sfmta.com

HTML metadata

Technology

Server

nginx

CMS

Drupal

Analytics

• Google Tag Manager

Third-party hosts loaded (2)

• cdnjs.cloudflare.com×1
• www.googletagmanager.com×1

Social

• linkedin
• youtube
• facebook
• twitter
• instagram

Contact

Phone

• 415.701.2311
• 415.701.2323

Registration

Registrar

CSC Corporate Domains, Inc.

Created

2004-02-13

Expires

2027-02-13 270 days left

Updated

2026-02-09

Name servers

• ns1-06.azure-dns.com
• ns2-06.azure-dns.net
• ns3-06.azure-dns.org
• ns4-06.azure-dns.info

DNS records live

NS

• ns1-06.azure-dns.com
• ns2-06.azure-dns.net
• ns3-06.azure-dns.org
• ns4-06.azure-dns.info

MX

• 0 sfmta-com.mail.protection.outlook.com

TXT

Show 13 TXT records

• apple-domain-verification=pWq1cAIbOD9m8Nuo
• docusign=7f3c20e7-0e15-4842-ba4b-e96cb64c154a
• google-site-verification=Ki3_RxKt3tEWxogHu1nlMqyGn0KAEEy2ekiKZey1Bbs
• adobe-idp-site-verification=1c5c0dca7baca33b2e644ba9d6e0c7861f821c8ef1f628eec570fe6240a050c9
• onetrust-domain-verification=e28986be9a7d40369e824d1b505553a2
• atlassian-domain-verification=o9vh2dpJpiQGnE9NyTGWwuZLfwp74Ksv0vCFhv0WaDdwcmbyDUxy2muJPAqRJAq4
• MS=ms46368357
• MS=ms30300272
• nintex.5bd38b830424ae48c9bb8d61
• google-gws-recovery-domain-verification=58295218
• google-site-verification=5dyfPsMHS7rZax4GJZ0CYa65ox7Oq9ittaeBAbHQid8
• _x8wv18shuyl0dkcremajwcx2b0h1yzq
• /Rx7ZgIdwetuB7Axp+cZmYCMLg+imcxbS/jzQTzkzbVqWXDeFduJkC9Ksj4Z2ViW+mSd698pXy2uQxhXGYPrFQ==

Email authentication strong

SPF

v=spf1 ip4:75.10.230.1 ip4:75.10.230.180 ip4:75.10.230.181 ip4:192.190.32.202 include:spf.protection.outlook.com include:_spf.alchemer.com include:_spf.salesforce.com include:_spf.psm.knowbe4.com include:spf-008a4301.pphosted.com include:spf-008a4302.pphosted.com include:everbridge.net ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email; ruf=mailto:quarantine@sfmta.com

policy: reject (enforced)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM7S8kjBBWh+vGlMpo+M+HULL139jOC+lGRKIHAhYEyVyEUPbZSsGvC3Ss3i1JqrzoyTE7/fK0Yhp5…
• selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBMof5Hvr7gG99hTCHAcME4W6G9cUSkuLy+qrnqpdXJh37QSE9AUGqnvDLFAMYuhTAN6DHEGEbAy1M…
• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZA1SczWOegBb7z9nv52XWqXJHb4BuYAWaK+UWYln2GivJppa1sZHpnfpvtfb/ljyAidyhibMMnk6PlNCM…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtITd9khr9hA/L7Ioje3TiwIjxHUlxo8xSjodR5M68seyOk8bGXeATRo7kDsKA1+ou7JhQ1ETCgcEFT/oGB…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.sfmta.com/

present

• strict-transport-security
• x-frame-options
• x-content-type-options
• cross-origin-opener-policy
• cross-origin-embedder-policy
• cross-origin-resource-policy

findings

• short HSTS max-age
• missing Content Security Policy
• missing Referrer Policy
• missing Permissions Policy

Links to (8)

• youtube.com×2
• 511.org×2
• facebook.com×2
• instagram.com×2
• linkedin.com×2
• sf311.org×2
• twitter.com×2
• apasf.org×1

Linked from (4)

• heartoftherichmonddistrictnightmarket.com×2
• tenderloinmuseum.org×2
• missionmerchants.org×2
• missionmerchants.com×1