firstmanhattan.com — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Take tomorrow further. | First Manhattan
Description: Enhancing the potential of your tomorrow requires the right partnership today. When you choose First Manhattan, you are forming a trusted relationship with an investment advisory and wealth planning firm that is dedicated to helping you secure your financial future.
Language: en
Generator: SEOmatic
Canonical: https://firstmanhattan.com/

Open Graph

url: https://firstmanhattan.com/
title: Take tomorrow further.
locale: en_US
see also: https://www.linkedin.com/company/firstmanhattanco/
site name: First Manhattan
description: Enhancing the potential of your tomorrow requires the right partnership today. When you choose First Manhattan, you are forming a trusted relationship with an investment advisory and wealth planning firm that is dedicated to helping you secure your financial future.

Technology

Server: nginx
jQuery: 3.4.1 known XSS (<3.5)

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (5)

app-ab44.marketo.com×1
cdn-cookieyes.com×1
code.jquery.com×1
use.typekit.net×1
www.googletagmanager.com×1

Social

Contact

Phone

212.756.3300

Address

399 Park Avenue, 10022, New York, NY, US

Registration

Registrar

Network Solutions, LLC

Created

1996-12-06

Expires

2028-12-05 918 days left

Updated

2023-10-30

Name servers

adel.ns.cloudflare.com
yahir.ns.cloudflare.com

DNS records live

NS

adel.ns.cloudflare.com
yahir.ns.cloudflare.com

MX

10 us-smtp-inbound-1.mimecast.com
10 us-smtp-inbound-2.mimecast.com

TXT

MS=4A8F99F999598DABDE178427CD4E509458CE73A1
ssx1m0bt4xysm3zlws4n1z9nljwgp8x8

Verified for

Anthropic
DocuSign
Google
Microsoft 365
OpenAI

Email authentication strong

SPF

v=spf1 mx a include:mktomail.com include:spf.protection.outlook.com include:us._netblocks.mimecast.com include:clientspf.mycomplianceoffice.com include:sent-via.netsuite.com ip4:159.183.149.236 -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:06c55701916b468@rep.dmarcanalyzer.com; ruf=mailto:06c55701916b468@for.dmarcanalyzer.com; fo=1;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHc1JQas2utXyooOc8RfBaMEIh+LCLfBv/fVLJzmA4yMog8k4MqjcsYXPNPSQMw5LhAKB8OP47SC6J14V8fR…

selectors probed

Certificate (current)

R13

from 2026-05-06 to 2026-08-04

Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://firstmanhattan.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' *.firstmanhattan.com *.cookieyes.com cdn-cookieyes.com *.vimeocdn.com *.google.com *.typekit.net acsbapp.com *.acsbapp.com *.marketo.com *.marketo.net *.mktoresp.com *.mktoutil.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' data: *.firstmanhattan.com *.castos.com *.clickcertain.com *.vimeo.com youtube.com www.youtube.com *.hotjar.com *.marketo.com snazzymaps.com www.google.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn-cookieyes.com *.clickcertain.com *.remarketstats.com go.firstmanhattan.com www.googletagmanager.com www.google-analytics.com www.google.com www.gstatic.com *.castos.com munchkin.marketo.net code.jquery.com *.hotjar.com *.marketo.com acsbapp.com *.acsbapp.com; font-src 'self' data: *.typekit.net acsbapp.com *.acsbapp.com; img-src 'self' cdn-cookieyes.com *.vimeocdn.com *.google.com *.typekit.net acsbapp.com *.acsbapp.com *.marketo.com *.marketo.net *.mktoresp.com *.mktoutil.com *.google-analytics.com *.h
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (8)

Linked from (1)

nhtrustcouncil.com×1