metropoliswebdesign.co.uk

.uk crawl

First seen 2026-05-08 · Last seen 2026-05-08 · ok HTTP/1.1 200 2424 ms crawled 2026-05-15

GB · 194.164.30.100 · AS8560 IONOS SE

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

Metropolis Web Design - Web Design Services North London

Description

Work with our Stanmore based web design team to take your business to the next level - web design and development, content writing and SEO.

Language

en-US

Generator

WordPress 6.9.4

Canonical

https://metropoliswebdesign.co.uk/

Feeds

Metropolis Web Design » Feed RSS

Open Graph

url: https://metropoliswebdesign.co.uk/
title: Metropolis Web Design - Building Websites for London for over 20 years
locale: en_US
site name: Metropolis Web Design
description: Work with our London based web design team to take your business to the next level - web design and development, content writing and SEO.

Technology

Server: nginx
CMS: WordPress

Third-party hosts loaded (7)

cdn.jsdelivr.net×3
cdnjs.cloudflare.com×3
ajax.googleapis.com×2
unpkg.com×2
widget.tagembed.com×2
gmpg.org×1
hcaptcha.com×1

Social

Contact

Phone

02084206594

DNS records live

NS

ns0.phase8.net
ns1.phase8.net
ns2.phase8.net

MX

100 metropoliswebdesign-co-uk.mail.protection.outlook.com

Verified for

Brevo
Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:194.164.30.100 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xxJAFF6lvOdTDrqSc/ro2OLNx09Q7Gj8MpR8RJL3CkCeD+WNsTeqyft7yFztic36o4idTgJxg90Ds…

selectors probed

Certificate (current)

R12

from 2026-04-17 to 2026-07-16

Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://metropoliswebdesign.co.uk/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: no-referrer, no-referrer-when-downgrade
permissions-policy: accelerometer=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), sync-xhr=(), usb=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' https://cdn.jsdelivr.net https://ajax.googleapis.com https://widget.tagembed.com https://unpkg.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://pagead2.googlesyndication.com https://www.googletagservices.com 'unsafe-inline'; style-src 'self' https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://cdnjs.cloudflare.com https://fonts.gstatic.com data:; img-src 'self' data: https://www.google.com https://i.ytimg.com https://img.youtube.com https://secure.gravatar.com https://*.gravatar.com; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://pagead2.googlesyndication.com https://region1.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; object-src 'none'; media-src 'self'; frame-src 'self' https://googleads.g.doubleclick.net https://tpc.googlesyndicatio
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (2)

facebook.com×1
linkedin.com×1

Linked from (1)

barnetsociety.org.uk×1