pantene.com

.com crawl

First seen 2026-04-16 · Last seen 2026-05-17 · ok HTTP/1.1 200 2556 ms crawled 2026-05-11

US · 13.107.253.67 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title: Hair Products For All Hair Types. | Pantene
Description: Get shiny, healthy looking hair with Pantene shampoos, conditioners, styling products and hair treatments, designed to meet your hair's individual needs.
Language: en-US
Canonical: https://pantene.com/en-us

Technology

CDN: Azure Front Door
CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (3)

images.ctfassets.net×12
survey.olay.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

CSC Corporate Domains, Inc.

Created

1995-07-30

Expires

2026-07-29 71 days left

Updated

2025-07-25

Name servers

ns1-03.azure-dns.com
ns2-03.azure-dns.net
ns3-03.azure-dns.org
ns4-03.azure-dns.info

DNS records live

NS

ns1-03.azure-dns.com
ns2-03.azure-dns.net
ns3-03.azure-dns.org
ns4-03.azure-dns.info

MX

10 mxa-0019c602.gslb.pphosted.com
10 mxb-0019c602.gslb.pphosted.com

TXT

Show 9 TXT records

pantene-us-prod.azurewebsites.net
google-site-verification=r_DstjEXEwIl2-VOsCvvUUOIch6NaajRxn-KI5BJjNM
MS=ms88113439
google-site-verification=95IHIVnu_oChVVdmaXkrLrqBxoEdwxVdbF3vNKyludk
google-site-verification=C8AAhhZ81toRZfP5McjWFkTgBQmCRMZz86YsIYvLnpE
google-site-verification=CGLS2Sge64UaouB0J8ATnty5_mThpBvZcqTf-NKfesM
google-site-verification=yMIzvppUz-GJPIexm-oQBbuZnvki8Dv-r1yMh9GrPzc
FBFF-BDED-EB50-9149-E678-E159-12F5-8795
pantene-prod.azurewebsites.net

Email authentication strong

SPF: v=spf1 include:pgipv4spf.pg.com include:spf.protection.outlook.com -all
strict (-all)
DMARC: v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email; ruf=mailto:MTY1NjMw@ruf.vali.email; fo=1; ri=3600
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA OV R40

from 2026-01-06 to 2027-02-06

Expires in 263 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://pantene.com/en-us

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: *.google.com *.googletagmanager.com *.fls.doubleclick.net *.tapad.com *.facebook.com *.bazaarvoice.com click2cart.co click2cart.com *.click2cart.com 2cart.net pgconsumersupport.secure.force.com *.youtube.com *.adsrvr.org pg-lex.my.salesforce-sites.com consumersupport.pg.com *.contentful.com *.segment.com privacytermsprod.azureedge.net *.pricespider.com https://cdn.rudderlabs.com https://*.rudderstack.com *.olay.com https://de-grafana-agent-prod.pg.com unpkg.com *.pghub.io https://*.jebbit.com *.curalate.com *.tiktok.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: *.google.com *.google-analytics.com *.googletagmanager.com *.moatads.com *.cookielaw.org *.crazyegg.com pghub.io *.facebook.net *.segment.com *.lytics.io *.bazaarvoice.com *.amazonaws.com *.haircode.com click2cart.co click2cart.com *.click2cart.com 2cart.net *.iesnare.com *.adsrvr.org api.ipify.org *.contentful.com *.pricespider.com cdnjs.cloudflare.com *.mapbox.com https://cdn.rudderlabs.c
strict-transport-security: max-age=31536000; includeSubdomains