indexo.dev

ilost.co

.co crawl

First seen 2026-05-12 · Last seen 2026-05-18 · ok HTTP/1.1 200 9163 ms crawled 2026-05-18

IE · 52.215.51.148 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
The search engine for lost and found | iLost
Description
Searching, reporting, matching. One in three found objects is returned to its owner via iLost, wherever in the world they live.
Language
en
Canonical
https://ilost.co/
Translations
  • ar
  • ca
  • cs
  • de
  • en
  • es
  • eu
  • fr
  • gl
  • hu
  • it
  • ja
  • ko
  • nl
  • no
  • pl
  • pt
  • sk
  • sv
  • tr

Open Graph

url
https://ilost.co/
title
The search engine for lost and found | iLost
site name
iLost.co
description
Searching, reporting, matching. One in three found objects is returned to its owner via iLost, wherever in the world they live.

Technology

Server
nginx
CMS
Gatsby
Fonts
  • Google Fonts
Social widgets
  • YouTube Embed

Third-party hosts loaded (2)

  • fonts.googleapis.com×2
  • www.youtube.com×1

Social

Contact

Address
st AlertTag your belongingsSupportHelp CenterGeneral ContactSitemap© 2026

DNS records live

NS
  • ns-1223.awsdns-24.org
  • ns-1989.awsdns-56.co.uk
  • ns-363.awsdns-45.com
  • ns-585.awsdns-09.net
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 7 TXT records
  • site-verification=b7166f62935479140716873be242bb02
  • slack-domain-verification=gDg1gzpaavuK2ut8CBQ9AHMk7VKVm0fwTmSLYfKz
  • atlassian-domain-verification=C6BQHJUyw6yHAOjOXMmwvUewpkx9H/yCDBeiCOrsDZpPKqWl7qpFKAdU7I07xfXx
  • google-site-verification=kSvujcIHnwulqqPw3zuV5bpqfVF4flSaz5o2jGlllj0
  • mistral-domain-verification=72948b39acafe5949fff18f346842c740d66f736
  • new-relic-domain-verification=4dd24aae028d4bbda9b5be5842dca21b
  • replit-verify=6a44ed59-ead4-4022-9960-24fcf8b30b2d

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:mailgun.org include:mail.zendesk.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarc_reports@ilost.co
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQkpffyMlYD25TerrkR57yJZXIuuJ/hm6QktWQK6lS5pMq1pXa7J2y3ddxKETmYqlo3pNxxqqdiPp5…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa7P7kGfPJ6TDaoJ87Vc55wxPsIzJg0UtFK/lsw8oJzZHMRb4FswtEfLpTnV86SjNTF/gC5yZdaDrsI3YC…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YT07ObPMyV/q8rjthvN+6U3wAHEDxdeyZ6CW0oIRJCCKvuBrkF3S/G9xwqsmtpty8e0l4B4sp5HuDC6eg…
selectors probed

Certificate (current)

Amazon RSA 2048 M01
from 2026-04-27 to 2026-11-11
Expires in 175 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://ilost.co/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
sameorigin
permissions-policy
accelerometer=(), autoplay=(), camera=(self), clipboard-read=(), clipboard-write=(), compute-pressure=*, display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), usb=(), xr-spatial-tracking=(), payment=(self), sync-xhr=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'nonce-Px1DEwOLyyOM4QPaplSthA==' https://*.facebook.com https://connect.facebook.net https://*.fbcdn.net https://*.linkedin.com https://snap.licdn.com https://*.hotjar.com https://*.hotjar.io https://webforms.pipedrive.com https://leadbooster-chat.pipedrive.com https://*.pipedriveassets.com https://*.adyen.com https://cdn.crowdin.com https://*.google.com https://maps.googleapis.com https://*.gstatic.com https://www.recaptcha.net https://*.ilost.co https://stats.ilost.co https://cdn.builder.io https://js-agent.newrelic.com https://bam.eu01.nr-data.net https://unpkg.com ; style-src 'self' 'nonce-Px1DEwOLyyOM4QPaplSthA==' https://*.facebook.com https://*.linkedin.com https://*.hotjar.com https://*.adyen.com https://cdn.crowdin.com https://fonts.googleapis.com https://*.google.com https://*.gstatic.com https://www.recaptcha.net https://*.ilost.co https://webforms.pipedrive.com https://*.adyen.com; img-src 'self' data: blob: https://*.adyen.com https:/
strict-transport-security
max-age=31536000; includeSubDomains;

Links to (11)

Linked from (1)