stelmos.com

HTML metadata

Title: St. Elmo Steak House: Legendary Since 1902
Description: Step inside St. Elmo Steak House and you’ll feel the energy of countless celebrations, family gatherings, and unforgettable memories shared within these walls.
Language: en-US
Canonical: https://www.stelmos.com/

Open Graph

url: https://www.stelmos.com/
title: St. Elmo Steak House: Legendary Since 1902
site name: St Elmos Steak House | Steak House in Indianapolis, IN
description: Step inside St. Elmo Steak House and you’ll feel the energy of countless celebrations, family gatherings, and unforgettable memories shared within these walls.

Technology

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (14)

images.getbento.com×20
theme-assets.getbento.com×4
app-assets.getbento.com×3
www.googletagmanager.com×2
assets-cdn-refresh.getbento.com×1
cdnjs.cloudflare.com×1
fonts.googleapis.com×1
fonts.gstatic.com×1
media-cdn.getbento.com×1
widgets.resy.com×1
wsv3cdn.audioeye.com×1
www.facebook.com×1
www.google.com×1
www.gstatic.com×1

Social

Contact

Phone

+1(317)635-0636

Address

St Elmo Steak House", "description": "Historic \u0026

Registration

Registrar

GoDaddy.com, LLC

Created

1999-03-02

Expires

2028-03-02 653 days left

Updated

2024-01-11

Name servers

pdns13.domaincontrol.com
pdns14.domaincontrol.com

DNS records live

NS

pdns13.domaincontrol.com
pdns14.domaincontrol.com

MX

0 mx1-us1.ppe-hosted.com
0 mx2-us1.ppe-hosted.com

TXT

Show 4 TXT records

k7kl7vvk7g2u6fp7qel34qn9og
e2ma-verification=773fb
_globalsign-domain-verification=qDUD6bLz84dhp4Mh2hgm3bEopHFTingbT5NCGw2lG4
ppe-8b272466198cdfd3e6d9

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.e2ma.net -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt0xtdgFArs+xgGlEs6W/AYQaxcbcIdiqt5+4z/6K3ZerFf/cr61ljTFCRuLFbdb6AlkNWtvP3D5qed3K+63…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva53kbbzdRE6MxmTexNxt34ObzumbCBRO8/6bDdYhIIoGGQztOPMq3PJpx+y1JgBVxSjr8Ugn79SM0…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

R13

from 2026-04-29 to 2026-07-28

Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.stelmos.com/

present

strict-transport-security
content-security-policy
x-frame-options
cross-origin-opener-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
content-security-policy: default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' * https://cdn.us.heap-api.com https://heapanalytics.com https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval'; script-src-elem * https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' * https://heapanalytics.com https://viewer.threshold360.com blob: data:; style-src 'self' * https://heapanalytics.com https://viewer.threshold360.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' * https://c.us.heap-api.com https://heapanalytics.com https://viewer.threshold360.com wss://viewer.threshold360.com blob:; font-src 'self' * https://heapanalytics.com https://viewer.threshold360.com data:; frame-src 'self' * https://viewer.threshold360.com; worker-src * blob:; media-src * blob: data:; frame-ancestors 'self';
strict-transport-security: max-age=2592000; includeSubDomains
cross-origin-opener-policy: same-origin