indexo.dev

goodleap.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-17 · ok HTTP/1.1 200 3101 ms crawled 2026-05-16

US · 76.76.21.21 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Home | GoodLeap
Description
GoodLeap is a tech company delivering best-in-class financing and software products for sustainable solutions.
Language
en

Open Graph

url
https://www.goodleap.com
title
Home
locale
en_US
site name
GoodLeap
description
GoodLeap is a tech company delivering best-in-class financing and software products for sustainable solutions.

Technology

CDN
Vercel
CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • www.googletagmanager.com×2
  • goodleap.my.site.com×1

Registration

Registrar
GoDaddy.com, LLC
Created
2014-11-27
Expires
2026-11-27 192 days left
Updated
2025-11-28
Name servers
  • ns-1196.awsdns-21.org
  • ns-137.awsdns-17.com
  • ns-1710.awsdns-21.co.uk
  • ns-932.awsdns-52.net

DNS records live

NS
  • ns-1196.awsdns-21.org
  • ns-137.awsdns-17.com
  • ns-1710.awsdns-21.co.uk
  • ns-932.awsdns-52.net
MX
  • 5 us-smtp-inbound-1.mimecast.com
  • 5 us-smtp-inbound-2.mimecast.com
TXT
Show 28 TXT records
  • knowbe4-site-verification=cd2a0b10d734b8874e4a7a678c9b31c6
  • amazonses:sZTDJGsyh6YMpt2JjH6obH7hBJNw+NrndVpTDgMqn5A=
  • wiz-domain-verification=aecc2fbaaaefff5f9e631014786d7883b3f650f9d062c78e047b87c6d1020cc0
  • anthropic-domain-verification-a301nq=hfgALC1DKHvFkdDmpOGA9Azrc
  • mongodb-site-verification=5UktObKLTiD919ExyISjgDiGVBEq1wDV
  • uber-domain-verification=e2e95406-642e-44c5-bde0-a54d35dbcaa2
  • atlassian-domain-verification=rr5gTyA/EFj5XL92S03f76su0t6HwLF5TCMYv1aOkx9px1K0skam1vIHfdVxfwAf
  • google-site-verification=l0kdbTOQxbQBmWa0JTmIxQrYm_PCJXIYU2eqtzd1vuQ
  • have-i-been-pwned-verification=9620310ad37403262d60e7abd2f13d30
  • asv=2316a1ca5094f078623f664bf400c908
  • zapier-domain-verification-challenge=ab835f58-150e-47b1-86ff-b12015b1462b
  • google-site-verification=UuX75IznsRUph4PE5jv4S4HZQsr3witg-l-X1oy3_4Q
  • pendo-domain-verification=ef42f7b7-e07d-43b9-8e99-a272cf75977e
  • openai-domain-verification=dv-8DIYC90HArJtptqH5TPwayK3
  • pv79ja4ovo3elhed0bbsl5e7td
  • docusign=fed4f53b-33ae-4e08-8e27-ec3245d24d9a
  • stripe-verification=7DDFC96C969FC600A03A2253532BA4D8EDC5A11D8780788BA6AEC42648D3CB5B
  • docusign=e12b027e-e9bf-4a71-8c1c-5ee78ae36cea
  • apple-domain-verification=53fsR1CgChbDi2wg
  • cursor-domain-verification-w0yax7=PdshqDXrKvVJp4opVZyJIADmW
  • docusign=3726d244-4865-4b1e-b673-e4ded1851f32
  • ZOOM_verify__8GH4bzUSEuh2Ks6Lc2I3Q
  • uber-domain-verification=9d770521-ba12-4e12-ad5d-c460c5e352f4
  • stripe-verification=FCCE868098512092E08E5B31FD0578242F80C38508B982AA3FEDAA67B313427F
  • MS=ms34358321
  • google-site-verification=kIgmaU8YCSJwqlZmO6wZOFP8e5PA46-jlGulBSkCA30
  • 0ea0ab46638160cadd599f0e22d8440c
  • postman-domain-verification=3e04c06bc305ae1deec348d931ad2605956275ce81bc6acf345f9b6bc3220c109d27247fed5cb2834c0224f5f23ad32d780c114b5a0d1f9341d58657a6fedfc9

Email authentication partial

SPF
v=spf1 include:us._netblocks.mimecast.com include:cust-spf.exacttarget.com include:spf.protection.outlook.com include:us-west-2.amazonses.com include:spf.exclaimer.net include:_spf.optimalblue.com include:_spf.salesforce.com include:spf.myvolly.net ip4:155.46.186.16 ip4:155.46.187.25 -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:jo8azvin@ag.us.dmarcian.com;
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLtxaInV7l5P7WI8LN+GHocdP08BC+YpKNcO92oCJt6AHIaWAIzae18yBP66JMMJU3YPHrjuaa/bQc…
selectors probed

Certificate (current)

R13
from 2026-05-11 to 2026-08-09
Expires in 82 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.goodleap.com/

present
  • strict-transport-security
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • missing Content Security Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), bluetooth=(), browsing-topics=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), speaker-selection=(), sync-xhr=(), usb=(), xr-spatial-tracking=()
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin

Linked from (5)