publicintegrity.org Open in urlscan Pro
2606:4700:10::ac43:13c5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://publicintegrity.org/2015/03/16/16905/consumers-getting-skinned-health-insurers
Effective URL:
https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
Submission Tags: phishing malicious Search All
Submission: On January 06 via api (January 6th 2021, 10:14:58 pm UTC) from US

Summary HTTP 59 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 59 HTTP transactions. The main IP is 2606:4700:10::ac43:13c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is publicintegrity.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time publicintegrity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	2606:4700:10:... 2606:4700:10::ac43:13c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	23.111.11.71 23.111.11.71	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	13.224.94.104 13.224.94.104	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	2600:9000:219... 2600:9000:2190:f200:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	3.232.164.179 3.232.164.179	14618 (AMAZON-AES) (AMAZON-AES)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	14

39 2606:4700:10::ac43:13c5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

publicintegrity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.11.71 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.94.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-104.zrh50.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:f200:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.164.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-164-179.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	publicintegrity.org 1 redirects publicintegrity.org	985 KB
4	omappapi.com a.omappapi.com api.omappapi.com	75 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	facebook.com www.facebook.com	333 B
2	facebook.net connect.facebook.net	92 KB
2	googletagmanager.com www.googletagmanager.com	68 KB
1	chartbeat.net ping.chartbeat.net	169 B
1	chartbeat.com static.chartbeat.com	14 KB
1	newrelic.com js-agent.newrelic.com	11 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	91 B
59	13

	Domain	Requested by
39	publicintegrity.org	1 redirects publicintegrity.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	api.omappapi.com	a.omappapi.com
2	www.facebook.com	publicintegrity.org connect.facebook.net
2	a.omappapi.com	publicintegrity.org a.omappapi.com
2	connect.facebook.net	publicintegrity.org connect.facebook.net
2	www.googletagmanager.com	publicintegrity.org
1	ping.chartbeat.net
1	static.chartbeat.com	publicintegrity.org
1	js-agent.newrelic.com	publicintegrity.org
1	www.google.de	publicintegrity.org
1	www.google.com	publicintegrity.org
1	stats.g.doubleclick.net	www.google-analytics.com
59	14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.reddit.com
blogs.wsj.com
www.amazon.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.omappapi.com Go Daddy Secure Certificate Authority - G2	`2020-03-16` - `2022-03-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
api.opmnstr.com Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
Frame ID: 2C777BD7CA9E2C1671BF2B1B0FC4624C
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://publicintegrity.org/2015/03/16/16905/consumers-getting-skinned-health-insurers HTTP 301
https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/ Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

59
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

14
Subdomains

14
IPs

4
Countries

1265 kB
Transfer

2770 kB
Size

12
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/&text=Consumers%20getting%20%E2%80%98skinned%E2%80%99%20by%20health%20insurers%20via%20@publicintegrity
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/&title=Consumers%20getting%20%E2%80%98skinned%E2%80%99%20by%20health%20insurers%20|%20Center%20for%20Public%20Integrity
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: http://blogs.wsj.com/washwire/2015/03/11/health-care-deductibles-climbing-out-of-reach/
Title: commentary

Search URL Search Domain Scan URL

URL: http://www.amazon.com/gp/product/B00A16M7HC/ref=as_li_tf_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00A16M7HC&linkCode=as2&tag=thecenforpu0d-20
Title: Deadly Spin: An Insurance Company Insider Speaks Out on How Corporate PR is Killing Health Care and Deceiving Americans

Search URL Search Domain Scan URL

URL: http://www.amazon.com/gp/product/B00H5MIWCE/ref=as_li_qf_sp_asin_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00H5MIWCE&linkCode=as2&tag=thecenforpu0d-20
Title: Obamacare: What’s in It for Me? What Everyone Needs to Know About the Affordable Care Act

Search URL Search Domain Scan URL

URL: https://www.facebook.com/publici
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/publicintegrity
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/center-for-public-integrity/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/publicintegrity/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://publicintegrity.org/2015/03/16/16905/consumers-getting-skinned-health-insurers HTTP 301
https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
Redirect Chain

https://publicintegrity.org/2015/03/16/16905/consumers-getting-skinned-health-insurers
https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

130 KB
28 KB

639ms
638ms

Document
text/html

2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be0be8ad90f51052e1d6719117f66398f7070960ef0f62e16b2108901ffdaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

:method: GET
:authority: publicintegrity.org
:scheme: https
:path: /health/consumers-getting-skinned-by-health-insurers/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d449a7405cacf11bfca71c4769c2007ed1609971278; SSESSd2a4d3e5e85a7694890cc82203db548c=8f8ba3c0db794d358b9b09e2bc2c4de2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-pantheon-styx-hostname: styx-fe3-a-954f78b6-9clp2
x-pingback: https://publicintegrity.org/xmlrpc.php
x-styx-req-id: 91503e37-506c-11eb-920a-62c590ca2ff6
x-served-by: cache-mdw17375-MDW, cache-fra19164-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1609971279.899858,VS0,VE592
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
cf-request-id: 077b5d3c150000326029847000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 60d8cb0ce9d63260-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 06 Jan 2021 22:14:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d449a7405cacf11bfca71c4769c2007ed1609971278; expires=Fri, 05-Feb-21 22:14:38 GMT; path=/; domain=.publicintegrity.org; HttpOnly; SameSite=Lax SESSd2a4d3e5e85a7694890cc82203db548c=05cc15e178f8806ada99212e63410d3e; expires=Wed, 06-Jan-2021 22:14:38 GMT; Max-Age=0 SSESSd2a4d3e5e85a7694890cc82203db548c=8f8ba3c0db794d358b9b09e2bc2c4de2; path=/; domain=.publicintegrity.org; secure; HttpOnly
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-pantheon-styx-hostname: styx-fe3-b-5c894dd97d-2sw86
x-styx-req-id: 91205881-506c-11eb-a796-2ad032b387b1
x-served-by: cache-mdw17352-MDW, cache-fra19149-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1609971279.582108,VS0,VE279
vary: Cookie, Cookie, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
cf-cache-status: BYPASS
cf-request-id: 077b5d3ae30000326034843000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 60d8cb0b0eb83260-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 MaisonNeue-Demi.woff
publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/ 38 KB
38 KB 17ms
16ms Font
font/woff 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/MaisonNeue-Demi.woff

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6f4b5499ec6843177aa0bb72c837610cb57aa338b79d1fb8784427b95ff16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5239594
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-h85ct
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38915
cf-request-id: 077b5d3eb00000326034888000000001
x-served-by: cache-mdw17380-MDW, cache-fra19157-FRA
last-modified: Thu, 05 Nov 2020 15:35:27 GMT
server: cloudflare
x-timer: S1604731685.156014,VS0,VE1
etag: "5fa41bbf-9803"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 16:53:26 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11194b3260-FRA
x-styx-req-id: 6c4e4883-1f87-11eb-9640-865f4f66a905
x-cache-hits: 2, 1

GET
H2 200 MaisonNeue-Book.woff
publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/ 38 KB
39 KB 42ms
41ms Font
font/woff 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/MaisonNeue-Book.woff

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc9f03172e24876a7e0a2c6b93da219f33020f68978199551565bb747a42817

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 1785674
x-pantheon-styx-hostname: styx-fe3-a-954f78b6-bcl7b
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39387
cf-request-id: 077b5d3eb0000032600aba6000000001
x-served-by: cache-mdw17356-MDW, cache-fra19180-FRA
last-modified: Thu, 03 Dec 2020 08:41:37 GMT
server: cloudflare
x-timer: S1608185606.930688,VS0,VE1
etag: "5fc8a4c1-99db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
expires: Sat, 04 Dec 2021 11:23:10 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11194c3260-FRA
x-styx-req-id: ecf13a9b-3559-11eb-a3c3-b6833862ebc0
x-cache-hits: 1, 1

GET
H2 200 Druk-Bold-Web.woff
publicintegrity.org/wp-content/themes/cpi/static/fonts/druk/ 37 KB
38 KB 19ms
19ms Font
font/woff 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/druk/Druk-Bold-Web.woff

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c408b0c662aea2f45bff5967f61c5ad101981f6716a045944f53707f131d8444

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5336161
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-2mqj6
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 38170
cf-request-id: 077b5d3eb100003260158a1000000001
x-served-by: cache-mdw17380-MDW, cache-fra19147-FRA
last-modified: Thu, 05 Nov 2020 15:35:27 GMT
server: cloudflare
x-timer: S1604635119.618631,VS0,VE1
etag: "5fa41bbf-951a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 16:53:26 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11194d3260-FRA
x-styx-req-id: 6c523940-1f87-11eb-b605-56226c185009
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 22ms
18ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3383794-4

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbff06b8c2e7208119f598175295f302fa601e5eb47f1ecf79e2ccdef6da23a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38970
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jan 2021 22:14:39 GMT

GET
H2 200 fontawesome-all.min.css
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/css/ 38 KB
8 KB 22ms
20ms Stylesheet
text/css 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/css/fontawesome-all.min.css?ver=5.3.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b55b048a6379c301a3f7644a1a53d500c87657e4ec633201a5666ed880b0d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5376902
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-df2n6
x-cache: MISS, MISS
content-encoding: br
cf-request-id: 077b5d3eb1000032601aac8000000001
x-served-by: cache-mdw17377-MDW, cache-fra19142-FRA
last-modified: Thu, 05 Nov 2020 15:35:35 GMT
server: cloudflare
x-timer: S1604594377.030611,VS0,VE116
etag: W/"5fa41bc7-989b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-styx-req-id: 7e0d7776-1f85-11eb-a229-2a0e1fa9899e
expires: Sat, 06 Nov 2021 16:39:37 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1119503260-FRA
x-cache-hits: 0, 0

GET
H2 200 wpdiscuz.css
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/css/ 58 KB
10 KB 27ms
25ms Stylesheet
text/css 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz.css?ver=5.3.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a8a33a4ef6f6efd41ec284a8a23c03d9535ad0db89de9e54f98f37ff0610f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5241673
cf-polished: origSize=65401
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-8p8sq
x-cache: MISS, HIT
cf-bgj: minify
content-encoding: br
cf-request-id: 077b5d3eb2000032603291c000000001
x-served-by: cache-mdw17321-MDW, cache-fra19140-FRA
last-modified: Thu, 05 Nov 2020 15:35:35 GMT
server: cloudflare
x-timer: S1604729606.181312,VS0,VE1
etag: W/"5fa41bc7-ff79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-styx-req-id: 7e0d7d88-1f85-11eb-aaf4-921b7a3e1d09
expires: Sat, 06 Nov 2021 16:39:37 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1119513260-FRA
x-cache-hits: 0, 1

GET
H2 200 wpdiscuz-user-content.css
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/css/ 7 KB
2 KB 23ms
21ms Stylesheet
text/css 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-user-content.css?ver=5.3.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e48e4b9f07205bc202a3f7a3a624413248e4c849a405308de5517d28b8b6d8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5336161
cf-polished: origSize=7816
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-s5jpt
x-cache: HIT, HIT
cf-bgj: minify
content-encoding: br
cf-request-id: 077b5d3eb200003260ea36e000000001
x-served-by: cache-mdw17341-MDW, cache-fra19141-FRA
last-modified: Thu, 05 Nov 2020 15:35:41 GMT
server: cloudflare
x-timer: S1604635119.717447,VS0,VE1
etag: W/"5fa41bcd-1e88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-styx-req-id: 7e0db812-1f85-11eb-bd57-86cb2a3f9c7d
expires: Sat, 06 Nov 2021 16:39:37 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1119533260-FRA
x-cache-hits: 1, 1

GET
H2 200 jquery.js Show response
publicintegrity.org/wp-includes/js/jquery/ 95 KB
32 KB 33ms
31ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5385875
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-nthbk
x-cache: HIT, HIT
content-encoding: br
cf-request-id: 077b5d3eb30000326047a4b000000001
x-served-by: cache-mdw17337-MDW, cache-fra19121-FRA
last-modified: Thu, 05 Nov 2020 06:05:55 GMT
server: cloudflare
x-timer: S1604585405.745370,VS0,VE1
etag: W/"5fa39643-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: f7393b4d-1f6e-11eb-a266-8ef7621c9487
expires: Sat, 06 Nov 2021 13:58:21 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1119583260-FRA
x-cache-hits: 1, 1

GET
H2 200 customcookie.js Show response
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/wpdcookiejs/ 3 KB
1 KB 18ms
16ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/wpdcookiejs/customcookie.js?ver=5.3.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c92c0547caea11ebbe6c0d8bb6c3ffbc83e33c4d9ea7811372c8209c15f4dc62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5376902
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-ct4b7
x-cache: MISS, MISS
content-encoding: br
cf-request-id: 077b5d3eb4000032602402f000000001
x-served-by: cache-mdw17336-MDW, cache-fra19164-FRA
last-modified: Thu, 05 Nov 2020 15:35:35 GMT
server: cloudflare
x-timer: S1604594377.034756,VS0,VE114
etag: W/"5fa41bc7-a1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: 7e0e2cbc-1f85-11eb-9708-ae96c617c498
expires: Sat, 06 Nov 2021 16:39:37 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb11195c3260-FRA
x-cache-hits: 0, 0

GET
H2 200 jquery.autogrowtextarea.min.js Show response
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/autogrow/ 2 KB
1 KB 22ms
21ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/autogrow/jquery.autogrowtextarea.min.js?ver=5.3.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98e3052b652ac40e8515fff7b8e33911c7da68b2bca0e0968c74a4ccf01892c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 1234318
x-pantheon-styx-hostname: styx-fe3-a-556dd49586-596hr
x-cache: HIT, HIT
content-encoding: br
cf-request-id: 077b5d3eb400003260dd15e000000001
x-served-by: cache-mdw17363-MDW, cache-fra19178-FRA
last-modified: Wed, 18 Nov 2020 10:57:33 GMT
server: cloudflare
x-timer: S1608736961.312843,VS0,VE1
etag: W/"5fb4fe1d-764"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: 77fe0617-2995-11eb-b1d2-465b653d4551
expires: Fri, 19 Nov 2021 11:59:10 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb11195e3260-FRA
x-cache-hits: 1, 1

GET
H2 200 wpdiscuz.js Show response
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/js/ 62 KB
10 KB 61ms
59ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz.js?ver=5.3.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a031ff29ec165a009a5eeaac46f0e5adab79824d2a754dd437981d0c72282dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5327239
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-8p8sq
x-cache: HIT, HIT
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 077b5d3ebf000032600b03d000000001
x-served-by: cache-mdw17349-MDW, cache-fra19149-FRA
last-modified: Thu, 05 Nov 2020 15:35:41 GMT
server: cloudflare
x-timer: S1604644041.752045,VS0,VE1
etag: W/"5fa41bcd-f8d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: a0eccfc9-1fbb-11eb-aaf4-921b7a3e1d09
expires: Sat, 06 Nov 2021 23:07:08 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1119603260-FRA
x-cache-hits: 1, 1

GET
H2 200 wpdiscuz-user-content.js Show response
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/js/ 9 KB
2 KB 24ms
22ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-user-content.js?ver=5.3.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99bc701e2dd0908c76f079564b7a98778af2cf5dbb0bb7ff8cc87b69d4ab2a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5141275
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-6j5jb
x-cache: HIT, HIT
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 077b5d3eb400003260ff961000000001
x-served-by: cache-mdw17334-MDW, cache-fra19121-FRA
last-modified: Thu, 05 Nov 2020 15:35:41 GMT
server: cloudflare
x-timer: S1604830004.310721,VS0,VE1
etag: W/"5fa41bcd-2372"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: 7e0ee8eb-1f85-11eb-bd65-8a04a199118e
expires: Sat, 06 Nov 2021 16:39:37 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1119623260-FRA
x-cache-hits: 1, 1

GET
H2 200 lity.js Show response
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/lity/ 19 KB
4 KB 23ms
22ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/lity/lity.js?ver=5.3.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860c952c98eed790191a723c489dfb93b8d9158980e68d18911d93f92bcc6caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 1693214
x-pantheon-styx-hostname: styx-fe3-b-5c894dd97d-fz4vp
x-cache: HIT, HIT
content-encoding: br
cf-request-id: 077b5d3eb500003260559ca000000001
x-served-by: cache-mdw17342-MDW, cache-fra19175-FRA
last-modified: Tue, 15 Dec 2020 13:25:54 GMT
server: cloudflare
x-timer: S1608278065.003507,VS0,VE1
etag: W/"5fd8b962-4d56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: 78937219-3f42-11eb-99d0-9afbea960d8d
expires: Fri, 17 Dec 2021 02:00:28 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1119633260-FRA
x-cache-hits: 1, 1

GET
H2 200 app.css
publicintegrity.org/wp-content/themes/cpi/dist/ 219 KB
26 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2c8db039a9e96f117cd42bafd2c1b2708bf1f6efe8de8833ee7898890a9bdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 19487
cf-polished: origSize=225619
x-pantheon-styx-hostname: styx-fe3-a-954f78b6-bcl7b
x-cache: HIT, MISS
cf-bgj: minify
content-encoding: br
cf-request-id: 077b5d3eb30000326059105000000001
x-served-by: cache-mdw17340-MDW, cache-fra19149-FRA
last-modified: Wed, 06 Jan 2021 15:22:09 GMT
server: cloudflare
x-timer: S1609951793.810424,VS0,VE113
etag: W/"5ff5d5a1-37153"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-styx-req-id: 086932c2-5033-11eb-a3c3-b6833862ebc0
expires: Fri, 07 Jan 2022 15:22:47 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1119563260-FRA
x-cache-hits: 1, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 24ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9H38CL

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32266558619419fe6909ffeef5001eccfc08bd54b716e229f80bf90540b40fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30414
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jan 2021 22:14:39 GMT

GET
H2 200 AP120628016632-900x900-c-default.jpg
publicintegrity.org/wp-content/uploads/2018/11/ 133 KB
133 KB 272ms
268ms Image
image/jpeg 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/uploads/2018/11/AP120628016632-900x900-c-default.jpg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d413bafd4cb030e40a3d44441367ff2be639ed89de0caab025587d0faf865db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-pantheon-styx-hostname: styx-fe3-b-5c894dd97d-2sw86
x-cache: MISS, MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 136236
cf-request-id: 077b5d3efc000032605910a000000001
x-served-by: cache-mdw17348-MDW, cache-fra19141-FRA
last-modified: Thu, 05 Nov 2020 16:29:56 GMT
server: cloudflare
x-timer: S1609971280.627895,VS0,VE242
etag: "5fa42884-2142c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-styx-req-id: 91bf8ce7-506c-11eb-a796-2ad032b387b1
expires: Fri, 07 Jan 2022 22:14:39 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb119a103260-FRA
x-cache-hits: 0, 0

GET
H2 200 Wendell.potter.jpg
publicintegrity.org/wp-content/uploads/2018/12/ 24 KB
24 KB 26ms
22ms Image
image/jpeg 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/uploads/2018/12/Wendell.potter.jpg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67be3937a139cf0964b9170af7f9322683fea7ed77f7c841693916e5b080dea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 104
cf-polished: status=not_needed
x-pantheon-styx-hostname: styx-fe3-a-556dd49586-596hr
x-cache: HIT, HIT
cf-bgj: imgq:100,h2pri
content-length: 24539
cf-request-id: 077b5d3efd00003260dda6f000000001
x-served-by: cache-mdw17374-MDW, cache-fra19142-FRA
last-modified: Thu, 05 Nov 2020 16:35:37 GMT
server: cloudflare
x-timer: S1609971175.321513,VS0,VE2
etag: "5fa429d9-5fdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: e108049b-28f3-11eb-b1d2-465b653d4551
expires: Thu, 18 Nov 2021 16:42:28 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb119a123260-FRA
x-cache-hits: 1, 1

GET
H2 200 danpage-CPI-FederalPoliticsFF2-350x350-c-default.jpg
publicintegrity.org/wp-content/uploads/2018/11/ 21 KB
22 KB 33ms
30ms Image
image/jpeg 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/uploads/2018/11/danpage-CPI-FederalPoliticsFF2-350x350-c-default.jpg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f79e59d8163c0cab881eeb70fdc84116af750b53bf1fc17dedb0c61ead1e7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 1754307
cf-polished: origSize=25391, status=webp_bigger
x-pantheon-styx-hostname: styx-fe3-a-556dd49586-596hr
x-cache: HIT, HIT
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21688
cf-request-id: 077b5d3efd000032600b040000000001
x-served-by: cache-mdw17350-MDW, cache-fra19121-FRA
last-modified: Thu, 05 Nov 2020 16:33:08 GMT
server: cloudflare
x-timer: S1608216972.228905,VS0,VE1
etag: "5fa42944-632f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: f09ca7d4-28f1-11eb-b1d2-465b653d4551
expires: Thu, 18 Nov 2021 16:28:35 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb119a163260-FRA
x-cache-hits: 1, 1

GET
H2 200 danpage-CPI-EnvironmentFF2-350x350-c-default.jpg
publicintegrity.org/wp-content/uploads/2018/11/ 15 KB
16 KB 17ms
15ms Image
image/jpeg 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/uploads/2018/11/danpage-CPI-EnvironmentFF2-350x350-c-default.jpg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933925e4c672e7e63ec1eca6f48ffa0eb16fa9b49a30c61fed41a28e059b72d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5070132
cf-polished: origSize=19038, status=webp_bigger
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-rcfdq
x-cache: HIT, HIT
cf-bgj: imgq:100,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15687
cf-request-id: 077b5d3efd000032604abef000000001
x-served-by: cache-mdw17353-MDW, cache-fra19145-FRA
last-modified: Thu, 05 Nov 2020 16:33:08 GMT
server: cloudflare
x-timer: S1604901148.547666,VS0,VE0
etag: "5fa42944-4a5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: dbd24673-1f8b-11eb-8f5a-a6a25bb8acf9
expires: Sat, 06 Nov 2021 17:25:11 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb119a183260-FRA
x-cache-hits: 1, 2

GET
H2 200 danpage-CPI-BusinessFF2-350x350-c-default.jpg
publicintegrity.org/wp-content/uploads/2018/11/ 27 KB
28 KB 19ms
16ms Image
image/jpeg 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/uploads/2018/11/danpage-CPI-BusinessFF2-350x350-c-default.jpg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

238d52ca2d2a6f0ee24c78b8a7a3aa662d3e5aab23907aa4d779320d89e7a2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 1785673
cf-polished: origSize=32183, status=webp_bigger
x-pantheon-styx-hostname: styx-fe3-a-954f78b6-l588g
x-cache: HIT, HIT
cf-bgj: imgq:100,h2pri
content-length: 28012
cf-request-id: 077b5d3efe0000326051953000000001
x-served-by: cache-mdw17330-MDW, cache-fra19146-FRA
last-modified: Thu, 05 Nov 2020 16:33:03 GMT
server: cloudflare
x-timer: S1608185607.864919,VS0,VE2
etag: "5fa4293f-7db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: 54ee2f0a-2a3b-11eb-8e52-ee73f3233dea
expires: Sat, 20 Nov 2021 07:46:28 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb119a193260-FRA
x-cache-hits: 1, 1

GET
H2 200 AP_20048560093596-350x350-c-default.jpg
publicintegrity.org/wp-content/uploads/2020/03/ 29 KB
30 KB 19ms
17ms Image
image/jpeg 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/uploads/2020/03/AP_20048560093596-350x350-c-default.jpg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4ef8ce6d1e708e9f250f18a71a2368c1622d2ade21ad88d36130ba8ac89219

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5385874
cf-polished: origSize=31516, status=webp_bigger
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-h85ct
x-cache: HIT, HIT
cf-bgj: imgq:100,h2pri
content-length: 30204
cf-request-id: 077b5d3efe00003260003e5000000001
x-served-by: cache-mdw17369-MDW, cache-fra19172-FRA
last-modified: Wed, 25 Mar 2020 16:55:03 GMT
server: cloudflare
x-timer: S1604585406.513262,VS0,VE1
etag: "5e7b8ce7-7b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: f7ca7cc6-1f6e-11eb-9640-865f4f66a905
expires: Sat, 06 Nov 2021 13:58:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb119a1b3260-FRA
x-cache-hits: 1, 1

GET
H2 200 danpage-CPI-NationalSecurityFF3-350x350-c-default.jpg
publicintegrity.org/wp-content/uploads/2018/11/ 24 KB
25 KB 20ms
18ms Image
image/jpeg 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/uploads/2018/11/danpage-CPI-NationalSecurityFF3-350x350-c-default.jpg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

018a3f493cbeaf078d77b07734780fdaa38b1769425a936c06d446784b22d1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5337745
cf-polished: origSize=29199, status=webp_bigger
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-h85ct
x-cache: HIT, HIT
cf-bgj: imgq:100,h2pri
content-length: 25006
cf-request-id: 077b5d3efe00003260e20df000000001
x-served-by: cache-mdw17337-MDW, cache-fra19142-FRA
last-modified: Thu, 05 Nov 2020 16:33:07 GMT
server: cloudflare
x-timer: S1604633534.332972,VS0,VE1
etag: "5fa42943-720f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
x-styx-req-id: f2680f67-1f8b-11eb-9640-865f4f66a905
expires: Sat, 06 Nov 2021 17:25:49 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb119a1c3260-FRA
x-cache-hits: 1, 1

GET
H2 200 default-tz-image.svg
publicintegrity.org/wp-content/themes/cpi/static/img/ 1 KB
853 B 31ms
29ms Image
image/svg+xml 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/img/default-tz-image.svg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fd4e217e92fd62cee98ad252afb74a69c4d8e1b6f44d8efa598b59a1a99222d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5385875
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-4g68v
x-cache: HIT, HIT
content-encoding: br
cf-request-id: 077b5d3efe000032603f95a000000001
x-served-by: cache-mdw17333-MDW, cache-fra19166-FRA
last-modified: Thu, 05 Nov 2020 06:06:04 GMT
server: cloudflare
x-timer: S1604585405.744628,VS0,VE1
etag: W/"5fa3964c-540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 13:58:21 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb119a1d3260-FRA
x-styx-req-id: f7354c8a-1f6e-11eb-87e4-8e589cac6792
x-cache-hits: 1, 1

GET
H2 200 jquery.form.min.js Show response
publicintegrity.org/wp-includes/js/jquery/ 16 KB
6 KB 17ms
17ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-includes/js/jquery/jquery.form.min.js?ver=4.2.1

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b20c7f4231183b11371d9122369cd5a961ee58a5372cd9f841da82b73ddb0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5330599
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-df2n6
x-cache: HIT, HIT
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 077b5d3ede000032604abed000000001
x-served-by: cache-mdw17355-MDW, cache-fra19123-FRA
last-modified: Thu, 05 Nov 2020 15:35:31 GMT
server: cloudflare
x-timer: S1604640681.517920,VS0,VE1
etag: W/"5fa41bc3-3f41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: 81ec2ef6-1f85-11eb-a229-2a0e1fa9899e
expires: Sat, 06 Nov 2021 16:39:43 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1169c13260-FRA
x-cache-hits: 1, 1

GET
H2 200 manifest.js Show response
publicintegrity.org/wp-content/themes/cpi/dist/ 1 KB
1021 B 21ms
21ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/dist/manifest.js?ver=0.6

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269ed4d3efe0f542c5ddefd933c5e4743bb19b663cb3e4c6f1db9a9e8c60ec30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 1785673
x-pantheon-styx-hostname: styx-fe3-a-954f78b6-6prp9
x-cache: MISS, MISS
content-encoding: br
cf-request-id: 077b5d3ef0000032602d249000000001
x-served-by: cache-mdw17330-MDW, cache-fra19149-FRA
last-modified: Thu, 17 Dec 2020 05:53:26 GMT
server: cloudflare
x-timer: S1608185606.206706,VS0,VE124
etag: W/"5fdaf256-5eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: f972dc43-402e-11eb-ac6a-ea9ee683f68f
expires: Sat, 18 Dec 2021 06:13:26 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb1179f33260-FRA
x-cache-hits: 0, 0

GET
H2 200 vendor.js Show response
publicintegrity.org/wp-content/themes/cpi/dist/dist/ 366 KB
101 KB 45ms
41ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/dist/dist/vendor.js?ver=0.6

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6a70354161e8a82a361c8a4f2121e78608513b00a00bc1ed9717d673b0b9ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5075411
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-s5jpt
x-cache: HIT, HIT
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 077b5d3efb00003260f222e000000001
x-served-by: cache-mdw17324-MDW, cache-fra19176-FRA
last-modified: Thu, 05 Nov 2020 15:35:32 GMT
server: cloudflare
x-timer: S1604895869.560605,VS0,VE1
etag: W/"5fa41bc4-5b94c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: 6ca1cb9d-1f87-11eb-bd57-86cb2a3f9c7d
expires: Sat, 06 Nov 2021 16:53:26 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb119a0b3260-FRA
x-cache-hits: 6, 1

GET
H2 200 app.js Show response
publicintegrity.org/wp-content/themes/cpi/dist/dist/ 208 KB
59 KB 46ms
42ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/dist/dist/app.js?ver=0.6

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94cb6362ce3f506777d76ce2c4e8cf141b794b3035aff5f99b5ec53921f4914

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 1785673
x-pantheon-styx-hostname: styx-fe3-b-5c894dd97d-6hjh4
x-cache: HIT, HIT
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 077b5d3efc000032601795e000000001
x-served-by: cache-mdw17360-MDW, cache-fra19168-FRA
last-modified: Mon, 30 Nov 2020 02:41:39 GMT
server: cloudflare
x-timer: S1608185606.208820,VS0,VE2
etag: W/"5fc45be3-33efd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: 3d6963d1-32e2-11eb-9235-2eaf8afc885a
expires: Wed, 01 Dec 2021 08:01:23 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb119a0d3260-FRA
x-cache-hits: 1, 1

GET
H2 200 helper.js Show response
publicintegrity.org/wp-content/plugins/optinmonster/assets/js/ 643 B
625 B 32ms
28ms Script
application/x-javascript 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/optinmonster/assets/js/helper.js?ver=1.9.15

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42a389187b9d6d9e53bd9534e0f00a3ed9a2dac4cb33419bad0d55660def192

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 5156720
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-df2n6
x-cache: HIT, HIT
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 077b5d3efc000032600abaa000000001
x-served-by: cache-mdw17336-MDW, cache-fra19149-FRA
last-modified: Thu, 05 Nov 2020 15:35:21 GMT
server: cloudflare
x-timer: S1604814559.075312,VS0,VE1
etag: W/"5fa41bb9-283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
x-styx-req-id: f2264314-1f85-11eb-a229-2a0e1fa9899e
expires: Sat, 06 Nov 2021 16:42:51 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb119a0f3260-FRA
x-cache-hits: 1, 1

GET
H2 200 cpi-glyph-white.svg
publicintegrity.org/wp-content/themes/cpi/static/img/ 1 KB
767 B 17ms
17ms Image
image/svg+xml 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/img/cpi-glyph-white.svg

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f54348ee3efc0c52fe1011ec05eab29b9a4ae99a18498a5decef00998c636c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: HIT
age: 1716041
x-pantheon-styx-hostname: styx-fe3-b-588df45758-52bg9
x-cache: HIT, HIT
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 077b5d3f09000032604abf0000000001
x-served-by: cache-mdw17369-MDW, cache-fra19158-FRA
last-modified: Tue, 17 Nov 2020 16:23:22 GMT
server: cloudflare
x-timer: S1608255239.516184,VS0,VE0
etag: W/"5fb3f8fa-4da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
expires: Thu, 18 Nov 2021 17:03:40 GMT
cache-control: max-age=31622400
cf-ray: 60d8cb11aa443260-FRA
x-styx-req-id: d75d74e9-28f6-11eb-8142-56c5923aba1c
x-cache-hits: 1, 21

GET
H2 200 Druk-Medium-Web.woff2
publicintegrity.org/wp-content/themes/cpi/static/fonts/druk/ 28 KB
28 KB 25ms
19ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/druk/Druk-Medium-Web.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d4d05a42d60533fe2a18a54d12b41d3019c9c5e4ad4230e19ac077ada2185d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5385818
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-nthbk
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 28797
cf-request-id: 077b5d3f0e00003260420e4000000001
x-served-by: cache-mdw17340-MDW, cache-fra19173-FRA
last-modified: Thu, 05 Nov 2020 06:05:52 GMT
server: cloudflare
x-timer: S1604585461.262991,VS0,VE1
etag: "5fa39640-707d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 13:58:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11aa4e3260-FRA
x-styx-req-id: f76d341a-1f6e-11eb-a266-8ef7621c9487
x-cache-hits: 1, 1

GET
H2 200 MaisonNeue-Demi.woff2
publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/ 29 KB
29 KB 19ms
13ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/MaisonNeue-Demi.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

498f504e7ef1b3e4be35d03f8ce86c3117e21be5d8cabdd42d8368b013f212ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5385809
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-df2n6
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29297
cf-request-id: 077b5d3f0e000032602987b000000001
x-served-by: cache-mdw17361-MDW, cache-fra19130-FRA
last-modified: Thu, 05 Nov 2020 06:05:53 GMT
server: cloudflare
x-timer: S1604585470.342937,VS0,VE2
etag: "5fa39641-7271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 13:58:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11aa4f3260-FRA
x-styx-req-id: f765b784-1f6e-11eb-a229-2a0e1fa9899e
x-cache-hits: 1, 1

GET
H2 200 larish_neue_semibold.woff2
publicintegrity.org/wp-content/themes/cpi/static/fonts/larishneue/ 32 KB
32 KB 23ms
17ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/larishneue/larish_neue_semibold.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d41914cfcfc6577d3c0f74f546a39048247c8bfbb9464b5372d9732df76e206

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5156722
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-s5jpt
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 32492
cf-request-id: 077b5d3f0f00003260f52e0000000001
x-served-by: cache-mdw17380-MDW, cache-fra19121-FRA
last-modified: Thu, 05 Nov 2020 15:35:29 GMT
server: cloudflare
x-timer: S1604814558.651623,VS0,VE1
etag: "5fa41bc1-7eec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 16:53:27 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11aa523260-FRA
x-styx-req-id: 6cef1d19-1f87-11eb-bd57-86cb2a3f9c7d
x-cache-hits: 1, 1

GET
H2 200 MaisonNeue-Book.woff2
publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/ 29 KB
29 KB 27ms
21ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/MaisonNeue-Book.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c092fe5e69b7725027f624121f3b218b44cae8b341fcc35933b02017b85cda69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5385818
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-s5jpt
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 29561
cf-request-id: 077b5d3f100000326047a50000000001
x-served-by: cache-mdw17333-MDW, cache-fra19137-FRA
last-modified: Thu, 05 Nov 2020 06:05:51 GMT
server: cloudflare
x-timer: S1604585461.258578,VS0,VE1
etag: "5fa3963f-7379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 13:57:48 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11ba553260-FRA
x-styx-req-id: e32c78e0-1f6e-11eb-bd57-86cb2a3f9c7d
x-cache-hits: 1, 1

GET
H2 200 MaisonNeue-Medium.woff2
publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/ 29 KB
29 KB 30ms
24ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/MaisonNeue-Medium.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e97e83ef7e379dfe0e0b5229d09289b0ee5f06b555513c1466dc0b0f4fc65fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 4997316
x-pantheon-styx-hostname: styx-fe3-b-6776458c68-df2n6
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 29701
cf-request-id: 077b5d3f1000003260edb28000000001
x-served-by: cache-mdw17324-MDW, cache-fra19148-FRA
last-modified: Thu, 05 Nov 2020 15:35:29 GMT
server: cloudflare
x-timer: S1604973963.388597,VS0,VE1
etag: "5fa41bc1-7405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 16:53:27 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11ba583260-FRA
x-styx-req-id: 6cf34de9-1f87-11eb-a229-2a0e1fa9899e
x-cache-hits: 2, 38

GET
H2 200 MaisonNeue-BookItalic.woff2
publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/ 30 KB
30 KB 23ms
17ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/MaisonNeue-BookItalic.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

007643407147c2a76f3ac080813f78b19780dd599a35e1629d36670b948f9206

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5385809
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-4g68v
x-cache: HIT, MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 30265
cf-request-id: 077b5d3f1000003260158a9000000001
x-served-by: cache-mdw17349-MDW, cache-fra19162-FRA
last-modified: Thu, 05 Nov 2020 06:05:52 GMT
server: cloudflare
x-timer: S1604585470.428947,VS0,VE119
etag: "5fa39640-7639"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 13:58:22 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11ba5a3260-FRA
x-styx-req-id: f76f86b5-1f6e-11eb-87e4-8e589cac6792
x-cache-hits: 1, 0

GET
H2 200 MaisonNeue-DemiItalic.woff2
publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/ 30 KB
30 KB 25ms
20ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/maisonneue/MaisonNeue-DemiItalic.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779e560330b5eab5837ff7f4f2be7a7647157625126edf3e50e78d258b7ceb79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 358340
x-pantheon-styx-hostname: styx-fe3-a-954f78b6-6prp9
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30685
cf-request-id: 077b5d3f1100003260f8b96000000001
x-served-by: cache-mdw17356-MDW, cache-fra19145-FRA
last-modified: Sun, 13 Dec 2020 17:25:44 GMT
server: cloudflare
x-timer: S1609612939.063923,VS0,VE2
etag: "5fd64e98-77dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 15 Dec 2021 07:55:31 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11ba5c3260-FRA
x-styx-req-id: bd46af6d-3de1-11eb-ac6a-ea9ee683f68f
x-cache-hits: 16, 1

GET
H2 200 fa-regular-400.woff2
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/webfonts/ 12 KB
12 KB 21ms
17ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/webfonts/fa-regular-400.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/css/fontawesome-all.min.css?ver=5.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32532bb1068f7fc433a323cc732f995b9e91116c91dffa31696623510df8254e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/css/fontawesome-all.min.css?ver=5.3.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 1776556
x-pantheon-styx-hostname: styx-fe3-a-954f78b6-d4rlj
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 12188
cf-request-id: 077b5d3f11000032605910b000000001
x-served-by: cache-mdw17379-MDW, cache-fra19133-FRA
last-modified: Thu, 19 Nov 2020 07:15:00 GMT
server: cloudflare
x-timer: S1608194723.270755,VS0,VE14
etag: "5fb61b74-2f9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 20 Nov 2021 07:51:16 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11ba603260-FRA
x-styx-req-id: 010aa272-2a3c-11eb-bcde-4297d533c037
x-cache-hits: 1, 1

GET
H2 200 fa-solid-900.woff2
publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/webfonts/ 44 KB
44 KB 23ms
19ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/webfonts/fa-solid-900.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/css/fontawesome-all.min.css?ver=5.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.0.6/css/fontawesome-all.min.css?ver=5.3.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 5255731
x-pantheon-styx-hostname: styx-fe3-a-d687769c6-4g68v
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 45132
cf-request-id: 077b5d3f12000032601ba13000000001
x-served-by: cache-mdw17382-MDW, cache-fra19131-FRA
last-modified: Thu, 05 Nov 2020 15:35:35 GMT
server: cloudflare
x-timer: S1604715549.510820,VS0,VE2
etag: "5fa41bc7-b04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 16:39:43 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11ba613260-FRA
x-styx-req-id: 821abfc3-1f85-11eb-87e4-8e589cac6792
x-cache-hits: 2, 1

GET
H2 200 larish_neue_semibold_italic.woff2
publicintegrity.org/wp-content/themes/cpi/static/fonts/larishneue/ 33 KB
34 KB 24ms
19ms Font
font/woff2 2606:4700:10::ac43:13c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publicintegrity.org/wp-content/themes/cpi/static/fonts/larishneue/larish_neue_semibold_italic.woff2

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:13c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6017b45e099ab408d43967ef3d8e8e42ca4d7e73e1a9ad8e3e48e22005196dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://publicintegrity.org
Referer: https://publicintegrity.org/wp-content/themes/cpi/dist/app.css?v=1609946540
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
age: 1692228
x-pantheon-styx-hostname: styx-fe3-a-556dd49586-596hr
x-cache: HIT, HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 34128
cf-request-id: 077b5d3f1200003260dd167000000001
x-served-by: cache-mdw17363-MDW, cache-fra19182-FRA
last-modified: Tue, 17 Nov 2020 16:23:24 GMT
server: cloudflare
x-timer: S1608279052.973823,VS0,VE2
etag: "5fb3f8fc-8550"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Thu, 18 Nov 2021 16:25:47 GMT
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 60d8cb11ba633260-FRA
x-styx-req-id: 8c715ccb-28f1-11eb-b1d2-465b653d4551
x-cache-hits: 1, 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: ZLLuN0TAiAbPiP+P7v5sQg0j6lMqxZyyfhc8VUcYRMeXztAK7nI/dA9XA3oRSjDyzuKL3k34zq+TNYgr1btu+g==
x-fb-trip-id: 1814657579
x-frame-options: DENY
date: Wed, 06 Jan 2021 22:14:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 213 KB
63 KB 149ms
48ms Script
application/javascript 23.111.11.71
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.71 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: b0454d31c0de4c8694905b35258e87891de3db315bd3d5a6358c6d2ebf54e78f

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 14:12:22 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 3B9338E3AC8CA67D
etag: W/"1720f715b00ddb01af8d77c7a579af80"
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31104000
x-amz-id-2: BKsUdv54C770jjP/fNjSHg+O+iQiNPATlYsE0OkLwgPV0VA9xBff2HzhC+nAGP9tIcy2mbF86aw=
expires: Sat, 01 Jan 2022 22:14:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9H38CL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3307
date: Wed, 06 Jan 2021 21:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 06 Jan 2021 23:19:32 GMT

GET
H2 200 395577280590996 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/395577280590996?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

798657808f44bd3f91773738fd6202983b70252bfd2c553ed8e61ae4762f19a4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70475
x-fb-rlafr: 0
pragma: public
x-fb-debug: LzI1r6XqkcnUpf8985x0w7+SUcYGqypMIffFmO+EalzVDIZ7q+dQH6hQCcFXNNQ7fjf6/qUKFQO4N1qraQgU+w==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 06 Jan 2021 22:14:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 895515163
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1291269956&t=pageview&_s=1&dl=https%3A%2F%2Fpublicintegrity.org%2Fhealth%2Fconsumers-getting-skinned-by-health-insurers%2F&ul=en-us&de=UTF-8&dt=Consumers%20getting%20%27skinned%27%20by%20health%20insurers%20%E2%80%93%20Center%20for%20Public%20Integrity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=2081671591&gjid=1078008289&cid=73962854.1609971280&tid=UA-3383794-4&_gid=1789819759.1609971280&_r=1&gtm=2wgbu0T9H38CL&z=608631853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 22:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://publicintegrity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 404 js
www.google-analytics.com/gtm/ 0
0 15ms
15ms Script
text/html 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/gtm/js?id=GTM-TLB5Z9K&t=gtag_UA_3383794_4&cid=73962854.1609971280
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=395577280590996&ev=PageView&dl=https%3A%2F%2Fpublicintegrity.org%2Fhealth%2Fconsumers-getting-skinned-by-health-insurers%2F&rl=&if=false&ts=1609971279996&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1609971279995.257306022&it=1609971279933&coo=false&rqm=GET

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 06 Jan 2021 22:14:39 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-3383794-4&cid=73962854.1609971280&jid=2081671591&gjid=1078008289&_gid=1789819759.1609971280&_u=YEBAAEACQAAAAC~&z=1043981828

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Jan 2021 22:14:40 GMT
content-type: text/plain
access-control-allow-origin: https://publicintegrity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3383794-4&cid=73962854.1609971280&jid=2081671591&_u=YEBAAEACQAAAAC~&z=824270494

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 22:14:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3383794-4&cid=73962854.1609971280&jid=2081671591&_u=YEBAAEACQAAAAC~&z=824270494

Requested by

Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 22:14:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 llwkhpqe8iptjq7v5ahx Show response
api.omappapi.com/v2/embed/57158/ 5 KB
2 KB 316ms
163ms XHR
application/json 13.224.94.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/57158/llwkhpqe8iptjq7v5ahx
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-104.zrh50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 4f22c7022c4f401a7fff133a37b5f937816ea4b7e474192215bdd0da8833d7dd

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:40 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: ZRH50-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: llwkhpqe8iptjq7v5ahx
x-user-agent: standard--
last-modified: Tue, 05 Jan 2021 19:38:32 GMT
server: Pagely Gateway/1.5.1
etag: W/"c434f31fb75e3bec569b085ae72f3234"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
access-control-allow-origin: *
x-amz-cf-id: b0Ikia-4xfruEyJdDOE-r6xKnUUgoKvCE1Lt9dTAKImeaIFiZfQaQA==

GET
H2 200 b4udnf9qrcbnkgseal0w Show response
api.omappapi.com/v2/embed/57158/ 5 KB
2 KB 314ms
163ms XHR
application/json 13.224.94.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/57158/b4udnf9qrcbnkgseal0w
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-104.zrh50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: aa2ae91cea2ea3b5cb9a46b555a75e72e688a86b48126b6f1b75a6d5c01d3f13

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:40 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: ZRH50-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-campaign: b4udnf9qrcbnkgseal0w
x-user-agent: standard--
last-modified: Tue, 05 Jan 2021 21:29:36 GMT
server: Pagely Gateway/1.5.1
etag: W/"87e71048657de46de2e0266cbc1dd24b"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
access-control-allow-origin: *
x-amz-cf-id: uaFdPKgQbY5wnG9j7Ex5sLOrRhnEKYl4RrwJ-Hj9oSS2OBeWwcSn9A==

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 143ms
45ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:40 GMT
content-encoding: gzip
x-amz-request-id: DCAF92F89A2CA027
x-cache: HIT
content-length: 10624
x-amz-id-2: TRHerhVqdOKsza8E2v00gPT2CAbWzfpInLOFmUaGEwIXQEnp+g+VCzJEiqRyaVzOv5v636FnSaM=
x-served-by: cache-fra19137-FRA
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1609971280.178655,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7310

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 40ms
13ms Script
application/x-javascript 2600:9000:2190:f200:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: publicintegrity.org
URL: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:f200:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 21:20:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 03:23:55 GMT
server: nginx
age: 3273
etag: W/"5f866f4b-8e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: EODkJFrU6aVgsIKOC59LxyYwEnX_IjwBDZoEGE8giJBWvj-9wD_9_Q==
expires: Wed, 06 Jan 2021 23:20:07 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 410ms
136ms Image
image/gif 3.232.164.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=publicintegrity.org&p=%2Fhealth%2Fconsumers-getting-skinned-by-health-insurers%2F&u=DLKsYqBGeHwO7BdjB&d=publicintegrity.org&g=2241&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5768&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1540&t=B98eKhB3w1oHCnHcwiCs2Z7dBp1mZE&V=121&i=Consumers%20getting%20%27skinned%27%20by%20health%20insurers%20%E2%80%93%20Center%20for%20Public%20Integrity&tz=-60&sn=1&sv=CAMzHmg8jg0CEHCTaCTVJH3CE1tiK&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.164.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-164-179.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jan 2021 22:14:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK d08fe8fc62 Show response
bam-cell.nr-data.net/1/ 57 B
643 B 378ms
268ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/d08fe8fc62?a=210045416&v=1184.ab39b52&to=MQEGYkNUVhcFBUxQWAhLJVVFXFcKSxVRV1AKAQ%3D%3D&rst=1706&ck=1&ref=https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/&ap=442&be=1023&fe=1540&dc=1365&perf=%7B%22timing%22:%7B%22of%22:1609971278519,%22n%22:0,%22r%22:0,%22re%22:352,%22f%22:352,%22dn%22:352,%22dne%22:352,%22c%22:352,%22ce%22:352,%22rq%22:353,%22rp%22:991,%22rpe%22:998,%22dl%22:1017,%22di%22:1365,%22ds%22:1365,%22de%22:1369,%22dc%22:1540,%22l%22:1540,%22le%22:1540%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1308&fcp=1308&at=HUYFFAtORRk%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 22:14:40 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 60d8cb164c311ede-AMS
cf-request-id: 077b5d41e900001ede80959000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 51ms
51ms Script
application/javascript 23.111.11.71
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.71 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 22:14:40 GMT
content-encoding: gzip
last-modified: Mon, 28 Sep 2020 20:09:04 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 150598F21615D8E3
etag: W/"593e60ad549e46f8ca9a60755336c7df"
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31104000
x-amz-id-2: VS6jMyDYuGBSrs+kNu57QzslaALXrQeZVXyTbUrxnBJDHMl2ha905GMwrhcN+OK/SgstnnHWXLg=
expires: Sat, 01 Jan 2022 22:14:40 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
74 B 6ms
5ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryxsD7J9T7dGhxpkaI

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 06 Jan 2021 22:14:40 GMT
content-type: text/plain
access-control-allow-origin: https://publicintegrity.org
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H/1.1 200
OK d08fe8fc62 Show response
bam-cell.nr-data.net/events/1/ 24 B
495 B 269ms
269ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/d08fe8fc62?a=210045416&v=1184.ab39b52&to=MQEGYkNUVhcFBUxQWAhLJVVFXFcKSxVRV1AKAQ%3D%3D&rst=11706&ck=1&ref=https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://publicintegrity.org/health/consumers-getting-skinned-by-health-insurers/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 06 Jan 2021 22:14:50 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://publicintegrity.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 60d8cb540e5a1ede-AMS
Content-Length: 24
cf-request-id: 077b5d688900001ede80897000000001

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
publicintegrity.org/	1970-01-19 15:12:53	Name: _cb_svref Value: null
.publicintegrity.org/	1970-01-19 15:14:17	Name: _gid Value: GA1.2.1789819759.1609971280
publicintegrity.org/	1970-01-20 00:41:39	Name: _chartbeat2 Value: .1609971280106.1609971280106.1.CAMzHmg8jg0CEHCTaCTVJH3CE1tiK.1
publicintegrity.org/	1970-01-20 00:41:39	Name: _cb Value: DLKsYqBGeHwO7BdjB
.publicintegrity.org/	1970-01-19 15:56:03	Name: __cfduid Value: d449a7405cacf11bfca71c4769c2007ed1609971278
publicintegrity.org/	1970-01-20 00:41:39	Name: _cb_ls Value: 1
publicintegrity.org/	1970-01-23 15:11:24	Name: _omappvp Value: TkFFy1CxVB3TrF2CowoXKfVNqnrB88GDo0ZhIKauay6jSRk9n2riPuSXxcHe7wBiFAmJFSDTOkknXrT0bZk781bqzgGA0ygz
publicintegrity.org/	1970-01-19 15:12:51	Name: _omappvs Value: 1609971280050
.publicintegrity.org/	1970-01-19 17:22:27	Name: _fbp Value: fb.1.1609971279995.257306022
.publicintegrity.org/	1970-01-19 15:12:51	Name: _gat_UA-3383794-4 Value: 1
.publicintegrity.org/	1969-12-31 23:59:59	Name: SSESSd2a4d3e5e85a7694890cc82203db548c Value: 8f8ba3c0db794d358b9b09e2bc2c4de2
.publicintegrity.org/	1970-01-20 08:44:03	Name: _ga Value: GA1.2.73962854.1609971280

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
api.omappapi.com
bam-cell.nr-data.net
connect.facebook.net
js-agent.newrelic.com
ping.chartbeat.net
publicintegrity.org
static.chartbeat.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.94.104
151.101.14.110
162.247.243.147
23.111.11.71
2600:9000:2190:f200:18:1fcd:34e:d2a1
2606:4700:10::ac43:13c5
2a00:1450:4001:802::2004
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.232.164.179
007643407147c2a76f3ac080813f78b19780dd599a35e1629d36670b948f9206
018a3f493cbeaf078d77b07734780fdaa38b1769425a936c06d446784b22d1f6
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e97e83ef7e379dfe0e0b5229d09289b0ee5f06b555513c1466dc0b0f4fc65fa
238d52ca2d2a6f0ee24c78b8a7a3aa662d3e5aab23907aa4d779320d89e7a2e3
269ed4d3efe0f542c5ddefd933c5e4743bb19b663cb3e4c6f1db9a9e8c60ec30
2d6a70354161e8a82a361c8a4f2121e78608513b00a00bc1ed9717d673b0b9ca
32266558619419fe6909ffeef5001eccfc08bd54b716e229f80bf90540b40fc7
32532bb1068f7fc433a323cc732f995b9e91116c91dffa31696623510df8254e
3b20c7f4231183b11371d9122369cd5a961ee58a5372cd9f841da82b73ddb0be
3d41914cfcfc6577d3c0f74f546a39048247c8bfbb9464b5372d9732df76e206
498f504e7ef1b3e4be35d03f8ce86c3117e21be5d8cabdd42d8368b013f212ca
4dc9f03172e24876a7e0a2c6b93da219f33020f68978199551565bb747a42817
4f22c7022c4f401a7fff133a37b5f937816ea4b7e474192215bdd0da8833d7dd
5a4ef8ce6d1e708e9f250f18a71a2368c1622d2ade21ad88d36130ba8ac89219
5b6f4b5499ec6843177aa0bb72c837610cb57aa338b79d1fb8784427b95ff16f
6017b45e099ab408d43967ef3d8e8e42ca4d7e73e1a9ad8e3e48e22005196dcb
67be3937a139cf0964b9170af7f9322683fea7ed77f7c841693916e5b080dea7
779e560330b5eab5837ff7f4f2be7a7647157625126edf3e50e78d258b7ceb79
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
798657808f44bd3f91773738fd6202983b70252bfd2c553ed8e61ae4762f19a4
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10
7f79e59d8163c0cab881eeb70fdc84116af750b53bf1fc17dedb0c61ead1e7a5
7fd4e217e92fd62cee98ad252afb74a69c4d8e1b6f44d8efa598b59a1a99222d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860c952c98eed790191a723c489dfb93b8d9158980e68d18911d93f92bcc6caa
933925e4c672e7e63ec1eca6f48ffa0eb16fa9b49a30c61fed41a28e059b72d9
99bc701e2dd0908c76f079564b7a98778af2cf5dbb0bb7ff8cc87b69d4ab2a39
9b55b048a6379c301a3f7644a1a53d500c87657e4ec633201a5666ed880b0d30
9be0be8ad90f51052e1d6719117f66398f7070960ef0f62e16b2108901ffdaeb
9d413bafd4cb030e40a3d44441367ff2be639ed89de0caab025587d0faf865db
a031ff29ec165a009a5eeaac46f0e5adab79824d2a754dd437981d0c72282dcc
aa2ae91cea2ea3b5cb9a46b555a75e72e688a86b48126b6f1b75a6d5c01d3f13
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
b0454d31c0de4c8694905b35258e87891de3db315bd3d5a6358c6d2ebf54e78f
b6a8a33a4ef6f6efd41ec284a8a23c03d9535ad0db89de9e54f98f37ff0610f4
c092fe5e69b7725027f624121f3b218b44cae8b341fcc35933b02017b85cda69
c408b0c662aea2f45bff5967f61c5ad101981f6716a045944f53707f131d8444
c42a389187b9d6d9e53bd9534e0f00a3ed9a2dac4cb33419bad0d55660def192
c92c0547caea11ebbe6c0d8bb6c3ffbc83e33c4d9ea7811372c8209c15f4dc62
c98e3052b652ac40e8515fff7b8e33911c7da68b2bca0e0968c74a4ccf01892c
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3
d94cb6362ce3f506777d76ce2c4e8cf141b794b3035aff5f99b5ec53921f4914
dbff06b8c2e7208119f598175295f302fa601e5eb47f1ecf79e2ccdef6da23a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e48e4b9f07205bc202a3f7a3a624413248e4c849a405308de5517d28b8b6d8b9
e5d4d05a42d60533fe2a18a54d12b41d3019c9c5e4ad4230e19ac077ada2185d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c8db039a9e96f117cd42bafd2c1b2708bf1f6efe8de8833ee7898890a9bdb6
f54348ee3efc0c52fe1011ec05eab29b9a4ae99a18498a5decef00998c636c51
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

publicintegrity.org Open in urlscan Pro 2606:4700:10::ac43:13c5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

64 %IPv6

13 Domains

14 Subdomains

14 IPs

4 Countries

1265 kBTransfer

2770 kBSize

12 Cookies

10 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

publicintegrity.org Open in urlscan Pro
2606:4700:10::ac43:13c5 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

14
Subdomains

14
IPs

4
Countries

1265 kB
Transfer

2770 kB
Size

12
Cookies

59 HTTP transactions
0 data transactions