buff.com

HTML metadata

Title

Headwear & Neckwear for Sports and Outdoors BUFF®️

Description

Discover top-tier BUFF® headwear and neckwear, designed for outdoor lovers. Our quality materials meet sustainability to elevate your active lifestyle.

Language

en

Canonical

https://www.buff.com/en_eur/

Translations

ca-es
de-de
en-au
en-ca
en-gb
en-nl
en-sg
en-us
es-co
es-es
es-mx
fr-fr
nl-nl

Open Graph

url: https://www.buff.com/en_eur/
title: Headwear & Neckwear for Sports and Outdoors
site name: BUFF®
description: Discover top-tier BUFF® headwear and neckwear, designed for outdoor lovers. Our quality materials meet sustainability to elevate your active lifestyle.

Technology

CMS: Gatsby

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (5)

static.klaviyo.com×2
www.googletagmanager.com×2
cdn-widgetsrepository.yotpo.com×1
rum.hlx.page×1
use.typekit.net×1

Social

Registration

Registrar

Ascio Technologies, Inc. Danmark - Filial af Ascio technologies, Inc. USA

Created

1997-06-20

Expires

2026-06-19 31 days left

Updated

2025-06-20

Name servers

aiden.ns.cloudflare.com
amanda.ns.cloudflare.com

DNS records live

NS

aiden.ns.cloudflare.com
amanda.ns.cloudflare.com

MX

0 buff-com.mail.protection.outlook.com

TXT

Show 17 TXT records

qfk0v68045mndonrdlqgmv81o1
smartfense-domain-verification=CArw-Q2z__3-dx1sDkObWY1bxQhVW2plZpawJbQRjy_sJEVI
sophos-domain-verification=4b9c00e8e4db1bba065d881960395e5c684c82e48499e886a6c5c626a0b1df40
sophos-domain-verification=eb89a123e4f685da9fd59bbff419e5d9eb1096ff
v=spf1 include:mail.zendesk.com include:spf.protection.outlook.com include:spf.emailsignatures365.com -all
workplace-domain-verification=0a7e3bf2-0c80-49cd-87c3-75e8d382df96
077747a1b0497eca3782b989d7cc28f1
MS=ms46632241
amazonses:897QvLthuSGWsmy9aiC9PlRsNlu6LDnItj0XRuKtPp8=
apple-domain-verification=EH5KrtlrszXMhzYj
eoilaqlkmt7g489grt4kuiqsur
google-site-verification=ET3Y7XO1pDTgtXc5FQfCUpO0kt4NfzcKxVFqH0A0yJI
klaviyo-site-verification=QPG3pk
klaviyo-site-verification=TVi8vh
ls5s9tl310b4s0s8rpmsn7vpja
oi7npd4ksomreji65q6aprptb3
pexip-ms-tenant-domain-verification=0afb0ca4-312e-437b-80bf-fd2c123c4010

Certificate (current)

R12

from 2026-03-29 to 2026-06-27

Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.buff.com/en_eur/

present

strict-transport-security
content-security-policy-report-only
x-frame-options
x-content-type-options

findings

missing Content Security Policy
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-security-policy-report-only: font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com cash-f.squarecdn.com fonts.googleapis.com *.googleapis.com data: *.fontawesome.com *.oct8ne.com oct8necdneu.azureedge.net blob: *.yotpo.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * https://plumrocket.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.certcapture.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.co