indexo.dev

ahlens.se

.se crawl

First seen 2026-05-12 · Last seen 2026-05-18 · ok HTTP/1.1 200 27236 ms crawled 2026-05-18

SE · 193.14.90.203 · AS1257 Tele2 SWIPnet

Reputation 100/100

Classifying

HTML metadata

Title
Åhléns - Online & Varuhus
Description
Hos Åhléns hittar du det senaste inom mode, skönhet, inredning från mängder av populära varumärken. Fri frakt och retur till ditt varuhus. Betala enkelt med Swish. Beställ senast 17/12 för leverans innan jul!
Language
sv-SE
Canonical
https://www.ahlens.se/

Open Graph

url
https://www.ahlens.se/
title
Åhléns - Online & Varuhus
description
Hos Åhléns hittar du det senaste inom mode, skönhet, inredning från mängder av populära varumärken. Fri frakt och retur till ditt varuhus. Betala enkelt med Swish. Beställ senast 17/12 för leverans innan jul!

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Google Analytics
  • Google Tag Manager
Third-party hosts loaded (9)
  • cdn.media.amplience.net×32
  • ahlens.a.bigcontent.io×12
  • www.googletagmanager.com×3
  • ajax.googleapis.com×2
  • delivery.consentmanager.net×2
  • www.google-analytics.com×2
  • apis.google.com×1
  • pay.google.com×1
  • try.abtasty.com×1

Social

DNS records live

NS
  • hasslo.ns.cloudflare.com
  • melody.ns.cloudflare.com
MX
  • 0 ahlens-se.mail.protection.outlook.com
TXT
Show 21 TXT records
  • jxw9k9b0w8pdql7g2fc0s2bjky3ctrwg
  • teamviewer-sso-verification=27f2c58532224c30a3f26013a8db7e1e
  • cloudflare_dashboard_sso=3304993ce0387917ddfd2a5f09b8fe8a
  • BxGHrCYbboHWpY2cSZQOfuIaTVkUyi1Z9DfpzLnklQbmRW77D1RKrygy4u1EgWvbMTQFCuBCy9JyBQ2RLQf3xw==
  • apple-domain-verification=RnE8SANStpnkWJsY
  • _acgopr05hl78eh05220cjguxij3csox
  • anthropic-domain-verification-gmc6sr=f0ydr29es1gBr4BpceRuCnBCC
  • facebook-domain-verification=jh5s1j7d9zcls59jlyu8wecb1ljzdc
  • _9q50uu9ow8uzqavv4nsmm5fkiwdcsti
  • _phaqowww2mniv3365633l1pzhmv95kt
  • h3vsy53556ywvbxrzmx7mbm6nwtybwg5
  • openai-domain-verification=dv-H50XL77nYmrSpWWNBzOZx89X
  • MS=ms14011775
  • bx0h65lfrhfxtq95h3rzr25vt7cvk98l
  • miro-verification=cddb09683633ab89a6c109a34cb82f17d666a376
  • _fl7s1971e6ner39apl5w85p4vfzzzl5
  • google-site-verification=DqhJguFL27j53YyGJTORBYZl3mn74tem40KKAt9haJk
  • 7ntv49pn93rhjwx337rw0c5hvy1xhhs4
  • adobe-idp-site-verification=5c9eaa6d7d9a66579cc8f4443e8f707ab0db2136547bba93555c5468a50b0f08
  • fed8b7089b94524da4cf3be53800cbc0
  • kkcg53pwbqx391wy2fvng0y8h1hqmlcz

Email authentication strong

SPF
v=spf1 ip4:193.235.154.128/25 ip4:193.44.76.0/22 ip4:192.243.255.167 ip4:192.243.255.168 ip4:3.120.181.200 ip4:217.198.75.209 ip4:3.120.181.201 ip4:3.120.181.202 ip4:192.28.144.160 ip4:52.143.59.192 include:spf.protection.outlook.com include:emaileuc.freshservice.com include:spf.tipimail.com include:neolane.net include:mail.zendesk.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; adkim=s; aspf=s; rua=mailto:cholfqsx@ag.eu.dmarcadvisor.com,mailto:rua@dmarc.portsgroup.com; ruf=mailto:dmarc-failures@ahlens.se
policy: quarantine
DKIM
Show 4 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxDepiV1++2xBL9nGWX+WsftDXUwb175NhdcI8qnFYh9lS0CA1U6hyXZnekQo2I64RO8fQ3mUeIYsW…
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChPWCnl5d4M4zLmd5ZHQtI0G45gnEcTYihFo6nnBKcEaVOGedpwlZ5sCogjwum8ByQ2FcJLaC/mPREwVpL6l…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodTvSs59GXQTFzvA9VYzqAxSvGY33yiyjduN9qUVuu6g+gbqjMT1lI0uuIBHGJS8Mk6aV5bM0Q45HPw09m…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr09X1I0z0x8fPpCM+PxE5V666cuT8Kl7SBRVRmMBcJOdSpJAszNUGNoiaHnfGnW/sa2QMvXusPWIyVbZxg…
selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2025-08-14 to 2026-08-28
Expires in 100 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.ahlens.se/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
interest-cohort=()
x-content-type-options
nosniff
content-security-policy
frame-src 'self' *.abtasty.com *.adyen.com *.ingrid.com *.googletagmanager.com *.google.com *.consentmanager.net *.bigcontent.io *.cloudflare.com *.klarna.com *.facebook.com *.ahlens.se *.klarnaservices.com; script-src 'self' abtasty.com *.abtasty.com bing.com *.bing.com bloomreach.com *.bloomreach.com cdn-apple.com *.cdn-apple.com cloudflare.com *.cloudflare.com consentmanager.net *.consentmanager.net doubleclick.net *.doubleclick.net facebook.net *.facebook.net getflowbox.com *.getflowbox.com google.com *.google.com googlesyndication.com *.googlesyndication.com googletagmanager.com *.googletagmanager.com hotjar.com *.hotjar.com ingrid.com *.ingrid.com klarnacdn.net *.klarna.app *.klarnacdn.net maps.googleapis.com *.maps.googleapis.com 'unsafe-inline' 'unsafe-eval'; worker-src 'self' blob:; report-uri https://browser-intake-datadoghq.eu/api/v2/logs?dd-api-key=puba597d5fce94699c4cb23194bffe9965a&dd-evp-origin=content-security-policy&ddsource=csp-report; report-to dd-log
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy
same-site; report-to="default";
cross-origin-embedder-policy
require-corp; report-to="default";
cross-origin-resource-policy
same-site

Links to (3)

Linked from (2)