx5FQcKLMHaLoBkHXZ9l2iuz31Lj4rrqcqrYb%2FrsEr8tL9veNbFN8xPJd8PB%2BghW1GwjMVuABEdZGnvBAK6TVakgd1FcFW6QvqV9ejuhMRHqgQTqVoWJAI1FZDqCr0nVC65T04S"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-polished origSize=392709 cf-ray 6f9f72151a375a43-MXP cf-bgj minify
GET H2	200	gtm.js Show response www.googletagmanager.com/	101 KB 39 KB	78ms 56ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T9TFMDT Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 68f6d9a6d68bac6bf223e240f5f21a0aadaa86beac63c297052a0c0718fe86a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39829 x-xss-protection 0 expires Mon, 11 Apr 2022 00:01:04 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	474 KB 114 KB	36ms 15ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 852fa1b691ed9d1bd07f5a4ba658302b83987218b63b7b5048637821768d7876 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 116366 x-xss-protection 0 expires Mon, 11 Apr 2022 00:01:04 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	202 KB 69 KB	135ms 67ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 6676403d614657aab51e4807503d9f0de6723b08c4e404e109f1375b891117be Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br last-modified Thu, 07 Apr 2022 11:31:59 GMT etag "624ea17f-11414" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 70676 expires Mon, 11 Apr 2022 01:01:04 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	412 KB 106 KB	29ms 15ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 572cc84fb9f0b21a7638c7bd9bbadfc9e401fb52f21fdd2efa36ac310b6c0c60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:04 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 108975 x-xss-protection 0 expires Mon, 11 Apr 2022 00:01:04 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	32ms 5ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9TFMDT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6233 date Sun, 10 Apr 2022 22:17:11 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 11 Apr 2022 00:17:11 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	22ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26311 x-xss-protection 0 pragma public x-fb-debug qvd0UIebLifvWctrCbtXJ8Us8ysHqXVYZouPgN5BfTdMf2uJZj74yib2a5T1z4qnbVS+Qh2UHsxRz9lqwZAzIg== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 11 Apr 2022 00:01:04 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	openapi.js Show response vk.com/js/api/	104 KB 23 KB	155ms 52ms	Script application/x-javascript	93.186.225.208 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/js/api/openapi.js?160 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS Software kittenx / Resource Hash f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding br x-frontend front512005 last-modified Tue, 15 Mar 2022 10:42:47 GMT server kittenx etag "62306da7-5b1b" content-type application/x-javascript access-control-expose-headers X-Frontend cache-control max-age=345600 alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 23323 expires Fri, 15 Apr 2022 00:01:05 GMT
GET H3	200	839281392784015 Show response connect.facebook.net/signals/config/	496 KB 145 KB	19ms 8ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/839281392784015?v=2.9.57&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ddc035ae3c1f12695c2def0be02283e990946154270b8715930237b4849babf7 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 148418 x-xss-protection 0 pragma public x-fb-debug 7egkghM47FAClsiNVVfI7a1iBh7GWuggtWH64U0GXF7jMk3yjd4UbSQ+LJHPpe75ObKV8+d0G46SnDOxrAV7cQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 11 Apr 2022 00:01:04 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	29ms 14ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=791820485&t=pageview&_s=1&dl=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1612177109&gjid=1285708806&cid=1659588515.1649635265&tid=UA-761601-4&_gid=795035557.1649635265&_r=1&gtm=2wg3u0T9TFMDT&z=279252736 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://forum.kasperskyclub.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://forum.kasperskyclub.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9604.3aCLZXz_T-7SOI6MCfMlT4aQMOrYzaNZNrTvEsLqBo34_0LOvkyhiyk9KD2sWdTB.o5oKBejdZ8ltpusvkB_9M8RM28s%2C https://mc.yandex.com/sync_cookie_image_decide?token=9604.bcen07PlMFakXMcPErckaZto_zxNm7y-cNVQM08XZg8ZqXkAB3eYZnLxCvqYvQi_pk0wXb_XK2yFhSL2-8sA3A%2C%2C.376UlOdyBr4uFyHy_ZYwSHkLz-c%2C	75 B 75 B	34ms 34ms	Image text/html	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9604.bcen07PlMFakXMcPErckaZto_zxNm7y-cNVQM08XZg8ZqXkAB3eYZnLxCvqYvQi_pk0wXb_XK2yFhSL2-8sA3A%2C%2C.376UlOdyBr4uFyHy_ZYwSHkLz-c%2C Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9604.bcen07PlMFakXMcPErckaZto_zxNm7y-cNVQM08XZg8ZqXkAB3eYZnLxCvqYvQi_pk0wXb_XK2yFhSL2-8sA3A%2C%2C.376UlOdyBr4uFyHy_ZYwSHkLz-c%2C date Mon, 11 Apr 2022 00:01:05 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 444 B	81ms 19ms	XHR text/plain	2a00:1450:400c:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-761601-4&cid=1659588515.1649635265&jid=1612177109&gjid=1285708806&_gid=795035557.1649635265&_u=YEBAAEAAAAAAAC~&z=1679946384 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://forum.kasperskyclub.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 11 Apr 2022 00:01:05 GMT content-type text/plain access-control-allow-origin https://forum.kasperskyclub.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 408 B	24ms 9ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&rl=&if=false&ts=1649635265207&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1649635265206.389994421&it=1649635264976&coo=false&exp=p1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Mon, 11 Apr 2022 00:01:05 GMT
GET H3	200	rtrg vk.com/	49 B 494 B	147ms 53ms	Image image/gif	93.186.225.208 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://vk.com/rtrg?p=VK-RTRG-339477-zdPF&metatag_url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&metatag_title=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen Protocol H3 Security QUIC, , AES_128_GCM Server 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS Software kittenx / KPHP/7.4.110764 Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip x-frontend front512005 server kittenx x-powered-by KPHP/7.4.110764 strict-transport-security max-age=15768000 content-type image/gif access-control-expose-headers X-Frontend cache-control no-store accept-ranges bytes alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 65
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 136 B	41ms 41ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT last-modified Thu, 07 Apr 2022 11:31:59 GMT etag "624ea17f-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Mon, 11 Apr 2022 01:01:05 GMT
POST H3	200	rum Show response forum.kasperskyclub.ru/cdn-cgi/	0 171 B	36ms 35ms	XHR text/plain	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type application/json Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://forum.kasperskyclub.ru access-control-max-age 86400 access-control-allow-credentials true cf-ray 6f9f7218beb35a43-MXP vary Origin
GET H2	200	0c5328837e564.js Show response t.contentsquare.net/uxa/	285 KB 65 KB	37ms 10ms	Script application/javascript	18.66.248.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.contentsquare.net/uxa/0c5328837e564.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-122.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash afd80c29c0f895fb88cfe970cdfda24391ef5d9168ede513b5b8931883063053 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Sun, 10 Apr 2022 14:58:29 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 14:53:09 GMT server AmazonS3 age 32699 etag "f18c24aa8b961f058935e549b3f05215" x-cache Hit from cloudfront content-type application/javascript;charset=utf-8 via 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront) cache-control max-age=900 x-amz-cf-pop DUS51-P1 accept-ranges bytes content-length 65860 x-amz-cf-id VngM4o5rlw0vUPxlj3OP_pEYREORjtSwm1GO1isIwVhKB5StgVEDcg==
GET H2	200	web-vitals.umd.js Show response unpkg.com/web-vitals@2.1.4/dist/ Redirect Chain https://unpkg.com/web-vitals https://unpkg.com/web-vitals@2.1.4 https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js	5 KB 2 KB	23ms 23ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js Protocol H2 Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 6903870 fly-request-id 01FSX6QPCMDZA10VHFYP5G8ZJ4 content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6f9f721a8a8b59ef-MXP Redirect headers date Mon, 11 Apr 2022 00:01:05 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01FSX6QP7TCC7WPN85Q37A3F5H server cloudflare age 6903870 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 location /web-vitals@2.1.4/dist/web-vitals.umd.js cache-control public, max-age=31536000 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6f9f7219e99a59ef-MXP access-control-allow-origin *
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	14ms 13ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=791820485&t=pageview&_s=1&dl=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&dp=%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1288135809&gjid=1907161273&cid=1659588515.1649635265&tid=UA-63997723-25&_gid=795035557.1649635265&_r=1&gtm=2wg460WZ7LJ3&cd14=ru_RU&cd53=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&cd16=1659588515.1649635265&z=509726774 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://forum.kasperskyclub.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://forum.kasperskyclub.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6234 date Sun, 10 Apr 2022 22:17:11 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 11 Apr 2022 00:17:11 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	50ms 14ms	Script application/x-javascript	2a02:26f0:3500:7::17d8:4dc7 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:7::17d8:4dc7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Mon, 11 Apr 2022 00:01:05 GMT Content-Encoding gzip Last-Modified Fri, 18 Mar 2022 23:45:34 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=50641 Connection keep-alive Accept-Ranges bytes Content-Length 3104
GET H2	200	DSPCounter.js Show response tags.soloway.ru/	8 KB 8 KB	138ms 45ms	Script application/x-javascript	88.212.240.204 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://tags.soloway.ru/DSPCounter.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.212.240.204 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.14.2 / Resource Hash b1444be514e20cdb4b0851bede140f21487b5a28738f64184a5433dfa2d51e79 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT last-modified Wed, 29 Dec 2021 12:33:45 GMT server nginx/1.14.2 etag "61cc55a9-1e6a" content-type application/x-javascript access-control-allow-origin * accept-ranges bytes content-length 7786
GET H3	200	js Show response www.googletagmanager.com/gtag/	93 KB 37 KB	16ms 16ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9582686 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4ffc472ff706ddc4b4aed354feb68cff7af9599ecda14299eb43cb463bad89e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37609 x-xss-protection 0 expires Mon, 11 Apr 2022 00:01:05 GMT
GET H2	200	A2336411-46c8-4f83-96b6-294966496d651.js Show response d.impactradius-event.com/	42 KB 13 KB	38ms 7ms	Script text/javascript	35.186.249.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://d.impactradius-event.com/A2336411-46c8-4f83-96b6-294966496d651.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 72.249.186.35.bc.googleusercontent.com Software UploadServer / Resource Hash 4e39dd1af2ab89316460668ebbd994841c3d9aaa9e1ce6d428b040dc73ac8cc4 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sun, 10 Apr 2022 23:58:23 GMT content-encoding gzip age 162 x-guploader-uploadid ADPycduqQ8jxSn--1VqE-oXTqhthPsJJNTzMBTXqUN-yw3CVp7CNcsWlmmwEnaf0aSAFQ3NiNrElygwmIp8fpts_j6-R27cilV-b x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 13182 last-modified Wed, 02 Mar 2022 19:41:23 GMT server UploadServer etag "3de352e7d844a747c3067ea5900e1eb4" vary Accept-Encoding x-goog-hash crc32c=BL1d/w==, md5=PeNS59hEp0fDBn6lkA4etA== x-goog-generation 1646250082848219 cache-control public,max-age=900,s-maxage=300 x-goog-stored-content-length 13182 accept-ranges bytes content-type text/javascript; charset=utf-8 expires Mon, 11 Apr 2022 00:03:23 GMT
GET H2	200	ktag.js Show response resources.xg4ken.com/js/v2/	9 KB 4 KB	450ms 94ms	Script text/plain	3.227.216.229 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA7-3EE Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.227.216.229 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-227-216-229.compute-1.amazonaws.com Software nginx / Resource Hash c11cb5f286d7ab9c105a5f4865c3f7ad85fe215a5861a0bda01fd4e521858c84 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 10:06:10 GMT server nginx etag "621c9e92-dd8" content-type text/plain cache-control max-age=86400, public content-length 3544 x-xss-protection 1; mode=block expires Tue, 12 Apr 2022 00:01:05 GMT
GET H2	200	watch.js Show response mc.yandex.ru/metrika/	139 KB 49 KB	36ms 35ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/watch.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 47649c34e5d08a7776f6d66e48b8ffc00043c99cdffef79529baaf52fd20cc93 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding br last-modified Thu, 07 Apr 2022 11:31:59 GMT etag "624ea17f-c566" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 50534 expires Mon, 11 Apr 2022 01:01:05 GMT
GET H3	200	openapi.js Show response vk.com/js/api/	104 KB 23 KB	45ms 44ms	Script application/x-javascript	93.186.225.208 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/js/api/openapi.js?159 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H3 Security QUIC, , AES_128_GCM Server 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS Software kittenx / Resource Hash f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding br x-frontend front512005 last-modified Tue, 15 Mar 2022 10:42:47 GMT server kittenx etag "62306da7-5b1b" content-type application/x-javascript access-control-expose-headers X-Frontend cache-control max-age=345600 accept-ranges bytes alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 23323 expires Fri, 15 Apr 2022 00:01:05 GMT
GET H2	200	top100.js Show response st.top100.ru/top100/	188 KB 62 KB	240ms 117ms	Script application/javascript	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/top100.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash 49f5da097dfd33071c87cb1a5b71074314acbc33d208ab2e1b374a2df6b31830 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip last-modified Fri, 08 Apr 2022 12:03:45 GMT server nginx/1.19.4 x-amz-request-id tx0000000000000c7f9a4d9-0062536f71-f8aa9c-default etag W/"d06c7800b70b5f7c5e3e660fa8fcba90" vary Accept-Encoding p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control max-age=3600 x-rgw-object-type Normal content-type application/javascript expires Mon, 11 Apr 2022 01:01:05 GMT
GET H2	200	tagtag.min.js Show response www.artfut.com/static/	3 KB 2 KB	82ms 34ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/tagtag.min.js?campaign_code=e5a65aad3a Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edfc75726cf71265dd903eeb0f37bd74534194e42a0e6db6894beb6987023454 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 308 pragma public last-modified Mon, 21 Sep 2020 11:48:27 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5f68930b-cb0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mk0KaIrQTePrV9zVx%2B%2F%2FE%2BTQO0natnq0oAU7XOlOock8BYQdZYI4jwrHPLFmXpRPv9Fepmu93TSVo6aMuSHwJr0eX8qqLjwZObDbX5b247jR5w4lzDnndvkSVAzKHJe0etoVfkw5BK0H5RI"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 6f9f7219b85fd600-MXP expires Mon, 11 Apr 2022 00:15:57 GMT
GET H2	200	tag.js Show response cdn.rutarget.ru/static/tag/	4 KB 2 KB	163ms 52ms	Script application/x-javascript	80.64.106.149 RASCOM-AS CJSC RA...
General Check archive.org Show headers Download Go to Full URL https://cdn.rutarget.ru/static/tag/tag.js Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.64.106.149 Moscow, Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU), Reverse DNS s-fr4.rutarget.ru Software nginx / Resource Hash f3e974f42bddaac647ada00e08552cec3c12f9e45c733bed6d06f3e83f8368a7 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip last-modified Thu, 24 Jun 2021 14:00:14 GMT server nginx etag W/"60d48fee-f73" access-control-allow-methods OPTIONS content-type application/x-javascript cache-control max-age=900 access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name expires Mon, 11 Apr 2022 00:05:43 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	123 KB 36 KB	193ms 128ms	Script application/javascript	95.101.20.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.185 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2bba4f6297c4d6cfeb1a9e8f2511fc1c24f93863728b216bfb213faf0fd7f669 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-akamai-request-id 744ceb30.192d420b date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip x-cache-remote TCP_MISS from a23-220-105-91.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-181.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 101,95.101.20.181 server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=7, inner; dur=5 pragma no-cache server nginx x-tt-logid 202204110001050101131351942433AF0C vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 7,23.220.105.91 x-tt-trace-host 01cdce8a6f43bda51b26474913f25f98ea7b495fa5de6bf44af1715c41766cfb2225fa7ac2cf676075fb2307cba7632d7d7f7b2728f759f241ac244c2d8986dae0d950fe4c3852df6edf571978d60ff8cdc3fc4a32e561fa77ead43950dac7067a9b92e4a0b584e83153aae22f8bacc9cb expires Mon, 11 Apr 2022 00:01:05 GMT
GET H/1.1	200 OK	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/px?id=1565477&seg=29456386&t=2 https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565477%26seg%3D29456386%26t%3D2	43 B 1 KB	24ms 12ms	Image image/gif	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565477%26seg%3D29456386%26t%3D2 Protocol HTTP/1.1 Server 37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 Apr 2022 00:01:05 GMT X-Proxy-Origin 217.64.151.32; 217.64.151.32; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 22c1f7d1-0fab-4f3e-bbef-1b07bb19b58a Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Mon, 11 Apr 2022 00:01:05 GMT X-Proxy-Origin 217.64.151.32; 217.64.151.32; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 77f241f0-1daf-47e9-a45e-492f109c1d40 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565477%26seg%3D29456386%26t%3D2 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$... Redirect Chain https://ad.doubleclick.net/ddm/activity/src=11733622;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... https://ad.doubleclick.net/ddm/activity/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr... https://adservice.google.com/ddm/fls/p/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_... https://adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...	42 B 107 B	71ms 43ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7218644194035.235;~oref=https://forum.kasperskyclub.ru/ Protocol H2 Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/html; charset=UTF-8 location https://adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CO_MjaDaivcCFYRJHgIdFEwDxg;type=invmedia;cat=kaspe001;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=7218644194035.235;~oref=https://forum.kasperskyclub.ru/ cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel pixel.mediaiqdigital.com/ Redirect Chain https://secure.adnxs.com/px?id=1565568&seg=29457237&order_id=undefined&value=0&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3Dundefined%26u2%3DProduct_Name%26u3%3D0%26u4%3DTransaction_... https://pixel.mediaiqdigital.com/pixel?u1=undefined&u2=Product_Name&u3=0&u4=Transaction_Date&u5=Promo_Code&u6=Discount&u7=Lifetime&u8=Product_family&u9=Category&u10=Business_Segment&u11=Quantity&u1...	2 B 82 B	43ms 8ms	Image application/json	35.157.103.248 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.mediaiqdigital.com/pixel?u1=undefined&u2=Product_Name&u3=0&u4=Transaction_Date&u5=Promo_Code&u6=Discount&u7=Lifetime&u8=Product_family&u9=Category&u10=Business_Segment&u11=Quantity&u12=ru_RU&u13=Site_Region&u14=Page_Type&u15=Is_test_order&u16=site_id&u17=Placeholder1&u18=Placeholder2&u19=Placeholder3&u20=Placeholder4&u21=Placeholder5&pixel_id=1565555&uid=5376892401598139798 Protocol H2 Server 35.157.103.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-103-248.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-length 2 content-type application/json; charset=utf-8 Redirect headers Pragma no-cache Date Mon, 11 Apr 2022 00:01:05 GMT X-Proxy-Origin 217.64.151.32; 217.64.151.32; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid e6a90c4d-dcd3-4867-a0e6-68dfb31b479f Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://pixel.mediaiqdigital.com/pixel?u1=undefined&u2=Product_Name&u3=0&u4=Transaction_Date&u5=Promo_Code&u6=Discount&u7=Lifetime&u8=Product_family&u9=Category&u10=Business_Segment&u11=Quantity&u12=ru_RU&u13=Site_Region&u14=Page_Type&u15=Is_test_order&u16=site_id&u17=Placeholder1&u18=Placeholder2&u19=Placeholder3&u20=Placeholder4&u21=Placeholder5&pixel_id=1565555&uid=5376892401598139798 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$... Redirect Chain https://ad.doubleclick.net/ddm/activity/src=11733622;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... https://ad.doubleclick.net/ddm/activity/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr... https://adservice.google.com/ddm/fls/p/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_... https://adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_c...	42 B 737 B	69ms 42ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3080484984545.857;~oref=https://forum.kasperskyclub.ru/ Protocol H2 Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/html; charset=UTF-8 location https://adservice.google.de/ddm/fls/p/src=11733622;dc_pre=CMuwjqDaivcCFQxAHgIdi0IBFg;type=invmedia;cat=kaspe00i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=3080484984545.857;~oref=https://forum.kasperskyclub.ru/ cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Redirect Chain https://s.tribalfusion.com/i.cid?c=705083&ev=0&page=Global https://s.tribalfusion.com/z/i.cid?c=705083&ev=0&page=Global https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 https://a.tribalfusion.com/i.match?p=b26&u=5376892401598139798&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 https://ib.adnxs.com/setuid?entity=305&code=18072662287868296039	43 B 1011 B	7ms 6ms	Image image/gif	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=305&code=18072662287868296039 Protocol HTTP/1.1 Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 Apr 2022 00:01:06 GMT X-Proxy-Origin 217.64.151.32; 217.64.151.32; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 8f80629c-f883-4fe4-b38d-8d5a0b0eea0d Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 11 Apr 2022 00:01:06 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 2277 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6f9f721d9c8d3745-MXP p3p CP="NOI DEVo TAIa OUR BUS" location https://ib.adnxs.com/setuid?entity=305&code=18072662287868296039 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	index.php Show response forum.kasperskyclub.ru/	2 B 710 B	123ms 122ms	XHR application/json	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/index.php?app=core&module=system&controller=ajax&do=attachmentInfo&csrfKey=cdb126bbec45764470b8902bc8a7d96e&attachIDs%5B166779%5D=true Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/uploads/javascript_global/root_library.js?v=c5eaf0fd1a1649498902 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.33, PleskLin Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 0 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.3.33, PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 0 x-ips-loggedin 0 pragma no-cache server cloudflare x-frame-options sameorigin expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary cookie,Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31oKlA9PzzTTQ2JLp2G%2FaVE4RDxuBomFuzVlsAuETRVtJ%2FmI4ZyoIwdrn6WnS4x7o0r%2BEC4hkHaiGUW%2Bn%2B8aaUbcoZ5xYnSv8bwwMYp%2BkMQeHIFxqe%2B4aS%2FVMBpoyBsZTw9edIultJIkUCDGnjuwxuD%2FCTte"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 6f9f7219afeb5a43-MXP expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	1649d5fbb67c.js Show response w.usabilla.com/ Frame 7994	169 KB 20 KB	99ms 28ms	Script text/javascript	54.77.70.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w.usabilla.com/1649d5fbb67c.js?lv=1 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.77.70.77 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-77-70-77.eu-west-1.compute.amazonaws.com Software / Resource Hash 3e98e43822ee0445b87678247cd533cfe389fdb9c36f2217d90da33025934ad0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip x-widget-server 2.1 etag "636d3b0ac3ef7ec99e2ec2d8b776cbb0" content-type text/javascript cache-control public,max-age=0 content-length 19714
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	42ms 21ms	XHR text/plain	2a00:1450:400c:c06::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63997723-25&cid=1659588515.1649635265&jid=1288135809&gjid=1907161273&_gid=795035557.1649635265&_u=aEDAAEABAAAAAC~&z=1696110768 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://forum.kasperskyclub.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 11 Apr 2022 00:01:05 GMT content-type text/plain access-control-allow-origin https://forum.kasperskyclub.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1 Show response mc.yandex.com/watch/154428/ Redirect Chain https://mc.yandex.com/watch/154428?wmode=7&page-url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14... https://mc.yandex.com/watch/154428/1?wmode=7&page-url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A...	338 B 396 B	36ms 36ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/154428/1?wmode=7&page-url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A1%3Adp%3A0%3Als%3A649398362600%3Ahid%3A802269179%3Az%3A0%3Ai%3A20220411000105%3Aet%3A1649635265%3Ac%3A1%3Arn%3A282646093%3Arqn%3A1%3Au%3A16496352651019039495%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649635263950%3Ads%3A162%2C62%2C391%2C49%2C0%2C0%2C%2C19%2C0%2C870%2C870%2C1%2C870%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649635266%3At%3A%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 689617d34851b4f045be664c72569d82665d11309ee477b54da49635d006ef30 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff last-modified Mon, 11-Apr-2022 00:01:05 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://forum.kasperskyclub.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 338 x-xss-protection 1; mode=block expires Mon, 11-Apr-2022 00:01:05 GMT Redirect headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT last-modified Mon, 11-Apr-2022 00:01:05 GMT location /watch/154428/1?wmode=7&page-url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A1%3Adp%3A0%3Als%3A649398362600%3Ahid%3A802269179%3Az%3A0%3Ai%3A20220411000105%3Aet%3A1649635265%3Ac%3A1%3Arn%3A282646093%3Arqn%3A1%3Au%3A16496352651019039495%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649635263950%3Ads%3A162%2C62%2C391%2C49%2C0%2C0%2C%2C19%2C0%2C870%2C870%2C1%2C870%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649635266%3At%3A%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://forum.kasperskyclub.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 11-Apr-2022 00:01:05 GMT
GET H3	200	rtrg vk.com/	49 B 412 B	52ms 51ms	Image image/gif	93.186.225.208 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://vk.com/rtrg?p=VK-RTRG-303905-4ic5R&metatag_url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&metatag_title=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen Protocol H3 Security QUIC, , AES_128_GCM Server 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS Software kittenx / KPHP/7.4.110764 Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip x-frontend front512005 server kittenx x-powered-by KPHP/7.4.110764 strict-transport-security max-age=15768000 content-type image/gif access-control-expose-headers X-Frontend cache-control no-store accept-ranges bytes alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 65
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649635265590&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D39138%26time%3D1649635265590%26url%3Dhttps%253A%252F%252Fforum.kasperskyclub.ru%2... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649635265590&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649635265590&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&liSync=true&e_ip...	0 265 B	220ms 109ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649635265590&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&liSync=true&e_ipv6=AQIPWUaW0POm-gAAAYAV7I2-aM26ih8-VnND0I8dzhWrnazi_CKv_HcZCggP1MoqWCaS8kFA5eHoWD97FaLbIwD8FFp4Mg Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:06 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: EA9981314F9845D6AD6CEAE9FD54A33F Ref B: FRAEDGE0913 Ref C: 2022-04-11T00:01:06Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXcVaQM6U6eP5I/qIY7OQ== x-li-fabric prod-lva1 Redirect headers date Mon, 11 Apr 2022 00:01:05 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 8874FE6F1D6948BFA136E73D32B93D71 Ref B: FRAEDGE0811 Ref C: 2022-04-11T00:01:05Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1649635265590&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&liSync=true&e_ipv6=AQIPWUaW0POm-gAAAYAV7I2-aM26ih8-VnND0I8dzhWrnazi_CKv_HcZCggP1MoqWCaS8kFA5eHoWD97FaLbIwD8FFp4Mg x-li-proto http/2 content-length 0 x-li-uuid AAXcVaQJg4A/BhVjuWeA0A==
GET H/1.1	200 OK	1*1.gif logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/	0 0	402ms 96ms	Image text/html	75.101.233.97 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://logs-01.loggly.com/inputs/9b965af4-52fb-46fa-be1b-8dc5fb0aad05/tag/jsinsight/1*1.gif?ver=U28&acid=A2336411-46c8-4f83-96b6-294966496d651&type=UTT&msg=No%20campaign%20for%20landing%20page%3A%20https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&event=identify()%20exit&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.101.233.97 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-75-101-233-97.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H3	200	js Show response www.googletagmanager.com/gtag/	176 KB 65 KB	25ms 25ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YP1JLG57CH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-9582686 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d8b95c8c4c9a3eaa4f971f4b73068eabd2318ee2ddbfb86a476f6f2c7f5570e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 66268 x-xss-protection 0 expires Mon, 11 Apr 2022 00:01:05 GMT
GET H2	200	24906428 Show response mc.yandex.com/watch/	338 B 451 B	34ms 34ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/24906428?wmode=7&page-url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A782%3Acn%3A2%3Adp%3A0%3Als%3A1253364475674%3Ahid%3A802269179%3Az%3A0%3Ai%3A20220411000105%3Aet%3A1649635266%3Ac%3A1%3Arn%3A248994940%3Arqn%3A1%3Au%3A16496352651019039495%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649635263950%3Ads%3A162%2C62%2C391%2C49%2C0%2C0%2C%2C19%2C0%2C870%2C870%2C1%2C870%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649635266%3At%3A%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&t=gdpr(14)lt(33800)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 0dba4f21bc1457fc79dc4f0e1efecc3426c68dd2f837f0cd12c00507172286f5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff last-modified Mon, 11-Apr-2022 00:01:05 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://forum.kasperskyclub.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 338 x-xss-protection 1; mode=block expires Mon, 11-Apr-2022 00:01:05 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	41ms 18ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-25&cid=1659588515.1649635265&jid=1288135809&_u=aEDAAEABAAAAAC~&z=86520355 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	48ms 17ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63997723-25&cid=1659588515.1649635265&jid=1288135809&_u=aEDAAEABAAAAAC~&z=86520355 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	AdRiverFPS.js Show response content.adriver.ru/	10 KB 10 KB	136ms 42ms	Script application/x-javascript	23.111.96.44 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://content.adriver.ru/AdRiverFPS.js Requested by Host: tags.soloway.ru URL: https://tags.soloway.ru/DSPCounter.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.96.44 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 961b858a7e6e36be146498885dd31eda20a7211d4bf69dc711813b52bc7a80c8 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT last-modified Fri, 24 Dec 2021 11:24:04 GMT server nginx etag "61c5add4-2890" content-type application/x-javascript cache-control max-age=3600 accept-ranges bytes content-length 10384 expires Mon, 11 Apr 2022 01:01:05 GMT
GET H/1.1	200 OK	erle.cgi Show response ad.adriver.ru/cgi-bin/ Redirect Chain https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220721&bt=62&custom=206%3DDSPCounter&ph=0&rnd=113504&tail256=unknown https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220721&bt=62&custom=206%3DDSPCounter&ph=0&rnd=113504&tail256=unknown&tuid=-5415310863	2 KB 3 KB	68ms 68ms	Script application/x-javascript	81.222.128.11 ELTEL-AS
General Check archive.org Show headers Download Go to Full URL https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220721&bt=62&custom=206%3DDSPCounter&ph=0&rnd=113504&tail256=unknown&tuid=-5415310863 Protocol HTTP/1.1 Server 81.222.128.11 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad1.adriver.ru Software / Resource Hash b0692a0fb9524f5d2714744624d14c873f29c4995c5cca6b74d18bfabd4f5f1d Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 Apr 2022 00:01:05 GMT Transfer-Encoding chunked P3P policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Cache-control no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store Connection keep-alive Content-Type application/x-javascript Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 11 Apr 2022 00:01:05 GMT Location /cgi-bin/erle.cgi?sid=220721&bt=62&custom=206%3DDSPCounter&ph=0&rnd=113504&tail256=unknown&tuid=-5415310863 Transfer-Encoding chunked P3P policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA Access-Control-Allow-Origin * Cache-control no-cache, max-age=0, must-revalidate, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	tracking.min.js Show response www.artfut.com/static/	26 KB 7 KB	28ms 27ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/tracking.min.js Requested by Host: www.artfut.com URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=e5a65aad3a Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d4e3bd1621e63bb4bfbae3c3275134b26016bb76175fefe9c5998f8ade1009c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 335 pragma public last-modified Mon, 21 Sep 2020 11:48:27 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"5f68930b-686e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68r5tMJh4qLvfvZXyGNHz1V6hKaUHcdJCkDfK7ql0QBIL2EOWAeED%2F%2FhW0Xrr%2ByHA9nyRbILgitNDvEDFeVDmqX10ozuz%2FSuiU6GWtwuNirJrz5fshtfeUm3gBTlNR7IzLCPkuyQJtnHkx0K"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 6f9f721aa91fd600-MXP expires Mon, 11 Apr 2022 00:15:30 GMT
GET H2	200	crossdevice.min.js Show response www.artfut.com/static/	25 KB 8 KB	28ms 28ms	Script application/javascript	2606:4700:20::681a:16d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.artfut.com/static/crossdevice.min.js Requested by Host: www.artfut.com URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=e5a65aad3a Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cd07e6c64768b866c81e2e1cc61f88f631f377a3afc426d7b0c9de3875e65ae Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 335 pragma public last-modified Mon, 21 Sep 2020 11:48:27 GMT server cloudflare etag W/"5f68930b-655c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2AocupaWxMEr5P5JLkm%2B%2B0QMnSd10xC32aQ85frzukljyY7C1M071%2Bsidz9BsetlXm%2BmAke2hJgdro5K0Okv3N6BhC3jojKg5%2BbwgGfS3PTtaXDw9HvX0aXg4D4%2FK7BlmdexRqoGk5mQQo%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=1200, public cf-ray 6f9f721aa920d600-MXP expires Mon, 11 Apr 2022 00:15:30 GMT
GET H2	200	tag Show response tag.rutarget.ru/ Frame 7A5A Redirect Chain https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=18742308690332844000&__location=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin3... https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=18742308690332844000&__location=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin3...	324 B 612 B	157ms 156ms	Document text/html	80.64.106.149 RASCOM-AS CJSC RA...
General Check archive.org Show headers Download Go to Full URL https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=18742308690332844000&__location=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&__referrer=&__title=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&__keywords=%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D1%82%D1%80%D0%BE%D1%8F%D0%BD%2C%20Win32.SEPEH.gen%2C%20Win7x64&_usertz=0&check-cookie=true Requested by Host: cdn.rutarget.ru URL: https://cdn.rutarget.ru/static/tag/tag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.64.106.149 Moscow, Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU), Reverse DNS s-fr4.rutarget.ru Software nginx / Resource Hash ca890ea24699e3b3fc11e8b84c5c3c210d7ce9ba5245cd9dba1d42f13ec7ff07 Request headers Referer https://forum.kasperskyclub.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 11 Apr 2022 00:01:06 GMT p3p CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information." server nginx timing-allow-origin * Redirect headers content-length 0 date Mon, 11 Apr 2022 00:01:05 GMT location https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=18742308690332844000&__location=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&__referrer=&__title=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&__keywords=%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D1%82%D1%80%D0%BE%D1%8F%D0%BD%2C%20Win32.SEPEH.gen%2C%20Win7x64&_usertz=0&check-cookie=true p3p CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information." server nginx timing-allow-origin *
GET H3	200	activityi;dc_pre=CM64m6DaivcCFQThUQodj-kBxQ;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=1949690023.1649635266;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F618... Show response 9582686.fls.doubleclick.net/ Frame 65C0 Redirect Chain https://9582686.fls.doubleclick.net/activityi;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=1949690023.1649635266;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F6... https://9582686.fls.doubleclick.net/activityi;dc_pre=CM64m6DaivcCFQThUQodj-kBxQ;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=1949690023.1649635266;u1=B2C;u2=ru_RU;u4=foru...	668 B 469 B	39ms 25ms	Document text/html	142.250.185.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9582686.fls.doubleclick.net/activityi;dc_pre=CM64m6DaivcCFQThUQodj-kBxQ;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=1949690023.1649635266;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F;u6=;u7=undefined-1659588515.1649635265;u9=_topic_61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen_;~oref=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-9582686 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f6.1e100.net Software cafe / Resource Hash 4a7f04713c8a61975c571d12cc8715a221cd8913e44f0647517f660cf9ca3f77 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer about:blank Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 444 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Apr 2022 00:01:05 GMT expires Mon, 11 Apr 2022 00:01:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Apr 2022 00:01:05 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://9582686.fls.doubleclick.net/activityi;dc_pre=CM64m6DaivcCFQThUQodj-kBxQ;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=1949690023.1649635266;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F;u6=;u7=undefined-1659588515.1649635265;u9=_topic_61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen_;~oref=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	identify.js Show response analytics.tiktok.com/i18n/pixel/	114 KB 31 KB	116ms 116ms	Script application/javascript	95.101.20.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/identify.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.185 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-akamai-request-id 92afc5fd.192d433a date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip x-cache-remote TCP_MISS from a23-220-105-80.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-181.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 95,95.101.20.181 server-timing cdn-cache; desc=MISS, edge; dur=91, origin; dur=5, inner; dur=3 pragma no-cache server nginx x-tt-logid 2022041100010501011313516511D2E8C3 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 5,23.220.105.80 x-tt-trace-host 01cdce8a6f43bda51b26474913f25f98ea7b495fa5de6bf44af1715c41766cfb22f9dc5c9062ad94428cc4639fcdcb3e4d99de5b33eb98850916a54b65b46e0d61a1eaefac2e8677e4d12e6994dcdb70bfb41e09a839f0f885024c06c33bcf51bc9443cab850ba0b29fd3f7ab11b20380c expires Mon, 11 Apr 2022 00:01:05 GMT
GET H2	200	config.js Show response analytics.tiktok.com/i18n/pixel/	886 B 1 KB	120ms 119ms	Script application/javascript	95.101.20.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1QRHFHLRI5O97LIAVQG&hostname=forum.kasperskyclub.ru Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.185 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2d1f145555761799216f165f016b47e8a5db21f8d7c686bb2b91c63d72c938f7 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-akamai-request-id 744d00c7.192d436e date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip x-cache-remote TCP_MISS from a23-220-105-91.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-181.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 101,95.101.20.181 server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=8, inner; dur=4 content-length 355 pragma no-cache server nginx x-tt-logid 202204110001050101131351942433AF51 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 9,23.220.105.91 x-tt-trace-host 01cdce8a6f43bda51b26474913f25f98ea7b495fa5de6bf44af1715c41766cfb2225fa7ac2cf676075fb2307cba7632d7d7f7b2728f759f241ac244c2d8986dae0d950fe4c3852df6edf571978d60ff8cde3ab4a0a3f93cf188f36a06e7fbee2c4b263d903f43391fd9e97b729f038a089 expires Mon, 11 Apr 2022 00:01:05 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame 1D0A	0 18 B	24ms 8ms	Document text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://forum.kasperskyclub.ru Referer https://forum.kasperskyclub.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://forum.kasperskyclub.ru alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Mon, 11 Apr 2022 00:01:05 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H3	200	front_front_widgets.js Show response forum.kasperskyclub.ru/uploads/javascript_core/	16 KB 5 KB	231ms 224ms	XHR application/javascript	2606:4700:3030::ac43:aedf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forum.kasperskyclub.ru/uploads/javascript_core/front_front_widgets.js?v=c5eaf0fd1a1649498902&csrfKey=cdb126bbec45764470b8902bc8a7d96e&antiCache=c5eaf0fd1a1649498902 Requested by Host: forum.kasperskyclub.ru URL: https://forum.kasperskyclub.ru/uploads/javascript_global/root_library.js?v=c5eaf0fd1a1649498902 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 9fc3c29e575bd95027c438686154d87cafaa5a4d8151b01d82cdb9788d332d60 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:06 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PleskLin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 08 Apr 2022 22:59:30 GMT server cloudflare etag W/"6250be52-4001" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jTfY3VXwSHQm15E8NlgJ0zFVFPgHLD08uBv%2By7QCu2TITte3ueTu7aZoGNhl6kFz3xkwADspb3gVqyK8tPn5pB3zqUlu3TeiULB4tW%2FMh3AIdj9WJm3GGAYnuyjeAYrcOnhdeghLILuU0b5Y8yQECo0o7NK"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-ray 6f9f721bba5b5a43-MXP
GET H2	200	media.js Show response st.top100.ru/top100/2.1.3/	7 KB 3 KB	58ms 58ms	Script application/javascript	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/2.1.3/media.js Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash d710b2d9f810259c1705c05d00b610f3f7144055d0634329a6849b7fd2f9c1a5 Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:05 GMT content-encoding gzip last-modified Fri, 08 Apr 2022 12:03:45 GMT server nginx/1.19.4 x-amz-request-id tx0000000000000c7f9a4fe-0062536f71-f8aa9c-default etag W/"c46ddcf5da77cbcbe4e6eab42d62946c" vary Accept-Encoding p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control max-age=315360000 x-rgw-object-type Normal content-type application/javascript expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	userip Show response kraken.rambler.ru/	13 B 422 B	166ms 54ms	XHR text/plain	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/userip Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash c971d72f72d4b9a7f829d96df898161fffdbd3fd9b11211d81bc95290cfe181a Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-origin https://forum.kasperskyclub.ru date Mon, 11 Apr 2022 00:01:06 GMT x-srv 1node0043.top100.rambler.tech content-type application/octet-stream, text/plain content-length 13 server nginx/1.19.4 p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
GET H2	200	userip Show response kraken.rambler.ru/	13 B 421 B	166ms 54ms	XHR text/plain	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/userip Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash c971d72f72d4b9a7f829d96df898161fffdbd3fd9b11211d81bc95290cfe181a Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-origin https://forum.kasperskyclub.ru date Mon, 11 Apr 2022 00:01:06 GMT x-srv 1node0043.top100.rambler.tech content-type application/octet-stream, text/plain content-length 13 server nginx/1.19.4 p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
GET H3	200	dc_pre=CM64m6DaivcCFQThUQodj-kBxQ;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=*;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F61816-ne-udaetsya-izlechit-memtro... adservice.google.com/ddm/fls/z/ Frame 65C0	42 B 63 B	58ms 42ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CM64m6DaivcCFQThUQodj-kBxQ;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=*;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F;u6=;u7=undefined-1659588515.1649635265;u9=_topic_61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen_;~oref=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F Requested by Host: 9582686.fls.doubleclick.net URL: https://9582686.fls.doubleclick.net/activityi;dc_pre=CM64m6DaivcCFQThUQodj-kBxQ;src=9582686;type=globalc;cat=globa0;ord=6389709959387;gtm=2od3u0;auiddc=1949690023.1649635266;u1=B2C;u2=ru_RU;u4=forum.kasperskyclub.ru;u5=%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F;u6=;u7=undefined-1659588515.1649635265;u9=_topic_61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen_;~oref=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9582686.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 710 B	157ms 157ms	Ping application/octet-stream	95.101.20.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.185 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://forum.kasperskyclub.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 7e2fdb48.192d43ef date Mon, 11 Apr 2022 00:01:06 GMT x-cache-remote TCP_MISS from a23-220-105-68.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-181.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 138,95.101.20.181 server-timing cdn-cache; desc=MISS, edge; dur=91, origin; dur=47, inner; dur=45 content-length 0 pragma no-cache server nginx x-tt-logid 2022041100010601011300613311E2581D content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 47,23.220.105.68 x-tt-trace-host 01cdce8a6f43bda51b26474913f25f98ea7b495fa5de6bf44af1715c41766cfb225ac886112d1cb11024ed672e29ad56523dc3089c8620ccc03a24bfc6ebbc7473bb36c029e6f02fc7a02b5a20361d50678a6be46b92765652bdb56ce5d3a049549aff943ca64eae30142400351c22f21c expires Mon, 11 Apr 2022 00:01:06 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 711 B	136ms 136ms	Ping application/octet-stream	95.101.20.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1QRHFHLRI5O97LIAVQG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.185 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-185.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://forum.kasperskyclub.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 32948d71.192d43f3 date Mon, 11 Apr 2022 00:01:06 GMT x-cache-remote TCP_MISS from a23-220-105-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-181.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 114,95.101.20.181 server-timing cdn-cache; desc=MISS, edge; dur=91, origin; dur=24, inner; dur=10 content-length 0 pragma no-cache server nginx x-tt-logid 2022041100010601011313515021FF86A3 content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 24,23.220.105.69 x-tt-trace-host 01cdce8a6f43bda51b26474913f25f98ea7b495fa5de6bf44af1715c41766cfb226b75221f875bc06dd64ec25ffb056ef5d78eeb46a8ef4432721e9248816d5b9a6e34ec9c3df813c04a8052a54d092f08e523aaa7a28f7187fccd9caefa0c0e38fc0b21894a2e68324bbbf9cff209edf0 expires Mon, 11 Apr 2022 00:01:06 GMT
GET H2	200	userip Show response kraken.rambler.ru/	13 B 420 B	102ms 54ms	XHR text/plain	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/userip Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash c971d72f72d4b9a7f829d96df898161fffdbd3fd9b11211d81bc95290cfe181a Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers access-control-allow-origin https://forum.kasperskyclub.ru date Mon, 11 Apr 2022 00:01:06 GMT x-srv 1node0043.top100.rambler.tech content-type application/octet-stream, text/plain content-length 13 server nginx/1.19.4 p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
GET H/1.1	200 OK	json.cgi Show response ad.adriver.ru/cgi-bin/	385 B 1 KB	93ms 69ms	Fetch application/json	81.222.128.11 ELTEL-AS
General Check archive.org Show headers Download Go to Full URL https://ad.adriver.ru/cgi-bin/json.cgi?ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1&cfa=1&cid=0&custom=301=0;302=0;303=unavail;304=0;308=16496352651019039495;309=GA1.2.1659588515.1649635265&sid=1 Requested by Host: content.adriver.ru URL: https://content.adriver.ru/AdRiverFPS.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 81.222.128.11 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad1.adriver.ru Software / Resource Hash 2af1d38e47b4e0e20e3516d7f5f7e85b53031d12f55aeff5658c291e213c674a Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/topic/61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 Apr 2022 00:01:06 GMT Transfer-Encoding chunked P3P policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Access-Control-Allow-Origin https://forum.kasperskyclub.ru Cache-control no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	l6.html Show response content.adriver.ru/banners/0002186/0002186173/0/ Frame E66E	1 KB 1 KB	43ms 42ms	Document text/html	23.111.96.44 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://content.adriver.ru/banners/0002186/0002186173/0/l6.html?0&4&6&0&113504&0&0&156&217.64.151.32&counter&1 Requested by Host: ad.adriver.ru URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220721&bt=62&custom=206%3DDSPCounter&ph=0&rnd=113504&tail256=unknown Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.96.44 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 67b8e90024bcaf4ed6429f758d39f07cb80ac09215d6ed0d2ebf83f1b2ba030f Request headers Referer https://forum.kasperskyclub.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 1407 content-type text/html date Mon, 11 Apr 2022 00:01:05 GMT etag "5e5e63d4-57f" last-modified Tue, 03 Mar 2020 14:04:04 GMT server nginx
POST H2	200	/ kraken.rambler.ru/cnt/	3 B 568 B	163ms 53ms	Ping image/gif	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/cnt/ Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87 Request headers Referer https://forum.kasperskyclub.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:06 GMT server nginx/1.19.4 access-control-allow-methods GET, POST, OPTIONS p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" access-control-allow-origin https://forum.kasperskyclub.ru cache-control no-cache x-srv 0node0009.top100.rambler.tech access-control-allow-credentials true content-type application/octet-stream, image/gif access-control-allow-headers content-type expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	/ kraken.rambler.ru/cnt/	43 B 582 B	163ms 54ms	Image image/gif	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kraken.rambler.ru/cnt/?et=pvm&pid=6736191&rid=1649635265.894-1789439705&tid=t1.6736191.1428571821.1649635265895&v=2.1.3&exp=exp_bot%2Csplit_a%2Cexp_ping%2Cyes&ct=web&aduid=c65b1a3f-9801-49c3-9b94-366318167313&aduidsc=kasperskyclub.ru&rn=1145405049&mp=%7B%22sch%22%3A%22ld%22%2C%22type%22%3A%22DiscussionForumPosting%22%2C%22title%22%3A%22%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%22%2C%22dpub%22%3A%222019-02-01T15%3A06%3A15%2B0000%22%2C%22dmod%22%3A%222019-02-02T13%3A38%3A52%2B0000%22%2C%22arth%22%3A8846%2C%22artst%22%3A0%2C%22arts%22%3A16724%2C%22artw%22%3A1284%2C%22img%22%3A68%2C%22anm%22%3A%22Keid%22%2C%22aurl%22%3A%22https%3A%2F%2Fforum.kasperskyclub.ru%2Fprofile%2F52864-keid%2F%22%2C%22url%22%3A%22https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F%22%7D&rf&eid=4199352659715309&stid=541278103_1649635265896&sn=1&sen=3&en=3&fid=pA8AAENKs1f4uJA4ASf0mgA%3D&fip=pA8AAENKs1dwQeoyAe%2FmSgA%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:06 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.19.4 access-control-allow-methods GET, POST, OPTIONS p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control no-cache x-srv 0node0009.top100.rambler.tech access-control-allow-credentials true content-type image/gif, image/gif access-control-allow-headers content-type content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	tag Show response tag.rutarget.ru/ Frame ACAF	751 B 1 KB	157ms 157ms	Document text/html	80.64.106.149 RASCOM-AS CJSC RA...
General Check archive.org Show headers Download Go to Full URL https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019 Requested by Host: tag.rutarget.ru URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=18742308690332844000&__location=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&__referrer=&__title=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&__keywords=%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D1%82%D1%80%D0%BE%D1%8F%D0%BD%2C%20Win32.SEPEH.gen%2C%20Win7x64&_usertz=0&check-cookie=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.64.106.149 Moscow, Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU), Reverse DNS s-fr4.rutarget.ru Software nginx / Resource Hash 8234a6037c11fd265b9368d76bba34e1ee792e9213645f0e085268530d167d7a Request headers Referer https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=18742308690332844000&__location=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&__referrer=&__title=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&__keywords=%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D1%82%D1%80%D0%BE%D1%8F%D0%BD%2C%20Win32.SEPEH.gen%2C%20Win7x64&_usertz=0&check-cookie=true Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 11 Apr 2022 00:01:06 GMT p3p CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information." server nginx timing-allow-origin *
GET H2	200	a6.js Show response content.adriver.ru/banners/0002186/0002186173/0/ Frame E66E	13 KB 13 KB	43ms 43ms	Script application/x-javascript	23.111.96.44 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://content.adriver.ru/banners/0002186/0002186173/0/a6.js?rnd=251189 Requested by Host: content.adriver.ru URL: https://content.adriver.ru/banners/0002186/0002186173/0/l6.html?0&4&6&0&113504&0&0&156&217.64.151.32&counter&1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.96.44 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 80e87da1ab6fa581fdb85eb9f859421f301082651d391b74247fa6a321c5143d Request headers accept-language de-DE,de;q=0.9 Referer https://content.adriver.ru/banners/0002186/0002186173/0/l6.html?0&4&6&0&113504&0&0&156&217.64.151.32&counter&1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:06 GMT last-modified Wed, 30 Mar 2022 13:55:28 GMT server nginx etag "62446150-330d" content-type application/x-javascript cache-control max-age=3600 accept-ranges bytes content-length 13069 expires Mon, 11 Apr 2022 01:01:06 GMT
GET H2	200	/ kraken.rambler.ru/cnt/	43 B 483 B	58ms 57ms	Image image/gif	81.19.89.16 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kraken.rambler.ru/cnt/?et=pv&pid=6736191&rid=1649635265.894-1789439705&tid=t1.6736191.1428571821.1649635265895&v=2.1.3&exp=exp_bot%2Csplit_a%2Cexp_ping%2Cyes&ct=web&aduid=c65b1a3f-9801-49c3-9b94-366318167313&aduidsc=kasperskyclub.ru&rn=1643437760&bs=1600x1200&ce=1&rf&en=2&pt=%D0%9D%D0%B5%20%D1%83%D0%B4%D0%B0%D0%B5%D1%82%D1%81%D1%8F%20%D0%B8%D0%B7%D0%BB%D0%B5%D1%87%D0%B8%D1%82%D1%8C%20MEM%3ATrojan.Win32.SEPEH.gen%20-%20%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D0%B2%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D0%B8%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%20-%20Kaspersky%20Club%20%7C%20%D0%9A%D0%BB%D1%83%D0%B1%20%C2%AB%D0%9B%D0%B0%D0%B1%D0%BE%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%9A%D0%B0%D1%81%D0%BF%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%C2%BB&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&sv&lv&url=https%3A%2F%2Fforum.kasperskyclub.ru%2Ftopic%2F61816-ne-udaetsya-izlechit-memtrojanwin32sepehgen%2F&eid=1821352659044810&stid=541278103_1649635265896&sn=1&sen=2&fid=pA8AAENKs1f4uJA4ASf0mgA%3D&fip=pA8AAENKs1dwQeoyAe%2FmSgA%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://forum.kasperskyclub.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:06 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.19.4 access-control-allow-methods GET, POST, OPTIONS p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control no-cache x-srv 0node0009.top100.rambler.tech access-control-allow-credentials true content-type image/gif, image/gif access-control-allow-headers content-type content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	segmento exchange.buzzoola.com/cookiesync/dsp/ Frame ACAF Redirect Chain https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=Zt7aiq7Y7_PU https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=Zt7aiq7Y7_PU	43 B 130 B	12ms 12ms	Image image/gif	116.202.236.171 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=Zt7aiq7Y7_PU Requested by Host: tag.rutarget.ru URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019 Protocol H2 Server 116.202.236.171 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.171.236.202.116.clients.your-server.de Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://tag.rutarget.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Mon, 11 Apr 2022 00:01:06 GMT server nginx content-length 43 serverid TODO content-type image/gif Redirect headers location /cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=Zt7aiq7Y7_PU date Mon, 11 Apr 2022 00:01:06 GMT server nginx etag W/"3a54936f21ee9795e0faf813568c11e1a457fae60aedde2788499c5e4b086739" content-length 103 serverid TODO content-type text/html; charset=utf-8
GET H2	200	Zt7aiq7Y7_PU an.yandex.ru/mapuid/rutargetis/ Frame ACAF Redirect Chain https://an.yandex.ru/mapuid/rutargetis/Zt7aiq7Y7_PU https://an.yandex.ru/mapuid/rutargetis/Zt7aiq7Y7_PU?redir-setuniq=1	43 B 108 B	55ms 54ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/rutargetis/Zt7aiq7Y7_PU?redir-setuniq=1 Requested by Host: tag.rutarget.ru URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://tag.rutarget.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Mon, 11 Apr 2022 00:01:06 GMT content-encoding gzip last-modified Mon, 11 Apr 2022 00:01:06 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 11 Apr 2022 00:01:06 GMT Redirect headers pragma no-cache date Mon, 11 Apr 2022 00:01:06 GMT content-encoding gzip last-modified Mon, 11 Apr 2022 00:01:06 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/rutargetis/Zt7aiq7Y7_PU?redir-setuniq=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 11 Apr 2022 00:01:06 GMT
GET H/1.1	204 No Content	sg tech.rtb.mts.ru/ Frame ACAF	0 652 B	136ms 42ms	Image text/html	213.87.44.187 MTSNET Moscow
General Check archive.org Show headers Download Go to Show image Full URL https://tech.rtb.mts.ru/sg?segmento_id=Zt7aiq7Y7_PU Requested by Host: tag.rutarget.ru URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.87.44.187 , Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU), Reverse DNS infrastructure-187-44.mts.ru Software nginx/1.20.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tag.rutarget.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Mon, 11 Apr 2022 00:01:06 GMT Access-Control-Allow-Credentials true Server nginx/1.20.2 Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	cm.gif ad.mail.ru/ Frame ACAF	43 B 764 B	311ms 56ms	Image image/gif	2a00:1148:db00::17 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mail.ru/cm.gif?p=34&id=Zt7aiq7Y7_PU Requested by Host: tag.rutarget.ru URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://tag.rutarget.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Mon, 11 Apr 2022 00:01:06 GMT Last-Modified Mon, 11 Apr 2022 00:01:06 GMT Server nginx Cross-Origin-Opener-Policy same-origin Cross-Origin-Embedder-Policy require-corp Content-Type image/gif Cache-Control max-age=21600 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Timing-Allow-Origin * Content-Length 43 Expires Mon, 11 Apr 2022 06:01:06 GMT
GET H2	200	match ads.betweendigital.com/ Frame ACAF Redirect Chain https://ads.betweendigital.com/match?bidder_id=12&external_user_id=Zt7aiq7Y7_PU https://ads.betweendigital.com/match?bidder_id=12&external_user_id=Zt7aiq7Y7_PU&crf=1	68 B 607 B	47ms 47ms	Image image/png	88.212.252.2 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=12&external_user_id=Zt7aiq7Y7_PU&crf=1 Requested by Host: tag.rutarget.ru URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019 Protocol H2 Server 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language de-DE,de;q=0.9 Referer https://tag.rutarget.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location /match?bidder_id=12&external_user_id=Zt7aiq7Y7_PU&crf=1 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0