metrobankonline.co.uk

.uk crawl

First seen 2026-04-27 · Last seen 2026-05-17 · ok HTTP/1.1 200 3576 ms crawled 2026-05-05

US · 45.60.53.183 · AS19551 Incapsula Inc

Reputation 100/100

Classifying

HTML metadata

Title: Metro Bank | This is Relationship Banking
Description: Welcome to Metro Bank - the bank that puts people first. Explore bank accounts, savings accounts, safe deposit boxes, loans, credit cards, mortgages, and more.
Language: en
Canonical: https://www.metrobankonline.co.uk/

Technology

CDN: Cloudflare
CMS: Gatsby

Cookie consent

OneTrust

Third-party hosts loaded (2)

cdn-ukwest.onetrust.com×2
dl.episerver.net×1

Social

Contact

Address: 1 Southampton Row, WC1B 5HA, London, Greater London, UK

Registration

Registrar

Easyspace Ltd

Created

2009-06-05

Expires

2026-06-05 14 days left

Updated

2025-05-07

Name servers

ns.rackspace.com.
ns2.rackspace.com.

DNS records live

NS

ns.rackspace.com
ns2.rackspace.com

MX

0 metrobankonline-co-uk.mail.protection.outlook.com

TXT

Show 7 TXT records

vkgmd9y7nt3yjlr1k75mv3jhywr6dqyr
v=spf1 ip4:52.51.105.2 ip4:52.49.251.65 ip4:52.17.215.52 ip4:52.17.215.52 ip4:54.76.133.138 -all include:spf.protection.outlook.com -all
66z4pq3j03xld48b056ngvqswp9tz148
8fWIzDyGI6vZZYw8VJfpCQllIaciWECrUixj1ykRIEc=
nnvp9114drsbf111f09mf7ywcww6w44c
21BC-27A8-4E55-06D5-08B4-6A36-FAAC-6C28
tzr444nv1x2k8bfdbjgbhks355wq5np5

Verified for

GlobalSign
Microsoft 365

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2026-04-14 to 2026-10-30

Expires in 161 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.metrobankonline.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: worker-src data: 'self' *.browsealoud.com *.episerver.net *.facebook.net *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.hotjar.com *.onetrust.com *.whisbi.com gap: ws:; connect-src data: 'self' *.browsealoud.com *.code.createjs.com *.episerver.net *.facebook.com *.facebook.net *.g.doubleclick.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.hotjar.com *.hotjar.io *.nr-data.net *.onetrust.com *.whisbi.com *.youtube.com *.ytimg.com gap: http://www.google.com/ccm/ https://dc.services.visualstudio.com/v2/track https://googleads.g.doubleclick.net https://px.ads.linkedin.com/ js-agent.newrelic.com js.monitor.azure.com ws:; img-src data: 'self' *.amazonaws.com *.facebook.com *.facebook.net *.g.doubleclick.net *.google-analytics.com *.google.co.uk *.google.com *.googleadservices.com *.googleapis.com *.gstatic.com *.hotjar.com *.linkedin.com *.onetrust.com *.whisbi.com gap: https://ad.doubleclick.net/ https://csi.gstatic.com https
strict-transport-security: max-age=31536000

Links to (9)

Linked from (2)

barcadiamedia.co.uk×2
stopscamsuk.org.uk×1