londonambulance.nhs.uk

.uk crawl

First seen 2026-04-26 · Last seen 2026-05-20 · ok HTTP/1.1 200 947 ms crawled 2026-05-19

US · 104.17.0.6 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: Home - London Ambulance Service NHS Trust
Description: London Ambulance Service are the capital's emergency and urgent care responders. We respond to emergency 999 and 111 calls, getting medical help to patients who have serious or life-threatening injuries or illnesses as quickly as possible.
Language: en
Generator: WordPress 6.9.4
Canonical: https://www.londonambulance.nhs.uk/

Open Graph

url: https://www.londonambulance.nhs.uk/
title: Home - London Ambulance Service NHS Trust
locale: en_GB
site name: London Ambulance Service NHS Trust
description: London Ambulance Service are the capital's emergency and urgent care responders. We respond to emergency 999 and 111 calls, getting medical help to patients who have serious or life-threatening injuries or illnesses as quickly as possible.

Technology

CDN: Cloudflare
CMS: WordPress 6.9.4
jQuery: 3.7.1

Analytics

Google Tag Manager

Third-party hosts loaded (3)

cdnjs.cloudflare.com×3
translate.google.com×1
www.googletagmanager.com×1

Social

DNS records live

NS

aria.ns.cloudflare.com
frank.ns.cloudflare.com

MX

10 prefilter.emailsecurity.trendmicro.eu

Verified for

Apple
GlobalSign
Microsoft 365

Email authentication strong

SPF: v=spf1 include:_spf.nhs.net ~all
softfail (~all)
DMARC: v=DMARC1; p=quarantine; rua=mailto:53ef246896244e0cbc51f238f25e6679@dmarc-reports.cloudflare.net,mailto:cyber.alerts1@nhs.net; ruf=mailto:cyber.alerts1@nhs.net,mailto:8376428f@forensics.dmarc-report.com
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

GlobalSign RSA OV SSL CA 2018

from 2025-11-18 to 2026-12-20

Expires in 213 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.londonambulance.nhs.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://translate-pa.googleapis.com https://translate.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://translate.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/ https://www.gstatic.com/; object-src 'none'; base-uri 'self'; connect-src 'self' https://www.google-analytics.com https://region1.google-analytics.com https://translate.googleapis.com https://stats.g.doubleclick.net https://translate-pa.googleapis.com; font-src 'self'; frame-src 'self' https://www.youtube.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; frame-ancestors 'self'; form-action 'self'; img-src 'self' data: https://www.google-analytics.com https://fonts.gstatic.com https://www.gstatic.com https://translate.googleapis.com https://www.cqc.org.uk https://www.goog
strict-transport-security: max-age=63072000; includeSubDomains; preload