indexo.dev

allchemet.ch

.ch crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 989 ms crawled 2026-06-01

AT · 194.93.114.220 · AS50598 SFS Group Schweiz AG

Reputation 100/100

Classifying

HTML metadata

Title
Allchemet | Ihr Online Shop für Befestigung, Beschläge, Chemie, Werkzeuge und Maschinen
Description
Allchemet - Ihr Partner für Befestigung, Beschläge, Chemie, Werkzeuge und Maschinen
Language
de-CH
Canonical
https://www.allchemet.ch/de/
Translations
  • de
  • fr

Technology

Server
Apache
Analytics
  • Google Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot

Third-party hosts loaded (6)

  • www.googletagmanager.com×2
  • consent.cookiebot.com×1
  • consentcdn.cookiebot.com×1
  • widget.usersnap.com×1
  • www.google-analytics.com×1
  • www.googleoptimize.com×1

DNS records live

NS
  • dns1.sfs-network.biz
  • dns1.sfs-network.ch
  • dns2.sfs-network.biz
  • dns2.sfs-network.ch
  • dns3.sfs-network.biz
  • dns3.sfs-network.ch
MX
  • 10 mail1.sfs.biz
  • 10 mail2.sfs.biz
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:_spf.sfs.biz -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:mailreports@dmarc.sfs.biz;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-04-27 to 2026-07-26
Expires in 53 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.allchemet.ch/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
allow-from sameorigin https://local.sfs-intra.net:9002/ https://unishoppimqas.sfs-intra.net/ https://unishoppim.sfs-intra.net/ https://local.sfs.ch:9002/
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://local.sfs-intra.net:9002/ https://unishoppimqas.sfs-intra.net/ https://unishoppim.sfs-intra.net/ https://local.sfs.ch:9002/;object-src 'none';script-src 'self' blob: https://connect.facebook.net https://snap.licdn.com https://googleads.g.doubleclick.net https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://maps.googleapis.com https://newsletter.sfs.biz *.googletagmanager.com *.cookiebot.com https://oxomi.com http://oxomi.com 'unsafe-eval' 'unsafe-inline' https://userlike-cdn-umm.b-cdn.net https://pay.sandbox.datatrans.com https://static.asknice.ly https://pay.datatrans.com https://www.clarity.ms https://www.googleadservices.com
strict-transport-security
max-age=31536000 ; includeSubDomains
cross-origin-opener-policy
same-origin

Linked from (2)