alufit.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-01 · ok HTTP/1.1 200 389 ms crawled 2026-05-06

FI · 37.27.44.193 · AS24940 Hetzner Online GmbH

Reputation 97/100 dmarc monitor-only

sector tech type homepage

HTML metadata

Title

Alufit

Language

en-US

Generator

WordPress 6.9.4

Canonical

https://alufit.com/

Feeds

Technology

Server: nginx
CMS: WordPress

Fonts

Google Fonts

Third-party hosts loaded (1)

fonts.googleapis.com×2

Contact

Email

info@alufit.com

Phone

+91-80-67361800

Registration

Registrar

Name.com, Inc.

Created

2003-09-15

Expires

2028-09-15 849 days left

Updated

2025-10-17

Name servers

ajay.ns.cloudflare.com
lorna.ns.cloudflare.com

DNS records live

NS

ajay.ns.cloudflare.com
lorna.ns.cloudflare.com

MX

10 cluster2.netcore.co.in
40 cluster3.netcore.co.in
5 cluster6.netcore.co.in
60 cluster8.netcore.co.in

TXT

MS=61E6C03BEB33DA025763A0FEB2525DBE4C7BA349

Email authentication strong

SPF

v=spf1 include:spfcorp.netcore.co.in ~all

softfail (~all)

DMARC

v=DMARC1; p=none; pct=100; rua=mailto:dmarc_alerts@alufit.com; ruf=mailto:dmarc_alerts@alufit.com

policy: none (monitoring only)

DKIM

default: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCp7DwgX7OkpM0kEgHlzKMAiI9irjJxpqGY1muKJ9pnAfYgEHnmUxLV85hWB/uoSwgMO5B75Wr81Y7/8yfRWJ…

selectors probed

Certificate (current)

R13

from 2026-04-13 to 2026-07-12

Expires in 53 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://alufit.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: data: blob:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https:; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin

Links to (2)

atwpl.com×2
schueco.com×2

Linked from (1)

schueco.com×2