nescafe.com

HTML metadata

Title: Virallinen Nescafé®-sivusto | Nescafé FI
Description: Kaipasitpa sitten espressoshottia, ylellistä lattea tai kylmää nitrokahvia, meillä on sitä tarjolla. Kaikki alkaa Nescafé®-kahvista
Language: fi-fi
Canonical: https://www.nescafe.com/fi/

Open Graph

url: https://www.nescafe.com/au/
title: Etusivu
site name: Nescafé FI
description: Katso, kuinka NESCAFÉ® vaikuttaa sinuun, kahviyhteisöihin ja koko maailmaan

Technology

Server: nginx
CMS: Drupal

Third-party hosts loaded (1)

cdnjs.cloudflare.com×3

Social

Contact

Address: Finland

Registration

Registrar

Nom-iq Ltd. dba COM LAUDE

Created

1996-10-20

Expires

2026-10-19 152 days left

Updated

2025-09-19

Name servers

amsdns1.nestle.com
aoadns1.nestle.com
ctrdns1.nestle.com
eurdns1.nestle.com

DNS records live

NS

amsdns1.nestle.com
aoadns1.nestle.com
ctrdns1.nestle.com
eurdns1.nestle.com

MX

10 mailhost.nescafe.com
99 fallback.mail.pipex.net

TXT

Show 13 TXT records

google-site-verification=cuZxTxVL73HDRCfVGMLcBqhfPHYYobWHBUNbOeg73Jk
2p286lh313jcswxvdywgtrxbgs2h6f3g
ksh17clv51wyphmkw7zvf7df47xkrgtj
rxbc7xr3r142k9767pg8b3cf1pp8zlpg
tnRMpGMp5DppeMBgitpO31Qg4dXY3MakYXJJsERGEN4
facebook-domain-verification=jt66irg44eq6l499aau76c953w840q
google-site-verification=3FoTGxlP2L8JHHg2DwlJ-0OzZn2HpsVmhheHsRN5VZA
google-site-verification=BowsfQ7BbV0icys3zMJf-4x9g0_fSfJcqe-2JS-2Zek
google-site-verification=GEynNcAte45MV9rCIWssS74N6yyfqIUD5u9wuh97Sc8
google-site-verification=Ge2fU_dAL3ECS1szP9Vepr2pRuIpyPn8FfedYB2WG5I
google-site-verification=M-QLhnhGIlSwH9Clmkui7sO-Rk0vio2HaUZe-X_lz-g
google-site-verification=MF8KxelTvrKaZ1BVeRlLqHdwZNCDlNeINR8Kiggi3hs
google-site-verification=YcwyqpAnwgdKHXgQuApr9-QInh7nucu3vaJ_nJM_Obk

Email authentication strong

SPF

v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email

policy: reject (enforced)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3X3bHO2ffxgcXLcGRtm81IxLxIMZ7nYycXSP5hLyfvo06N/M3MQpgvC+mf70b5aK8iLPMdD5GgVtG3yI3S…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvYQzOWdYuB59B/zW1RHy41TIgngXdQqh6K/0/u4xdpEw6LGTAvBiS9crgKsOObrG/IzboZXYVHPlEAEBAt7bRTy…

selectors probed

Certificate (current)

Certainly Intermediate R1

from 2026-04-27 to 2026-05-27

Expires in 7 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.nescafe.com/fi/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
missing Referrer Policy

Header values

x-frame-options: ALLOW-FROM https://tintup.com
permissions-policy: camera=self, geolocation=self
x-content-type-options: nosniff
content-security-policy: default-src self *.sessioncam.com *.cloudfront.net *.mouseflow.com; script-src *.gbqofs.com *.gbqofs.io *.cloudfront.net *.sessioncam.com *.adimo.co *.usabilla.com *.googleoptimize.com 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.googletagmanager.com *.google-analytics.com *.google.com *.google.co.uk *.newrelic.com *.cloudflare.com brand-ecommerce-assets.fusepump.com *.youtube.com s.ytimg.com *.evidon.com code.jquery.com *.doubleclick.net https://www.gstatic.com *.gigya.com https://bv.js *.bazaarvoice.com *.adimo.co *.nescafe.com *.nestle.com *.google.com *.jsdelivr.net/npm/fraction.js@4.2.0/fraction.min.js *.tintup.com *.tintup.com https://tintup.com/app/dist/embedded.js *.facebook.net *.nr-data.net *.hypemarks.com *.jsdelivr.net unpkg.com *.nestle.co.uk *.windows.net *.iesnare.com *.qualifio.com *.ownid.com *.cookielaw.org *.segment.com *.amazon-adsystem.com *.adsrvr.org blob: *.googleapis.com qualtrics.com *.qualtrics.com zntjwxhnqvlqjufk1-nestleglobalmktg.siteintercept.
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31622400; includeSubDomains; preload