fcny.org

.org crawl dns

First seen 2026-04-20 · Last seen 2026-05-17 · ok HTTP/1.1 200 809 ms crawled 2026-05-13

US · 23.185.0.3 · AS54113 Fastly, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: Home - FCNY
Description: For over five decades, the Fund has collaborated on developing and facilitating innovations in policy, programs, and practices.
Language: en-US
Generator: WordPress 6.9.4
Canonical: https://www.fcny.org/

Open Graph

url: https://www.fcny.org/
title: Home - FCNY
locale: en_US
site name: FCNY
description: For over five decades, the Fund has collaborated on developing and facilitating innovations in policy, programs, and practices.

Technology

Server: nginx
CMS: WordPress

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Address: st news from FCNYContact Us© 2026

Registration

Registrar

DomainSpot LLC

Created

1995-05-31

Expires

2027-05-30 376 days left

Updated

2026-05-11

Name servers

ns2.fcny.org
ns1.fcny.org

DNS records live

NS

ns1.fcny.org
ns2.fcny.org

MX

10 fcny-org.mail.protection.outlook.com

TXT

48qkiui62ajrk5jjrkjg0irl39
anthropic-domain-verification-ka84s5=laQ0YaLlazFGvnbdt867249LD
MS=ms65645114

Email authentication strong

SPF

v=spf1 ip4:68.166.199.86 ip4:69.3.238.192/29 include:spf.protection.outlook.com include:servers.mcsv.net include:zcsend.net -all

strict (-all)

DMARC

v=DMARC1; p=quarantine;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC41u/v5LhCIxqS8cuIU74Ko6TlhbEaj+HJj9MIm95xjtivTYrPCqqkS9yJsDvXLRQ3hOZgk0p5puigwCEO6c…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

R12

from 2026-04-26 to 2026-07-25

Expires in 67 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.fcny.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src https: http://*.google-analytics.com:* 'unsafe-inline'; img-src https: 'self' data: blob:; script-src https: 'unsafe-eval' 'unsafe-inline' blob:; style-src https: 'unsafe-inline'; font-src https: 'self' data: fonts.gstatic.com; worker-src 'self' blob:
strict-transport-security: max-age=31622400; includeSubDomains; preload

Links to (6)

Linked from (1)

theblogstatus.com×2