indexo.dev

steamboatsprings.net

.net crawl

First seen 2026-04-20 · Last seen 2026-05-13 · ok HTTP/1.1 200 1520 ms crawled 2026-05-13

US · 208.90.191.232 · AS36489 IP Pathways, LLC

Reputation 100/100

Classifying

HTML metadata

Title
Steamboat Springs, CO - Official Website | Official Website
Description
The home landing page for the City of Steamboat Springs website
Language
en

Technology

Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • 468737.cctm.xyz×1
  • app-script.monsido.com×1
  • docaccess.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
NameCheap, Inc.
Created
1999-02-18
Expires
2027-02-18 273 days left
Updated
2026-01-19
Name servers
  • ns10.dnsmadeeasy.com
  • ns11.dnsmadeeasy.com
  • ns12.dnsmadeeasy.com
  • ns13.dnsmadeeasy.com
  • ns14.dnsmadeeasy.com
  • ns15.dnsmadeeasy.com

DNS records live

NS
  • ns10.dnsmadeeasy.com
  • ns11.dnsmadeeasy.com
  • ns12.dnsmadeeasy.com
  • ns13.dnsmadeeasy.com
  • ns14.dnsmadeeasy.com
  • ns15.dnsmadeeasy.com
MX
  • 10 us-smtp-inbound-1.mimecast.com
  • 10 us-smtp-inbound-2.mimecast.com
TXT
  • /ReLvBDWHNTNxZNh9vj5fG2NPWe2I4n0Npgq2x5TFHy/0H5ajOMFPkLz4QaM/kZ3kBMyTdJ+97T6q8fqHSdIlg==
Verified for
  • Apple
  • Cisco
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:us._netblocks.mimecast.com include:mail.zendesk.com include:_spf.psm.knowbe4.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:1xzdwjxh@ag.us.dmarcian.com
policy: quarantine
DKIM
  • s1: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsRQcDnye7U8bDldK6bc2cs/JYpjyF4SXPiSBW3H5jUakTOLAkiUaDFFCw8SLJVNkHQ+h7pklMD+iMyqgfC9BEVL…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5CQtMRvBY3X/Gyl/bropDnpNqt9Bd4ZC8N2zu2eJAkP7rqUpvXwi9+DS6ylePJkUM860C4+MHoBSCDHJdNqdRCO…
selectors probed

Certificate (current)

R13
from 2026-05-04 to 2026-08-02
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://steamboatsprings.net/

present
  • content-security-policy
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://*.granicus.com https://platform.civicplus.com https://account.civicplus.com https://analytics.civicplus.com; img-src * data: blob:; worker-src * data: blob: 'unsafe-eval' 'unsafe-inline'; script-src * about: 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; media-src * blob:; font-src * data:; default-src *

Links to (9)

Linked from (2)