indexo.dev

tpa-group.com

.com crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 703 ms crawled 2026-05-30

AT · 195.162.0.106 · AS47692 Nessus GmbH

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Die TPA Gruppe: Audit, Legal, Buchhaltung, Steuerberatung in CEE/SEE
Description
Die TPA Gruppe zählt zu den führenden Steuerberatungsunternehmen: Buchhaltung, Audit, Legal & Steuerberatung in CEE /SEE!
Language
de-DE
Generator
WPML ver:4.8.1 stt:1,3;
Canonical
https://www.tpa-group.com/
Feeds

Open Graph

url
https://www.tpa-group.com/
title
Die TPA Gruppe: Audit, Legal, Buchhaltung, Steuerberatung in CEE/SEE
locale
de_DE
site name
www.tpa-group.com
description
Die TPA Gruppe zählt zu den führenden Steuerberatungsunternehmen: Buchhaltung, Audit, Legal & Steuerberatung in CEE /SEE!

Technology

Server
nginx
CMS
WordPress
PHP
8.4.18
jQuery
3.7.1
Cookie consent
  • Cookiebot

Third-party hosts loaded (2)

  • consent.cookiebot.com×1
  • gmpg.org×1

Contact

Phone

Registration

Registrar
Vautron Rechenzentrum AG
Created
2016-02-11
Expires
2027-02-11 255 days left
Updated
2026-02-12
Name servers
  • ns1.its-tpa.com
  • ns2.its-tpa.com
  • rz2-ns3.its-tpa.com

DNS records live

NS
  • ns1.its-tpa.com
  • ns2.its-tpa.com
  • ns4.its-tpa.com
  • rz2-ns3.its-tpa.com
MX
  • 10 pmg01.its-tpa.com
  • 10 pmg02.its-tpa.com
Verified for
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 mx include:its-tpa.com -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

ZeroSSL ECC DV SSL CA 2
from 2026-04-15 to 2026-07-15
Expires in 44 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.tpa-group.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
no-referrer-when-downgrade, origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
interest-cohort=(), accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=*, magnetometer=*, microphone=*, midi=*, navigation-override=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
: same-site

Links to (5)

Linked from (4)