indexo.dev

alua.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-08 · ok HTTP/1.1 200 2595 ms crawled 2026-05-08

US · 172.67.72.158 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Alua | Connecting Fans & Creators
Description
Alua connects creators and fans through our unique social platform. The #1 OnlyFans alternative to monetize your content and develop real connections with your fans!
Language
en-US
Canonical
https://alua.com

Open Graph

url
https://alua.com
title
Alua | Connecting Fans & Creators
site name
Alua
description
Alua connects creators and fans through our unique social platform. The #1 OnlyFans alternative to monetize your content and develop real connections with your fans!

Technology

CDN
Cloudflare

Third-party hosts loaded (2)

  • cdn.jsdelivr.net×2
  • www.google.com×1

Social

Contact

Email

Registration

Registrar
DNC Holdings, Inc.
Created
2006-07-14
Expires
2028-07-14 785 days left
Updated
2020-04-06
Name servers
  • guss.ns.cloudflare.com
  • jamie.ns.cloudflare.com

DNS records live

NS
  • guss.ns.cloudflare.com
  • jamie.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • cryptomus=c5e65072
  • hibp-verify=dweb_94slewz614do7iz9aoa1jq69
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:_spf.google.com a ip4:104.130.13.83 ip4:104.130.169.153 ip4:104.239.230.57 -all
strict (-all)
DMARC
v=DMARC1; p=reject; pct=100; rua=mailto:ipm2wf7@ar.glockapps.com,mailto:v0wvxlnt@ag.dmarcian.com; ruf=mailto:ipm2wf7@fr.glockapps.com; adkim=r; aspf=r; fo=1;
policy: reject (enforced)
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviTyC02A4kFzJ5V28l845l4s4eTp8MYO1s5xkru7QoHFnGoYXJH5kcLyYwR9Ek5Go96KVAFDWxGqES…
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2WJeRG8o0G0tPhaq3yudUGUYX39zpSbioeMNCdDc9ylgdaRYdAj8dMwqbp3bLsNPS4IsnYBTU+EQE…
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/Tz0vvYearlXTgxqCqqkqHD4ws7EXEGExUMyR8a6wrSRIHxDPOA3KfGAqtkNbz5DjK5L57EGYdCqo…
selectors probed

Certificate (current)

WE1
from 2026-04-19 to 2026-07-18
Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://alua.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src *.alua.com *.alua.dev *.cloudflarestream.com *.videodelivery.net; img-src 'self' data: *.alua.com alua.com *.alua.dev *.unsplash.com *.cloudinary.com app.statuscake.com *.google-analytics.com *.facebook.com www.googletagmanager.com t.co analytics.twitter.com fonts.gstatic.com analytics.ahrefs.com *.googleusercontent.com *.giphy.com; script-src 'unsafe-eval' 'self' static.ads-twitter.com *.posthog.com *.facebook.net *.google-analytics.com *.cloudflare.com *.alua.com *.google.com *.gstatic.com *.ahrefs.com *.googletagmanager.com cdn.rollbar.com cdn.jsdelivr.net cdn.rawgit.com 'unsafe-inline'; style-src 'self' 'unsafe-inline' www.googletagmanager.com *.googleapis.com cdn.rawgit.com data: cdn.jsdelivr.net cdnjs.cloudflare.com; font-src 'self' 'unsafe-inline' data: *.gstatic.com *.ahrefs.com cdn.jsdelivr.net; base-uri 'self'; form-action 'self' *.alua.com alua.com *.facebook.com; connect-src 'self' *.posthog.com *.google-analytics.com *.ahrefs.com *.google.com *.doubleclick.net
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (3)

Linked from (1)