windowsrecovery.dk.40202070.dk Open in urlscan Pro
45.79.250.72  Public Scan

24 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://windowsrecovery.dk.40202070.dk/ Page URL
2. https://windowsrecovery.dk.40202070.dk/index.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response windowsrecovery.dk.40202070.dk/	71 B 333 B	36ms 12ms	Document text/html	45.79.250.72 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://windowsrecovery.dk.40202070.dk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.79.250.72 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS rs-fra.serverhostgroup.com Software LiteSpeed / PHP/7.4.27 Resource Hash 0dca72de200482e9ea05fd6571b6e3e4e6d197cdf3c533637dba55fb740425fb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers x-powered-by PHP/7.4.27 content-type text/html; charset=UTF-8 content-length 70 content-encoding br vary Accept-Encoding date Thu, 10 Feb 2022 17:22:57 GMT server LiteSpeed alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	200	Primary Request index.html Show response windowsrecovery.dk.40202070.dk/	20 KB 4 KB	9ms 8ms	Document text/html	45.79.250.72 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://windowsrecovery.dk.40202070.dk/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.79.250.72 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS rs-fra.serverhostgroup.com Software LiteSpeed / Resource Hash 8743cc10b902279befcbe3588f227cc6489a9b6e5b20fae3bcce51168a60208d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ Response headers content-type text/html last-modified Tue, 08 Feb 2022 12:20:33 GMT accept-ranges bytes content-encoding br vary Accept-Encoding content-length 4400 date Thu, 10 Feb 2022 17:22:57 GMT server LiteSpeed
GET H3	200	style.css windowsrecovery.dk.40202070.dk/	2 KB 826 B	13ms 12ms	Stylesheet text/css	45.79.250.72 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://windowsrecovery.dk.40202070.dk/style.css Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 45.79.250.72 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS rs-fra.serverhostgroup.com Software LiteSpeed / Resource Hash ef50ae2d56df321b5e40f2f06f2cd70a38c3a0d7b9785918ae91db8776446918 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 17:22:58 GMT content-encoding br last-modified Tue, 08 Feb 2022 12:20:33 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 553 expires Thu, 17 Feb 2022 17:22:58 GMT
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	42ms 23ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 17:22:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 617, 617, 617 age 1416475 cdn-cachedat 2021-06-08 14:35:16 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:03:59 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid a25b3b26237dd55b5f417f26a9965dbb cf-ray 6db705cee97f9170-FRA cdn-requestcountrycode US cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.2.1/	85 KB 30 KB	125ms 40ms	Script text/javascript	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 09 Feb 2022 09:24:26 GMT content-encoding gzip x-content-type-options nosniff age 115113 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30306 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Feb 2023 09:24:26 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/	36 KB 11 KB	41ms 22ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 17:22:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 617, 617, 617, 617, 617, 617, 617, 617, 617 age 1416474 cdn-cachedat 2021-06-08 14:35:59 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid b078a1e046f360931b46757d100ff8d1 cf-ray 6db705cee9849170-FRA cdn-requestcountrycode US cdn-requestpullsuccess True
GET H3	200	windowslogo.jpg windowsrecovery.dk.40202070.dk/	30 KB 30 KB	9ms 9ms	Image image/jpeg	45.79.250.72 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://windowsrecovery.dk.40202070.dk/windowslogo.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 45.79.250.72 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS rs-fra.serverhostgroup.com Software LiteSpeed / Resource Hash 66adc543c1ff89a9f09095985affeedb75e10b98729e3fd2aac64d7ed22914bb Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 17:22:58 GMT last-modified Tue, 08 Feb 2022 12:20:33 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 30498 expires Thu, 17 Feb 2022 17:22:58 GMT
GET H/1.1	200 OK	facebookus1.jpg www.dkcdata.com/site/image/	19 KB 19 KB	172ms 25ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.com/site/image/facebookus1.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash 11c346820202b3bf952d510fc6a101662c3a42bd97f68751b344dff434a7a6a7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Tue, 17 Jul 2018 09:22:11 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 19446
GET H/1.1	200 OK	trans.gif www.dkcdata.dk/site/image/	807 B 1 KB	210ms 23ms	Image image/gif	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/trans.gif Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash 4c33c688137258fb3ac426caa01260425eb548a3c99533dae2cd5219e9a787ce Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:52 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 807
GET H/1.1	200 OK	flag_dk.jpg www.dkcdata.dk/site/image/	1 KB 1 KB	200ms 26ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/flag_dk.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash 8404f9e89742df413a47f8599488f6b78e6a8aa5e50508155810a5da4057609a Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1055
GET H/1.1	200 OK	spacer.jpg www.dkcdata.dk/site/image/	393 B 636 B	198ms 25ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/spacer.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash fb287acf387148226f5c5b7ad6845def205d3ed5c68cefea8951d7da1803914f Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 393
GET H/1.1	200 OK	flag_se.jpg www.dkcdata.dk/site/image/	1 KB 1 KB	222ms 22ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/flag_se.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash bf26b8ab9447db4257670943d9100c4db3dd9c9c99b1ccdd3430b414ecd6919a Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1116
GET H/1.1	200 OK	flag_no.jpg www.dkcdata.dk/site/image/	1 KB 1 KB	225ms 25ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/flag_no.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash a550723684e62bce6de6396a4e409100a5bb4b93629cf144cbe1c7474b81d823 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1104
GET H/1.1	200 OK	flag_uk.jpg www.dkcdata.dk/site/image/	1 KB 1 KB	226ms 25ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/flag_uk.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash 8bb9e7c7b83899625517da718537ffa84506c531c3a6a4b92e985d95557f4d92 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1242
GET H/1.1	200 OK	flag_us.jpg www.dkcdata.dk/site/image/	1 KB 1 KB	25ms 25ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/flag_us.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash da2fb675db3ac093d95c1f6237cf0af918d131064dc32769b9fd927ac85437b8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1066
GET H/1.1	200 OK	top.jpg www.dkcdata.dk/site/image/	24 KB 24 KB	186ms 28ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/top.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash 720a1ce2422855032a7c2353d7d9bf3f4cdeece84198df13dcf551a008941037 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 24533
GET H/1.1	200 OK	address.jpg www.dkcdata.dk/site/image/	14 KB 14 KB	182ms 24ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/address.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash 0ec7361d85d659732185cd2d1bbe83888777a07934f771d0a83ba0e03187e5b4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 13850
GET H/1.1	200 OK	facebookdk1.jpg www.dkcdata.dk/site/image/	19 KB 19 KB	182ms 24ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/facebookdk1.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash 77cdea2f959ce0533386bc113d8f65d58dd419807b54b9d061a9cbc1c64ac465 Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 19487
GET H/1.1	200 OK	bottom.jpg www.dkcdata.dk/site/image/	946 B 1 KB	23ms 22ms	Image image/jpeg	91.221.196.247 LARSENDATA
General Check archive.org Show headers Download Go to Show image Full URL https://www.dkcdata.dk/site/image/bottom.jpg Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.221.196.247 , Denmark, ASN197495 (LARSENDATA, DK), Reverse DNS web5.netplads.dk Software Apache / Resource Hash c4d47abbdab04d7e378682652126cd013fcffa37404b8c0bbcadc27ce45955ce Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Thu, 10 Feb 2022 17:22:59 GMT Last-Modified Wed, 15 Apr 2020 13:50:50 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 946
GET H2	200	all.js Show response connect.facebook.net/da_DK/	3 KB 2 KB	23ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/da_DK/all.js Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0272080f90611223e83ddbe1de387e051e6cac04eb0eaac26070a82e386adcf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 bwjbgsAipJ3DaKDh+FFAug== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Thu, 10 Feb 2022 17:26:50 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 1684 x-fb-rlafr 0 x-fb-debug emqYygrotno4Oc3/e6Y0SWzuk6P+6iy4gxab0GNxMt6pHOfbfbiwvPqklCNs5WJSbe7LgdXHob69sEWkNHUsNw== x-fb-trip-id 686109401 x-fb-content-md5 38b0c6adda7f523219201c35a39d273d cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 10 Feb 2022 17:22:59 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "d9de19455822f836a42c3c2773ef3a9b" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H3	200	all.js Show response connect.facebook.net/da_DK/	290 KB 82 KB	17ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/da_DK/all.js?hash=5c9cfac6be699e10e800f89ee31bbb90 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/da_DK/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a2c6b56e1f5116f40d4e156914fe1cfd6348229b13a593642950537b14656a34 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://windowsrecovery.dk.40202070.dk/ Origin https://windowsrecovery.dk.40202070.dk Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 D7mZJOxhO+s7SapuBbme8g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 83581 x-fb-rlafr 0 x-fb-debug I0EJ83eB+T5+Vn4Ck7I1dvp9rYXVyheH1qKZ0En3lEsic1EPB1D3OzYpqUZt+Z5BLWtWN1SX8RVPuS2SXvk9bQ== x-fb-content-md5 821b1e3b8c1056c77330ab0d0535ca63 x-frame-options DENY date Thu, 10 Feb 2022 17:22:59 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "0ec6a85d2bade2e00ec590516f08454b" timing-allow-origin * priority u=3,i expires Fri, 10 Feb 2023 17:01:52 GMT
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	138ms 37ms	Script text/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://windowsrecovery.dk.40202070.dk/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1230 date Thu, 10 Feb 2022 17:02:29 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17168 expires Thu, 10 Feb 2022 19:02:29 GMT
GET H3	200	__utm.gif ssl.google-analytics.com/r/	35 B 54 B	94ms 47ms	Image image/gif	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=735593006&utmhn=windowsrecovery.dk.40202070.dk&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=C%20DATA%20-%20WINDOWS%20RECOVERY%20-%20GRATIS%20DIAGNOSE%20-%20DATAREKONSTRUKTION%20-%20WINDOWSRECOVERY.DKDK&utmhid=802063105&utmr=0&utmp=%2Findex.html&utmht=1644513779362&utmac=UA-1088385-1&utmcc=__utma%3D24490428.1109716670.1644513779.1644513779.1644513779.1%3B%2B__utmz%3D24490428.1644513779.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=326615520&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: windowsrecovery.dk.40202070.dk URL: https://windowsrecovery.dk.40202070.dk/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Thu, 10 Feb 2022 17:22:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame 811D	49 KB 18 KB	98ms 82ms	Document text/html	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26dd957514b578%26domain%3Dwindowsrecovery.dk.40202070.dk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwindowsrecovery.dk.40202070.dk%252Ff23b029ee8064ac%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwindowsrecovery.dk.40202070.dk%2Fwww.facebook.com%2Fdkcdata&layout=standard&locale=da_DK&sdk=joey&show_faces=true&width=450 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/da_DK/all.js?hash=5c9cfac6be699e10e800f89ee31bbb90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c5779c8b38a4e109a5bfd50daab5b04ae79ffb0e77f31b5aa3dfa0dab08ae9cc Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://windowsrecovery.dk.40202070.dk/ Response headers vary Accept-Encoding content-encoding br x-fb-rlafr 0 document-policy force-load-at-top cross-origin-opener-policy unsafe-none pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug Mj+ElJbISUw0JxTUKYD2HwQ6wUtNnabEKXLrBGk20yqG9O6z0bK0ZgQoCGGAva8PIGSlv1vbmLRkX/xr4z6z1g== date Thu, 10 Feb 2022 17:22:59 GMT priority u=3,i alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600
GET H3	200	OqOE21UvWe3.png www.facebook.com/rsrc.php/v3/y5/r/ Frame 811D	400 B 451 B	17ms 7ms	Image image/png	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26dd957514b578%26domain%3Dwindowsrecovery.dk.40202070.dk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwindowsrecovery.dk.40202070.dk%252Ff23b029ee8064ac%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwindowsrecovery.dk.40202070.dk%2Fwww.facebook.com%2Fdkcdata&layout=standard&locale=da_DK&sdk=joey&show_faces=true&width=450 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26dd957514b578%26domain%3Dwindowsrecovery.dk.40202070.dk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwindowsrecovery.dk.40202070.dk%252Ff23b029ee8064ac%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwindowsrecovery.dk.40202070.dk%2Fwww.facebook.com%2Fdkcdata&layout=standard&locale=da_DK&sdk=joey&show_faces=true&width=450 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 03:21:22 GMT x-content-type-options nosniff content-md5 uF0RL4E+h23ClLQmPOTTMw== document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin content-length 400 x-fb-rlafr 0 x-fb-debug 7YJwcVZtaqw0TrrxX7YMAKbKuxuiMTY17NAsFyQivKt3Wb6h/RaGMiIVB4rXaofiNRiHi70IY/2w0kPWAxFTzw== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 10 Feb 2023 03:21:22 GMT
GET H3	200	DEIoRCalwhg.js Show response www.facebook.com/rsrc.php/v3iPtc4/yv/l/da_DK/ Frame 811D	520 KB 136 KB	15ms 9ms	Script application/x-javascript	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/rsrc.php/v3iPtc4/yv/l/da_DK/DEIoRCalwhg.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26dd957514b578%26domain%3Dwindowsrecovery.dk.40202070.dk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwindowsrecovery.dk.40202070.dk%252Ff23b029ee8064ac%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwindowsrecovery.dk.40202070.dk%2Fwww.facebook.com%2Fdkcdata&layout=standard&locale=da_DK&sdk=joey&show_faces=true&width=450 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 954e88cf896e0fce6f14ddee02ac456fb78ba8c204426eee7b7f300fcc069abc Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26dd957514b578%26domain%3Dwindowsrecovery.dk.40202070.dk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwindowsrecovery.dk.40202070.dk%252Ff23b029ee8064ac%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwindowsrecovery.dk.40202070.dk%2Fwww.facebook.com%2Fdkcdata&layout=standard&locale=da_DK&sdk=joey&show_faces=true&width=450 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 04:02:08 GMT content-encoding br x-content-type-options nosniff content-md5 UQaUhmB79+6nAwnCfdxO6A== document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; cross-origin-resource-policy cross-origin content-length 138852 x-fb-rlafr 0 x-fb-debug 68WoZ6ku8ekLpjo6ckMX7Sk4xSvWpetIGpucHT08jGoUiIXebDle3ikxcwmQsMfJh3fC+BLgjzvWJEIabk3pKw== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 10 Feb 2023 04:02:08 GMT

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone function| $ function| jQuery number| repeat string| title number| leng number| start function| titlemove string| titl string| message function| clickIE function| clickNS object| FB string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.windowsrecovery.dk.40202070.dk/	1970-01-20 18:19:45	Name: __utma Value: 24490428.1109716670.1644513779.1644513779.1644513779.1
			.windowsrecovery.dk.40202070.dk/	1969-12-31 23:59:59	Name: __utmc Value: 24490428
			.windowsrecovery.dk.40202070.dk/	1970-01-20 05:11:21	Name: __utmz Value: 24490428.1644513779.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			.windowsrecovery.dk.40202070.dk/	1970-01-20 00:48:34	Name: __utmt Value: 1
			.windowsrecovery.dk.40202070.dk/	1970-01-20 00:48:35	Name: __utmb Value: 24490428.1.10.1644513779

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://windowsrecovery.dk.40202070.dk/index.html(Line 510) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://windowsrecovery.dk.40202070.dk/index.html(Line 510) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
maxcdn.bootstrapcdn.com
ssl.google-analytics.com
windowsrecovery.dk.40202070.dk
www.dkcdata.com
www.dkcdata.dk
www.facebook.com
2606:4700::6812:bcf
2a00:1450:4001:809::200a
2a00:1450:4001:829::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
45.79.250.72
91.221.196.247
0272080f90611223e83ddbe1de387e051e6cac04eb0eaac26070a82e386adcf5
0dca72de200482e9ea05fd6571b6e3e4e6d197cdf3c533637dba55fb740425fb
0ec7361d85d659732185cd2d1bbe83888777a07934f771d0a83ba0e03187e5b4
11c346820202b3bf952d510fc6a101662c3a42bd97f68751b344dff434a7a6a7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
4c33c688137258fb3ac426caa01260425eb548a3c99533dae2cd5219e9a787ce
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
66adc543c1ff89a9f09095985affeedb75e10b98729e3fd2aac64d7ed22914bb
720a1ce2422855032a7c2353d7d9bf3f4cdeece84198df13dcf551a008941037
77cdea2f959ce0533386bc113d8f65d58dd419807b54b9d061a9cbc1c64ac465
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8404f9e89742df413a47f8599488f6b78e6a8aa5e50508155810a5da4057609a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8743cc10b902279befcbe3588f227cc6489a9b6e5b20fae3bcce51168a60208d
8bb9e7c7b83899625517da718537ffa84506c531c3a6a4b92e985d95557f4d92
954e88cf896e0fce6f14ddee02ac456fb78ba8c204426eee7b7f300fcc069abc
a2c6b56e1f5116f40d4e156914fe1cfd6348229b13a593642950537b14656a34
a550723684e62bce6de6396a4e409100a5bb4b93629cf144cbe1c7474b81d823
bf26b8ab9447db4257670943d9100c4db3dd9c9c99b1ccdd3430b414ecd6919a
c4d47abbdab04d7e378682652126cd013fcffa37404b8c0bbcadc27ce45955ce
c5779c8b38a4e109a5bfd50daab5b04ae79ffb0e77f31b5aa3dfa0dab08ae9cc
da2fb675db3ac093d95c1f6237cf0af918d131064dc32769b9fd927ac85437b8
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef50ae2d56df321b5e40f2f06f2cd70a38c3a0d7b9785918ae91db8776446918
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb287acf387148226f5c5b7ad6845def205d3ed5c68cefea8951d7da1803914f