indexo.dev

neat.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-07 · ok HTTP/1.1 200 1480 ms crawled 2026-05-07

US · 3.174.113.20 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Neat
Language
en

Open Graph

locale
en_US
site name
The Neat Company

Technology

Server
nginx
CMS
Next.js
Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • fonts.gstatic.com×2
  • fonts.googleapis.com×1
  • js.recurly.com×1
  • seal-dc-easternpa.bbb.org×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
1995-03-14
Expires
2029-03-15 1030 days left
Updated
2025-03-15
Name servers
  • ns-1377.awsdns-44.org
  • ns-1671.awsdns-16.co.uk
  • ns-483.awsdns-60.com
  • ns-526.awsdns-01.net

DNS records live

NS
  • ns-1377.awsdns-44.org
  • ns-1671.awsdns-16.co.uk
  • ns-483.awsdns-60.com
  • ns-526.awsdns-01.net
MX
  • 1 smtp.google.com
TXT
Show 9 TXT records
  • v=spf2.0/pra include:_spf.google.com ~all
  • yahoo-verification-key=+csjyvfMcXG2tEGXif3yTWqYTc7Gh9rxj6I/R7Qiwjw=
  • yahoo-verification-key=2IoF034O/iQVeyTgANh5eZbQcvs2l1Hm4TF8I04rSr8=
  • 00D36000000jZSd=1TBPd00000001c1
  • 926783972-7889659
  • MS=62BC3E3B2B74598B1DF20BE3E97F24556D5455A5
  • OwnershipVerificationkeSWTfAYghbw3zr
  • facebook-domain-verification=v8uoxvlo67g0zbm0jngovjfh1wcphg
  • google-site-verification=fnpnjAtyYdAuGMndXiwkEXnuvUwwJFIQ8vYO4iZwwG0

Email authentication partial

SPF
v=spf1 include:cust-spf.exacttarget.com include:_spf.google.com include:us._netblocks.mimecast.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; pct=100; rua=mailto:re+vnyb4bwoyrc@dmarc.postmarkapp.com,mailto:aschaps+dmarcreports@neat.com; ruf=mailto:aschaps+dmarcforensics@neat.com; sp=none; aspf=r;
policy: none (monitoring only) · sp=none
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3x6JsljE30VtACIfLf8A7HFvQaRJk/coH1C7KN54pHKa6N+ncDpWn4u3/tEH7SfcFj8DRJVEW0SODjZJKO1…
selectors probed

Certificate (current)

Amazon RSA 2048 M01
from 2026-02-20 to 2026-09-06
Expires in 109 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.neat.com/

present
  • strict-transport-security
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • missing Content Security Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
permissions-policy
attribution-reporting=(), bluetooth=(), browsing-topics=(), camera=(), compute-pressure=(), cross-origin-isolated=(), deferred-fetch=(), deferred-fetch-minimal=(), display-capture=(), hid=(), idle-detection=(), local-fonts=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-create=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), storage-access=(), usb=(), window-management=(), xr-spatial-tracking=(), accelerometer=(self "https://www.youtube.com" "https://www.youtube-nocookie.com"), autoplay=(self "https://www.youtube.com" "https://www.youtube-nocookie.com" "https://js.driftt.com"), encrypted-media=(self "https://www.youtube.com" "https://www.youtube-nocookie.com" "https://js.driftt.com"), geolocation=(self "https://c.paypal.com" "https://c.sandbox.paypal.com"), gyroscope=(self "https://www.youtube.com" "https://www.youtube-nocookie.com"), identity-credentials-get=(self "https://accounts.google.com"), picture-in-picture=(self "https://www.y
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy-report-only
default-src 'self'; script-src 'self' 'nonce-f8bdee2e-457c-4ca5-8a0a-5de0e9ddf8fa' 'strict-dynamic' https: http:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://accounts.google.com https://googletagmanager.com https://tagmanager.google.com https://www.googletagmanager.com https://www.gstatic.com; font-src 'self' https://fonts.gstatic.com data: https://fonts.googleapis.com; frame-src 'self' 'nonce-f8bdee2e-457c-4ca5-8a0a-5de0e9ddf8fa' https://js.driftt.com https://www.google.com https://www.googletagmanager.com https://c.sandbox.paypal.com https://c.paypal.com https://accounts.google.com https://td.doubleclick.net https://api.recurly.com https://www.youtube.com https://www.youtube-nocookie.com https://www.facebook.com; connect-src 'self' 'nonce-f8bdee2e-457c-4ca5-8a0a-5de0e9ddf8fa' https://*.analytics.google.com https://bat.bing.com https://api.rollbar.com https://*.ads.linkedin.com https://api.recurly.com https://*.google-analytics.com http://rum-collector-2.ping

Links to (6)

Linked from (1)