indexo.dev

tpa-group.cz

.cz crawl

First seen 2026-05-21 · Last seen 2026-05-30 · ok HTTP/1.1 200 1732 ms crawled 2026-05-27

AT · 195.162.0.106 · AS47692 Nessus GmbH

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Komplexní daňové a účetní poradenství- TPA Czech Republic
Description
TPA Group: komplexní daňové, účetní a poradenské služby v ČR. Využijte individuální přístup a dlouholeté zkušenosti pro úspěch vašeho podnikání.
Language
cs-CZ
Generator
WPML ver:4.8.1 stt:9,1,3;
Canonical
https://www.tpa-group.cz/
Feeds

Open Graph

url
https://www.tpa-group.cz/
title
Komplexní daňové a účetní poradenství- TPA Czech Republic
locale
cs_CZ
site name
TPA Czech Republic
description
TPA Group: komplexní daňové, účetní a poradenské služby v ČR. Využijte individuální přístup a dlouholeté zkušenosti pro úspěch vašeho podnikání.

Technology

Server
nginx
CMS
WordPress
PHP
8.4.18
jQuery
3.7.1
Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot

Third-party hosts loaded (4)

  • www.tpa-group.at×2
  • consent.cookiebot.com×1
  • gmpg.org×1
  • www.googletagmanager.com×1

Social

Contact

Email
Phone

Registration

Registrar
REG-ASCIO
Created
2016-07-12
Expires
2026-07-11 40 days left
Updated
2019-11-28
Name servers
  • ns1.its-tpa.com
  • ns2.its-tpa.com
  • rz2-ns3.its-tpa.com

DNS records live

NS
  • ns1.its-tpa.com
  • ns2.its-tpa.com
  • rz2-ns3.its-tpa.com
MX
  • 0 tpagroup-cz0i.mail.protection.outlook.com
TXT
  • MS=FA8D640CA95DA837116A64AD52CAEC5F6BA8DE3A
Verified for
  • Apple
  • Google

Email authentication partial

SPF
v=spf1 ip4:90.183.160.92 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

ZeroSSL ECC DV SSL CA 2
from 2026-04-15 to 2026-07-15
Expires in 44 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.tpa-group.cz/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
no-referrer-when-downgrade, origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
interest-cohort=(), accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=*, magnetometer=*, microphone=*, midi=*, navigation-override=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
x-content-type-options
nosniff
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
: same-site

Links to (8)

Linked from (3)