cpfworldwide.com

HTML metadata

Title: CPF Worldwide | Sustainable Food Production
Description: CPF Worldwide operates integrated agro-industrial and food businesses, providing high quality products through sustainable food production.
Language: en
Canonical: https://www.cpfworldwide.com/en/home

Open Graph

title: CPF Worldwide | Sustainable Food Production
description: CPF Worldwide operates integrated agro-industrial and food businesses, providing high quality products through sustainable food production.

Technology

CDN: Cloudflare

Social widgets

YouTube Embed

Third-party hosts loaded (3)

cdn.jsdelivr.net×2
www.youtube.com×2
cdn-app.cp-cmpd.com×1

Social

Contact

Phone

6627668000

Registration

Registrar

DotArai Co., Ltd.

Created

2007-07-17

Expires

2028-07-17 789 days left

Updated

2018-07-18

Name servers

pam.ns.cloudflare.com
rick.ns.cloudflare.com

DNS records live

NS

pam.ns.cloudflare.com
rick.ns.cloudflare.com

TXT

Show 4 TXT records

google-site-verification=v_7JamWwlZ4AiEj56NF8sTm8IysQBEDxlO8MRpOcKiE
google-site-verification=yulsR-BRaoYgsfuqsaZXmMyQFSQxuG5E6iD1zf1YJTo
google-site-verification=2vlA01jhokOlFrdn1Vm48FscbBD3Zf3jSQ1Ee443vn8
google-site-verification=QFyUp4o4KY_GtNKkPfOH6-k87xXYXazfW_yyJUlEPvM

Email authentication no MX

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-22 to 2026-07-21

Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.cpfworldwide.com/en/home

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: ALLOW-FROM https://pdfviewer.praneat.com
permissions-policy: accelerometer=(self "https://www.youtube.com"),autoplay=(self "https://www.youtube.com"),camera=(),clipboard-write=(self "https://www.youtube.com"),document-domain=(),encrypted-media=(self "https://www.youtube.com"),fullscreen=(),geolocation=(),gyroscope=(self "https://www.youtube.com"),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(self "https://www.youtube.com"),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),web-share=(self "https://www.youtube.com"),xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; connect-src 'self' *.algolianet.com *.algolia.net *.amplitude.com *.clarity.ms cloudflareinsights.com *.doubleclick.net *.facebook.com/privacy_sandbox/topics/registration/ *.google-analytics.com analytics.google.com *.googletagmanager.com cdn.jsdelivr.net *.segment.com *.segment.io *.tiqcdn.com *.tiqcdn.cn; default-src 'self'; font-src 'self' data: cdnjs.cloudflare.com; frame-ancestors https://staging-tsx2021.thailandsustainabilityexpo.com https://tsx2021.thailandsustainabilityexpo.com; frame-src 'self' *.facebook.com https://pdfviewer.praneat.com *.youtube.com; img-src 'self' blob: data: c.bing.com cdn.ckeditor.com c.clarity.ms cdnjs.cloudflare.com *.cp-cmpd.com *.facebook.com *.google-analytics.com https://www.google.co.th/ads/ga-audiences *.googletagmanager.com *.webtrendslive.com *.ytimg.com *.youtube.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.amplitude.com *.clarity.ms *.cloudflare.com static.cloudflareinsights.com cdn.ckeditor.com *.doubleclic
strict-transport-security: max-age=31536000; includeSubdomains; preload
cross-origin-opener-policy: same-origin; report-to="default";
cross-origin-embedder-policy: require-corp; report-to="default";
cross-origin-resource-policy: same-site