eternalai.org

.org crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 994 ms crawled 2026-05-18

US · 104.26.8.198 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: Eternal AI - AI Girlfriend App for Real, Intimate Relationships
Description: The best AI girlfriend app built for real, intimate relationships. Match with AI girlfriends that feel more personal, comforting, and real.
Language: en
Canonical: https://eternalai.org/

Open Graph

url: https://eternalai.org/
title: Eternal AI - AI Girlfriend App for Real, Intimate Relationships
site name: Eternal AI
description: The best AI girlfriend app built for real, intimate relationships. Match with AI girlfriends that feel more personal, comforting, and real.

Technology

CDN: Cloudflare
CMS: Next.js

Ads

Meta Pixel

Third-party hosts loaded (1)

connect.facebook.net×1

Registration

Registrar

GoDaddy.com, LLC

Created

2024-01-11

Expires

2027-01-11 235 days left

Updated

2026-02-25

Name servers

blakely.ns.cloudflare.com
norm.ns.cloudflare.com

DNS records live

NS

blakely.ns.cloudflare.com
norm.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

mailerlite-domain-verification=2b2ed831cd6dea611907c6a994909b7d3369e99d

Verified for

Brevo
Google

Email authentication partial

SPF

v=spf1 include:spf.ipzmarketing.com include:_spf.google.com include:mxsspf.sendpulse.com include:sendgrid.net include:mailgun.org include:_spf.mlsend.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; pct=100; fo=1; ri=3600; rua=mailto:dbcb0fbb@dmarc.mailgun.org,mailto:33547427@inbox.ondmarc.com; ruf=mailto:dbcb0fbb@dmarc.mailgun.org,mailto:33547427@inbox.ondmarc.com,mailto:rua@dmarc.brevo.com;

policy: none (monitoring only)

DKIM

Show 4 DKIM selectors

k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuvNAMGcN+BZ0qkxD0W2TK7S8AO7LpGjLObfWUIdZIyJjkoMuZfR3AEMPqgIhsjH03HA54EaLHXAN9rryoNzqI/JZjPQy…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13kOOq7h861x67JLzKfbbxwJG9sWR4BECpbN/MiUW9UqJRCzVsQZ8El3KGlcdkOLHZCPDUHQIslt4YwA0f…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYwI3eIR9ZLlA0lsI1j69j250GYzx4uYWWCIO3CBg5OVso+j5J8EjSOsSmkX0IBhp/GnzT2w1miWcQd2dj…

selectors probed

Certificate (current)

WE1

from 2026-03-30 to 2026-06-28

Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://eternalai.org/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: default-src 'self'; connect-src 'self' http: https: ws: wss: blob: data: https://hooks.stripe.com https://*.trycloudflare.com wss://*.trycloudflare.com https://*.preview-apps.eternalai.org https://*.apps.eternalai.org; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://auth.privy.io https://www.googletagmanager.com https://www.google-analytics.com https://connect.facebook.net https://radio-cdn.eternalai.org https://js.stripe.com https://js.stripe.com/clover/stripe.js https://*.firebaseio.com https://*.firebasedatabase.app https://*.googleapis.com https://www.gstatic.com https://*.apps.eternalai.org https://*.preview-apps.eternalai.org https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://cdn.jsdelivr.net https://challenges.cloudflare.com; script-src-elem 'self' 'unsafe-inline' https://auth.privy.io https://www.googletagmanager.com https://www.google-analytics.com https://connect.facebook.net https://js.stripe.com https://js.stripe.com/clover/stripe.js https: