indexo.dev

cinnabon.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-08 · ok HTTP/1.1 200 5347 ms crawled 2026-05-07

US · 104.209.178.67 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Cinnabon Bakery Restaurant: Cinnabon Local Bakery Near You
Description
Cinnabon bakery restaurant known for cinnamon rolls, cinnamon products, coffee and frozen drinks. World famous flavors. The sweetest brand on earth.
Language
en
Canonical
https://www.cinnabon.com

Open Graph

url
https://www.cinnabon.com
title
Cinnabon Bakery Restaurant: Cinnabon Local Bakery Near You
locale
en_US
description
Cinnabon bakery restaurant known for cinnamon rolls, cinnamon products, coffee and frozen drinks. World famous flavors. The sweetest brand on earth.

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (5)

  • cdn.optimizely.com×1
  • resources.digital-cloud-west.medallia.com×1
  • truyoproductionuscdn.truyo.com×1
  • www.google.com×1
  • www.googletagmanager.com×1

Registration

Registrar
MarkMonitor Inc.
Created
1997-03-14
Expires
2028-03-15 665 days left
Updated
2026-02-11
Name servers
  • ha1.markmonitor.zone
  • ha2.markmonitor.zone
  • ha3.markmonitor.zone
  • ha4.markmonitor.zone

DNS records live

NS
  • ha1.markmonitor.zone
  • ha2.markmonitor.zone
  • ha3.markmonitor.zone
  • ha4.markmonitor.zone
MX
  • 10 us-smtp-inbound-1.mimecast.com
  • 10 us-smtp-inbound-2.mimecast.com
TXT
Show 19 TXT records
  • duo_sso_verification=eR15pUAH750YIjacVK4o5cHtwvxfI1U5MauxTgDEOUhtuWtLYOvHXcBaYhM4va3C
  • 5mqs8j5gwznnw6ndc2n4q7pzvx6wzsc6
  • ZOOM_verify_qnBo3fTBSZa4-bfv8kk7mw
  • webexdomainverification.J8G4=4529bf5b-84a4-4d6a-a564-fa993f01c3dd
  • google-site-verification=Xz_59GEUDFWv5KBikDL3T6OVj0RQGJISbv_0vqNGhjo
  • kMBJgJVzUqVmGxd2RqJXb48FZXOC/pMhGJOzJAhSUXdGY+UU72U+/HSyNIXYU67Sx05e8hJlNk/6SZkzANfd/g==
  • fb-sitecore-prod-cd.azurewebsites.net.
  • google-site-verification=WnDKb3cKZL0ccXisqNwgorZH_73LOjbJNCFj-TzGBcs
  • atlassian-domain-verification=yL9rtb1CxUM7r6WMcutM27g7Jflrl12h5JZtaipFPr0fnpdIAy0Dwy3X2xh0W0d0
  • fb-prod-utility.azurewebsites.net
  • 202605070906333x5fspob37dbz22xag7mv8mu3mkq6iv5v755810y3uydc26mlk
  • google-site-verification=wGNhlnukktCz1mfXFhBXNaGZ9zm-DTHpW_E33Ch0sss
  • box-domain-verification=ef723833912567302b68da96e8a8d1e03329235a7d485b11c94078804dc8b9ff
  • ibmid=4b2ba6ca-9799-472d-8718-583d708fa676
  • google-site-verification=o3Y6U-PC02zK3x2vcUVtk9-H7TUZH9pFDVvS13ET7Ms
  • smartsheet-site-validation=gdas6_aCRjbc7CSDMvD7Wm_u91werEO8
  • XL1nUQUIsiv8fIYS3TWQUhKXJo7gT4QvW2LmqwRs1FGH7Bl7nJEG6am/AYJZKe7dD7YZVHeFkKAYp4ETcyTOkg==
  • 2lXwjkJBvoOhPL03iMskp0WWdimVAQgud2rm1v/wC/vt5x9T9kup0ease0G0csVdsdeHnzZTgyvS7HTLcgNIcQ==
  • facebook-domain-verification=335el05k0l1ar6c00wwe1x7ky8c5ir

Email authentication strong

SPF
v=spf1 include:_spf.cinnabon_com._d.easydmarc.pro ~all
softfail (~all)
DMARC
v=DMARC1;p=reject;sp=none;pct=100;rua=mailto:16223669ec@rua.easydmarc.us;ruf=mailto:16223669ec@ruf.easydmarc.us;ri=86400;fo=1;
policy: reject (enforced) · sp=none
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgcWQ+2EGTMpdbCkpQNQcemJ/C0Vk/DZsA1LPkbb1DucfNqjLVLKDoNKSVTduLxx+dzU067ObICaOINk3scV…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/ZBN5d9JXaDiLafn1ocopQEt7QOK8JCx5rHAl70jg41a5sgXUoBDQ+CI2gqrqUVs6OlGKvD7NDaeD0ZSL…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+x5cIYm6IrjmnuNy/VpplMrSMbAHTixG6fgX3L2oJZdy2np+lCdl4zFzKW454mNbiSHECDbj20AFMl0DsIXdims…
selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1
from 2025-10-20 to 2026-11-21
Expires in 185 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.cinnabon.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
no-referrer-when-downgrade
permissions-policy
camera=(self), battery=(self), browsing-topics=(), geolocation=(self)
x-content-type-options
nosniff
content-security-policy
object-src 'self' data:; upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self' https://*.contentful.com https://x.c.cinnabonswirl.com/; https://truyostagingcdn.truyo.com/ https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://resources.digital-cloud-west.medallia.com/ http://resources.digital-cloud-west.medallia.com/ https://www.googletagmanager.com https://va.vercel-scripts.com/ https://cdn.quantummetric.com/ https://bat.bing.com/ https://sc-static.net/ https://static.hotjar.com/ https://js.adsrvr.org/ https://s.adroll.com/ https://connect.facebook.net/ https://try.abtasty.com/ https://tags.srv.stackadapt.com/ http://rum-static.pingdom.net/ https://analytics.tiktok.com/ https://d.adroll.com/ https://tr.snapchat.com/ https://truyoproductionuscdn.truyo.com/ https://vercel.live/ https://script.hotjar.com/ https://md-scp.kampyle.com/ https://hpc.uat.freedompay.com/ https://client.px-cloud.net/ https://olocdnsandbox.s3.amazonaws.com https://hpc.freedompay.com h
strict-transport-security
max-age=31536000; includeSubDomains; preload

Linked from (4)