kaiserpermanente.org

.org toplist crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 1891 ms crawled 2026-05-18

US · 198.140.9.22 · AS3379 Kaiser Foundation Health Plan, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Custom Care & Coverage Just For You | Kaiser Permanente
Description: Staying healthy is easier with the right support. Visit kp.org to learn how we customize care and coverage just for you.
Language: en-US
Canonical: https://healthy.kaiserpermanente.org/front-door

Open Graph

url: https://healthy.kaiserpermanente.org/front-door
locale: en_US
site name: Kaiser Permanente

Technology

Third-party hosts loaded (8)

assets.adobedtm.com×2
cdn.tt.omtrdc.net×1
cdnjs.cloudflare.com×1
kaiser.demdex.net×1
kaiser.tt.omtrdc.net×1
rum.hlx.page×1
s.webtrends.com×1
statse.webtrendslive.com×1

Social

Contact

Phone

+1-800-218-1059

Address

Road NE, Atlanta, GA 30305

Registration

Registrar

MarkMonitor Inc.

Created

1996-09-19

Expires

2026-09-18 120 days left

Updated

2024-08-22

Name servers

ea-dns14.kp.org
ea-dns25.kp.org
ea-dns36.kp.org

DNS records live

NS

ea-dns14.kp.org
ea-dns25.kp.org
ea-dns36.kp.org

MX

10 mxa-00000703.gslb.pphosted.com
10 mxb-00000703.gslb.pphosted.com

TXT

Show 5 TXT records

dkfjqyqvzglbhgtz3knhv858prbm5s2q
_i4r2tzxch2m429o538ofho2mmxcxdpt
99jrg62x4m02njf7lm83xj87451y76wz
kxctyq4bp2hv6j7v7s23k5krpvyd785s
0db9fc67fcec4707b7fdd46b48cd59df

Verified for

Google
Microsoft 365

Email authentication partial

SPF: v=spf1 ip4:198.203.175.175 ip4:148.163.135.169 ip4:148.163.139.169 include:_netblocks.eloqua.com -all
strict (-all)
DMARC: v=DMARC1; p=none; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2026-01-23 to 2027-02-23

Expires in 278 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://healthy.kaiserpermanente.org/front-door

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.kaiserpermanente.org:* https://*.kp.org:* https://*.readspeaker.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: https://assets.adobedtm.com https://*.glance.net https://*.glancecdn.net https://*.sense.ly blob:; style-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: https://assets.adobedtm.com https://*.glance.net https://*.glancecdn.net; font-src 'self' data: https://*.kp.org https://*.kaiserpermanente.org https://fonts.gstatic.com https://*.qumucloud.com https://*.glance.net https://*.glancecdn.net; img-src 'self' data: blob: https://healthy.kaiserpermanente.org https://*.kp.org https://*.kaiserpermanente.org https://www.permanente.net https://permanente.net https://secure.insightexpressai.com https://yourkpmedicarehealthplan.org https://*.adsrvr.org https://api-s.mqcdn.com https://bat.bing.com https://api.mapbox.com https://*.akamaihd.net https://a2.adform.net https://www.google.it https://www.googletagmanager.com https://www.google.co.uk
strict-transport-security: max-age=31536000; includeSubDomains