indexo.dev

nanophoto.ai

.ai crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 11611 ms crawled 2026-05-19

US · 104.21.16.128 · AS13335 Cloudflare, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
GitHub
Description
NanoPhoto.AI is a professional AI video and photo editor platform offering AI video editing (Sora 2 Pro, Sora Storyboard) and AI photo editing (Nano Banana)
Language
en
Canonical
https://nanophoto.ai
Translations
  • zh ×2
  • ar
  • de
  • es
  • fr
  • ja
  • ko
  • pt
  • ru

Open Graph

url
https://nanophoto.ai
title
NanoPhoto.AI - AI makes video and photo editing simple
locale
en
site name
NanoPhoto.AI
description
NanoPhoto.AI is a professional AI video and photo editor platform offering AI video editing (Sora 2 Pro, Sora Storyboard) and AI photo editing (Nano Banana)

Technology

CDN
Cloudflare
CMS
Next.js

Social

Registration

Registrar
Cloudflare, Inc
Created
2025-09-11
Expires
2029-09-11 1209 days left
Updated
2026-03-20
Name servers
  • brenda.ns.cloudflare.com
  • braden.ns.cloudflare.com

DNS records live

NS
  • braden.ns.cloudflare.com
  • brenda.ns.cloudflare.com
MX
  • 0 smtp.secureserver.net
  • 10 mailstore1.secureserver.net
TXT
  • D7986781
Verified for
  • Google

Email authentication strong

SPF
v=spf1 include:secureserver.net -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarc_rua@onsecureserver.net;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-05-06 to 2026-08-04
Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://nanophoto.ai/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://challenges.cloudflare.com https://openpanel.dev https://datafa.st https://*.cloudflareinsights.com https://d-code.liadm.com https://*.privacymanager.io https://www.googletagmanager.com https://accounts.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.clarity.ms https://*.clarity.ms https://client.crisp.chat https://*.crisp.chat https://affonso.io https://cdn.affonso.io https://cdn.jsdelivr.net; worker-src 'self' blob:; frame-src 'self' https://challenges.cloudflare.com https://accounts.google.com https://www.googletagmanager.com https://td.doubleclick.net https://*.crisp.chat https://www.youtube.com https://www.youtube-nocookie.com; connect-src 'self' https://nanophoto.ai https://fast.nanophoto.ai https://static.nanophoto.ai https://challenges.cloudflare.com https://openpanel.dev https://datafa.st https://*.cloudflareinsights.com https://d-code.liadm.com https://*.priv

Links to (4)

Linked from (2)