indexo.dev

monthey.ch

.ch crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 1332 ms crawled 2026-05-30

CH · 193.34.137.65 · AS43800 NTS workspace AG

Reputation 100/100

sector government type landing page

HTML metadata

Title
Accueil - Ville de Monthey
Language
fr
Generator
CMS - Quicksite www.quicksite.ch
Canonical
http://www.monthey.ch/

Open Graph

url
http://www.monthey.ch/
title
Accueil - Ville de Monthey

Technology

Server
Webserver
CMS
WordPress
jQuery
1.10.2 known XSS (<3.5)
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • kit.fontawesome.com×1
  • maps.google.com×1
  • www.googletagmanager.com×1

Contact

Email
Phone

DNS records live

NS
  • ns11.infomaniak.ch
  • ns12.infomaniak.ch
MX
  • 10 mx-01-eu-central-1.prod.hydra.sophos.com
  • 20 mx-02-eu-central-1.prod.hydra.sophos.com
TXT
  • bfddf16917ndjb6ohbaqbp0qpv
  • sophos-domain-verification=f74ca2760af7fc2dd8ba65a3a0b28a79551fb3e48fc11db7163cac5cf9c661de
Verified for
  • Twilio

Email authentication strong

SPF
v=spf1 ip4:213.221.152.154 ip4:193.34.137.65 ip4:185.54.6.111 include:spf.protection.outlook.com include:_spf_eucentral1.prod.hydra.sophos.com include:spf-de.emailsignatures365.com include:de1-emailsignatures-cloud.codetwo.com include:spf1.ne.ch -all
strict (-all)
DMARC
v=DMARC1; p=reject; sp=reject; pct=100; rua=mailto:dmarc@monthey-energies.ch; ruf=mailto:dmarc@monthey-energies.ch; adkim=s; aspf=s; fo=0:1:d:s
policy: reject (enforced) · sp=reject
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4J/gudCHWx+LNjAaqvat7WZ7kNHBuizcWDenAzSTVQYhmNT1PpckxkbkrukvtWQdbS1QgRUDiR52xc…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GDHQeXXKCHk2NndOxR9nhV1/bBwrQN+2fNq/e0j3AF/ka/i7lEY9ScOb//6jwO8cmfiZIqLD0yiki…
selectors probed

Certificate (current)

E7
from 2026-04-01 to 2026-06-30
Expires in 29 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.monthey.ch/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; connect-src 'self' https://ka-p.fontawesome.com:* https://maps.googleapis.com:* https://www.google-analytics.com:* https://kit.fontawesome.com:* https://region1.google-analytics.com:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com:* https://www.gstatic.com:* https://kit.fontawesome.com:* https://maps.google.com:* https://www.google-analytics.com:* https://ssl.google-analytics.com:* https://maps.googleapis.com:* https://unpkg.com:* https://ajax.googleapis.com:* https://www.googletagmanager.com:*; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com:* https://unpkg.com:* https://ajax.googleapis.com:*; img-src 'self' data: https://www.google-analytics.com:* https://maps.googleapis.com:* https://maps.gstatic.com:* https://maps.google.com:* https://ajax.googleapis.com:*
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (26)

Linked from (1)