dukascopy.com

HTML metadata

Title

Dukascopy Bank SA - Online Forex Broker | Trade Forex, Stocks, Crypto, Indexes, Gold

Description

Forex Trading: Attractive spreads (base spread for EUR/USD 0.2 pip, GBP/USD 0.5 pip), ECN Online FX Trading by Swiss Forex Broker; One Hundred Million at One Click.

Language

en

Canonical

https://www.dukascopy.com/swiss/english/home/

Translations

ar
cs
de
en
es
fr
it
pl
pt
ru
sk
zh

Feeds

Dukascopy Corporate News (RSS 2.0) RSS

Open Graph

url: https://www.dukascopy.com/swiss/english/home/
title: Dukascopy Bank SA - Online Forex Broker | Trade Forex, Stocks, Crypto, Indexes, Gold
locale: en
site name: Dukascopy Bank SA
description: Forex Trading: Attractive spreads (base spread for EUR/USD 0.2 pip, GBP/USD 0.5 pip), ECN Online FX Trading by Swiss Forex Broker; One Hundred Million at One Click.

Technology

CDN: Cloudflare
CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (6)

en.wikipedia.org×1
twitter.com×1
www.facebook.com×1
www.googletagmanager.com×1
www.linkedin.com×1
www.youtube.com×1

Social

Contact

Phone

Address

st Fintech Forex Broker2024

Registration

Registrar

Cloudflare, Inc.

Created

2000-08-08

Expires

2027-08-08 446 days left

Updated

2025-11-19

Name servers

serena.ns.cloudflare.com
stan.ns.cloudflare.com

DNS records live

NS

serena.ns.cloudflare.com
stan.ns.cloudflare.com

MX

10 mail-0.dukascopy.com

Email authentication strong

SPF

v=spf1 ip4:194.8.15.0/24 ip4:16.62.220.123/32 -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:dmarc@dukascopy.com; ruf=mailto:dmarc@dukascopy.com

policy: reject (enforced)

DKIM

default: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfb6TjN30WAUn8bIw5d5JGOT7roDCLActSmPk4U7zHli1STT1mYi4qEqNl6FIQHticLHVwJbQ3jp4vzP0IPc…

selectors probed

Certificate (current)

WE1

from 2026-03-19 to 2026-06-17

Expires in 29 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.dukascopy.com/swiss/english/home/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.dukascopy.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.cloudflare.com https://*.hotjar.com https://*.google.com https://*.googletagmanager.com ; script-src-elem 'self' 'unsafe-inline' https://*.cloudflare.com https://*.dukascopy.com https://*.telefision.com https://*.jsdelivr.net https://*.hotjar.com https://*.google.com https://*.trustpilot.com https://*.gstatic.com https://*.g.doubleclick.net https://*.redditstatic.com https://www.google-analytics.com https://www.googletagmanager.com https://www.googleadservices.com https://freeserv-static.dukascopy.com https://freeserv.dukascopy.com ; style-src 'self' 'unsafe-inline' https://*.dukascopy.com https://*.jsdelivr.net https://*.telefision.com https://*.googleapis.com https://*.dukascopy.jp ; object-src 'none' ; frame-ancestors 'self' ; form-action 'self' ; frame-src 'self' data: blob: https://*.cloudflare.com https://*.dukascopy.jp https://*.dukascopy.com https://*.trustpilot.com https://ww
strict-transport-security: max-age=63072000; includeSubDomains