indexo.dev

loilonote.app

.app toplist

First seen 2026-04-11 · Last seen 2026-04-11 · ok HTTP/1.1 200 2438 ms crawled 2026-05-18

US · 34.208.196.164 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Sign in to LoiLoNote School
Description
Welcome to LoiLoNote School. We hope you enjoy your lesson!
Language
en-US

Technology

Fonts
  • Google Fonts

Third-party hosts loaded (1)

  • fonts.googleapis.com×1

DNS records live

NS
  • ns-1436.awsdns-51.org
  • ns-1998.awsdns-57.co.uk
  • ns-317.awsdns-39.com
  • ns-798.awsdns-35.net

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M01
from 2026-04-17 to 2026-11-01
Expires in 165 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://loilonote.app/login?backTo=%2F

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' *.loilo.tv *.loilonote.app;img-src 'self' *.loilo.tv *.loilonote.app data: blob:;media-src 'self' *.loilo.tv *.loilonote.app blob:;style-src 'self' *.loilo.tv *.loilonote.app 'unsafe-inline' fonts.googleapis.com;child-src 'self' *.loilo.tv *.loilonote.app blob: data:;connect-src 'self' *.loilo.tv *.loilonote.app wss: data: blob: *.bugsnag.com firebaseinstallations.googleapis.com fcmregistrations.googleapis.com;script-src 'self' *.loilo.tv *.loilonote.app www.gstatic.com 'wasm-unsafe-eval';font-src 'self' *.loilo.tv *.loilonote.app fonts.gstatic.com
strict-transport-security
max-age=31536000; includeSubDomains

Links to (2)