slam.nhs.uk

HTML metadata

Title: Home - South London and Maudsley
Language: en
Generator: VerseOne CMS v5

Technology

CMS: Drupal

Analytics

Google Tag Manager

Social widgets

YouTube Embed

Third-party hosts loaded (8)

cdn.jsdelivr.net×3
cc.cdn.civiccomputing.com×1
feeds.trac.jobs×1
translate.google.com×1
www.cqc.org.uk×1
www.googletagmanager.com×1
www.swlstg.nhs.uk×1
www.youtube-nocookie.com×1

Social

Contact

Phone

020 3228 6000

DNS records live

NS

ns1.nhs.uk
ns2.nhs.uk
ns3.nhs.uk
ns4.nhs.uk

MX

0 slam.in.tmes.trendmicro.eu

TXT

Show 14 TXT records

00D0O000000rwim=1TBPz00000001qD
hes=68ae78bba26424e52f5d9065683af900
apple-domain-verification=Rba1gsRHMhllbo1M
brevo-code:81d3ff727921d303b48046e51b6d15bc
brevo-code:ffcc1de8f095bebc62bf1183fd2d9554
globalsign-domain-verification=15CBE590F4F13CDD6C5573D892839FF6
globalsign-domain-verification=A6295B1D88BB0125D98346746CA53DFF
BFA083CABEF015FB3D7658B97FE46CD4CA0B8F1110632AA19F9E6AE762BE6C37
google-site-verification=aPl4buLWt4yDXybvVFCn708htuqhTOLzV55tAEXpPF8
4TtSNhpX1FS8nLq1ucdBx12JV5yNNWUZXlcsNA0vKdCMkZqiXwlsvFzLi8ltdqxuAkZlZr7yFPDpCJbfRDejYw==
EFvFBgyvUd9lJJZkG0CyUf7+7ielDnLUCarpk4QKR1Sw7lT42xMLErQjOX6sTLryh2brPKszBJ7ZRCPmCUKtoQ==
ZqZBnke6PBw1X+zYqjdbtWulrRPFdlEf2YcNrjWj0s+HmEhG1yoLsrC1YSlUggywfKWoh8DnYYJ9KsvygID1Uw==
MS=ms92691257
m18gmk0ndq9jc3r5v6n37n143

Email authentication strong

SPF

v=spf1 redirect=4pv0p5ej._spf._d.mim.ec

no all qualifier

DMARC

v=DMARC1; p=reject; rua=mailto:20ba544a4230492@rep.dmarcanalyzer.com,mailto:dmarc-rua@dmarc.service.gov.uk; ruf=mailto:20ba544a4230492@for.dmarcanalyzer.com; fo=1;

policy: reject (enforced)

DKIM

Show 5 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dRYa6GCsmuuRtulT5toDhzIxt0jnhZi0qovt1B0/M00ybfPWNHv6DIbwM5g0pw6egA9u6F7Gj8/30…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0GT7wY2tbsqDNr7eOK9BEHo970JjKK90ItZ2AfJNtSeRTKU3mm1QIhRqMXLckoIRv3yDawDqnI8Hk…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0u4F5o+hCQ0JtlzRezpvZSjiicIvqvdk3U9EDMPiuHAIds2G9hphByTjSqEDHOLNr06CIhAgV3lTFphnkz…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl72eoXO2d+EE3T24UW8LnQIlggClua9wSiHoncKncxskwFJyHdLXUaHAk94/5w6zeFB1zT2Ly3Fwey6xzL…

selectors probed

Certificate (current)

R13

from 2026-05-11 to 2026-08-09

Expires in 81 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://slam.nhs.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: DENY, SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src *.reciteme.com feeds.trac.jobs region1.google-analytics.com translate.googleapis.com apikeys.civiccomputing.com 'self'; script-src 'self' *.reciteme.com feeds.trac.jobs translate-pa.googleapis.com cdn.jsdelivr.net cc.cdn.civiccomputing.com www.googletagmanager.com www.cqc.org.uk cdn.jsdelivr.net www.google.com www.gstatic.com *.ytimg.com translate.google.com translate.googleapis.com platform.twitter.com https://hubofhope.co.uk 'unsafe-inline'; style-src 'self' *.reciteme.com www.cqc.org.uk cdn.jsdelivr.net feeds.trac.jobs www.gstatic.com fonts.googleapis.com platform.twitter.com translate.googleapis.com 'unsafe-inline'; img-src * data:; media-src blob: https://api.reciteme.com 'self' *.youtube.com *.youtube-nocookie.com *.vimeo.com *.vimeocdn.com *.ci.vimeows.com; object-src 'self' *.googlevideo.com *.ytimg.com *.youtube.com *.youtube-nocookie.com *.vimeo.com *.vimeocdn.com *.ci.vimeows.com; frame-src 'self' *.youtube.com *.youtube-nocookie.com *.twitter.com player.v
strict-transport-security: max-age=31536000