weproudlyservestarbucks.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-16 · ok HTTP/1.1 200 473 ms crawled 2026-05-13

US · 23.185.0.4 · AS54113 Fastly, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: We Proudly Serve Starbucks® Coffee Programme | Choose your location
Description: Elevate your offer with the We Proudly Serve Starbucks® Coffee Programme. Great coffee in your environment!
Language: en-GB
Canonical: https://weproudlyservestarbucks.com/

Open Graph

title: Countries-EN
image:url: https://weproudlyservestarbucks.com/sites/default/files/2021-05/logo.png
site name: We Proudly Serve Starbucks

Technology

Server: nginx
CMS: Drupal

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Registration

Registrar

CSC Corporate Domains, Inc.

Created

2021-06-02

Expires

2026-06-02 12 days left

Updated

2025-05-29

Name servers

udns1.cscdns.net
udns2.cscdns.uk

DNS records live

NS

udns1.cscdns.net
udns2.cscdns.uk

TXT

weproudlyservestarbucks.com

Verified for

Google
Meta

Email authentication no MX

SPF

not published

DMARC

v=DMARC1; p=none; rua=[dmarc_agg@vali.email|mailto:dmarc_agg@vali.email];

policy: none (monitoring only)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzw28KcSiwwbbitV8MV/JZ5iYv1mNjnKHZNGohSu3X77V8Bkd2Q59hCci/I0W5IWEjvYu28tPw4LdjaIM3…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuHFVhweKX3/ow7ikkGaWMzJdnuzrO3NCbRJBtW9aPrWRZEcSKR/beQskVJgf2BdvIt1UMhdb2w12MRB7/…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2025-09-04 to 2026-09-05

Expires in 107 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://weproudlyservestarbucks.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: ALLOW-FROM https://test-75547-weproudlyservestarbucks-unitedkingdom.pantheonsite.io
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' 'self' *.sessioncam.com *.cloudfront.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.sessioncam.com *.cloudfront.net *.googletagmanager.com *.google-analytics.com *.google.com *.google.co.uk *.newrelic.com *.betrad.com bam.nr-data.net static.addtoany.com https://cdnjs.cloudflare.com brand-ecommerce-assets.fusepump.com *.youtube.com s.ytimg.com *.evidon.com code.jquery.com d22xmn10vbouk4.cloudfront.net *.serving-sys.com 7225833.collect.igodigital.com connect.facebook.net stats.g.doubleclick.net https://cdn.hypemarks.com http://cdn.hypemarks.com https://www.gstatic.com *.krxd.net cdn.adimo.co display.ugc.bazaarvoice.com *.bazaarvoice.com mpsnare.iesnare.com www.googleadservices.com static.hotjar.com bat.bing.com s.yimg.com sp.analytics.yahoo.com *.doubleclick.net script.hotjar.com *.nestle.co.uk google-analytics.com optimize.google.com https://www.googleoptimize.com https://player.vimeo.com/api/player.js *.gbqofs.io *.gbqo
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=300