indexo.dev

sim.ai

.ai crawl

First seen 2026-06-03 · Last seen 2026-06-03 · ok HTTP/1.1 200 1263 ms crawled 2026-06-03

US · 18.210.63.151 · AS14618 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Sim — The AI Workspace | Build, Deploy & Manage AI Agents
Description
Sim is the open-source AI workspace where teams build, deploy, and manage AI agents. Connect 1,000+ integrations and every major LLM to create agents that automate real work — visually, conversationally, or with code.
Language
en
Generator
Next.js
Canonical
https://www.sim.ai
Translations
  • en

Open Graph

url
https://www.sim.ai
title
Sim — The AI Workspace | Build, Deploy & Manage AI Agents
locale
en_US
site name
Sim
description
Sim is the open-source AI workspace where teams build, deploy, and manage AI agents. Connect 1,000+ integrations and every major LLM to create agents that automate real work — visually, conversationally, or with code.

Technology

CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×2

Social

DNS records live

NS
  • ns1.vercel-dns.com
  • ns2.vercel-dns.com
MX
  • 1 smtp.google.com
TXT
  • tiktok-developers-site-verification=FfVXxtnFRo2mNqVQHEwTvilCpJzSIpmk
  • zoom-domain-verification=ZOOM_verify_58463bfbbb344038b92af1bed056c74c
Verified for
  • Google
  • Microsoft
  • Microsoft 365

Email authentication weak

SPF
not published
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M04
from 2025-10-01 to 2026-10-31
Expires in 147 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.sim.ai/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://*.google.com https://apis.google.com https://challenges.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://analytics.ahrefs.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: blob: https:; media-src 'self' blob:; worker-src 'self' blob:; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://api.browser-use.com https://api.elevenlabs.io wss://api.elevenlabs.io https://api.exa.ai https://api.firecrawl.dev https://*.googleapis.com https://*.amazonaws.com https://*.s3.amazonaws.com https://*.blob.core.windows.net https://*.atlassian.com https://*.supabase.co https://api.github.com https://github.com/* https://challenges.cloudflare.com https://www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://www.google.com https://analytics.ahrefs.com https://*.g.doubleclick.net htt
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
credentialless

Links to (4)

Linked from (1)