dreamduffel.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-18 · ok HTTP/1.1 200 3647 ms crawled 2026-05-14

US · 104.16.173.24 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: Dream Duffel | Dance Bag | Pageantry | Cheer | Costume Bag | Garment Rack | Rolling Duffel | Dream Duffel
Description: Dream Duffel has a variety of superior Dance and Skating Duffels, Bags and Accessories.
Language: en
Generator: Powered by Slider Revolution 6.6.7 - responsive, Mobile-Friendly Slider Plugin with comfortable drag and drop interface.

Open Graph

url: https://www.dreamduffel.com
title: Dream Duffel | Dance Bag | Pageantry | Cheer | Costume Bag | Garment Rack | Rolling Duffel | Dream Duffel
site name: Dream Duffel, LLC
description: Dream Duffel has a variety of superior Dance and Skating Duffels, Bags and Accessories.

Technology

CDN: Cloudflare
CMS: Gatsby

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (3)

www.googletagmanager.com×2
fonts.googleapis.com×1
static.klaviyo.com×1

Social

Contact

Phone

877-378-1260

Registration

Registrar

GoDaddy.com, LLC

Created

2008-07-02

Expires

2028-02-15 636 days left

Updated

2025-11-11

Name servers

ns1.nexcess.net
ns2.nexcess.net
ns3.nexcess.net
ns4.nexcess.net

DNS records live

NS

ns1.nexcess.net
ns2.nexcess.net
ns3.nexcess.net
ns4.nexcess.net

MX

1 aspmx.l.google.com
10 aspmx2.googlemail.com
10 aspmx3.googlemail.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 5 TXT records

google-site-verification=u66cQsvAuM2kZAeif8rqzIdQGvfRSAcHFMj1SQfnHPk
NETORGFT9313780.onmicrosoft.com
google-site-verification=tmJxJkznubiUPGoLRbap7YJptZ_NfoWXyWf_MZ9FcdI
google-site-verification=OxqMxUxa9IxRhV2GYOo_0dy6nYK36vjiJgY5p2fo5V0
klaviyo-site-verification=SriK9z

Email authentication partial

SPF

v=spf1 a mx ip4:209.126.24.97 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:email@dreamduffel.com

policy: none (monitoring only)

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4d2EbBn5RXimzbaq6aX//MWjwX+yy3+BtFE6S6dqwU2sQ3z3QI/ArutMx4SqzFAPpAn1TAx15Wkno9…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79Gr3vQQ0ofqoQlly5Wfbdd4CNmhkEl5ZXuOCeLkymQZGFnrddkRTy5RsLZaYDh7IBYacQJKSlSiDTvmD/…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVmVkJYmpkqR/BJCHG47kSD64Ih4Cli4sI+mUwWanXzodGdKRU33Bk7b+uKAZSU/mO2RA+ZtZyy3fNbsHY…

selectors probed

Certificate (current)

from 2026-03-19 to 2026-06-17

Expires in 28 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.dreamduffel.com/

present

content-security-policy-report-only
x-frame-options
x-content-type-options

findings

missing HSTS
missing Content Security Policy
weak frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff
content-security-policy-report-only: worker-src blob:; script-src-elem *.googletagmanager.com *.squarecdn.com *.klaviyo.com *.sezzle.com *.authorize.net *.wisepops.net *.attn.tv *.wisepops.com wisepops.net portal.afterpay.com *.google.com *.gstatic.com acsbapp.com *.termageddon.com googleads.g.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src-elem *.googleapis.com 'self' 'unsafe-inline'; font-src *.squarecdn.com *.googleapis.com *.gstatic.com fonts.gstatic.com *.kxcdn.com *.fontawesome.com https://fonts.gstatic.com 'self' data: https://fonts.bunny.net *.afterpay.com *.afterpay.com/ *.afterpaycdn.com *.cash.app use.typekit.net *.typekit.net fonts.googleapis.com www.paypalobjects.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https://plumrocket.com *.authorize.net *.paypal.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.authorize.net 'self'; frame-src www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.c