indexo.dev

tefal.cz

.cz crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 2380 ms crawled 2026-05-30

US · 151.101.129.124 · AS54113 Fastly, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Tefal - Oficiální e-shop | Nádobí a spotřebiče
Description
Oficiální e-shop Tefal nabízí kvalitní nádobí, pánve a kuchyňské spotřebiče přímo od výrobce. Objevte akce a vybavte kuchyni chytře.
Language
cs
Canonical
https://www.tefal.cz/

Technology

CMS
Gatsby
Stack
PHP
Analytics
  • Google Tag Manager
Cookie consent
  • OneTrust
Third-party hosts loaded (10)
  • dam.groupeseb.com×12
  • cdn.cookielaw.org×2
  • cdn.luigisbox.tech×2
  • cdn.tagcommander.com×2
  • cdn.luigisbox.com×1
  • challenges.cloudflare.com×1
  • rum.hlx.page×1
  • scripts.luigisbox.com×1
  • scripts.luigisbox.tech×1
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • nsa.perf1.fr
  • nsb.perf1.com
  • nsc.perf1.com
MX
  • 10 mx1d10.thinline.cz
  • 20 mx1b20.thinline.cz
TXT
  • smv=5a3a11ebabf12668
  • 8lzX9H/guLCO6Ta37i+GNInwdgs5GKmv2BVKWQAthWM=
Verified for
  • GlobalSign
  • Google
  • Meta
  • Pinterest

Email authentication strong

SPF
v=spf1 include:_spf.jupiter.salesmanago.pl ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com,mailto:emailmanager@tefal.cz; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com,mailto:emailfailures@tefal.cz; adkim=r; aspf=r;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-05-01 to 2026-07-30
Expires in 60 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.tefal.cz/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(),midi=(),sync-xhr=(self),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=(self)
x-content-type-options
nosniff
content-security-policy
style-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes' cdn.cookielaw.org cdn.luigisbox.com cdn.luigisbox.tech service.force.com groupe-seb.my.salesforce.com geowidget.inpost.pl sandbox-easy-geowidget-sdk.easypack24.net fonts.googleapis.com account.groupeseb.com; style-src-attr 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes'; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-hashes' account.groupeseb.com cdn.cookielaw.org cdn.luigisbox.com cdn.luigisbox.tech scripts.luigisbox.com scripts.luigisbox.tech cdn.tagcommander.com *.tagcommander.com *.commander1.com cdn.trustcommander.net client.get-potions.com service.force.com *.salesforceliveagent.com challenges.cloudflare.com *.cloudflare.com *.cloudflareinsights.com maps.googleapis.com ssl.ceneo.pl *.salesmanago.pl groupeseb.salesmanago.com js-agent.newrelic.com www.googletagmanager.com widget.packeta.com groupe-seb.my.salesforce.com geowidget.inpost.pl connect.facebook.net pay.google.com locator.uberall.com wi
strict-transport-security
max-age=31557600
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site

Links to (7)

Linked from (1)