indexo.dev

metrolinx.com

.com crawl dns

First seen 2026-04-18 · Last seen 2026-05-15 · ok HTTP/1.1 200 4185 ms crawled 2026-05-12

US · 76.76.21.21 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Metrolinx | Creating Possibilities
Description
Metrolinx is changing transit to make it better. Because transit change will create possibilities and a better region for everyone.
Language
en
Translations
  • en
  • fr

Open Graph

url
https://www.metrolinx.com/en
title
Metrolinx homepage
description
Over the next decade, we’re changing transit to make it better: Faster travel. Seamless connections.

Technology

CDN
Vercel
CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Contact

Phone
Address
Street West, Toronto, ON M5J 1E6, Phone: 416-874-5900

Registration

Registrar
Tucows Domains Inc.
Created
2002-12-26
Expires
2026-12-26 220 days left
Updated
2025-12-11
Name servers
  • a1-220.akam.net
  • a22-66.akam.net
  • a26-67.akam.net
  • a28-67.akam.net
  • a3-64.akam.net
  • a7-67.akam.net

DNS records live

NS
  • ns1.metrolinx.com
  • ns2.metrolinx.com
  • ns3.metrolinx.com
MX
  • 10 metrolinx-com.mail.protection.outlook.com
TXT
Show 10 TXT records
  • adobe-idp-site-verification=552dafa6-7396-4204-b716-95141552c7a2
  • atlassian-domain-verification=LfzyjjL4JY/Jh5zRw5/onGTvRZ06fuqjlijydMnP89yFE7h6AdwT/eRxoP8ohbFD
  • onetrust-domain-verification=9b6e79cc3da94f1ab9d23f49f0ffef3b
  • MS=44C41CF7D62B2BE8D4FAD23FDE895B7D730EA872
  • apple-domain-verification=r9LPrbQJIAE0r3pd
  • google-site-verification=XGp5r6astiS9Vm9LZZhG3NLFK9gktjQxbZ2Z3apIDoI
  • atlassian-domain-verification=VCLz1ZuGydGvRrlQB0rdKKo5LRtLRca9fNkdlxeRlUhMc5MdYjDY22PSOrPTpxoW
  • MS=ms52745866
  • F6jbZ+IVdMSoF/uyth9iRjXGl1wpSpfXcRIpqD6RRz9vHj9+7UlxnmOt4RPsM0SBXhftlwuiIoX5glOcyetlnQ==
  • asv=00638a0a69d39ab4ec1a54a90803bed8

Email authentication strong

SPF
v=spf1 ip4:158.106.77.208 ip4:216.71.116.208 ip4:52.254.6.249 ip4:192.29.15.141 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarc.qua@metrolinx.com
policy: quarantine
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYpXDXrY/EvbyaD64JxnmInddktn+Rgbo/e11MCPraTBArwfsFmmvjhf/fRPm00O56Vss7pxHte6RQ70hJU8…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5sHUKg7IOgT4ZM5ilVEodx2+oOk4LnVYgRrWo4FYbxcvQ7oRSbzWkONffethSqFnVrpE0MUSNbukKDkl7Mf…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • dkim: v=DKIM1; t=y; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fju5dRLECYeUvZEy2idRbmGYamu6ezAU8wSqMiwYOy3nnud83HS1VLn5VDpWim8lTgQd3gQD…
selectors probed

Certificate (current)

R13
from 2026-04-17 to 2026-07-16
Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.metrolinx.com/en

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; script-src 'self' 'sha256-dgu3n+AUmAeeFlNJ9PYC9rtl6HJ/hfrZoyNPRcQxLuM=' www.google.com www.gstatic.com www.googletagmanager.com www.google-analytics.com ajax.googleapis.com googleads.g.doubleclick.net www.youtube.com www.instagram.com platform.instagram.com oc-cdn-public.azureedge.net connect.facebook.net platform.twitter.com snap.licdn.com; style-src 'self' oc-cdn-public.azureedge.net fonts.cdnfonts.com; style-src-attr 'unsafe-inline'; font-src 'self' fonts.cdnfonts.com data:; connect-src 'self' *.google.com www.google-analytics.com vitals.vercel-insights.com graph.facebook.com res.cloudinary.com ad.doubleclick.net px.ads.linkedin.com assets.metrolinx.com maps.metrolinx.com; img-src 'self' *.google.com res.cloudinary.com i.ytimg.com data: *.facebook.com ad.doubleclick.net px.ads.linkedin.com assets.metrolinx.com d3t3ozftmdmh3i.cloudfront.net; media-src 'self' anchor.fm blob: d3ctxlq1ktw2nl.cloudfront.net; frame-src www.youtube.com www.google.com *.googletagmanager
strict-transport-security
max-age=63072000

Links to (10)

Linked from (4)