icodrops.com

.com crawl

First seen 2026-05-19 · Last seen 2026-06-01 · ok HTTP/1.1 200 23883 ms crawled 2026-05-26

DE · 161.35.26.56 · AS14061 DigitalOcean, LLC · dead nameservers

Reputation 70/100 dead nameservers

sector finance type news

HTML metadata

Title: ICO Drops - Calendar of active and upcoming ICO & IEO. Complete list with Token Sales
Description: ICO Drops contains a complete list of all ICOs and IEOs of crypto projects, including active, upcoming, and ended investment rounds and related activities, along with ratings and analysis
Language: en

Technology

Server: nginx
CMS: Gatsby

Fonts

Google Fonts

Third-party hosts loaded (3)

fonts.googleapis.com×1
fonts.gstatic.com×1
mc.yandex.ru×1

Social

Contact

Email

hello@icodrops.com

DNS records dead

NS

dale.ns.cloudflare.com
elle.ns.cloudflare.com

MX

10 mx.yandex.net

Verified for

Google

Email authentication strong

SPF

v=spf1 redirect=_spf.yandex.net

missing all

DMARC

v=DMARC1; p=reject; rua=mailto:hello@icodrops.com

policy: reject (enforced)

DKIM

k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
mail: v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAOKdEIOmVWd3w7f7sN8OjPJye+OyQhUFHKjL632tj9fPFTTjvsRuUExjbbsfXZ/6X+KzBx3+k48e/2…

selectors probed

Certificates

Loading certificate

HTTP security headers

Header hygiene 85/100 Checked live page: https://icodrops.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
weak frame protection
weak content type protection

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
permissions-policy: geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'none'; connect-src 'self' https://dropsearn.fra1.cdn.digitaloceanspaces.com https://mc.yandex.ru; script-src 'self' https://dropsearn.fra1.cdn.digitaloceanspaces.com https://mc.yandex.ru https://yastatic.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://dropsearn.fra1.cdn.digitaloceanspaces.com https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://dropsearn.fra1.cdn.digitaloceanspaces.com https://fonts.gstatic.com data:; img-src 'self' data: https://dropsearn.fra1.cdn.digitaloceanspaces.com https://dropscapital.fra1.cdn.digitaloceanspaces.com https://static.images.dropstab.com https://mc.yandex.ru; child-src 'self' blob: https://mc.yandex.ru; frame-src 'self' blob: https://mc.yandex.ru; manifest-src 'self' https://dropsearn.fra1.cdn.digitaloceanspaces.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy: same-origin