indexo.dev

fitcommit.ai

.ai crawl

First seen 2026-04-12 · Last seen 2026-04-12 · ok HTTP/1.1 200 2864 ms crawled 2026-05-20

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
FitCommit: AI Fat Loss App. Body Scan, Macros and After Photo
Description
AI body scan from your phone camera. Personalized TDEE plan, After Photo preview, and camera food tracking. One connected system. Free 1-month trial.
Language
en
Canonical
https://fitcommit.ai
Feeds

Open Graph

url
https://fitcommit.ai
title
FitCommit - The Complete Fat Loss System
locale
en_US
site name
FitCommit
description
AI body scan, TDEE plan, After Photo, and food scan. One connected system where every feature feeds the next. Free 1-month trial, then $3.99/mo.

Technology

CDN
Vercel
CMS
Next.js

Third-party hosts loaded (1)

  • toolbox.marketingtools.apple.com×7

Social

Contact

Email

Registration

Registrar
NameCheap, Inc.
Created
2024-12-18
Expires
2026-12-18 211 days left
Updated
2025-04-10
Name servers
  • dns1.registrar-servers.com
  • dns2.registrar-servers.com

DNS records live

NS
  • dns1.registrar-servers.com
  • dns2.registrar-servers.com
MX
  • 1 smtp.google.com
TXT
  • 663003
  • tiktok-developers-site-verification=ROWL7bhfklloC0ylQEuIGWU2eC6Ycrca
  • tiktok-developers-site-verification=ZpvCT8ZWbYjoGoF73MBczngV3lg0QqLY
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:sendgrid.net include:342731994.spf02.hubspotemail.net -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC6SJ40y4jfXXJmET+a7LKGIUbF28Y69ELXRDssGwppEEs2FcnPeU2cTFnTf+lhfrEXeKd6aAzSKlgigdi…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhInjStHltZKbno0UKgR+pkCzsbPEZ7KGh2sVytpIav5SCkk1Inv43eW4I+f6LmM722SGHcy+txWDdDIzF…
selectors probed

Certificate (current)

R13
from 2026-04-22 to 2026-07-21
Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://fitcommit.ai/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
camera=(), microphone=(), geolocation=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://www.clarity.ms https://scripts.clarity.ms https://us.i.posthog.com https://us-assets.i.posthog.com https://vercel.live; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https: blob:; connect-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://analytics.google.com https://region1.google-analytics.com https://www.google.com https://www.clarity.ms https://*.clarity.ms https://us.i.posthog.com https://us-assets.i.posthog.com; frame-src https://forms.clickup.com; object-src 'none'; base-uri 'self'; form-action 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (7)

Linked from (2)