snapitforms.com

.com crawl

First seen 2026-04-27 · Last seen 2026-05-17 · ok HTTP/1.1 200 553 ms crawled 2026-05-04

US · 108.156.22.60 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: SnapItForms — The Simplest Form Backend on the Internet
Description: SnapItForms handles form submissions, email notifications, and analytics. No backend required. Free tier with 500 submissions/month.
Language: en
Canonical: https://snapitforms.com

Open Graph

url: https://snapitforms.com
title: SnapItForms — The Simplest Form Backend on the Internet
site name: SnapItForms
description: Free form submission handling for HTML forms. 500 free submissions/month. No backend coding required. Setup in 2 minutes.

Technology

CDN: Amazon CloudFront
Server: AmazonS3

Fonts

Google Fonts

Third-party hosts loaded (5)

accounts.google.com×2
fonts.googleapis.com×2
fonts.gstatic.com×1
snapitanalytics.com×1
sphinxagent.ai×1

Registration

Registrar

IONOS SE

Created

2025-02-20

Expires

2027-02-20 276 days left

Updated

2026-02-20

Name servers

ns-1259.awsdns-29.org
ns-138.awsdns-17.com
ns-1982.awsdns-55.co.uk
ns-630.awsdns-14.net

DNS records live

NS

ns-1259.awsdns-29.org
ns-138.awsdns-17.com
ns-1982.awsdns-55.co.uk
ns-630.awsdns-14.net

MX

10 inbound-smtp.us-east-1.amazonaws.com

TXT

v=spf1 include:amazonses.com ~all

Certificate (current)

Amazon RSA 2048 M02

from 2025-05-22 to 2026-06-21

Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://snapitforms.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), microphone=(), geolocation=(), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' blob: https://snapitanalytics.com https://accounts.google.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://js.stripe.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://unpkg.com https://cdn.tailwindcss.com https://api.web3forms.com https://www.googletagmanager.com https://sphinxagent.ai; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://accounts.google.com https://cdnjs.cloudflare.com https://fonts.gstatic.com https://unpkg.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com data:; img-src 'self' data: blob: https:; connect-src 'self' https: wss:; frame-src 'self' https://accounts.google.com https://js.stripe.com https://*.google.com; object-src 'none'; base-uri 'self'
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy: unsafe-none