indexo.dev

bigducktours.com

.com crawl

First seen 2026-05-03 · Last seen 2026-05-09 · ok HTTP/1.1 200 4175 ms crawled 2026-05-09

US · 172.67.68.183 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Big DUCK Tours Singapore | Singapore Sightseeing Tours
Description
Make sightseeing an adventure for the whole family! Hop aboard our famous DUCK Tours to explore Singapore by both land and sea. Book online today!
Language
en
Canonical
https://www.bigducktours.com/en/singapore
Translations
  • en

Open Graph

url
https://www.bigducktours.com/en/singapore/
title
Big DUCK Tours Singapore | Singapore Sightseeing Tours
description
Make sightseeing an adventure for the whole family! Hop aboard our famous DUCK Tours to explore Singapore by both land and sea. Book online today!

Technology

CDN
Cloudflare
CMS
Gatsby
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • cdn-4.convertexperiments.com×1
  • www.googletagmanager.com×1

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2024-06-12
Expires
2026-06-12 23 days left
Updated
2025-06-25
Name servers
  • norm.ns.cloudflare.com
  • opal.ns.cloudflare.com

DNS records live

NS
  • norm.ns.cloudflare.com
  • opal.ns.cloudflare.com
MX
  • 0 bigducktours-com.mail.protection.outlook.com
TXT
  • MS=ms85303873
  • google-site-verification=hW_BoeG9peP-15HRVcZfCAyu1avC9OZq0BHFvSlFO6A

Email authentication strong

SPF
v=spf1 redirect=bigducktours.com.hosted.spf-report.com
no all qualifier
DMARC
v=DMARC1; p=reject; rua=mailto:66a9b0f2@mxtoolbox.dmarc-report.com; ruf=mailto:66a9b0f2@forensics.dmarc-report.com; fo=1
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWW6aLAvMqZK9kxIWH7bv9RKljyHGp5iZMwKg3iF/mMTfgi2bjR65/AGG1OrYhUz3uUi4hn4i2iPvz…
selectors probed

Certificate (current)

WE1
from 2026-04-17 to 2026-07-16
Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.bigducktours.com/en/singapore/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com https://*.gstatic.com *.cloudfront.net *.hotjar.com *.satis.fi *.cloudflare.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.adyen.com * *.bigbustours.com *.bigducktours.com 'self' www.facebook.com connect.facebook.net graph.facebook.com business.facebook.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcom
strict-transport-security
max-age=3600

Links to (1)

Linked from (1)