lovesac.com — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Modern Furniture: Sectionals, Bean Bags & More | Lovesac
Description: Lovesac is a modern furniture company, offering high-quality bean bag chairs, modular sectionals, and accessories in many colors, patterns, and fabrics.
Canonical: https://www.lovesac.com/

Open Graph

url: https://www.lovesac.com/
title: Modern Furniture: Sectionals, Bean Bags & More | Lovesac
description: Lovesac is a modern furniture company, offering high-quality bean bag chairs, modular sectionals, and accessories in many colors, patterns, and fabrics.

Registration

Registrar

Domain.com - Network Solutions, LLC

Created

1999-09-08

Expires

2026-09-08 89 days left

Updated

2025-08-19

Name servers

arnold.ns.cloudflare.com
cheryl.ns.cloudflare.com

DNS records live

NS

arnold.ns.cloudflare.com
cheryl.ns.cloudflare.com

MX

0 lovesac-com.mail.protection.outlook.com

TXT

status-page-domain-verification=4qdvch0m78bh

Verified for

Apple
Atlassian
GlobalSign
Google
Meta
Microsoft 365
OpenAI

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:stspg-customer.com include:spf1.lovesac.com include:spf2.lovesac.com include:mailgun.org ~all

softfail (~all)

DMARC

v=DMARC1;p=quarantine;rua=mailto:cybersecurity@lovesac.com;ruf=mailto:cybersecurity@lovesac.com;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDChPU/QmkdmbjgqD2xAgy3494RxbNuZtKlRB1GAhFI2o2o/0pA7bfAdgBeGn0UTsR2Vmr041dUUfXikhBvqX…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYtZk8UzErvRroTH90n1IisUUU2r6a5pB9NFFxrSWTN+5ezlNmK1qH6d69GShUIlCaaqKNN39tfq5xyXak…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGHoG/FRIO1Ec2481omb1jOe5pPFtQVnkhsj6Gy8TAJyH0Ekx0mHpUIwYuD4BYs9U3EQ63JS1YhvbZPElU…

selectors probed

Certificate (current)

R12

from 2026-05-09 to 2026-08-07

Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.lovesac.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(self "https://www.youtube.com" "https://www.youtube-nocookie.com" "https://s7d4.scene7.com"), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self "https://www.youtube.com" "https://www.youtube-nocookie.com" "https://s7d4.scene7.com"), gamepad=(), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: font-src *.xtlo.net maxcdn.bootstrapcdn.com fonts.gstatic.com *.abtasty.com *.typekit.net *.cdn-apple.com data: 'self'; form-action *.syfpos.com *.syfpayments.com *.amazon.com *.facebook.com 'self'; frame-src https://* https://api.securedvisit.com 'self'; img-src https://* https://images.securedvisit.com https://track.sv.rkdms.com https://track.securedvisit.com data: blob: 'self'; script-src https://* https://api.securedvisit.com https://content.securedvisit.com https://track.sv.rkdms.com https://d-code.liadm.com blob: 'self' 'unsafe-inline' 'unsafe-eval' ; style-src https://* 'self' 'unsafe-inline'; connect-src https://* wss://* https://track.securedvisit.com https://safevisit.online https://ghs4.safevisit.online data: 'self'; media-src s7d4.scene7.com 'self'; default-src 'self'
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (1)

scene7.com×2

Linked from (3)

Use this data via API

Everything on this page for lovesac.com is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/lovesac.com" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →