newcastle-hospitals.nhs.uk

HTML metadata

Technology

CDN

Cloudflare

CMS

WordPress

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• cc.cdn.civiccomputing.com×2
• www.google.com×2
• www.cqc.org.uk×1
• www.googletagmanager.com×1

Social

• facebook
• twitter
• instagram
• linkedin
• youtube

DNS records live

NS

• ns1.nhs.uk
• ns2.nhs.uk
• ns3.nhs.uk
• ns4.nhs.uk

Email authentication no MX

SPF

v=spf1 include:139511287.spf05.hubspotemail.net -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtseWH8gVnafNlIWN63GxbG608gLMx3lrvRq72poF/oF8/0llAqm+G+Di8jdPSQ74i0lufQ4RUHgpwW2qku…
• s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+K2CncdRav3c9w243n7HiSM4NBAPd69EQ+ahoRvAaOu5eBJ1smHtAH8/kg2zOBR8BRDbA9amB4W5rVP1iwNeVRl…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.newcastle-hospitals.nhs.uk/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (9)

• 111.nhs.uk×2
• facebook.com×2
• instagram.com×2
• linkedin.com×2
• mixd.co.uk×2
• newcastleprivatehealthcare.co.uk×2
• twitter.com×2
• www.nhs.uk×2
• youtube.com×2

Linked from (3)

• newcastleprivatehealthcare.co.uk×2
• mixd.co.uk×2
• jwmdrc.org×1