mtlfab.com

.com crawl dns

First seen 2026-04-21 · Last seen 2026-05-18 · ok HTTP/1.1 200 3391 ms crawled 2026-05-15

US · 69.71.114.71 · AS26209 Network Tool and Die Company, Inc.

Reputation 100/100

sector manufacturing type homepage

HTML metadata

Title: Metal-Fab Residential Commercial Venting Products
Description: Discover Metal-Fab's comprehensive range of industrial venting and exhaust solutions, including chimneys, gas vents, and kitchen exhausts. Trusted for quality a
Language: en
Canonical: https://www.mtlfab.com

Technology

Server: Apache

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

1997-03-13

Expires

2030-03-14 1395 days left

Updated

2026-02-01

Name servers

auth-dns2.ntad.net
auth-dns3.ntad.net
ns1.mtlfab.com
ns2.mtlfab.com

DNS records live

NS

auth-dns2.ntad.net
auth-dns3.ntad.net
ns1.mtlfab.com
ns2.mtlfab.com

MX

10 us-smtp-inbound-1.mimecast.com
10 us-smtp-inbound-2.mimecast.com

TXT

google-site-verification=60yEvbP8RywXwB4a2POd6A59RqlImu4pwFzgGTz5yVc
google-site-verification=2lW5LYTjUos9xF877sU1Ciyvf5LRXZ8W3AXh4a4mRl8
MS=697211150B99DC7142B133F67110135D2DAF3648

Email authentication strong

SPF

v=spf1 ?include:spf.constantcontact.com include:spf.mtlfab.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; sp=reject; pct=100; aspf=r; adkim=r; rua=mailto:dmarcreporting@mtlfab.com; fo=1;

policy: reject (enforced) · sp=reject

DKIM

mail: v=DKIM1; k=rsa; s=email; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Nku4MPaJUVrzzlVIhZwptZrf4TZpoTvhdFMUfL9KSjC2oCp3E8BC0yLply53BclU1aqi…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2026-02-06 to 2027-02-09

Expires in 266 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.mtlfab.com/

present

strict-transport-security
content-security-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: upgrade-insecure-requests; default-src 'self'; base-uri 'self'; ; object-src 'none'; frame-ancestors 'self'; connect-src 'self' https://analytics.google.com/ *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; form-action 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'self' *.youtube.com https://www.google.com/; worker-src 'self'; style-src 'self' 'nonce-cb270b5b289e1f5bcc110252012125929aa4a429c7dabe6af3596789f1ee4340b8a7eebdbbed8f6b907c8cee1a8c778d1aaede316d36e2c38d885a23eb600b23' https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' https://rep.mtlfab.com/media/Metal_Fab_Product_Photos/ https://rep.mtlfab.com/quote/images/ https://www.google-analytics.com/ https://stats.g.doubleclick.net/r/ https://*.gstatic.com https://www.google.com/ https://clients1.google.com/generate_204 https://www.googleapis.com/ https://www.googletagmanager.com *.google-analytics.com *.googletagmanager.com; media-src 'self'; script-src 'sel
strict-transport-security: max-age=15768000; includeSubdomains;