Our pipeline scans 102 million domains daily, classifying AI tools into 18 categories with 180+ subcategories. Here is exactly how it works — from DNS enumeration to confidence-scored, human-verified output.
A fully automated pipeline processes over 102 million active domains to identify AI-powered tools. It combines DNS enumeration, HTTP fingerprinting, content analysis, and ML classification into a continuous inventory.
The starting corpus is built from all major TLDs, then deduplicated, normalized, and filtered to exclude parking pages.
Every seed domain is resolved to confirm liveness. Inactive domains are excluded from further processing.
Lightweight HTTP requests capture response data without JavaScript execution. Raw HTML analysis at scale.
200+ discrete signals are assembled into a structured vector for each domain.
| Signal Category | Examples |
|---|---|
| Meta Tags | Title, description, keywords, Open Graph properties |
| Page Structure | Heading hierarchy, navigation depth, external scripts/stylesheets |
| AI SDK References | OpenAI, Anthropic, Replicate, Hugging Face API calls in source |
| Interactive Elements | Text inputs, file uploads, API key fields, chat interfaces, canvas |
| Infrastructure | TLD, hosting provider, CDN, /docs and /api subpaths |
A distributed fleet of stateless workers processes the full corpus within a 24-hour window. The pipeline is fully idempotent, enabling efficient change detection between cycles.
Zone file ingestion and Certificate Transparency log monitoring capture every active domain, including those registered within the last 24 hours. Resolution confirms liveness and extracts hosting metadata used as classification features.
Lightweight HTTP requests extract 200+ signals from response headers, TLS certificates, meta tags, page structure, and referenced scripts. No JavaScript execution — raw HTML analysis at scale.
A fast pre-classifier reduces the 102M-domain corpus to approximately 300,000 candidate domains that exhibit AI-related signals. Only these candidates proceed to the full NLP classification engine, reducing compute cost by 99.7%.
Candidate domains pass through a transformer-based NLP model fine-tuned on manually labeled AI tools. The model assigns category labels from the 18-category taxonomy with calibrated confidence scores.
Raw HTTP fingerprints are converted into structured inputs across three feature tiers.
| Feature Type | Examples | Purpose |
|---|---|---|
| Primary (Textual) | Page title, meta description, H1-H4, first 2,000 tokens of body, image alt text | Captures how the tool describes itself |
| Secondary (Structural) | Code editors, chat interfaces, file uploads, TensorFlow.js, ONNX Runtime, AI API refs | Identifies AI-specific UI patterns and SDKs |
| Tertiary (Metadata) | TLD, registration age, hosting provider, /docs / /api / /swagger subpaths |
Contextual signals for classification accuracy |
Each domain is reviewed by at least two human annotators who assign primary/secondary categories, subcategory labels, and confidence ratings. Refreshed quarterly to incorporate new tool categories and correct labeling errors.
A fine-tuned transformer encoder outputs probability distributions across 18 categories and 180+ subcategories. Each domain receives both a primary category prediction and a calibrated confidence score between 0 and 1.
The highest-confidence label becomes the primary category. When the second-highest category exceeds 0.25 confidence, it is recorded as a secondary category.
This multi-label capability lets security teams filter on either category — a code assistant that also provides chat-based explanations appears under both "AI Code Assistants" and "AI Chatbots."
Every classified domain maps to one of 18 top-level categories and 180+ subcategories. The taxonomy was derived empirically by clustering 10,000+ AI tools by functional similarity and iteratively refining boundaries.
Domains with similar data-handling risks belong to the same category. This differs from marketing-oriented taxonomies that group by "content type."
Each category contains 5-18 subcategories calibrated to the diversity of tools in that space. The full taxonomy is documented separately and updated as new subcategories emerge.
General-purpose conversational AI, question-answering systems, role-playing bots, and multi-modal chat interfaces. Highest data exposure risk due to unrestricted freeform input. 14 subcategories including enterprise chat, open-source interfaces, and wrapper applications.
Code completion, code generation, debugging assistants, code review tools, and autonomous coding agents. Critical category for IP protection — source code submitted to these tools may be retained for model training. 12 subcategories spanning IDE plugins, web-based editors, and CLI tools.
Text-to-image generation, image editing, inpainting, style transfer, and AI art platforms. Lower direct data exposure than text tools but significant IP and compliance risk from generated outputs. 11 subcategories including photorealistic generation, illustration, and brand asset creation.
Data visualization, automated insights, natural-language-to-SQL, spreadsheet AI, and predictive analytics platforms. Extreme data exposure risk — users upload entire datasets. 15 subcategories covering business intelligence, scientific analysis, and financial modeling.
Contract review, legal research, case analysis, compliance checking, and document drafting tools. Handles attorney-client privileged material and regulated data. 8 subcategories including contract lifecycle, litigation support, and regulatory compliance.
API providers, model hosting platforms, MLOps infrastructure, vector databases, and AI application frameworks. These are the building blocks other AI tools are constructed from. 18 subcategories spanning inference APIs, fine-tuning platforms, and observability tools.
Every classification carries a calibrated confidence score between 0.0 and 1.0. This score is post-hoc adjusted using isotonic regression so that 0.85 confidence means ~85% accuracy.
The confidence score is not a raw softmax probability. Calibrated scores let enterprise customers make risk-informed deployment decisions based on classification reliability.
| Tier | Score Range | Action | Accuracy |
|---|---|---|---|
| Auto-Publish | ≥ 0.85 | Published to database automatically | > 96% |
| Manual Review | 0.65 – 0.85 | Human analyst reviews, confirms, or corrects | Analyst-verified |
| Batch Hold | < 0.65 | Held for weekly batch review or discarded | Ambiguous |
Fewer than 3 out of every 4,000 domains are incorrectly classified. Measured weekly by sampling 500 domains and manually verifying.
Estimated via competitive benchmarking against 6 directories and customer-reported gap analysis. Covers AI tools with 1,000+ monthly visits.
The published database maintains a false positive rate below 0.1%. Enterprise teams can trust that blocked domains are genuine AI tools.
The API also exposes raw confidence scores per domain, letting customers apply custom thresholds — for example, financial institutions may only block domains above 0.90 confidence.
A stale AI tools database is a liability. New tools launch daily, existing tools pivot, and domains change ownership constantly.
The update pipeline runs on a strict 24-hour cycle with four phases to ensure the blocklist always reflects the current landscape.
Distributed crawlers process all 102M domains, generating feature vectors for every reachable domain.
NLP engine processes all changed and new domains with full classification and scoring.
Human analysts process the manual review queue of 200-500 flagged domains per cycle.
Updated database is validated and published to API endpoints and download feeds.
Enterprise teams need verified accuracy before deploying a blocklist into production infrastructure. We publish a comprehensive set of quality metrics updated quarterly through ongoing audits.
Methodology: Each quarter, 50 random domains from each of the 18 categories (900 total) are verified by two independent analysts. Disagreements resolved by a senior reviewer.
Range: Per-category precision from 94.1% (AI Productivity, most heterogeneous) to 99.2% (AI Image Generators, most distinctive fingerprints).
Method 1: Competitive benchmarking against 6 other AI tool directories and catalogs.
Method 2: Customer-reported gaps investigated and fed back into pipeline improvements and model retraining.
Quarterly stratified sampling of 900 domains verified by independent human analysts. False positive rate below 0.1%.
Benchmarked against 6 directories plus customer-reported gaps. Coverage exceeds 98% for tools with meaningful traffic.
Harmonic mean of precision and recall. High accuracy across both false positives and false negatives. Updated quarterly.
Production quality is defined not just by error rate, but by how fast errors are corrected. Three mechanisms ensure continuous improvement.
False positive reports trigger immediate human review. Confirmed errors removed in the next publication cycle.
Domains with significant confidence score drift between cycles are flagged. Catches content changes that invalidate classifications.
Entire database reprocessed through the latest model version. Typically reclassifies 1-2% of domains as model accuracy improves.
Enterprise customers access full classification metadata via the REST API — confidence score, classification date, and last-reviewed date per domain.
This metadata enables custom quality filters, such as deploying only domains classified within the last 30 days above a custom confidence threshold.
We walk enterprise evaluators through the full pipeline — crawling, classification, confidence scoring, and quality auditing. Tell us your evaluation criteria.
Tell us about your evaluation criteria and we will schedule a technical walkthrough of our classification methodology.