urlscan.io logo urlscan.io
SecurityTrails logo

drops-auth.poap.xyz Open in urlscan Pro
2606:4700:20::681a:cb  Public Scan

Go To Rescan Add Verdict Report
URL: https://drops-auth.poap.xyz/
Submission: On July 20 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 2606:4700:20::681a:cb, located in United States and belongs to CLOUDFLARENET, US. The main domain is drops-auth.poap.xyz.
TLS certificate: Issued by WE1 on June 19th 2024. Valid for: 3 months.
This is the only time drops-auth.poap.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:20::681a:cb (United States)

ASN13335 (CLOUDFLARENET, US)
drops-auth.poap.xyz
drops.poap.xyz
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:9000:2449:8a00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    2600:9000:2724:e200:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
poapxyz.matomo.cloud
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 poap.xyz
drops-auth.poap.xyz
drops.poap.xyz
292 KB
2 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 29612
poapxyz.matomo.cloud
40 KB
1 gstatic.com
fonts.gstatic.com
35 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 10656
49 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
12 6
Domain Requested by
5 drops-auth.poap.xyz drops-auth.poap.xyz
static.cloudflareinsights.com
1 fonts.gstatic.com fonts.googleapis.com
1 poapxyz.matomo.cloud cdn.matomo.cloud
1 drops.poap.xyz
1 cdn.matomo.cloud drops-auth.poap.xyz
1 cdn.auth0.com drops-auth.poap.xyz
1 static.cloudflareinsights.com drops-auth.poap.xyz
1 fonts.googleapis.com drops-auth.poap.xyz
12 8

This site contains no links.

Subject Issuer Validity Valid
poap.xyz
WE1		 2024-06-19 -
2024-09-17		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M03		 2023-10-27 -
2024-11-23		 a year crt.sh
*.matomo.cloud
Amazon RSA 2048 M02		 2024-05-21 -
2025-06-19		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://drops-auth.poap.xyz/
Frame ID: 950B1989D9B3FD3D21D202FA793A942A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

POAP Drops - Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

425 kB
Transfer

1295 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
drops-auth.poap.xyz/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drops-auth.poap.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3b2803bf82e60f8ed50365b7b3bab624de465a18e92b617187e18e0f688477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
0
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; fwd=miss
cf-cache-status
DYNAMIC
cf-ray
8a6511c1db811c1c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 20 Jul 2024 18:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BY2kEho6UXRXAXLbfx1njHYBh9J9RPEb2bufVFUsljUi05KAOvMd4PNK18fyHB3pSUUso4UlOVBPoq%2FLXNEg9wDWetSeTHgQpTNqwhQuQzdEfSAA2vuHTL%2Fs%2FRXAV1K2nII70hcf6aPmlDMYqAjGHxQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-nf-request-id
01J38Q0NA0ECPGDZ4175K72HVM
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
Requested by
Host: drops-auth.poap.xyz
URL: https://drops-auth.poap.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
468dd7103abcce48050ffcdfd22d0cc58755a6748a77ab3df6191fbbece8c1a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drops-auth.poap.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jul 2024 18:38:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jul 2024 17:11:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Jul 2024 18:38:38 GMT
index.css
drops-auth.poap.xyz/assets/ 		142 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://drops-auth.poap.xyz/assets/index.css
Requested by
Host: drops-auth.poap.xyz
URL: https://drops-auth.poap.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7006824966c21a215c041961da088424b6ab1fa35748f0694e034a89154b38e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://drops-auth.poap.xyz/
Origin
https://drops-auth.poap.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J38Q0NFGHJA40J31FTR9J42E
date
Sat, 20 Jul 2024 18:38:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"01d2fb6ac95ffb84ccc830a66d4e2ce6-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BhguO%2FsVHAwgR9BeqngwS9o8HUQQVavE%2B6jwnURojRsAgxjSiUkbx7Q3ErfDTPwO%2FnpF83%2FPEstKrK%2B7eDtylCtFCI8wmpZhOM%2F2gT7H8ZTk853Y%2BwgSYaR3wrEpTqdUVMOfvRVe6YJoqCowy0DxU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a6511c2ed571c1c-FRA
rocket-loader.min.js
drops-auth.poap.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drops-auth.poap.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: drops-auth.poap.xyz
URL: https://drops-auth.poap.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://drops-auth.poap.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 18:38:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"6696a9e8-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1cZg5zjszjzEjCEPrT37AkwyfruWMqVngte%2FD%2B%2FnVYQgyYTMrQzNFR08NFc9UL25MRKOH1ImkYHnhfApkkFp5fU7xdoKCSG6NlBAk61znLxtpu7jX2D%2F37rh1u7sz9jHy26fvx7oJVRGtZDNqo7R1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a6511c30db41c1c-FRA
expires
Mon, 22 Jul 2024 18:38:38 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: drops-auth.poap.xyz
URL: https://drops-auth.poap.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://drops-auth.poap.xyz/
Origin
https://drops-auth.poap.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 18:38:38 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8a6511c32f669b9b-FRA
auth0.min.js
cdn.auth0.com/js/auth0/9.18/ 		182 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.18/auth0.min.js
Requested by
Host: drops-auth.poap.xyz
URL: https://drops-auth.poap.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:8a00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c01cdbf532e04e0405e5a197ca95d698bc179640c8e1945487a5db0a05923caa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://drops-auth.poap.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
0oSyqygNJmIxgTdWAY.70ye9IMXesbI9
content-encoding
gzip
via
1.1 36a7c1e18cbe5ff8281d77427bf1c0e6.cloudfront.net (CloudFront)
date
Sat, 20 Jul 2024 18:34:34 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
AMS58-P6
age
245
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 18 Jan 2022 16:34:50 GMT
server
AmazonS3
etag
W/"e940a743df0750a57e7f584934a24620"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
x-robots-tag
noindex
x-amz-cf-id
OTL_ANuaAMQRKQFohHSJrYx6qhV3_LTT2FO1C0OTbML8d-tlS4lEOA==
index.js
drops-auth.poap.xyz/assets/ 		757 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drops-auth.poap.xyz/assets/index.js
Requested by
Host: drops-auth.poap.xyz
URL: https://drops-auth.poap.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b31aa6716840c968f428262267498ee916d1eb5434f0af019cdf50c0f6fe21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://drops-auth.poap.xyz/
Origin
https://drops-auth.poap.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J38Q0NGV9RFNHNXC2D4HG95M
date
Sat, 20 Jul 2024 18:38:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"046c8d0e577cb59db87f10ca995954fe-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8OpF%2BeGTd6FFOPHPUPmQ1UqvEX6FVwbsW%2BSZitng9ZjSOwhdFe%2Bn8zRKUNeUlMwCAt2pVaVLpPqNhGZXCG0QyqwIn2rpnClUQgO4axr12Rr6btTfUscm2ujKtq7tJGIkBjiqODB9LQs%2B%2FXjNwQCaVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8a6511c34e071c1c-FRA
matomo.js
cdn.matomo.cloud/poapxyz.matomo.cloud/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/poapxyz.matomo.cloud/matomo.js
Requested by
Host: drops-auth.poap.xyz
URL: https://drops-auth.poap.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:e200:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4feedc65f07427e596d66209de5683ec9891cc3d71d10ef081cf3357d9416ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://drops-auth.poap.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 18:38:39 GMT
x-amz-version-id
wgUftPTQ6pphIHFjWF4b13D.cHzs7k67
content-encoding
gzip
strict-transport-security
max-age=31536000
via
1.1 b542963649ffc3f71c6540a2347be55a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 29 Apr 2024 00:48:02 GMT
server
CloudFront
etag
W/"79e68ef3c5252acf24e14bd35a101316"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
x-amz-cf-id
h4bLIho9L3tkeUQouk9TDWaUqMOXNszyZ13oq9SN4Pcqm4vZjvRi_w==
favicon-32x32.png
drops.poap.xyz/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://drops.poap.xyz/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
523c48c7a311b6fed9b250923896dab7b15e75ca0203c5d42baf12cc9a485764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://drops-auth.poap.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J38Q0NM829PCA0GJT228D4P3
date
Sat, 20 Jul 2024 18:38:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
1754
referrer-policy
strict-origin-when-cross-origin
netlify-vary
cookie=__next_preview_data:presence|__prerender_bypass:presence
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"f82ab371466e9332bf520174d1d0a53d-ssl"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUQ7%2B2Uy9NQRIA9oCdeZ9HKn7GfdppLq3EVk%2FWx1VFS5xh0YduIPvB%2B3QDi3tfISIm8msCvWGfiBkZ9F%2BEVviz5v5W2jQYmD6oc3Z6H%2BCalxLxKI45OwKo2UldTURZQUrNycGaEsdnqMh56d"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
cf-ray
8a6511c3dee21c1c-FRA
matomo.php
poapxyz.matomo.cloud/ 		0
172 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://poapxyz.matomo.cloud/matomo.php?action_name=POAP%20Drops%20-%20Login&idsite=4&rec=1&r=110897&h=20&m=38&s=38&url=https%3A%2F%2Fdrops-auth.poap.xyz%2F&_id=&_idn=1&send_image=0&_refts=0&pv_id=eZd4DQ&pf_net=46&pf_srv=169&pf_tfr=1&pf_dm1=22&pf_dm2=80&pf_onl=1&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/poapxyz.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://drops-auth.poap.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://drops-auth.poap.xyz
date
Sat, 20 Jul 2024 18:38:38 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
rum
drops-auth.poap.xyz/cdn-cgi/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://drops-auth.poap.xyz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://drops-auth.poap.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 20 Jul 2024 18:38:39 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://drops-auth.poap.xyz
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8a6511c5b9b21c1c-FRA
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://drops-auth.poap.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 20:29:40 GMT
x-content-type-options
nosniff
age
166139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Jul 2025 20:29:40 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR object| __cfBeacon object| _paq object| auth0 boolean| __cfRLUnblockHandlers object| Piwik object| Matomo object| matomoAbTestingCampaignUrlParamList object| AnalyticsTracker function| piwik_log

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload