indexo.dev

famsf.org

.org crawl

First seen 2026-04-14 · Last seen 2026-05-16 · ok HTTP/1.1 200 2850 ms crawled 2026-05-08

US · 151.101.2.216 · AS54113 Fastly, Inc.

Reputation 94/100 dmarc monitor-only

sector nonprofit type homepage

HTML metadata

Title
Fine Arts Museums of San Francisco | de Young and Legion of Honor
Description
Together, the Legion of Honor and de Young make up San Francisco’s largest public arts institution.
Language
en

Open Graph

title
Fine Arts Museums of San Francisco
site name
FAMSF
description
Together, the Legion of Honor and de Young make up San Francisco’s largest public arts institution.

Technology

Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • admin-pipeline.upsun-us-3.observability-pipeline.blackfire.io×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
Network Solutions, LLC
Created
1996-02-20
Expires
2028-02-21 643 days left
Updated
2024-12-28
Name servers
  • ns-cloud-e1.googledomains.com
  • ns-cloud-e3.googledomains.com
  • ns-cloud-e2.googledomains.com
  • ns-cloud-e4.googledomains.com

DNS records live

NS
  • ns-cloud-e1.googledomains.com
  • ns-cloud-e2.googledomains.com
  • ns-cloud-e3.googledomains.com
  • ns-cloud-e4.googledomains.com
MX
  • 10 us-smtp-inbound-1.mimecast.com
  • 10 us-smtp-inbound-2.mimecast.com
TXT
Show 16 TXT records
  • apple-domain-verification=t9l8rP994LNq8WMU
  • google-site-verification=nX4KoG4XQdI_Rmy-BSppLYKfDwl7eL5SQwGaJc0wJT4
  • facebook-domain-verification=z7fvi67tubn3hxspjglvjbcwt8elua
  • dropbox-domain-verification=he11bz7wmalz
  • facebook-domain-verification=qgwpx9w5t8u8m4hkzno8u9bxnpyjis
  • fastly-domain-delegation-qha9F1hyvKtsEo8sSBsL-541481-10-2022
  • onetrust-domain-verification=20b790fb11ed4259bad544ad2cd2977d
  • facebook-domain-verification=ynxcb0iwn3qj5ipw1g6km18sbnph6p
  • v=DMARC1;p=none;pct=100;rua=mailto:itops@famsf.org
  • 0ed1fe018a709ee34621f54096baf6f672ac22a41a
  • qNwxZRcauS9w6hiwSXPV9+Lypji+UReC1ZfETLLA5af8sAZlaXyl/OOha3+QfLS9TVzulGtTlKUeQjzrcOzE/w==
  • facebook-domain-verification=n7l2jp2tj9ok502lax9opvjsm452w2
  • MS=ms59568034
  • amazonses:n3ZHA8ZqkalPC2S3q56mokmO9pjDrKxSN3pDAICDX4E=
  • duo_sso_verification=ADwb9GvvvPRfsJ9c86KNg1bnsEjvsVJfNwrerFatGpAwnH7Au9qQ4mjKtx2O0xpi
  • facebook-domain-verification=7d5fwk8aeefqan8ret1q5emorkfo1d

Email authentication partial

SPF
v=spf1 include:_spf.google.com include:_netblocks.mimecast.com include:spf.mailjet.com include:spf.ticketure.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; pct=100; rua=mailto:itops@famsf.org
policy: none (monitoring only)
DKIM
Show 4 DKIM selectors
  • google: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj46rqkBFMpAa2BcFYidAGtJhg0/5AuOgtegsvlD46ptVUfm/2wBoM8KbJkLaNz+vOXdxHQOWCWuwPCz…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7a+Q7CrOy8qHtR8pBNpgpXp23LfMxvySOX4UHV/Bj+30uk/RXyE+MuJXhHD1euYnB6lDwNuEFHQEIEXhi…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeUPlFUilsobGj3z8PSn/VCmjh283rphhPIzjseOtAcwNdparXJuOgmr/3O/coqjSlTD12TUEJuQ10vWv8uw40VA…
selectors probed

Certificate (current)

R12
from 2026-04-27 to 2026-07-26
Expires in 68 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.famsf.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; frame-ancestors 'self'; object-src 'self'; style-src 'self' 'unsafe-inline' https://p.typekit.net https://www.gstatic.com; script-src 'self' 'unsafe-eval' 'sha256-42zcKPWDZOaN8n8wocQD0WXYDyjdRNfIFxzUDYE7Xrw=' 'sha256-RpHOUsjSXT9eLBP9itvy93PUJa/IJMsqih5WrgPLlu4=' 'sha256-sviqhLDYJee9jvDDd9GCIiHIv0cxlKKiJ9Tqy7eOa9s=' 'sha256-1e5RR2OpHhuX2h0Bat19DsNTmqbo4M3T1pqfeTXCHaA=' 'nonce-NDFiNDdiNDhkOTFkOGFlZA==' https://www.googletagmanager.com https://www.youtube.com https://connect.facebook.net https://static.hotjar.com https://www.google-analytics.com https://tracker.pixeltracker.co https://w.soundcloud.com https://www.google.com https://script.hotjar.com https://www.gstatic.com https://s.adroll.com/ https://d.adroll.com https://lex.33across.com https://assets.pixlee.com https://assets.pxlecdn.com https://securepubads.g.doubleclick.net https://assets.pinterest.com https://s.pinimg.com; connect-src 'self' https: https://www.googletagmanager.com https://www.yo
strict-transport-security
max-age=31557600
cross-origin-opener-policy
unsafe-none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin

Links to (5)

Linked from (3)