www.nhcovidclaims.com Open in urlscan Pro
13.92.37.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nhcovidclaims.com/
Effective URL:
https://www.nhcovidclaims.com/
Submission Tags: falconsandbox
Submission: On May 08 via api (May 8th 2022, 9:03:11 pm UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 40 HTTP transactions. The main IP is 13.92.37.171, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.nhcovidclaims.com.
TLS certificate: Issued by R3 on April 23rd 2022. Valid for: 3 months.

This is the only time www.nhcovidclaims.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.176.167.152 52.176.167.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.92.37.171 13.92.37.171	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
23	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
40	8

1 52.176.167.152 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nhcovidclaims.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.92.37.171 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.nhcovidclaims.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lpbuildercdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	azureedge.net lpbuildercdn.azureedge.net — Cisco Umbrella Rank: 728433	664 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	411 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
3	google.com www.google.com — Cisco Umbrella Rank: 20	23 KB
3	nhcovidclaims.com 2 redirects nhcovidclaims.com www.nhcovidclaims.com	34 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	1 KB
40	7

	Domain	Requested by
23	lpbuildercdn.azureedge.net	www.nhcovidclaims.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.nhcovidclaims.com
3	www.google.com	www.nhcovidclaims.com www.gstatic.com www.google.com
2	www.nhcovidclaims.com	1 redirects
1	www.googletagmanager.com	www.nhcovidclaims.com
1	fonts.googleapis.com	www.nhcovidclaims.com
1	nhcovidclaims.com	1 redirects
40	9

This site contains no links.

Subject Issuer	Validity	Valid
www.nhcovidclaims.com R3	`2022-04-23` - `2022-07-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2022-05-07` - `2023-05-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.nhcovidclaims.com/
Frame ID: 6D9A147B7835E59ED94BB39AAE84965D
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQnpccAAAAADS-SM5ACCayILkPiVgLVK4nPIAb&co=aHR0cHM6Ly93d3cubmhjb3ZpZGNsYWltcy5jb206NDQz&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=zduxkgajkjul
Frame ID: 68C06EE1DF57356916DF090924083A15
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nursing Home Claims

Page URL History Show full URLs

http://nhcovidclaims.com/ HTTP 301
http://www.nhcovidclaims.com/ HTTP 301
https://www.nhcovidclaims.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

40
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

1195 kB
Transfer

1944 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nhcovidclaims.com/ HTTP 301
http://www.nhcovidclaims.com/ HTTP 301
https://www.nhcovidclaims.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.nhcovidclaims.com/
Redirect Chain

http://nhcovidclaims.com/
http://www.nhcovidclaims.com/
https://www.nhcovidclaims.com/

195 KB
34 KB

364ms
181ms

Document
text/html

13.92.37.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nhcovidclaims.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

13.92.37.171 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

a9513fce28c5fc1c4aa060be2128f3e3f8e4c3c72730c5034151dacd9af5fdeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 08 May 2022 21:03:06 GMT
ETag: W/"6216cc9a-30daf"
Last-Modified: Thu, 24 Feb 2022 00:08:58 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

Redirect headers

Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 194
Content-Type: text/html
Date: Sun, 08 May 2022 21:03:05 GMT
Location: https://www.nhcovidclaims.com/
Server: nginx/1.14.0 (Ubuntu)
X-Content-Type-Options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 145ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:regular,bold|EB%20Garamond:regular&display=swap

Requested by

Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

424ec7d6ff4ed8e80c27e8954973b64740e2367039ef84e254c1ce699718a62c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 May 2022 21:03:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 08 May 2022 21:03:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 May 2022 21:03:06 GMT

GET
H2 200 P&M_Logo_small.png-cf7a7d13-ae8b-4432-8ba5-69f3c378231a-lowres.png
lpbuildercdn.azureedge.net/images/GeneralP&M/ 10 KB
10 KB 257ms
56ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/GeneralP&M/P&M_Logo_small.png-cf7a7d13-ae8b-4432-8ba5-69f3c378231a-lowres.png
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: aa4f5c993ddb4ebedd9f770ef7a3cfce02764c116507415e4ae29693afb3e4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:05 GMT
last-modified: Thu, 27 Jan 2022 20:57:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: tDs8VzArUXWwsuSpaRU06A==
etag: 0x8D9E1D7A7C1E5D5
x-azure-ref: 0CjB4YgAAAACSuqUXdBe6S4O7N0aavY2PRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_REMOTE_HIT
content-type: application/octet-stream
x-ms-request-id: 045a0f8f-301e-0057-7622-6272fc000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAABuDXuY7IxYQp6vfXqTI7BsQU1TMDRFREdFMTgxNwAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 10306

GET
H2 200 P&M_Logo_small_White.png-407fd66e-f2a1-4529-bc62-b11ffa944602-lowres.png
lpbuildercdn.azureedge.net/images/GeneralP&M/ 11 KB
11 KB 254ms
56ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/GeneralP&M/P&M_Logo_small_White.png-407fd66e-f2a1-4529-bc62-b11ffa944602-lowres.png
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7ef9d2ebc25a8a4fa6e89de1a9d3cf8a270903cd25a505d2607340578266c0f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:05 GMT
last-modified: Fri, 28 Jan 2022 02:35:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 2xii28bQV7lyUP9sor5k5g==
etag: 0x8D9E206D10DF6A1
x-azure-ref: 0CjB4YgAAAAC5VYpoaONuQ63dVZXg08dyRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_REMOTE_HIT
content-type: application/octet-stream
x-ms-request-id: d108b4dd-501e-00d7-65f7-5f8dfa000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAABGPRqcgjk1ToRrEbcRAy5mQU1TMDRFREdFMTkxNQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 11054

GET
H2 200 PageScripts.js Show response
lpbuildercdn.azureedge.net/javascript/ 16 KB
4 KB 208ms
11ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpbuildercdn.azureedge.net/javascript/PageScripts.js
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d3473e59c09b4ade6a2b3055b6faba7b6133b7635006a1ed48cf029b79904f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:05 GMT
content-encoding: br
last-modified: Wed, 06 Apr 2022 20:38:46 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Y1gUB6BJDN5j+MJG4kWU6w==
etag: 0x8DA180D72D2886E
x-azure-ref: 0CjB4YgAAAAAGnjTHryvaR5F7BUQ+Mu1eRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_HIT
content-type: text/javascript
x-ms-request-id: 1fa4428f-101e-00e9-7e21-601a85000000
cache-control: public, max-age=604800
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0KSF3YgAAAACjfdrrja3OT5DyTXGpRL5wQU1TMDRFREdFMTgxOAAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
998 B 142ms
49ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfQnpccAAAAADS-SM5ACCayILkPiVgLVK4nPIAb

Requested by

Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

215c14e647b82ab1f3e543b3fec5dd34848b7b25adcba18383b4bf9a32d0305c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 21:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Sun, 08 May 2022 21:03:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
41 KB 145ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSPV733

Requested by

Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd8eb8c2218d99a280adf581dcda01b257bd6c83e59f59a5446b285e298a74ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 21:03:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41359
x-xss-protection: 0
expires: Sun, 08 May 2022 21:03:06 GMT

GET
H2 200 nursinghomewoman.jpg-82d7e1f0-b8b9-4b43-be2f-acc112f6bf22-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 11 KB
11 KB 569ms
535ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/nursinghomewoman.jpg-82d7e1f0-b8b9-4b43-be2f-acc112f6bf22-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02523b13a55a12a36212c4d0f23866405a17867f8d8992ce3e3f5f8915200a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 17:09:41 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 8QFuRN3XS1H91efsVfrjQw==
etag: 0x8D98E6C3F387BA9
x-azure-ref: 0CjB4YgAAAADjPeYiFfTVQavpo9qsT7cpRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 209c7623-b01e-00df-641f-6397f5000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAADBEWRzyw+xSrFDgaRa5u7RQU1TMDRFREdFMTkyMgAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 10888

GET
H2 200 bedsores.jpg-89a83137-86f8-4d3e-be6b-a7113646ba31-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 11 KB
11 KB 583ms
554ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/bedsores.jpg-89a83137-86f8-4d3e-be6b-a7113646ba31-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 368e5d6c142818b4cc8bec75f6d0d0bb1f9b9c75f20d839477134d0be40d2805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:13:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: po9Mo06fE3mXv9QrZlvS4A==
etag: 0x8D98E9F022D2E5B
x-azure-ref: 0CjB4YgAAAAAddAadbxuuRZLz2nOpmzVpRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: aec01605-a01e-0045-551f-63092c000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAADDAL+AjC/2RY5OGf7pMaXfQU1TMDRFREdFMTgxOAAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 11403

GET
H2 200 broken_bones.jpg-6e1d7eca-7f99-49d3-bdb8-0d8076e10257-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 13 KB
13 KB 570ms
541ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/broken_bones.jpg-6e1d7eca-7f99-49d3-bdb8-0d8076e10257-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ae17de848b1b3303f9c453d436696e9c71b2c3399ead6c7a5857cdb649d3f903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:14:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: VKXW/JWvr26gFikWugw4Rg==
etag: 0x8D98E9F2CF3560A
x-azure-ref: 0CjB4YgAAAAD3VVh6tL6CQ4FMBHuYtO/WRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: d56c1e18-001e-005c-3d1f-638997000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAABPBSfwagGSRIZ9zdn0MMawQU1TMDRFREdFMTgxNwAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 12854

GET
H2 200 emotional_abuse.jpg-77b2bf97-1bb3-4e42-b566-68cdecc90ee2-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 12 KB
12 KB 523ms
522ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/emotional_abuse.jpg-77b2bf97-1bb3-4e42-b566-68cdecc90ee2-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e8b1d312027060542748b86a0eca8f14afd88ebeeca252453463c54eb920b7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:11:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: lhFh6jrrTPMxg4yRnEV8Yw==
etag: 0x8D98E9EC019DFB0
x-azure-ref: 0CjB4YgAAAAA7Mve1Nv37Q7R0pJ6qyUtKRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 128b611d-e01e-0009-4e1f-63991c000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAABg5wF5VkRASKjKvx6/nIN7QU1TMDRFREdFMTgxMQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 12275

GET
H2 200 man_with_cane.jpg-df6000b7-0b0d-4524-8704-b396b3216a8e-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 11 KB
11 KB 640ms
639ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/man_with_cane.jpg-df6000b7-0b0d-4524-8704-b396b3216a8e-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4f7e805b5c39a4ff439363e76830abf06d66faccfc95ceeaff70f05228cdd029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:18:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 2X01GQdKO+E6cyWnQajvtA==
etag: 0x8D98E9FB373471B
x-azure-ref: 0CjB4YgAAAACsDpDAINSURbC4eTOzaFRbRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 755807d0-601e-0065-4c1f-63728b000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAAASCYEs4M56SZB7bZXhN7M+QU1TMDRFREdFMTkwOAAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 10767

GET
H2 200 malnutrition.jpg-a792d98f-3419-432f-8255-3c368448777f-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 14 KB
14 KB 533ms
533ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/malnutrition.jpg-a792d98f-3419-432f-8255-3c368448777f-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 80a22f9becd553d6b0f6e5cbd8e944db2f5848b85d92200155bee2cdd50423eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 17:44:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: q15mYQ9C67M5qkHEkIDLXQ==
etag: 0x8D98E711EBA51F4
x-azure-ref: 0CjB4YgAAAAAA6NPSpFCPRrbuHUUqi7k4RlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 4f1e2c0c-801e-00eb-411f-63a43d000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAADVRVbkXYG2QK5jndpcgtSGQU1TMDRFREdFMTgxMAAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 13873

GET
H2 200 medicine.jpg-ac18b711-ab2d-41ce-b65d-f58530318168-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 14 KB
14 KB 559ms
558ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/medicine.jpg-ac18b711-ab2d-41ce-b65d-f58530318168-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 21f037aac06f763e31830817b6c0cdf5b81bc1fd58496c451583f412346916e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:19:31 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: BubfgUKxOW5Aa1h2knWngg==
etag: 0x8D98E9FE990F3F1
x-azure-ref: 0CjB4YgAAAADCAHGvqBipTq6Mb8TVnsleRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 1eb75a7f-801e-0030-381f-636200000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAABmVTZ0jhhbQLvNfh1K+5iqQU1TMDRFREdFMTkwNgAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 13978

GET
H2 200 sexual_abuse.jpg-52b037e4-0647-486e-b20e-63c5f62fde62-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 16 KB
16 KB 524ms
523ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/sexual_abuse.jpg-52b037e4-0647-486e-b20e-63c5f62fde62-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3f05e5146974ddc20ceb0cfee17a3bd52ae23f31654236af0509a224ba998858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 17:47:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: rqaHdNPiUOyirK+uKUYH9w==
etag: 0x8D98E717CF50261
x-azure-ref: 0CjB4YgAAAAD8/40z4EZnQ7qk2wZ3gPc4RlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: e1148dc2-101e-008b-4d1f-63d8a2000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAAAjNtcNhbXHTYqA09PkEw/BQU1TMDRFREdFMTkwOQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 16279

GET
H2 200 funeral.jpg-158ac205-72ab-4816-961d-0f18aa528444-lowres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 12 KB
13 KB 529ms
528ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/funeral.jpg-158ac205-72ab-4816-961d-0f18aa528444-lowres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c44e93dda7bd5ede806ce4df6e59f02e8f6b3748aabd4dc35508214aab34089d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 17:49:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: l8uELBzadxUZq8vBG1qmsA==
etag: 0x8D98E71D2F71DB2
x-azure-ref: 0CjB4YgAAAADjMIAQZKciQoiqrVdW1jvGRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 3bc2c76e-301e-00fe-0b1f-63b38e000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAACpNkrgUWtDTpgod4UxUIECQU1TMDRFREdFMTgxMgAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 12785

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v27/ 46 KB
46 KB 162ms
77ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:regular,bold|EB%20Garamond:regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nhcovidclaims.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:49 GMT
x-content-type-options: nosniff
age: 351377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:49 GMT

GET
H2 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v25/ 20 KB
21 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v25/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:regular,bold|EB%20Garamond:regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e63e75766c89c756b98db5c3a55d22cdc1ebc2452069f13032f21e872381e86a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nhcovidclaims.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 20:40:35 GMT
x-content-type-options: nosniff
age: 260551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20468
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:48:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 May 2023 20:40:35 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 364 KB
144 KB 137ms
39ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfQnpccAAAAADS-SM5ACCayILkPiVgLVK4nPIAb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nhcovidclaims.com/
Origin: https://www.nhcovidclaims.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147136
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 May 2023 20:31:37 GMT

GET
H2 200 P&M_Logo_small.png-cf7a7d13-ae8b-4432-8ba5-69f3c378231a-fullres.png
lpbuildercdn.azureedge.net/images/GeneralP&M/ 44 KB
45 KB 57ms
56ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/GeneralP&M/P&M_Logo_small.png-cf7a7d13-ae8b-4432-8ba5-69f3c378231a-fullres.png
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 27bf94c6324289bc56d63de085de06d0b4f629c3c3d01ad36ea220d9297863e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:05 GMT
last-modified: Thu, 27 Jan 2022 20:57:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: HAc2aB2ctec8a9TBG3eb2A==
etag: 0x8D9E1D7A8004535
x-azure-ref: 0CjB4YgAAAAAzbo02yM/IRKmTq77Dw9XNRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_REMOTE_HIT
content-type: application/octet-stream
x-ms-request-id: 002c18e5-c01e-0031-6637-603ddc000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAAAk4IuCIe1wTpKbQ6oBnSFdQU1TMDRFREdFMTkyMgAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 45516

GET
H2 200 P&M_Logo_small_White.png-407fd66e-f2a1-4529-bc62-b11ffa944602-fullres.png
lpbuildercdn.azureedge.net/images/GeneralP&M/ 47 KB
48 KB 12ms
11ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/GeneralP&M/P&M_Logo_small_White.png-407fd66e-f2a1-4529-bc62-b11ffa944602-fullres.png
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 45a0b90ad4f7f45e1f246f2aa61333c8abb11d8264841b1fcf50624f1546a7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:05 GMT
last-modified: Fri, 28 Jan 2022 02:35:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: sG/Tol788JhnQ6T10O3Z7A==
etag: 0x8D9E206D1492220
x-azure-ref: 0CjB4YgAAAACbgk6W+A1FToegkz+mfVFQRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_HIT
content-type: application/octet-stream
x-ms-request-id: 33b6969a-301e-008c-36ac-62b4c1000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0c293YgAAAABYpNeCiVaUR69/3Hnq8KAOQU1TMDRFREdFMTgxMQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 48421

GET
H2 200 nursinghomewoman.jpg-82d7e1f0-b8b9-4b43-be2f-acc112f6bf22-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 94 KB
94 KB 1636ms
1633ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/nursinghomewoman.jpg-82d7e1f0-b8b9-4b43-be2f-acc112f6bf22-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c90a96a741d2a995a710bc417173d3012aa18b963c79bcb5f6ccd73f468e022e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:07 GMT
last-modified: Wed, 13 Oct 2021 17:09:42 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 2UkV1J9/QMK7m/tXA74oJw==
etag: 0x8D98E6C3FB7FBDF
x-azure-ref: 0CjB4YgAAAAChh3cpblx4R5W/RDL3r+0XRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: d56c1e60-001e-005c-7e1f-638997000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CzB4YgAAAAB3z6G/K6kaTqg+y4+/Y0e5QU1TMDRFREdFMTgxNQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 95848

GET
H2 200 bedsores.jpg-89a83137-86f8-4d3e-be6b-a7113646ba31-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 40 KB
40 KB 652ms
649ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/bedsores.jpg-89a83137-86f8-4d3e-be6b-a7113646ba31-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 95c9f9978fa4e609660f11092056b0dc80b1923bf1438420c70f80c4cf4c9bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:13:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: x+xRvrMPUCWXGFxE40eTlg==
etag: 0x8D98E9F023E4882
x-azure-ref: 0CjB4YgAAAAAR9wMlXRjaTZFYZBKy2GYeRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 941edbc3-e01e-00b0-1e1f-639d06000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAAAZl3s919yBQY4sQROYgoghQU1TMDRFREdFMTgxOAAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 40657

GET
H2 200 broken_bones.jpg-6e1d7eca-7f99-49d3-bdb8-0d8076e10257-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 37 KB
37 KB 637ms
634ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/broken_bones.jpg-6e1d7eca-7f99-49d3-bdb8-0d8076e10257-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 973d638fab33be49d18012c038c63d196d7a6c3d013f778d3cd10e548baeb887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:14:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Q75FmKsdpVSSEFvD69gE6A==
etag: 0x8D98E9F2CFF1801
x-azure-ref: 0CjB4YgAAAADrL/b3vt1SRLhLP3k2bvZXRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: c6e74e65-c01e-00a7-161f-63340d000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAAD9URtarNzXRIH/dsrhEZkpQU1TMDRFREdFMTkyMgAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 37435

GET
H2 200 emotional_abuse.jpg-77b2bf97-1bb3-4e42-b566-68cdecc90ee2-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 45 KB
45 KB 1862ms
1859ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/emotional_abuse.jpg-77b2bf97-1bb3-4e42-b566-68cdecc90ee2-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c6165d5e922e56cc1a91d0cfe6812349c6361b0135731f4f7f747b6afba6ccd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:07 GMT
last-modified: Wed, 13 Oct 2021 23:11:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: cT+eKKtHo7kVQU86dHOHGA==
etag: 0x8D98E9EC027016A
x-azure-ref: 0CjB4YgAAAAA9HYx22JdUTpG/VbCobMuvRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 1efb7974-901e-0003-041f-633dab000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CzB4YgAAAAAQMpOk480xSJ3OKVJYBConQU1TMDRFREdFMTgxNQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 45570

GET
H2 200 man_with_cane.jpg-df6000b7-0b0d-4524-8704-b396b3216a8e-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 36 KB
36 KB 653ms
651ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/man_with_cane.jpg-df6000b7-0b0d-4524-8704-b396b3216a8e-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 687f974057ff5a38f47c85d17a89dc6b5fa586392a2507a7407350944d848c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:18:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: S7sLwB2ZEXXsSZ32oFCVzA==
etag: 0x8D98E9FB37DF76E
x-azure-ref: 0CjB4YgAAAACYgBlrP70ERIcj1knYY3DWRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: cee8e673-701e-0104-7f1f-63afc5000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAACEgrnE6SutQ4UAjqE7X0v8QU1TMDRFREdFMTkxMQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 36856

GET
H2 200 malnutrition.jpg-a792d98f-3419-432f-8255-3c368448777f-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 39 KB
39 KB 640ms
639ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/malnutrition.jpg-a792d98f-3419-432f-8255-3c368448777f-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b24d2da8148112c8c0500ea09262a79b1d6eba3d5a9a156db24a9ed5aadf5ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 17:44:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: YdP6GDbuSHBH9y0x9RdtwA==
etag: 0x8D98E711EC37B57
x-azure-ref: 0CjB4YgAAAADoo65yYgrOT4fcTkRuTnmpRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 89b71ffd-101e-007f-521f-631354000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAADP2MrDw49tR4C46NsiX1w3QU1TMDRFREdFMTgxOQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 39912

GET
H2 200 medicine.jpg-ac18b711-ab2d-41ce-b65d-f58530318168-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 45 KB
46 KB 667ms
665ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/medicine.jpg-ac18b711-ab2d-41ce-b65d-f58530318168-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 06132fcbfb8b4cfafba2b0f841c46a52bc1a2f4e3a291be96bde2c1080ba22f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 23:19:31 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: RoWyR3TrTdz14VLEsiBsag==
etag: 0x8D98E9FE99C409F
x-azure-ref: 0CjB4YgAAAAB1ERcgcd+LQa1xdEMVlUeORlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 673f57d8-901e-005e-1c1f-63372f000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAABlmjMmhUsQRqC0TtMEM18AQU1TMDRFREdFMTkxMQAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 46509

GET
H2 200 sexual_abuse.jpg-52b037e4-0647-486e-b20e-63c5f62fde62-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 50 KB
50 KB 657ms
656ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/sexual_abuse.jpg-52b037e4-0647-486e-b20e-63c5f62fde62-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5560144b60f9a27e591941ebdab5fb483d2caf6540e8589f29505b4f35ac5334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 17:47:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ATQ9PldYYNCw9+bcbNnZJA==
etag: 0x8D98E717CFFB2B3
x-azure-ref: 0CjB4YgAAAAA5H+VNk4hcT5knnhWz9iYYRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 57140895-301e-00a3-651f-63b90a000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAAA957F/l26nRrX0sHP2+PT8QU1TMDRFREdFMTgyMgAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 51125

GET
H2 200 funeral.jpg-158ac205-72ab-4816-961d-0f18aa528444-fullres.jpg
lpbuildercdn.azureedge.net/images/Nursing%20Home/ 43 KB
43 KB 649ms
648ms Image
application/octet-stream 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpbuildercdn.azureedge.net/images/Nursing%20Home/funeral.jpg-158ac205-72ab-4816-961d-0f18aa528444-fullres.jpg
Requested by: Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b4332f147153175368dd2032460dfa633ad8a2fe9a72583b210d3a617bd2c2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 08 May 2022 21:03:06 GMT
last-modified: Wed, 13 Oct 2021 17:49:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: qUhMbXFjhrBMSbs+/66aKw==
etag: 0x8D98E71D3059F3E
x-azure-ref: 0CjB4YgAAAACDM9SQ77x1RJ7oSky88OjVRlJBRURHRTEwMDcAMWE4OTNhMmUtOTk5My00ODAyLTk1ZWItNDEyNzhjMGQwODdm
x-cache: TCP_MISS
content-type: application/octet-stream
x-ms-request-id: 850cfc94-801e-00b6-741f-63aeb9000000
cache-control: public, max-age=8640000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0CjB4YgAAAAA0d6I5pRqTQoCeY381YEPLQU1TMDRFREdFMTkxNwAxYTg5M2EyZS05OTkzLTQ4MDItOTVlYi00MTI3OGMwZDA4N2Y=
content-length: 44084

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPV733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2637
date: Sun, 08 May 2022 20:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 08 May 2022 22:19:09 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 68C0 42 KB
22 KB 66ms
66ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQnpccAAAAADS-SM5ACCayILkPiVgLVK4nPIAb&co=aHR0cHM6Ly93d3cubmhjb3ZpZGNsYWltcy5jb206NDQz&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=zduxkgajkjul

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c06cf4f8b93a57841c7cc181fe3e6681ea564510d9ae054e7b141d9b89875d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cpw7kBn8tFSZHNouewQYMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nhcovidclaims.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22194
content-security-policy: script-src 'report-sample' 'nonce-cpw7kBn8tFSZHNouewQYMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 21:03:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
148 B 43ms
43ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=709566108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nhcovidclaims.com%2F&ul=en-us&de=UTF-8&dt=Nursing%20Home%20Claims&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1237043880&gjid=1251021394&cid=1499099792.1652043787&tid=UA-164123360-26&_gid=1024299828.1652043787&_r=1&gtm=2wg540WSPV733&z=1610769654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nhcovidclaims.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 May 2022 21:03:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nhcovidclaims.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 36ms
36ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=709566108&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nhcovidclaims.com%2F&ul=en-us&de=UTF-8&dt=Nursing%20Home%20Claims&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1499099792.1652043787&tid=UA-164123360-26&_gid=1024299828.1652043787&gtm=2wg540WSPV733&z=1259953099

Requested by

Host: www.nhcovidclaims.com
URL: https://www.nhcovidclaims.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nhcovidclaims.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 23:00:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79338
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame 68C0 51 KB
24 KB 119ms
39ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQnpccAAAAADS-SM5ACCayILkPiVgLVK4nPIAb&co=aHR0cHM6Ly93d3cubmhjb3ZpZGNsYWltcy5jb206NDQz&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=zduxkgajkjul

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 17:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 May 2023 17:08:45 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame 68C0 364 KB
144 KB 117ms
39ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147136
x-xss-protection: 0
last-modified: Mon, 02 May 2022 04:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 May 2023 20:31:37 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 68C0 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 439399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 10 May 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 68C0 15 KB
15 KB 118ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 446186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 68C0 15 KB
15 KB 120ms
41ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 456313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 68C0 102 B
134 B 45ms
45ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2bb902ccc459d03e4b9d2fdc84903ba65745388cee5a5bea30f8f16d135dda6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQnpccAAAAADS-SM5ACCayILkPiVgLVK4nPIAb&co=aHR0cHM6Ly93d3cubmhjb3ZpZGNsYWltcy5jb206NDQz&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=zduxkgajkjul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 21:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 08 May 2022 21:03:07 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nhcovidclaims.com/	1970-01-20 20:25:15	Name: _ga Value: GA1.2.1499099792.1652043787
.nhcovidclaims.com/	1970-01-20 02:55:30	Name: _gid Value: GA1.2.1024299828.1652043787
.nhcovidclaims.com/	1970-01-20 02:54:03	Name: _gat_UA-164123360-26 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
lpbuildercdn.azureedge.net
nhcovidclaims.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.nhcovidclaims.com
13.92.37.171
2620:1ec:46::45
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::200e
52.176.167.152
02523b13a55a12a36212c4d0f23866405a17867f8d8992ce3e3f5f8915200a92
06132fcbfb8b4cfafba2b0f841c46a52bc1a2f4e3a291be96bde2c1080ba22f3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
215c14e647b82ab1f3e543b3fec5dd34848b7b25adcba18383b4bf9a32d0305c
21f037aac06f763e31830817b6c0cdf5b81bc1fd58496c451583f412346916e4
27bf94c6324289bc56d63de085de06d0b4f629c3c3d01ad36ea220d9297863e4
368e5d6c142818b4cc8bec75f6d0d0bb1f9b9c75f20d839477134d0be40d2805
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f05e5146974ddc20ceb0cfee17a3bd52ae23f31654236af0509a224ba998858
424ec7d6ff4ed8e80c27e8954973b64740e2367039ef84e254c1ce699718a62c
45a0b90ad4f7f45e1f246f2aa61333c8abb11d8264841b1fcf50624f1546a7ec
4f7e805b5c39a4ff439363e76830abf06d66faccfc95ceeaff70f05228cdd029
5560144b60f9a27e591941ebdab5fb483d2caf6540e8589f29505b4f35ac5334
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
687f974057ff5a38f47c85d17a89dc6b5fa586392a2507a7407350944d848c74
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ef9d2ebc25a8a4fa6e89de1a9d3cf8a270903cd25a505d2607340578266c0f9
80a22f9becd553d6b0f6e5cbd8e944db2f5848b85d92200155bee2cdd50423eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95c9f9978fa4e609660f11092056b0dc80b1923bf1438420c70f80c4cf4c9bd7
973d638fab33be49d18012c038c63d196d7a6c3d013f778d3cd10e548baeb887
9c06cf4f8b93a57841c7cc181fe3e6681ea564510d9ae054e7b141d9b89875d1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9513fce28c5fc1c4aa060be2128f3e3f8e4c3c72730c5034151dacd9af5fdeb
aa4f5c993ddb4ebedd9f770ef7a3cfce02764c116507415e4ae29693afb3e4d0
ae17de848b1b3303f9c453d436696e9c71b2c3399ead6c7a5857cdb649d3f903
b24d2da8148112c8c0500ea09262a79b1d6eba3d5a9a156db24a9ed5aadf5ff0
b4332f147153175368dd2032460dfa633ad8a2fe9a72583b210d3a617bd2c2a2
c44e93dda7bd5ede806ce4df6e59f02e8f6b3748aabd4dc35508214aab34089d
c6165d5e922e56cc1a91d0cfe6812349c6361b0135731f4f7f747b6afba6ccd1
c90a96a741d2a995a710bc417173d3012aa18b963c79bcb5f6ccd73f468e022e
cd8eb8c2218d99a280adf581dcda01b257bd6c83e59f59a5446b285e298a74ad
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
d3473e59c09b4ade6a2b3055b6faba7b6133b7635006a1ed48cf029b79904f6c
e2bb902ccc459d03e4b9d2fdc84903ba65745388cee5a5bea30f8f16d135dda6
e63e75766c89c756b98db5c3a55d22cdc1ebc2452069f13032f21e872381e86a
e8b1d312027060542748b86a0eca8f14afd88ebeeca252453463c54eb920b7bc
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

www.nhcovidclaims.com Open in urlscan Pro 13.92.37.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

78 %IPv6

7 Domains

9 Subdomains

8 IPs

2 Countries

1195 kBTransfer

1944 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nhcovidclaims.com Open in urlscan Pro
13.92.37.171 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

1195 kB
Transfer

1944 kB
Size

3
Cookies

40 HTTP transactions
0 data transactions