indexo.dev

poweredbyai.app

.app crawl

First seen 2026-04-13 · Last seen 2026-05-06 · ok HTTP/1.1 200 510 ms crawled 2026-05-06

US · 104.21.49.157 · AS13335 Cloudflare, Inc.

Reputation 97/100 dmarc monitor-only

Classifying

HTML metadata

Title
AI Tools Directory & List of Best Free AI Tools - PoweredbyAI
Description
Explore the AI Tools Directory & List of Best Free AI Tools at PoweredByAI.app. Access PoweredbyAi, an AI tools directory featuring the largest list of AI available on the Internet.
Language
en
Canonical
https://poweredbyai.app/

Open Graph

title
PoweredbyAI: List of Best Free AI Tools 2026
site name
poweredbyai.app
description
Discover how Powered by AI provides list of best free AI tools 2026 and solutions to help businesses optimize operations, enhance efficiency, and drive growth. Unlock the potential of artificial intelligence today.

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Google Tag Manager
Third-party hosts loaded (7)
  • 011bqassets.s3.us-east-1.amazonaws.com×2
  • www.googletagmanager.com×2
  • challenges.cloudflare.com×1
  • gstacks.org×1
  • www.meridianrealmsai.com×1
  • www.seedance4.video×1
  • www.whisk-ai.co×1

Social

Contact

Email

DNS records live

NS
  • dale.ns.cloudflare.com
  • vivienne.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • firebase=projectai-prod
  • google-site-verification=7vmgPTAlCf-zvdTRyOSwaZdihhr746rJu3Vl_UvSexg

Email authentication strong

SPF
v=spf1 include:dc-aa8e722993._spfm.poweredbyai.app include:_spf.firebasemail.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • google: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ObSlXl2+84ogngNQHb2bvR7R4yGC7aJScvV7tcZp6Nq3NH6J7tzz4IA2+yrAMNS9lOwTldaQyWJ/uqi…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5HcQjCJ53+aodyli3lcRYTNQsBM04DTTJN8ULup67HbCpx2+IEQXkTq08OrXU8GMsH+NL7CvRySDv0lcC…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvs09BAnyiQE5W7ExdZ5wKU9A5WaJmvc7FWXpbWpXUNK1KY9zmvMPv5Swzc2sYBqAPODoLB7zuiQBNy//8I…
selectors probed

Certificate (current)

WE1
from 2026-04-05 to 2026-07-04
Expires in 47 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://poweredbyai.app/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), microphone=(), geolocation=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.clarity.ms https://scripts.clarity.ms https://*.clarity.ms https://umami.poweredbyai.app https://use.typekit.net https://static.cloudflareinsights.com https://challenges.cloudflare.com; script-src-elem 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.clarity.ms https://scripts.clarity.ms https://*.clarity.ms https://umami.poweredbyai.app https://use.typekit.net https://static.cloudflareinsights.com https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://fonts.googleapis.com; font-src 'self' data: https://use.typekit.net https://fonts.gstatic.com https://p.typekit.net; img-src 'self' data: blob: https:; frame-src https://www.googletagmanager.com https://play.gumlet.io https://www.youtube.com https://www.youtube-nocookie.com https://challenges.cloudflare.com; frame-ancestors 'self'; connect-src 'self' https: wss:;
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (16)

Linked from (1)