dubaidutyfree.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-19 · ok HTTP/1.1 200 722 ms crawled 2026-05-07

DE · 138.1.44.205 · AS31898 Oracle Corporation

Reputation 67/100 wrong cert no dmarc policy

Classifying

HTML metadata

Language: en
Canonical: https://www.dubaidutyfree.com

Technology

CDN: Akamai
CMS: Gatsby

Fonts

Font Awesome

Third-party hosts loaded (4)

appleid.cdn-apple.com×1
applepay.cdn-apple.com×1
ee.channels.ocs.oraclecloud.com×1
use.fontawesome.com×1

Registration

Registrar

Network Solutions, LLC

Created

2000-07-05

Expires

2029-07-05 1142 days left

Updated

2024-05-06

Name servers

auhans1.ecompany.ae
auhans2.ecompany.ae
dxbans1.ecompany.ae
dxbans2.ecompany.ae

DNS records live

NS

auhans1.ecompany.ae
auhans2.ecompany.ae
dxbans1.ecompany.ae
dxbans2.ecompany.ae
ns1.etisalatdomains.ae
ns2.etisalatdomains.ae
ns3.etisalatdomains.ae
ns4.etisalatdomains.ae

MX

10 mail.dubaidutyfree.com

TXT

Show 6 TXT records

_1gr424037n6bh3yoxwqoxf7lq74d6xu
ubiq31rh01c0dd41gla1l0394u
brhjakva24k2utn04l63ttpq3u
tq856pkej0cppkhfb95gspmj5b
ir70isrem48dcfh5qbjel565ar
facebook-domain-verification=95np4gfux4joih75svnk44divuoigx

Email authentication weak

SPF

v=spf1 mx include:_spf.atoracle.com include:sniperhire.net include:eu.rp.oracleemaildelivery.com -all

strict (-all)

DMARC

not published

DKIM

default: v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXq6PJCSNUErryBT3wuYfcQ8HFQH7FKxcq9PGroOJQ78Gpp81q+PdeHGcNwEiO16tvZYzGTFloy6B6Qe1q2hYJ4oeml…

selectors probed

Certificate (current) wrong cert

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2026-02-23 to 2027-02-23

Expires in 279 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.dubaidutyfree.com/

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: default-src 'self' www.dubaidutyfree.com concoursea.dubaidutyfree.com uae.dubaidutyfree.com; script-src https://*.go-mpulse.net *.dubaidutyfree.com 'unsafe-eval' 'unsafe-inline' *.ocs.oraclecloud.com *.googletagmanager.com *.google-analytics.com cdnjs.cloudflare.com s7.addthis.com *.oracleinfinity.io tags.bkrtx.com googleads.g.doubleclick.net *.doubleclick.net service.maxymiser.net *.facebook.net *.pinterest.com *.bazaarvoice.com *.github.io *.googleadservices.com *.akamaihd.net *.google.com mc.yandex.ru urldefense.com *.emtana.com usc.cpp32.com hm.baidu.com asc.cpp32.com appleid.cdn-apple.com applepay.cdn-apple.com bat.bing.com www.clarity.ms; connect-src https://*.go-mpulse.net https://*.akstat.io *.dubaidutyfree.com *.ocs.oraclecloud.com ipinfo.io *.google-analytics.com *.google.com analytics.google.com *.doubleclick.net *.bazaarvoice.com mc.yandex.ru www.facebook.com graph.facebook.com *.google.co.in *.emtana.com *.clarity.ms *.googleapis.com; base-uri *.dubaidutyfree.com; style-sr
strict-transport-security: max-age=31536000; includeSubDomains; preload

Linked from (2)

newburyracecourse.co.uk×2
moodiedavittreport.com×1