ibx.com

HTML metadata

Title: Pennsylvania Health Insurance | Independence Blue Cross (IBX)
Description: Independence Blue Cross (IBX) offers affordable health care, dental, vision and Medicare plans in Philadelphia and southeastern Pennsylvania.

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (2)

feed.mikle.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

CSC Corporate Domains, Inc.

Created

1991-02-20

Expires

2027-02-21 277 days left

Updated

2026-02-17

Name servers

udns1.cscdns.net
udns2.cscdns.uk

DNS records live

NS

udns1.cscdns.net
udns2.cscdns.uk

MX

10 mxa-00150201.gslb.pphosted.com
10 mxb-00150201.gslb.pphosted.com

TXT

Show 24 TXT records

have-i-been-pwned-verification=dweb_bo57ebya6vd3ag3kq41yqzti
jamf-site-verification=U6RqniNApKY-TeYmG2tG-g
apple-domain-verification=8K9eANTx1AG2izhC
MS=ms94597058
Text Data: \226\128\156MS=ms94597058\226\128\157
google-site-verification=siGTyd7_L_jX6BcGn_wXXVLks1cZsjvDayNyXX01eP4
MS=ms97354375
google-site-verification=57GjkrXVIDElcWp4pcPqRo18pCkg8ID5W-0p3DVHGa8
ca3-0a9bef548e3d4e0ab505d534c3b08bb4
ca3-84f098c65a344e26a001ff1566454da0
d365mktkey=eU1Qdq7CqwJCYlla76fR1E4YH3YwSN4rpc7aPsQ2uAYx
Docusign=58006caf-e4de-49a0-b3fa-4c7406b6e3ec
MS=ms15728079
docusign=74b985b9-fe00-42f3-a55a-ec2cff5b41d9
facebook-domain-verification=8ymj1h4696qbpv6c02b1fvv76xrmdc
docusign=81136d5f-88fd-40cf-8dcb-d6bb608ac4a0
MS=ms62186175
sbhQY7/gGaFliedsq02+QQ3PCW3nDRrnqHN5sce/yPscdXKWfrx1URXAROeeLjHgsYiKeO7WSlLJnwluj4fGFg==
twilio-domain-verification=a27c20ea1f544e84e38a5245a5ac9b05
Dynatrace-site-verification=78b7f65f-2f42-4a26-92fb-31677d9d0869__88afuosbi0un40l3i833mqgcmg
LkJtA25KcJyiZ+/wuiZT7zCttUB0sdZjclAxfv7JGDdZPtoOwTtcFl9F4Aw/Fj5c5yWrFCRiShadvW6+uqgxNA==
msfpkey=2pxo9lf40le38h2vq0d3hipht
RJhtvcQnYJsxqWX3GQ0L3Zv5a3cqQP4jCfT1Hz2eDWeIXyY+QMN1QEb2KFF2LTq6tjSXyWuSqyDQ9PA3Ejo07g==
e4f2eaf63e274e5299771eefb6cfe692

Email authentication strong

SPF

v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0cOW66JRG9ppxkLjLTeIh4J7iiPHdbcPSBg0EJoiFoigwtF5rJigPwNDv69bkG9riefbDp3ipp5W9sazH8W…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCsvCmHWdNRJ/7Io6Nn8ARDPRhwKgrj1MPKj7xieUFf8a6HgHbHg5IdXP/I7tWx1fqPlp3MOklEqCYS5sZYt…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2026-01-30 to 2027-02-11

Expires in 267 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.ibx.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.ibx.com *.doubleclick.net blob: data: *.rezync.com *.rfihub.com *.rfihub.net *.boomtrain.com *.wishpond.com https://*.nextdoor.com https://cdsso.highmark.com/ https://statse.webtrendslive.com/ https://*.fullstory.com https://cdssotest.highmark.com https://player.vml.technology/ https://tr.outbrain.com https://*.dialogtech.com https://sp.analytics.yahoo.com https://pharmacy-rxportal-stage.sxc.com https://ibx.intelliresponse.com https://cdn.mouseflow.com *.googletagmanager.com *.cloudfront.net https://*.yimg.com https://amplify.outbrain.com/ https://www.googleoptimize.com/ https://www.gstatic.com/ https://pagead2.googlesyndication.com https://ib.mookie1.com/ https://bat.bing.com https://*.quantummetric.com https://collector-7863.tvsquared.com/ https://*.facebook.net https://www.facebook.com http://www.mookie.com/ http://typekit.com https://*.typekit.net https://snap.licdn.com https://tags.srv.stackadapt.com https://use.fontawesome.com https://ajax.googleapis.com/ htt
strict-transport-security: max-age=31536000; includeSubDomains; preload