indexo.dev

nuffieldhealth.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-16 · ok HTTP/1.1 200 3980 ms crawled 2026-05-07

US · 172.66.139.116 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
How you feel tomorrow starts today | Nuffield Health
Description
As the UK's largest healthcare charity, Nuffield Health exists to build a healthier nation through our hospitals, fitness & wellbeing clubs, healthcare clinics and workplace wellbeing services.
Language
en
Canonical
https://www.nuffieldhealth.com/

Open Graph

url
https://www.nuffieldhealth.com/
title
How you feel tomorrow starts today | Nuffield Health
locale
en_GB
description
As the UK's largest healthcare charity, Nuffield Health exists to build a healthier nation through our hospitals, fitness & wellbeing clubs, healthcare clinics and workplace wellbeing services.

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager

Third-party hosts loaded (6)

  • maps.googleapis.com×2
  • www.googletagmanager.com×2
  • assets.adobedtm.com×1
  • cdn.optimizely.com×1
  • metrics.responsetap.com×1
  • widget.trustpilot.com×1

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2007-05-08
Expires
2027-05-08 354 days left
Updated
2026-05-04
Name servers
  • gail.ns.cloudflare.com
  • lynn.ns.cloudflare.com

DNS records live

NS
  • gail.ns.cloudflare.com
  • lynn.ns.cloudflare.com
MX
  • 100 nuffieldhealth-com.mail.protection.outlook.com
TXT
Show 33 TXT records
  • vltdou7g02aotn31omu7eqk7b7
  • _globalsign-domain-verification=ZuFbWUvJJ8t3ffasqzWy-GMaNMui-Doc9DBzegK89-
  • apple-domain-verification=y5kFrWKqS2BHlyuf
  • _globalsign-domain-verification=n1rEcz3erV4owezysoAmdfWdMBKGdLlrXbkvYL-wRu
  • amazonses:pSkcZtZqRjMlvgBqSK2bJ0z5DxxE87VoRbwT9bxjczQ=
  • vgngkp1kfqjn19y8nkx6wcgvwgv1lh8b
  • _14t5pwp7n4725kb3vh59wu7mmnrhcod
  • _globalsign-domain-verification=ws5y5kuOcQG0r7CxPsRe7YyUp2XrCIQy0bqAYZYOSY
  • new-relic-domain-verification=2c84318ba0b041c7aace03c714b18264
  • _globalsign-domain-verification=PpVlHv_EcFlCzU83YxHUN_uD4WHX-pAJG4SFFUdrLg
  • _globalsign-domain-verification=F8vGCE5BFCRZLJhdM5UohPynE_GcEqRWvQO3HJgbv2
  • browserstack-domain-verification=864b4bf4-9c4b-4303-8b3c-702fbdc3983a
  • _globalsign-domain-verification=gbQHnVyQmmkLMZfLp1wE_LLofokg5ojgFW-8HNG4lH
  • atlassian-domain-verification=2mwhFIkODJJryfF0X2HmBA3B/PmJiUw23WHuzhgDeNPiDiIO76hv66aQ2LPG/xth
  • apple-domain-verification=bdRDDBwdLhWqVSN1
  • 2G0f9o8AeKg+pjgTBA4YjqFEzA55PIRgxNJ6LJLXX8w=
  • 00Dw0000000lVoz=1TBSq00000000eL
  • amazonses:WMyHJgrEYQRq9WYEHukipDnxpowkwqyod091s7HtMFA=
  • tME+ildkCBiszZFGYX+zXO83qKV4wAjNkfteKBLamXo=
  • skj0lCuTXfTeTjD+QJJ6MgnJpEg246Sa/c7pZjrfBdw=
  • _globalsign-domain-verification=sFjhMTjRJbsqE6EVhdeuX41grlFLPHGoR0Lu7LAlGo
  • _globalsign-domain-verification=uRCnBYYrRCA4u2Cx3U4XWjBAyRxBBQtez1GS3ISnDh
  • _globalsign-domain-verification=6aV7zLOQi3JZVhP5kQyeihT_eLjGiNYrwWe0mW-Y2J
  • _globalsign-domain-verification=_sf0f6Dugb2HQuRgwYw9JH8DMaXfmJNM3B4QlZzkOP
  • MS=ms27183958
  • anthropic-domain-verification-t1psqk=Ni7mBI0P6bcb0u9TuwAOAL5dt
  • _globalsign-domain-verification=OaW7KEw8XI6T-UX7Q5QVAWQmVM419rQjkBzze65A4p
  • UcOOIjBN6esxMbXeZdAwoR8C0VPgTnfCCjBNEa9zteg=
  • _globalsign-domain-verification=NayaRCbcx3gAy0Uu0E9vONpISzhZ93ZcnBanw0UVmK
  • _globalsign-domain-verification=6z2DRMvXlfBvriiGP5Av3ytg7ymNVYD6T9ZF1uYdxz
  • OU8idWxbUQsjyU8Jq0ZvdEwTeK1HGvJeIJTN7lvDezs=
  • _globalsign-domain-verification=6A8jsy7yRnyi_rFWOY5GduX0caW8jwvyfQ8Kn-TRuy
  • _globalsign-domain-verification=1mTsJCKpA74DgclmNlgUl3_xHoSUd2m8vtsDvCi-Gb

Email authentication strong

SPF
v=spf1 ip4:52.100.0.0/14 ip4:104.47.0.0/17 ip4:40.92.0.0/14 ip4:51.132.40.235 ip4:20.49.241.143 ip4:20.49.241.149 ip4:20.49.172.135 ip4:35.191.0.0/16 ip4:42.159.163.81 ip4:42.159.163.82/31 ip4:50.31.37.23 ip4:50.31.53.62 ip4:51.4.71.62 ip4:51.140.109.121 ip4:54.251.151.226/31 ip4:54.251.151.228/31 ip4:64.233.160.0/19 ip4:65.54.121.124/31 ip4:65.55.52.224/27 ip4:65.55.81.54/31 ip4:65.55.88.0/24 ip4:65.55.169.0/24 ip4:81.95.52.192/26 ip4:10.250.160.42 ip4:37.17.215.43 ip4:40.80.218.211 ip4:10.150.98.22 include:spf.protection.outlook.com include:_spf.salesforce.com include:spf1.nuffieldhealth.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:67dd5645f92d472bab9627daf6866438@dmarc-reports.cloudflare.net,mailto:dmarc-rua@dmarc.service.gov.uk,mailto:rua@nuffieldhealth.com; ruf=mailto:ruf@nuffieldhealth.com; fo=1; pct=100;
policy: reject (enforced)
DKIM
Show 5 DKIM selectors
  • default: v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5CU+ndBvk9rAfwl29FvJ7b3qicymRAnBrQsmyWwHWRPo8mgbbo3JZU3u4+A4rGu0jBUFAWxsFWCWj4naNk8l…
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXXSaWMZFgyNDDg0JEtNxDITKFu3pw7F0mjKw4n4Lxql2l4B8J2tPcpHU8mJ4kuYhs+hUj+9LRaaaW…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8iowvAiyyfo1DN7KRLV0vAC6XsO+OA6H+jorEPZbGKxMW8JEiqq6My3GxrR+UbL0aEIBw5LO2GkHBc…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U3EAvtiHPcbCGn5FA28ssiEhSGLt6ehqn6ShapmIbY4wzzD98mDWqzu/UhUCqRpwE/7e/fgi9rja4io72…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNaS5smt7/u5lZtxr/BEJZshq5lwC10UMJQF8Jsh1ghx12PM5L8lCEIeWoHLcmKWxQOfoDFPlaz6/EZHmhXix2dC…
selectors probed

Certificate (current)

GlobalSign GCC R3 EV TLS CA 2025
from 2025-08-27 to 2026-09-28
Expires in 132 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.nuffieldhealth.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(self "https://*.nuffieldhealth.com" "https://*.nuffieldhealth.dev"), picture-in-picture=(self), accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(),payment=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nuffieldhealth.com *.nuffieldhealth.dev nuffieldhealth-crm--crmqa.sandbox.my.site.com nuffieldhealth-crm--crmuat.sandbox.my.site.com nuffieldhealth-crm.my.site.com nuffieldhealth-crm--crmpreprod.sandbox.my.site.com nuffieldhealth-crm.my.site.com nuffieldhealth-crm.lightning.force.com nuffieldhealth-crm--mintdev.sandbox.my.site.com nuffieldhealth-crm--crmuat--c.sandbox.vf.force.com https://web-modules-de-uk1.niceincontact.com analytics.tiktok.com assets.adobedtm.com cc.cdn.civiccomputing.com cdnjs.cloudflare.com code.jquery.com connect.facebook.net script.crazyegg.com embed.vhx.tv f.vimeocdn.com js-agent.newrelic.com lantern.roeyecdn.com *.googleapis.com nh-booking-microsite.nuffieldhealth.com *.pcapredict.com services.postcodeanywhere.co.uk rules.quantcount.com secure.quantserve.com snap.licdn.com metrics.responsetap.com static-ssl.responsetap.com static.doubleclick.net survey.survicate.com surveys-static-prd.survicate-cdn.com www.clari
strict-transport-security
max-age=31536000; includeSubDomains

Links to (1)

Linked from (15)