indexo.dev

scifig.ai

.ai crawl

First seen 2026-05-06 · Last seen 2026-05-09 · ok HTTP/1.1 200 316 ms crawled 2026-05-13

US · 216.198.79.1 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
SciFig — Free AI Scientific Figure Generator for Researchers
Description
AI scientific figure generator for researchers. Turn text, sketches, references, PDFs or photos into publication-ready figures with editable labels and layouts.
Language
en
Canonical
https://scifig.ai
Translations
  • de
  • en
  • es
  • fr
  • it
  • ja
  • ko
  • zh

Open Graph

url
https://scifig.ai
title
SciFig — Free AI Scientific Figure Generator for Researchers
locale
en_US
site name
SciFig
description
AI scientific figure generator for researchers. Turn text, sketches, references, PDFs or photos into publication-ready figures with editable labels and layouts.

Technology

CDN
Vercel
CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • pub-f03f64b750d44584a437634ac4123f36.r2.dev×13
  • cdn.toolify.ai×2
  • media.theresanaiforthat.com×2
  • www.googletagmanager.com×1

Registration

Registrar
Spaceship, Inc.
Created
2026-04-08
Expires
2028-04-08 690 days left
Updated
2026-04-13
Name servers
  • launch1.spaceship.net
  • launch2.spaceship.net

DNS records live

NS
  • launch1.spaceship.net
  • launch2.spaceship.net
MX
  • 0 mx1.efwd.spaceship.net
  • 0 mx2.efwd.spaceship.net
TXT
  • stripe-verification=84a39dc72a46ea343b33b937861d084aa5603fac893221fb9a1c886a9627bd6f
  • google-site-verification=Q66QtKPmzFZ6cN4Gbw3o270W6q1jfsxsxI5BTe_vzyQ

Email authentication partial

SPF
v=spf1 include:spf.efwd.spaceship.net ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:hello@scifig.ai
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-04-22 to 2026-07-21
Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://scifig.ai/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), microphone=(), geolocation=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.affonso.io https://cdn.jsdelivr.net https://js.stripe.com https://www.googletagmanager.com https://www.clarity.ms https://platform.twitter.com https://*.clarity.ms https://accounts.google.com/gsi/client https://accounts.google.com/gsi/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://accounts.google.com/gsi/style; font-src 'self' data: https://fonts.gstatic.com; img-src 'self' data: blob: https: https://pub-f03f64b750d44584a437634ac4123f36.r2.dev https://kie.ai https://api.kie.ai https://cdn.kie.ai https://file.aiquickdraw.com https://tempfile.aiquickdraw.com https://replicate.delivery https://pbxt.replicate.delivery; media-src 'self' blob: https://pub-f03f64b750d44584a437634ac4123f36.r2.dev https://kie.ai https://api.kie.ai https://cdn.kie.ai https://file.aiquickdraw.com https://tempfile.aiquickdraw.com https://replicate.delivery https://pbxt.replicate.delivery; frame-src 'self' https://js.stripe.c
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (2)

Linked from (3)