indexo.dev

amh.com

.com crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 2079 ms crawled 2026-05-15

US · 150.171.109.33 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Home | AMH Homes
Description
AMH homes offers welcoming rental homes maintained by industry-leading service professionals for a superior residential experience.
Language
en

Open Graph

url
https://www.amh.com/
title
Main Page og title
description
AMH main page og descrription

Technology

CDN
Azure Front Door
CMS
Next.js

Third-party hosts loaded (1)

  • media.umbraco.io×6

Social

Contact

Phone

Registration

Registrar
GoDaddy Corporate Domains, LLC
Created
1993-09-15
Expires
2027-09-14 483 days left
Updated
2025-09-17
Name servers
  • ns1-05.azure-dns.com
  • ns2-05.azure-dns.net
  • ns3-05.azure-dns.org
  • ns4-05.azure-dns.info

DNS records live

NS
  • ns1-05.azure-dns.com
  • ns2-05.azure-dns.net
  • ns3-05.azure-dns.org
  • ns4-05.azure-dns.info
MX
  • 10 us-smtp-inbound-1.mimecast.com
  • 10 us-smtp-inbound-2.mimecast.com
TXT
Show 18 TXT records
  • stripe-verification=39514FB7F8E6A5C04083E009332C7B56ABA2CADDB13A49728CF25239F6EE0586
  • google-site-verification=ycNbWTvBQwzgQi9BvNfvKhNW_xqy9HWQNNGvw9cpDHw
  • smartsheet-site-validation=5NtFvDshiA93y6K0ivHMLbLRR5NTcg04
  • R7zH/IEU4b340+rFC6GdugTmz7syw2WM3V340mkyfpM=
  • adobe-idp-site-verification=67a245c904162af189a48758619aba069e533ba92ed64e35953fc226b791df3a
  • google-site-verification=MgpcWx3j0_v-sbKQ-9cIM3qeM6TrhIaA8PQZdiJAIMU
  • status-page-domain-verification=s30c5y0n2byb
  • 2cvrsc6g2gf8q4xcyh6sl52mrgkr9t66
  • jamf-site-verification=myu1bNyJ5i6ZJmwkSySqcQ
  • google-gws-recovery-domain-verification=43522465
  • miro-verification=45e97bbb45136e8b94a3eec46159c0e8b2ff94dc
  • atlassian-domain-verification=QPHM31VHGdcCgQr1cj+lYEXHewFdvCUS+PpIfTj3XtPmTog6GmuQrPNdpX/oGRQO
  • docusign=fb0eafe3-5fa2-4a94-947a-2fba2c583968
  • box-domain-verification=e3e491ff1975a0e2e2c743bb9b4738e462e492a469e148f215062d206e727b61
  • MS=ms12761971
  • google-site-verification=L0vid94wJ6MPjbeA2VP-rU1wZH6JJEVKaW0lb1xE7sI
  • google-gws-recovery-domain-verification=42011757
  • _2mawrsc90zpnnw9j5gqjogawqsxzsps.dcv.digicert.com

Email authentication strong

SPF
v=spf1 include:_spf.messagegears.net include:spf.protection.outlook.com include:us._netblocks.mimecast.com include:rp.oracleemaildelivery.com include:stspg-customer.com include:asp-spf1.yardi.com include:asp-spf2.yardi.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; pct=100; rua=mailto:itsecurity@amh.com; ruf=mailto:itsecurity@amh.com;
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ufMVw8DLV1hMH/OSraPp17boNM6oejnDjdO6xIkzYgw+zIYYl10ZcJo4GKtiRe6kzf4PFmLPcSPV/…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGsPIKCt3krlDPTaDAKzj9/VE7ktNlcjxuiJ+9gHjouEsIHVN39WVN6Xzp7iZiXpiPwTJPcx540M8T…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDxzbsuozoS1Moj8fvgSBINYnBoCKZIEs3niIrkHuz9/tAk2fSLxa7Egycgruma1WzA3cyJ2dRSjeuE8cG0PgKRF7xWgWf…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzstU7oVeOgCL3c3LDDWsRnGW0wJal339SVx/F0PIOJe9HboXUd86oybwQLc3Ke99odAXpnYU1wYv0NC12…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtf29cuMWUfkYnhCHftI6vuEy2Zsbp5oHRXaUXKpC+HUhZvPeIFrx2fZUOFixrroen6ExbRwCXUkDfdLbQ…
selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2025-12-08 to 2027-01-07
Expires in 233 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.amh.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.amh.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.amh.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.google.com *.gstatic.com *.facebook.net *.launchdarkly.com *.stripe.com *.plaid.com *.levelaccess.net *.cdn.levelaccess.net *.crazyegg.com *.instagram.com *.skypack.dev *.meetelise.com *.blob.core.windows.net *.rezync.com *.privacymanager.io *.rfihub.com *.rfihub.net *.boomtrain.com ; style-src 'self' 'unsafe-inline' *.amh.com *.googleapis.com *.typekit.net; img-src 'self' data: blob: *.amh.com *.umbraco.io *.google-analytics.com *.google.com *.gstatic.com *.googleapis.com *.facebook.com *.instagram.com *.pinterest.com widgets.pinterest.com *.stripe.com *.plaid.com *.crazyegg.com *.box.com *.boxcloud.com *.youtube-nocookie.com *.insidemaps.com *.zillow.com *.rezync.com *.googletagmanager.com *.liadm.com; font-src 'self' *.amh.com *.gstatic.com *.typekit.net; connect-src 'self' ws: *.amh.com *.signalr.net *.launch
strict-transport-security
max-age=31536000; includeSubDomains

Links to (5)

Linked from (1)