indexo.dev

nykaa.com

.com toplist crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 2474 ms crawled 2026-05-18

US · 3.164.68.82 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Nykaa Pink Summer Sale 2026 – Best Deals & Exclusive Offers
Description
The Nykaa Pink Summer Sale 2026 is live! Grab exciting Nykaa offers on top beauty, wellness, and skincare brands. Flat discounts, combos & more await!
Language
en
Canonical
https://www.nykaa.com/

Open Graph

url
https://www.nykaa.com/
title
Nykaa Pink Summer Sale 2026 – Best Deals & Exclusive Offers
site name
Nykaa

Technology

CDN
Akamai
CMS
Gatsby

Third-party hosts loaded (2)

  • cdn.naikaa.com×1
  • images-static.naikaa.com×1

Registration

Registrar
GoDaddy.com, LLC
Created
2012-03-05
Expires
2028-03-05 655 days left
Updated
2025-02-13
Name servers
  • ns-1090.awsdns-08.org
  • ns-2030.awsdns-61.co.uk
  • ns-61.awsdns-07.com
  • ns-956.awsdns-55.net

DNS records live

NS
  • ns-1090.awsdns-08.org
  • ns-2030.awsdns-61.co.uk
  • ns-61.awsdns-07.com
  • ns-956.awsdns-55.net
MX
  • 10 mxa-00a39001.gslb.pphosted.com
  • 10 mxb-00a39001.gslb.pphosted.com
TXT
Show 19 TXT records
  • google-site-verification=mIuUzGF3Tli7Rswf8WJJgvVZfreXZlE8DnNbGIXv_FE
  • hpe-greenlake-domain-verification=5a64535a665939326e564d337965464948705255625a36636451513461307331
  • facebook-domain-verification=kd4uk71zm5fry0mkovam1ijwsh4lip
  • mixpanel-domain-verify=f23bc07a-5e90-43ce-9b69-ae174af1e418
  • google-site-verification=eSTiM3Hs_mwVMuxqRkh9RmOzmvCZ-tbcEoB4Gx58XiA
  • google-site-verification=yGB1TwLdliUho_NIBQzha2StTzn65FPgHOPoYtaWgHU
  • cursor-domain-verification-gzyb62=vxNKPqhqvfjLi0p7cM6iJcXCe
  • atlassian-domain-verification=vLzszZOsTK4r01NnENiClxpVYGYUx66AdQq5aoYUyqhyWiKCaeQamq3vdGNE3x1o
  • ca3-86296b6022ef4b7fb1020bc9d9128b5b
  • adobe-idp-site-verification=2a9a911c-7229-4b5e-b06e-e1bceaa997b3
  • openai-domain-verification=dv-E4EaNkEQLcpE9IYn7esFSzpN
  • aevu7f478p5nucm0s3psj8nr7e
  • google-site-verification=Fgoi7mTCIWwPfN2i0IFkcwnvaCN45uCaizZ2wwYM-JY
  • _globalsign-domain-verification=VzgvxeU-EZw1a1A_T2Cmp7hbHd-YoVY7D6QjqE873Q
  • anthropic-domain-verification-netjnf=TZ84SetUz1GxNowinpYYb3zCH
  • google-site-verification=2N0B-UkSMRGEw0dLNpKMHEJ2_WoBBTWabzLBVohXRsU
  • google-site-verification=iSGRD9e9dGfZkvXlbz9sDkDN72OWxFxgvai2BRwoGe8
  • mongodb-site-verification=ygQMdGnNfB0XB20kiV2tOibvHpvF8KRZ
  • apple-domain-verification=iCafJBsbeRB9ygQP

Email authentication strong

SPF
v=spf1 include:spf.mandrillapp.com include:_spf.google.com include:spfcorp.netcore.co.in include:mail.zendesk.com include:amazonses.com include:spf-00a39001.pphosted.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:486cd14210f0815@rep.dmarcanalyzer.com,mailto:dmarc@nykaa.com; ruf=mailto:486cd14210f0815@for.dmarcanalyzer.com; fo=1
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfR5vSgLbOyWe1y1RIpRq04jZ3NANaTOsfK55QM3+gM5ow9ry6PTy/kL/YaeUKsKqGPLiK/CdcuGkBSbis6S…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2X5kh49BJFQGY5PM4r17wBdYeHJ0imj0N/f85O35WjbyhAndYx6gpoOVxxmMrHJaCJFj9+nXdYvwVRLYoA…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdFFfd+rC8EIvPLaggxLOZ4D4KlhtkfameUyaQaNQ8qpDqAmlm5TSNBhgwBAeLVtDawpVTfy9ooc/UhlFoXbczuZ…
selectors probed

Certificate (current)

Amazon RSA 2048 M04
from 2026-03-15 to 2026-09-29
Expires in 132 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.nykaa.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
img-src 'self' data: *.nykaa.com *.naikaa.com fsnecommerce.sc.omtrdc.net evbk.gamooga.com webevbk.gamooga.com www.google-analytics.com www.google.com www.google.co.in www.facebook.com stats.g.doubleclick.net cm.everesttech.net www.googletagmanager.com *.criteo.net *.criteo.com www.youtube.com dpm.demdex.net cm.g.doubleclick.net www.gstatic.com m.youtube.com cdn-jp.gsecondscreen.com *.googlesyndication.com googleads.g.doubleclick.net d286adtp3hdk00.cloudfront.net;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nykaa.com *.naikaa.com assets.adobedtm.com www.googletagmanager.com www.google-analytics.com www.googleadservices.com *.criteo.net *.criteo.com connect.facebook.net cdn-jp.gsecondscreen.com googleads.g.doubleclick.net apis.google.com *.netcoresmartech.com ae.gsecondscreen.com evbk.gamooga.com webevbk.gamooga.com *.speedcurve.com nykaa.verloop.io cdn-ops.verloop.io cdn.speedcurve.com lux.speedcurve.com cdn.nykaaman.com https://11310639.fls.doubleclick.net/activityi googleads.g.
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Linked from (6)