urlscan.io logo urlscan.io
SecurityTrails logo

stage-surprisebilling.fairhealth.org Open in urlscan Pro
38.131.228.99  Public Scan

Go To Rescan Add Verdict Report
URL: https://stage-surprisebilling.fairhealth.org/
Submission: On November 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 30 HTTP transactions. The main IP is 38.131.228.99, located in New York, United States and belongs to COGENT-174, US. The main domain is stage-surprisebilling.fairhealth.org.
TLS certificate: Issued by SSL.com RSA SSL subCA on May 30th 2023. Valid for: a year.
This is the only time stage-surprisebilling.fairhealth.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 38.131.228.99 174 (COGENT-174)
3 52.216.153.174 16509 (AMAZON-02)
1 1 13.107.213.45 8075 (MICROSOFT...)
1 2620:1ec:bdf::67 8075 (MICROSOFT...)
30 4
Domain Requested by
25 stage-surprisebilling.fairhealth.org stage-surprisebilling.fairhealth.org
3 s3.amazonaws.com stage-surprisebilling.fairhealth.org
1 www.fairhealth.org stage-surprisebilling.fairhealth.org
1 fairhealth.org 1 redirects
0 www.googletagmanager.com Failed stage-surprisebilling.fairhealth.org
30 5

This site contains links to these domains. Also see Links.

Domain
fairhealth.org
www.fairhealth.org
Subject Issuer Validity Valid
*.fairhealth.org
SSL.com RSA SSL subCA		 2023-05-30 -
2024-06-29		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://stage-surprisebilling.fairhealth.org/
Frame ID: F6E789E0F1878B7159CFC6B8D43BE876
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FH Orders

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

93 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

1
Countries

1183 kB
Transfer

1621 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://fairhealth.org/images-v2/full_map_icon.png HTTP 301
  • https://www.fairhealth.org/images-v2/full_map_icon.png

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
stage-surprisebilling.fairhealth.org/ 		67 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx / PHP/8.1.24
Resource Hash
f1ec04f94963531d45c62394e61d73cde03ecbc440fc7fb9827f8d855fc8f08f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 16:55:18 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/8.1.24
expires
-1
pragma
no-cache
all.css
s3.amazonaws.com/media.fairhealth.org/css/fontawesome-5.3.1/css/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/media.fairhealth.org/css/fontawesome-5.3.1/css/all.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.153.174 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bdc2937fbf459dded308ba67e907768b3b23f9bc1744152d19339f8b73e3071e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:20 GMT
x-amz-version-id
JVEaYJDMkQXB7tQ8utay9JsyMWEvg8Lm
Last-Modified
Fri, 28 Sep 2018 18:00:33 GMT
Server
AmazonS3
x-amz-request-id
XQMBQWXCJ8CEBX6Z
ETag
"7b2e939262b36ed4cb18aa0aab7b2bec"
Content-Type
text/css
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
80707
x-amz-id-2
xu1HtgAAhzqJMeGFoHkOMBeSl2W7c6TzfvXh99Myw59wJvRu/H9bVMLp6WUV9RAMA8ETrnGHbVI=
slick.css
stage-surprisebilling.fairhealth.org/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/slick.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
9e52b2f0294d9b468113b3de2428660965d16b6ba696bde23044795bc522bcaa
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
"64cacdd0-f17"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3863
foundation.css
stage-surprisebilling.fairhealth.org/css/ 		126 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/foundation.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
4162ace506227bec3653096792c3259e873a04f01929cf1ce43b0498d8182ecf
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-1f8b3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
validationEngine.jquery.css
stage-surprisebilling.fairhealth.org/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/validationEngine.jquery.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
2c401987d9798ccd2da70da73db9a9019aec76d9a81a0e2a6b073c9bc5bf5b0d
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
"64cacdd0-c4f"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3151
ionicons.min.css
stage-surprisebilling.fairhealth.org/css/ 		44 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/ionicons.min.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
3ee01dae6b99ebe233b1f36f4f6dfcada89f5105f795cf837f7457c1f36d0d9c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-b08e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
bootstrap.min.css
s3.amazonaws.com/media.fairhealth.org/css/ 		147 KB
148 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/media.fairhealth.org/css/bootstrap.min.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.153.174 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:20 GMT
x-amz-version-id
RMygk8OlZ6yKG1ZInOanIH6W8nhaSZ6f
Last-Modified
Tue, 21 Aug 2018 22:54:03 GMT
Server
AmazonS3
x-amz-request-id
XQMA8HEPFXM6QP4X
ETag
"7e923ad223e9f33e54d22e50cf2bcce5"
x-amz-server-side-encryption
AES256
Content-Type
text/css
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
150996
x-amz-id-2
F2MnrjAOa34VYDJ/FT1o0TalCNQrexbkiKpPd4d19G8nZZD3XevMBjmoHa5cQ0GI/4SUnoGLV4k=
modal.css
stage-surprisebilling.fairhealth.org/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/modal.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
14a5860adb00832e43c64bf076e17f890f3553a19e58710a4f0b76efbcb785dd
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
"64cacdd0-70d"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1805
main.css
stage-surprisebilling.fairhealth.org/css/ 		28 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/main.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
98f6f4e25858b154d11682b458658930c7e9eba4b9d996b745ff81cf3dced6fc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-6e1b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
home.css
stage-surprisebilling.fairhealth.org/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/home.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
3e50810eae1aa8f85e523f802c1ae07a8b8ad8f3a3466ed1473fdb6673bc670e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
"64cacdd0-1a99"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6809
products.css
stage-surprisebilling.fairhealth.org/css/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/products.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
0d3ed45b342ceb21431d5542462bbe79c6a860e351b529bbc6c7a1321e118494
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
"64cacdd0-1920"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6432
notifyBar.css
stage-surprisebilling.fairhealth.org/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/css/notifyBar.css
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
8263359a9499948c106dbade0f06b573435e190e3c451431a0ad526c80e35ef7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
"64cacdd0-8ea"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2282
jquery.min.js
stage-surprisebilling.fairhealth.org/js/ 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/js/jquery.min.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-15d84"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
custom.modernizr.js
stage-surprisebilling.fairhealth.org/js/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/js/custom.modernizr.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
044d12b8bafd404c60fc17d525f6f89fc2acfa278dae63c686731dab15592578
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-2448"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
slick.min.js
stage-surprisebilling.fairhealth.org/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/js/slick.min.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
6730bc981751c6f7a5d2fc02ecea46e6bf28023d7987fc8778436554d3a2d6b9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-617c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
jquery.validationEngine.js
stage-surprisebilling.fairhealth.org/js/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/js/jquery.validationEngine.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
ea5f78bfacd2ec7e2190ec8d338a27c37b0248c01a3310a96c8b1f9a488e3400
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-11b08"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
jquery.validationEngine-en.js
stage-surprisebilling.fairhealth.org/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/js/jquery.validationEngine-en.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
096ef5588441645846327422adb3c086d794ffcbbaedd7c3babab18ca8491f63
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-2cbf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
jquery.notifyBar.js
stage-surprisebilling.fairhealth.org/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/js/jquery.notifyBar.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
792d792f7d575a94a801e0e65b91098bb404b7bd5cf0195ac3e0c532eadd77a7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
"64cacdd0-c75"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3189
products.js
stage-surprisebilling.fairhealth.org/js/ 		577 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/js/products.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e42f49e9cc05831ba8013403da0b57e38fe0a850742943f4c6c3c8dfc0128020
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
"64cacdd0-241"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
577
logo-white.svg
stage-surprisebilling.fairhealth.org/images/ 		20 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage-surprisebilling.fairhealth.org/images/logo-white.svg
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
277e514535688ec8a031d25e137c11a69563ba570116e0e49aa34458d34d0b31
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 21 Jun 2023 01:31:23 GMT
Server
nginx
ETag
W/"649252eb-511e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
logo.svg
stage-surprisebilling.fairhealth.org/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage-surprisebilling.fairhealth.org/images/logo.svg
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
581b8688b88032bf15cffa8b6ec177127995f8664c277092c6bc36f5e07037e7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 21 Jun 2023 01:31:23 GMT
Server
nginx
ETag
"649252eb-1970"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6512
full_map_icon.png
www.fairhealth.org/images-v2/
Redirect Chain
  • https://fairhealth.org/images-v2/full_map_icon.png
  • https://www.fairhealth.org/images-v2/full_map_icon.png
55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fairhealth.org/images-v2/full_map_icon.png
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
H2
Server
2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1086ae70caf5593d14f9de4358ac890edd3ba040a74b35f70bb73678ad86d4f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:55:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 01 Dec 2022 22:03:26 GMT
etag
"638924ae-db60"
x-frame-options
SAMEORIGIN
x-azure-ref
20231109T165520Z-dpuw8737wx5711b7pd63prd4s0000000044000000000zd22
content-type
image/png
x-cache
CONFIG_NOCACHE
cache-control
max-age=315360000
accept-ranges
bytes
content-length
56160
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://www.fairhealth.org/images-v2/full_map_icon.png
date
Thu, 09 Nov 2023 16:55:20 GMT
x-azure-ref
20231109T165519Z-7pmpmq9c6d46t90y0rdac4v63w000000009000000002hcd9
content-length
162
x-frame-options
SAMEORIGIN
x-cache
CONFIG_NOCACHE
content-type
text/html
Georgia_Seal.svg
stage-surprisebilling.fairhealth.org/images/ 		135 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage-surprisebilling.fairhealth.org/images/Georgia_Seal.svg
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
884b33b3c25ae0a82a043e4b78a765d8c9a3c6ee1a28f473411f4ad0883a80aa
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 21 Jun 2023 01:31:23 GMT
Server
nginx
ETag
W/"649252eb-21bff"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
nm_seal.png
stage-surprisebilling.fairhealth.org/images/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage-surprisebilling.fairhealth.org/images/nm_seal.png
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
6c47ccb671e97889beb3e5d5f40cd9237a9eb9e44fc4787641dd7e510468fa6a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 21 Jun 2023 01:31:23 GMT
Server
nginx
ETag
"649252eb-17d78"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97656
texas_seal.png
stage-surprisebilling.fairhealth.org/images/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage-surprisebilling.fairhealth.org/images/texas_seal.png
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
1338bec4bd79b4564e9f2c00e7ae76dd5120f9547e943c3b02af9c88b1232394
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 21 Jun 2023 01:31:23 GMT
Server
nginx
ETag
"649252eb-16fb0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
94128
tether.min.js
stage-surprisebilling.fairhealth.org/js/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage-surprisebilling.fairhealth.org/js/tether.min.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e2589eb4e8b044304ac758286596d18b0074e8bfbf6cf60418320a66df366e08
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 02 Aug 2023 21:42:40 GMT
Server
nginx
ETag
W/"64cacdd0-6231"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
bootstrap.min.js
s3.amazonaws.com/media.fairhealth.org/js/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/media.fairhealth.org/js/bootstrap.min.js
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.153.174 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:20 GMT
x-amz-version-id
RDQFKvly8mBFNUbNtKivrlhPapAck12u
Last-Modified
Tue, 21 Aug 2018 22:55:49 GMT
Server
AmazonS3
x-amz-request-id
XQMB5VH494J9BNB4
ETag
"0827a0bdcd9a917990eee461a77dd33e"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
46653
x-amz-id-2
G+s/Z2l9x0HYhrQc5qkXMVKKWs57ymiYri367Tu+o3zRpGzQydkI1sZ24eFfvEpG4Qz+qpugyIo=
js
www.googletagmanager.com/gtag/ 		0
0
purple_hdr_bg.png
stage-surprisebilling.fairhealth.org/images/ 		424 KB
424 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage-surprisebilling.fairhealth.org/images/purple_hdr_bg.png
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/css/home.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
8b0bbd218b48cb9af7816b4b09dd36eb5a8b12be86e6cc579d2ae84727e91645
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/css/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 21 Jun 2023 01:31:23 GMT
Server
nginx
ETag
"649252eb-69ef2"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
433906
chevron-in-circle-right.svg
stage-surprisebilling.fairhealth.org/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage-surprisebilling.fairhealth.org/images/chevron-in-circle-right.svg
Requested by
Host: stage-surprisebilling.fairhealth.org
URL: https://stage-surprisebilling.fairhealth.org/css/products.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.131.228.99 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
329a6b873c6cc93d949a7ae90cbd7b72ad8560bad267283f406c61071434c59e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage-surprisebilling.fairhealth.org/css/products.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 16:55:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Last-Modified
Wed, 21 Jun 2023 01:31:23 GMT
Server
nginx
ETag
"649252eb-4ea"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1258

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-KQW53N4WZX

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| html5 object| Modernizr function| yepnope function| showError function| showCustomMessage function| showSuccess function| keyRestrict function| getKeyCode function| gtag object| dataLayer function| Tether function| getURLParameter

2 Cookies

Domain/Path Name / Value
stage-surprisebilling.fairhealth.org/ Name: XSRF-TOKEN
Value: eyJpdiI6ImVEUTMvZDBQOGcwdE56VDFzYng3SEE9PSIsInZhbHVlIjoiVFM5a0d0SUtuZkdOc0FGNVJXUGJrMkZVQXFKY0I0M29VMGxVYzhFczNuZTY2SGp5dXVCZHVWR05LZ2pBRS9oRUxmRHZwR2RMNjJHT2EyNE9ubTZ4K1lpNGdxc0ZOaGVHSVRTdUh5MkdCOFlVMlRCZW5ZZzhPVzdDdGgxOEl3M2MiLCJtYWMiOiJiMzI5ZTFjYzJhYmFlZDE2ZjJkMjUzNzZhY2QyZDIwOGYwMGJhNGIwNGNkZjMwMWUwNWE2NmJmNjU2YzdlZmJjIiwidGFnIjoiIn0%3D
stage-surprisebilling.fairhealth.org/ Name: orders_session
Value: eyJpdiI6Im9ydHlyckVHRlM3V3NxZ0NhTWlURHc9PSIsInZhbHVlIjoiZS9Qb3FOMUtYdlhBaHIxYkIvb2VjR3pjS0lTWStUM3hIT0FZam1HM0FWKy9zYS91cStkS2lENzZOVUs5TkhCV0hOUDBDYVlzRUNsWTVvUEtYcVhZbFJwWHJVcUtVdG01TG1JOGlucGo5eWtDWEVvMkYvQVEvUXhSbzJJUFhqS3QiLCJtYWMiOiJhYWVjNGJlYWE5MzVhZTVjMTJjZDMwMjRkNmQ1MTJmMmZhOGYxYjRmN2ZmN2Y3MGEwZDk2MDU1NjM4MGM1MjM3IiwidGFnIjoiIn0%3D

1 Console Messages

Source Level URL
Text
security error URL: https://stage-surprisebilling.fairhealth.org/
Message:
Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-KQW53N4WZX' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.youtube.com maps.gstatic.com *.googleapis.com *.google-analytics.com cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net s3.amazonaws.com; frame-src 'self' *.youtube.com assets.zendesk.com *.facebook.com s-static.ak.facebook.com tautt.zendesk.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fairhealth.org
s3.amazonaws.com
stage-surprisebilling.fairhealth.org
www.fairhealth.org
www.googletagmanager.com
www.googletagmanager.com
13.107.213.45
2620:1ec:bdf::67
38.131.228.99
52.216.153.174
044d12b8bafd404c60fc17d525f6f89fc2acfa278dae63c686731dab15592578
096ef5588441645846327422adb3c086d794ffcbbaedd7c3babab18ca8491f63
0d3ed45b342ceb21431d5542462bbe79c6a860e351b529bbc6c7a1321e118494
1086ae70caf5593d14f9de4358ac890edd3ba040a74b35f70bb73678ad86d4f1
1338bec4bd79b4564e9f2c00e7ae76dd5120f9547e943c3b02af9c88b1232394
14a5860adb00832e43c64bf076e17f890f3553a19e58710a4f0b76efbcb785dd
277e514535688ec8a031d25e137c11a69563ba570116e0e49aa34458d34d0b31
2c401987d9798ccd2da70da73db9a9019aec76d9a81a0e2a6b073c9bc5bf5b0d
329a6b873c6cc93d949a7ae90cbd7b72ad8560bad267283f406c61071434c59e
3e50810eae1aa8f85e523f802c1ae07a8b8ad8f3a3466ed1473fdb6673bc670e
3ee01dae6b99ebe233b1f36f4f6dfcada89f5105f795cf837f7457c1f36d0d9c
4162ace506227bec3653096792c3259e873a04f01929cf1ce43b0498d8182ecf
581b8688b88032bf15cffa8b6ec177127995f8664c277092c6bc36f5e07037e7
6730bc981751c6f7a5d2fc02ecea46e6bf28023d7987fc8778436554d3a2d6b9
6c47ccb671e97889beb3e5d5f40cd9237a9eb9e44fc4787641dd7e510468fa6a
792d792f7d575a94a801e0e65b91098bb404b7bd5cf0195ac3e0c532eadd77a7
8263359a9499948c106dbade0f06b573435e190e3c451431a0ad526c80e35ef7
884b33b3c25ae0a82a043e4b78a765d8c9a3c6ee1a28f473411f4ad0883a80aa
8b0bbd218b48cb9af7816b4b09dd36eb5a8b12be86e6cc579d2ae84727e91645
98f6f4e25858b154d11682b458658930c7e9eba4b9d996b745ff81cf3dced6fc
9e52b2f0294d9b468113b3de2428660965d16b6ba696bde23044795bc522bcaa
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
bdc2937fbf459dded308ba67e907768b3b23f9bc1744152d19339f8b73e3071e
e2589eb4e8b044304ac758286596d18b0074e8bfbf6cf60418320a66df366e08
e42f49e9cc05831ba8013403da0b57e38fe0a850742943f4c6c3c8dfc0128020
ea5f78bfacd2ec7e2190ec8d338a27c37b0248c01a3310a96c8b1f9a488e3400
f1ec04f94963531d45c62394e61d73cde03ecbc440fc7fb9827f8d855fc8f08f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9