indexo.dev

monbs.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-18 · ok HTTP/1.1 200 1347 ms crawled 2026-05-15

IE · 52.138.218.121 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Mortgages Savings & More| Monmouthshire Building Society
Description
Explore Monmouthshire Building Society’s savings, mortgages, and online banking. Trusted, customer-focused financial services throughout England and Wales.
Language
en
Canonical
https://www.monbs.com/
Translations
  • en
  • en-gb

Technology

Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • cdn-eu.pagesense.io×1
  • cdnjs.cloudflare.com×1
  • fonts.googleapis.com×1
  • static.srcspot.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
123-Reg Limited
Created
2005-04-12
Expires
2027-04-12 327 days left
Updated
2026-04-13
Name servers
  • ns61.domaincontrol.com
  • ns62.domaincontrol.com

DNS records live

NS
  • ns61.domaincontrol.com
  • ns62.domaincontrol.com
MX
  • 10 eu-smtp-inbound-1.mimecast.com
  • 20 eu-smtp-inbound-2.mimecast.com
  • 40 monbs-com.mail.protection.outlook.com
TXT
Show 21 TXT records
  • atlassian-domain-verification=EETpHkaQS8vo3aEunpNBpHApk4/oRxrSySQBItVkOnX1KzXTcJ8BRMM0zwA3brIa
  • v=DMARC1; p=none; rua=mailto:470c6ccd9d79660@rep.dmarcanalyzer.com; ruf=mailto:470c6ccd9d79660@for.dmarcanalyzer.com; fo=1;
  • _globalsign-domain-verification=VITjyJL-4ytv4syhALhUf5pOsBIch_BkWkdSVJHj-n
  • k5bn2uifmpfgeoc5rugqor81nt
  • : _globalsign-domain-verification=N0NWynpqyWGSblFmv10UKhAFJKcEyZ1VYbUwD8SqDV
  • _globalsign-domain-verification=gTRqt8DWWWsamkELEZJyp05DVXlevD6zJZGSXgUGTB
  • _globalsign-domain-verification=w3cDPvumlhvy_zNDHOxRJiTCuclL7habRcAn7DXi6y
  • mhn1rrgfnq0d3j1cdojgagh1fa
  • OG63CmuFfrbN/M3UHLKpxS4P2KdFA4pHCUvCfFnwLT3K9B1qR7QpEGWMTCg4FzlgJRxk/qZx73K2xtASlC2MvQ==
  • access-domain-verification=feb9c035b08c9c3fc76d5660bc15becc1756de1c1c4792696299e082c35bb2f5
  • _oel6ym77m7mv3c2qhmvhhtmc0qk2tmm
  • QO07w7x8kYDwUuNhx7aY4fDvxzVd8hh4SozRGO/TMMg=
  • 1mp3gin6see81q9ako0un2h9ev
  • _globalsign-domain-verification=Jr4tHgRYB69J-FdRquz0dL312-zXyLlT-xsGg6gohU
  • access-domain-verification=beb9578c1eefcba60ff92a7b256b760cdc9c5c94fb261ba35a8f2a2f8641d4e4
  • _gf3zirb522i4xlf3f75bwv5hri9jydv
  • _globalsign-domain-verification=N0NWynpqyWGSblFmv10UKhAFJKcEyZ1VYbUwD8SqDV
  • _globalsign-domain-verification=JtMOUvm40FLGkbmU3UxamszqxBbTA-Guye9SYjMS6D
  • monbs-remain-live.azurewebsites.net
  • MS=ms24256416
  • have-i-been-pwned-verification=80e5245c8786b02d00780d6910078c9a

Email authentication strong

SPF
v=spf1 a a:smtp.monbs.com a:smtp.cascadecloud.co.uk ip4:149.72.53.213/32 ip4:104.47.21.59/32 ip4:192.254.125.237/32 ip4:18.133.41.22/32 ip4:3.11.231.185/32 ip4:51.132.211.80/32 ip4:51.11.176.90/32 include:sendgrid.net include:eu._netblocks.mimecast.com include:spf.protection.outlook.com include:_spf.createsend.com include:spf2.accessacloud.com include:_spf.spindogs.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:470c6ccd9d79660@rep.dmarcanalyzer.com; ruf=mailto:470c6ccd9d79660@for.dmarcanalyzer.com; pct=20; fo=1;
policy: quarantine · pct=20
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zWI3ibous1ttNpGNUDnZlJN4xE8F0Oejn5T9ALqY2REhwOYzWD4SykG1QG/s+pAKrJw+mJPEHceSt6FaN…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHFByXK7EcofiAdUjHwjUgRXOElETRFT15/LxoN2lDcXRGKR0eXvM7U+oIf/C5Z3NV+Q7Dz3rNC3WWtnZN/x/q2Z…
  • smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBi QKBgQDPtW5iwpXVP…
selectors probed

Certificate (current)

Starfield Secure Certificate Authority - G2
from 2026-04-23 to 2026-11-07
Expires in 172 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.monbs.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
img-src *.ads.linkedin.com *.google.co.uk *.google.com *.googleapis.com *.pagesense.io *.reciteme.com data: img.youtube.com imgsct.cookiebot.com maps.google.com maps.gstatic.com 'self' 'unsafe-inline' www.facebook.com www.google-analytics.com;connect-src *.ads.linkedin.com *.civiccomputing.com *.google.co.uk *.google.com *.pagesense.io *.postcoder.com *.reciteme.com api.getaddress.io cdn-eu.pagesense.io consentcdn.cookiebot.com maps.googleapis.com pagesense-collect.zoho.eu pagesense-hb-collect.zoho.eu 'self' www.google-analytics.com;script-src *.civiccomputing.com *.reciteme.com ajax.googleapis.com code.jquery.com connect.facebook.net maps.google.com maps.googleapis.com 'self' siteimproveanalytics.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com www.youtube.com;frame-src *.pagesense.io consentcdn.cookiebot.com player.vimeo.com 'self' www.google.com www.google-analytics.com www.googletagmanager.com www.youtube.com;script-src-elem *.reciteme.com ajax.googleapis.com assets.sites
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (7)

Linked from (2)