southwark.gov.uk

HTML metadata

Title: Hello, welcome to Southwark | Southwark Council
Language: en
Generator: Drupal 10 | LocalGov Drupal powered by Big Blue Door | https://www.bigbluedoor.net/localgov-drupal
Canonical: https://www.southwark.gov.uk/

Technology

CDN: Amazon CloudFront
Server: nginx
CMS: Drupal

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (9)

customer.cludo.com×3
websurveys2.govmetric.com×3
code.jquery.com×1
fast.fonts.net×1
fonts.googleapis.com×1
fonts.gstatic.com×1
hitcounter.govmetric.com×1
static.addtoany.com×1
www.googletagmanager.com×1

Social

Contact

Address: st updated:6 March 2026

Registration

Registrar

Virgin Media Business Limited

Created

2003-12-19

Expires

2027-12-19 577 days left

Updated

2025-12-09

Name servers

ns1.virginmedia.net
ns2.virginmedia.net
ns3.virginmedia.net
ns4.virginmedia.net

DNS records live

NS

ns1.virginmedia.net
ns2.virginmedia.net
ns3.virginmedia.net
ns4.virginmedia.net

MX

10 southwark-gov-uk.mail.protection.outlook.com

TXT

Show 5 TXT records

rovag_verification_token=7D0467E5426046D38EC5A8A8EBDF6552
VFckqCeF7FR0cpO2ARAtm1ab5rLLrwFcSx5vHtpF78xgAEbtk9Nd0/Zv88PaiowBJcIIk68zl7ml10rtE3vGSg==
5bdca24c-d878-42d0-9f74-ed28c644f6fd
2bv66wzhlgw5tvxxpgq37r20b56yg06c
v=verifydomain MS=ms55964780

Verified for

1Password
Adobe
Apple
Atlassian
DocuSign
Google
Microsoft 365
Zoom

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com exists:%{i}._i.%{d}._d.espf.agari-dns.net include:%{d}.c7.spf-protect.agari-dns.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:shared-technology-services@rua.agari-eu.com,mailto:dmarc-rua@dmarc.service.gov.uk; ruf=mailto:shared-technology-services@ruf.agari-eu.com

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwftlrE1ytH9G7ynswkrLmPVvYjQfc20wucLGwz409OUHeTMppc4a7UAsHws4Y9DkstsRdIaRnxWZAY…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymHhvG+R1iLaJyoElS0LW7zL+H4z01zzna3k1Dy2zHlLecxfKSTq4cW6UYGsoAELzt9ccHhOAkNexibgdE…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDmdeslsTpYXYh5kCXQWJ5LbsyRLJhg4hFhZ9R04mP7gmQmstS8ZB7+8ZjADXrEYYrcp6ICicVJiRLPOxMK1Tzs/U…

selectors probed

Certificate (current)

Entrust OV TLS Issuing RSA CA 2

from 2025-09-22 to 2026-10-24

Expires in 156 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.southwark.gov.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com/ https://www.google.com/ https://www.gstatic.com/ https://connect.facebook.net/ https://use.fontawesome.com/releases/v6.4.2/js/ https://customer.cludo.com/scripts/ https://customer.cludo.com/templates/ https://cdn.gtranslate.net/ https://static.addtoany.com/menu/page.js https://websurveys2.govmetric.com/js/client/ https://hitcounter.govmetric.com/ https://code.jquery.com/ui/ https://static.addtoany.com/menu/ https://translate.google.com/ https://translate.googleapis.com/_/translate_http/ https://translate-pa.googleapis.com/v1/supportedLanguages https://translate.googleapis.com/element/log https://cdn.jsdelivr.net/npm/js-cookie@3.0.5/dist/js.cookie.min.js https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.5/dist/umd/popper.min.js https://cdnjs.cloudflare.com/ajax/libs/dragula/3.7.3/dragula.min.js https://cc.cdn.civiccomputing.com/ https://wsstatic.govmetric.com/ https://websurveys2.servmet
strict-transport-security: max-age=63072000; includeSubdomains; preload