fsp.org

.org crawl

First seen 2026-04-14 · Last seen 2026-05-09 · ok HTTP/1.1 200 7472 ms crawled 2026-05-08

US · 64.65.47.101 · AS401178 Unepic Networks

Reputation 100/100

sector nonprofit type homepage

HTML metadata

Title

Free State Project – Liberty Lives in New Hampshire

Language

en-US

Generator

WordPress 6.8.5

Canonical

https://www.fsp.org/

Feeds

Technology

Server: nginx
CMS: WordPress

Fonts

Google Fonts

Social widgets

YouTube Embed

Third-party hosts loaded (4)

cdn.keela.co×2
fonts.googleapis.com×1
widgets.givebutter.com×1
www.youtube.com×1

Social

Contact

Phone

Registration

Registrar

NameCheap, Inc.

Created

1997-03-27

Expires

2030-03-28 1409 days left

Updated

2025-03-02

Name servers

dns1.registrar-servers.com
dns2.registrar-servers.com

DNS records live

NS

dns1.registrar-servers.com
dns2.registrar-servers.com

MX

1 smtp.google.com

TXT

facebook-domain-verification=0gmubq1w6llguwjr08vot9dt0tul61

Email authentication strong

SPF

v=spf1 include:_spf.google.com ip4:64.65.47.101 ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:postmaster@fsp.org; ruf=mailto:postmaster@fsp.org; pct=100; adkim=r; aspf=r;

policy: reject (enforced)

DKIM

Show 4 DKIM selectors

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggUYkwaaCaDyx/XG2Axk2OQB6BOqGRMJxe/Imp1Afwkxv+l+iE7LL4fvlagFUvLKwxFDjOR4tj+Bt5…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq97kwEweQdjh848wud2CCvWFfDdPwrc0E09NdkLzcD8dQt/+4TJ2FoZQO5P71HoSkoHekTUgq63ybguB+…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+AUaPGxDsIZRVY4JUun95298WS4HiPpXd7z7tTimBbw5O8wCP5MIgbfBo3m2hKfMITt61pl3h5O7MJ1aZls8Pfc…
smtpapi: v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprz…

selectors probed

Certificate (current)

R12

from 2026-04-04 to 2026-07-03

Expires in 45 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.fsp.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
permissions-policy

findings

CSP allows unsafe inline scripts/styles
missing Referrer Policy

Header values

x-frame-options: SAMEORIGIN
permissions-policy: fullscreen=(), geolocation=(), payment=(), accelerometer=(), battery=(), magnetometer=(), usb=(), interest-cohort=()
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; default-src https: data: blob: ; object-src https: data: 'unsafe-inline'; style-src https: data: 'unsafe-inline' ; script-src https: data: 'unsafe-inline' 'unsafe-eval'; worker-src 'self' blob:;
strict-transport-security: max-age=63072000; includeSubDomains; preload