indexo.dev

neas.nhs.uk

.uk crawl

First seen 2026-04-26 · Last seen 2026-05-20 · ok HTTP/1.1 200 1477 ms crawled 2026-05-20

GB · 185.220.63.84 · AS61323 Ans Academy Limited

Reputation 100/100

Classifying

HTML metadata

Title
Home :: North East Ambulance Service
Language
en
Generator
Concrete CMS
Canonical
https://www.neas.nhs.uk/

Technology

Server
Apache
CMS
Drupal
Analytics
  • Google Tag Manager

Third-party hosts loaded (5)

  • cdnjs.cloudflare.com×2
  • api.reciteme.com×1
  • translate.google.com×1
  • www.cqc.org.uk×1
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • ns1.nhs.uk
  • ns2.nhs.uk
  • ns3.nhs.uk
  • ns4.nhs.uk
MX
  • 0 neas-nhs-uk.mail.protection.outlook.com
TXT
Show 7 TXT records
  • sophos-domain-verification=9158675c37a210961d8b6a6ed5e777e69c94a02a374320f7e73a30ec66adc494
  • v=TLSRPTv1; rua=mailto:tls-rua@mailcheck.service.ncsc.gov.uk,mailto:tlsrpt@in.mailhardener.com
  • dAtPW2Aye
  • 0cetol4s3o0k3d8t79bpe8ou
  • nslh4nt7iovgee3gf4m4hhhs2n
  • 438c8dff74d64833b5d420ebd135ea9e
  • MS=D7D02978ECD6A7C48DB09CAF5FC9D17FC23AF30F
Verified for
  • Apple
  • Cursor
  • Microsoft 365
  • Workplace

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:_spf.nhs.net -all
strict (-all)
DMARC
v=DMARC1;p=reject;rua=mailto:9fcd0036@in.mailhardener.com
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3YvaXv9WZ1im542i92H7uFUnBmr9+YwWmxjhuGrMvn3iGoj6mUX1Q8R3sn3vPIeJg8twntoFg2eTm…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9FPfHkK23P7HlHpowuaI46bjuZsjHFxeNVXns49fU2ltSyIrJg8mrJ6EhqMuUY58BAMB0PewTD7Mk9…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-01-26 to 2027-01-30
Expires in 254 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.neas.nhs.uk/

present
  • strict-transport-security
  • content-security-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' *.reciteme.com https://*.nhs.uk; frame-src 'self' itch.io *.office.com https://www.youtube-nocookie.com https://*.webspellchecker.net https://*.nhs.uk https://*.facebook.com https://*.youtube.com https://*.vimeo.com https://*.google.com https://*.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.reciteme.com https://cdnjs.cloudflare.com https://connect.facebook.net https://feeds.trac.jobs https://*.google-analytics.com https://*.googletagmanager.com https://*.webspellchecker.net https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.cqc.org.uk; font-src 'self' 'unsafe-inline' *.reciteme.com https://fonts.googleapis.com https://fonts.gstatic.com https://*.webspellchecker.net; style-src 'self' 'unsafe-inline' data: *.reciteme.com https://cdnjs.cloudflare.com https://feeds.trac.jobs https://*.googleapis.com https://*.gstatic.com https://*.cqc.org.uk https://*.webspellchecker.net; img-src * data:; object-src 'self' blob: https://*.n
strict-transport-security
max-age=31536000

Links to (6)

Linked from (1)