indexo.dev

rwandairdutyfree.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-20 · ok HTTP/1.1 200 2598 ms crawled 2026-05-06

US · 188.114.97.3 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
RwandAir – Duty Free Preorder
Description
Welcome to Ikaze Boutique, the ultimate duty free shopping magazine brought to you by Rwandair and the DFASS group. With our wonderful selection of fragrances, watches, gifts, alcohol and jewellery, you are bound to find everything you need to make your journey even more exciting – and all at amazing duty free prices, too. So relax, enjoy your flight, and discover the fantastic products and exclusive offers available onboard
Language
en
Generator
nopCommerce

Technology

CDN
Cloudflare

Third-party hosts loaded (3)

  • code.jquery.com×2
  • cdnjs.cloudflare.com×1
  • stackpath.bootstrapcdn.com×1

Social

Registration

Registrar
Cloudflare, Inc.
Created
2016-08-16
Expires
2026-08-16 87 days left
Updated
2025-07-17
Name servers
  • gigi.ns.cloudflare.com
  • tony.ns.cloudflare.com

DNS records live

NS
  • gigi.ns.cloudflare.com
  • tony.ns.cloudflare.com
MX
  • 0 rwandairdutyfree-com.mail.protection.outlook.com
TXT
  • 0ed1fe018ab174866e461048c99b94b9c170b262f4
Verified for
  • Cloudflare
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:_netblocks.mimecast.com include:spf.protection.outlook.com ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-04-09 to 2026-07-08
Expires in 49 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://rwandairdutyfree.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=15552000; includeSubDomains; preload

Links to (5)

Linked from (1)