indexo.dev

tnmuseum.org

.org crawl

First seen 2026-05-12 · Last seen 2026-05-12 · ok HTTP/1.1 200 2612 ms crawled 2026-05-18

US · 40.119.1.254 · AS8075 Microsoft Corporation

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Tennessee State Museum - Nashville Attractions
Description
Visit the Tennessee State Museum to learn more about the history of the state of Tennessee and to view historic artifacts from our nation's history. To plan your trip or to schedule an educational programming event, contact us today.
Language
en-us

Technology

Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • www.speakcdn.com×7
  • prod.speakcdn.com×4
  • assets.speakcdn.com×2
  • www.googletagmanager.com×2
  • elfsightcdn.com×1
  • fonts.googleapis.com×1

Social

Contact

Email
Phone

Registration

Registrar
Network Solutions, LLC
Created
1999-09-09
Expires
2026-09-09 111 days left
Updated
2023-07-16
Name servers
  • ns81.worldnic.com
  • ns82.worldnic.com

DNS records live

NS
  • ns81.worldnic.com
  • ns82.worldnic.com
MX
  • 5 mxa-002e5701.gslb.pphosted.com
  • 5 mxb-002e5701.gslb.pphosted.com
TXT
  • sqi6ahkj1vua89jf2jqag98vmc
  • bhe43fmbghq6onfasra7u4dbsq
Verified for
  • GlobalSign
  • Microsoft 365

Email authentication partial

SPF
v=spf1 a mx ip4:74.205.71.22 ip4:203.55.21.129 ip4:72.32.10.142 ip4:50.31.40.174 ip4:72.32.81.128 ip4:50.31.36.174 include:spf.protection.outlook.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-05-05 to 2026-08-03
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://tnmuseum.org/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy
default-src https:; object-src 'none'; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; connect-src https: wss: data: blob:; img-src 'self' https: data: blob:; font-src 'self' https: data: blob:; worker-src 'self' https: blob:; frame-ancestors 'self' *.sitewrench.com *.speakcreative.com
strict-transport-security
max-age=31536000; includeSubDomains

Links to (13)