indexo.dev

ugg.com

.com crawl

First seen 2026-04-24 · Last seen 2026-05-18 · ok HTTP/1.1 200 1009 ms crawled 2026-05-18

NL · 151.101.206.137 · AS54113 Fastly, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
UGG® Official | Boots, Slippers & Shoes | Free Shipping & Returns
Description
It's always UGG® season. Find the perfect boots, slippers, sneakers, and sandals to complete your look - from statement fluffy platforms to cozy house shoes, we have you covered.
Language
en-US
Canonical
https://www.ugg.com/

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights
Cookie consent
  • Osano
Fonts
  • Adobe Fonts
Third-party hosts loaded (14)
  • cdn.dynamicyield.com×4
  • sitegenesis.production.deckers.coremedia.cloud×4
  • rcom.dynamicyield.com×2
  • st.dynamicyield.com×2
  • use.typekit.net×2
  • cdn.attn.tv×1
  • cdn.cquotient.com×1
  • cmp.osano.com×1
  • collect.tealiumiq.com×1
  • dms.deckers.com×1
  • js.datadome.co×1
  • res.cloudinary.com×1
  • static.cloudflareinsights.com×1
  • tags.tiqcdn.com×1

Social

Registration

Registrar
MarkMonitor Inc.
Created
1997-09-25
Expires
2026-09-24 127 days left
Updated
2025-08-23
Name servers
  • edns3.ultradns.biz
  • edns3.ultradns.com
  • edns3.ultradns.net
  • edns3.ultradns.org
  • ns10.ultradns2.com
  • ns10.ultradns2.org

DNS records live

NS
  • edns3.ultradns.biz
  • edns3.ultradns.com
  • edns3.ultradns.net
  • edns3.ultradns.org
  • ns10.ultradns2.com
  • ns10.ultradns2.org
MX
  • 10 mxa-00352c01.gslb.pphosted.com
  • 10 mxb-00352c01.gslb.pphosted.com
TXT
Show 10 TXT records
  • openai-domain-verification=dv-zyZWqJAnOC52Nj0vfFsERzuv
  • rovag_verification_token=CC91A63F24414C5C93D1F26A0D46E477
  • facebook-domain-verification=ktent2jcf1lf62ekphh8211qcwsecs
  • google-site-verification=2nDG5fEd00j_diDt_ljtMDiYKq8-fIkHYtVP4CRUhWk
  • 72e2ec42199541ed8bd0b97310522797
  • _87km4hcb6fuidr4y78rk3ymp2xzx2u4
  • _l252whqii9o0y1ghwoop4nmg6wem5u6
  • klaviyo-site-verification=RWHgpB
  • klaviyo-site-verification=SkjhYr
  • lucid-verification=<fmt9gwezymu1a08s33ju>

Email authentication strong

SPF
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NErJp03A71twiMOpkohUSq7/hIHY5dhNquF6D6ml/JoXHOPSJWIXVBmO9j96BPyCKcd2vYRo/gDk1…
  • k1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ5CBNnsRSjOYOxiIRxyPmYbNoDHPCnLJpKVxFXTOT69T/fPy//t8U9loHR9pi8lwyWuGst1CarMx+WX62Ei…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2025-07-07 to 2026-07-07
Expires in 48 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.ugg.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
content-security-policy
default-src blob: data: ws: 'unsafe-inline' 'unsafe-eval' *.ugg.com dms.deckers.com *.demandware.net *.commercecloud.salesforce.com *.sandbox.us01.dx.commercecloud.salesforce.com via.placeholder.com *.deckers.layer0-perma.link *.cquotient.com d.emails.teva.com email.ugg.com email.hoka.com email.koolaburra.com email.sanuk.com email.teva.com *.emails.teva.com blog.ugg.com events.hoka.com *.hokaoneone.com *.hokaoneone.eu *.hokaoneone.jp blog.uggaustralia.com www.teva-eu.com scripts.deckers.com rum.ingress.edgio.net *.g.doubleclick.net edgeshoppingstatic.azureedge.net s.retargeted.co *.joinhoney.com d3nocrch4qti4v.cloudfront.net df45ay5pw60dy.cloudfront.net *.arcot.com api.v2.sprocket.bz *.sprocket.bz sprocket-ping.s3.amazonaws.com assets.v2.sprocket.bz assets.sprocket.bz cx.atdmt.com cdn.optimizely.com *.bglobale.com *.formstack.com rum.browser-intake-datadoghq.com *.deckers.coremedia.cloud rum-http-intake.logs.datadoghq.com browser-intake-datadoghq.com www.datadoghq-browser-agent.com rum
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (7)

Linked from (2)