indexo.dev

herbalessences-th.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-08 · ok HTTP/1.1 200 3192 ms crawled 2026-05-08

US · 150.171.109.100 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
ผลิตภัณฑ์ดูแลเส้นผมจากธรรมชาติที่สกัดจากพืชแท้ | Herbal Essences TH
Description
ค้นพบแชมพูและครีมนวดผมจากธรรมชาติที่อุดมไปด้วยสารสกัดจากพืชแท้ๆ ฟื้นฟูผมให้เรียบลื่นและมีสุขภาพดีด้วยสูตรจากพืชของ Herbal Essences ในประเทศไทย
Language
th-TH
Canonical
https://herbalessences-th.com/th-th/

Open Graph

url
https://herbalessences-th.com/th-th/
title
Hair Care and Styling Products | Herbal Essences
description
Herbal Essences แนะนำผลิตภัณฑ์ดูแลเส้นผมชั้นนำ ด้วยพลังพฤกษาทุกครั้งที่สระผม สัมผัสธรรมชาติด้วยผลิตภัณฑ์ดูแลเส้นผม

Technology

CDN
Azure Front Door
CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • images.ctfassets.net×4
  • www.googletagmanager.com×1

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2020-11-18
Expires
2026-11-18 182 days left
Updated
2025-11-14
Name servers
  • ns1-01.azure-dns.com
  • ns2-01.azure-dns.net
  • ns3-01.azure-dns.org
  • ns4-01.azure-dns.info

DNS records live

NS
  • ns1-01.azure-dns.com
  • ns2-01.azure-dns.net
  • ns3-01.azure-dns.org
  • ns4-01.azure-dns.info
TXT
  • google-site-verification=_r2Kt1fJtIiWBXc7stp_xl5xVdMUu5j1LkCON0uv3do

Email authentication no MX

SPF
not published
DMARC
V=DMARC1; P=none; adkim=r;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA OV R40
from 2025-10-02 to 2026-11-02
Expires in 166 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://herbalessences-th.com/th-th/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' locate.pricespider.com api.tiles.mapbox.com pghub.io *.pricespider.com *.bazaarvoice.com cdn.pricespider.com wtbevents.pricespider.com cdn.cookielaw.org *.iesnare.com *.mpsnare.com connect.facebook.net *.crazyegg.com *.adsrvr.org *.bazaarvoice.com *.google-analytics.com *.googletagmanager.com blob: https://cscoreproweustor.blob.core.windows.net https://cdn.channelsight.com/widget/scripts/cswidget.js https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js https://dc.services.visualstudio.com/v2/track; style-src 'self' 'unsafe-inline' *.pricespider.com *.bazaarvoice.com cdn.pricespider.com api.tiles.mapbox.com fonts.googleapis.com https://cscoreproweustor.blob.core.windows.net https://cdn.channelsight.com/widget/scripts/cswidget.js https://js.monitor.azure.com/scripts/b/ai.3.gbl.min.js https://dc.services.visualstudio.com/v2/track https://cdn.channelsight.com/widget/styles/cswidget-1.css?v=1721995850471; media-src 'self'
strict-transport-security
max-age=31536000; includeSubdomains

Linked from (2)