tpa-group.pl

HTML metadata

Title

TPA Poland

Language

en-US

Generator

WPML ver:4.8.1 stt:1,3,40;

Canonical

https://www.tpa-group.pl/

Feeds

TPA Poland » Feed RSS

Open Graph

url: https://www.tpa-group.pl/
title: TPA Poland
locale: en_US
site name: TPA Poland
description: Face to Face Business Our experts know your industry and understand what you need. Meet the Team Anita Bis Anita Bis Katarzyna Chwalbińska-Kusek Katarzyna Chwalbińska-Kusek Wojciech Doliński Wojciech Doliński Krzysztof Dziekoński Krzysztof Dziekoński Grzegorz Gajda Grzegorz Gajda Tomasz Hatylak Tomasz Hatylak Krzysztof Horodko Krzysztof Horodko Krzysztof Kaczmarek Krzysztof Kaczmarek Maciej Krokosiński Maciej Krokosiński Joanna Kubińska Joanna Kubińska Damian Kubiś Damian Kubiś Iga Kwaśny Iga Kwaśny Tomasz Manowiec […]

Technology

Server: nginx
CMS: WordPress
PHP: 8.4.18
jQuery: 3.7.1

Cookie consent

Cookiebot

Third-party hosts loaded (4)

www.tpa-group.at×2
consent.cookiebot.com×1
gmpg.org×1
www.google.com×1

Social

Contact

Email

office@tpa-group.pl

Phone

DNS records live

NS

ns1.its-tpa.com
ns2.its-tpa.com
rz2-ns3.its-tpa.com

MX

0 tpagroup-pl0i.mail.protection.outlook.com

TXT

d6dcb72e4b1872fc5a3a7e26bbf286c4b411e6cebfa2a1cb5a3a61d5d6d483cb

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:213.241.13.196 ip4:213.241.13.201 include:spf.protection.outlook.com include:_spf.freshmail.pl a:mail.tpa-group.pl include:its-tpa.com a:spf.webankieta.pl include:spf-westeu.emailsignatures365.com -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:dmarc_reports@tpa-group.pl; pct=100; adkim=r; aspf=r

policy: none (monitoring only) · sp=none

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9qq7BrxGtVZI3aBD08J32lSoLBRzbjRtaJ84Zassz45MPvOT2/gffPiFjgs0sdEPWLlOwn1uVXzBU7bBHDW…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDB4HM1OEj2ydSykbQEFt2IqDSZuMWvqy5j+SC0AY6VR+tUrLJt/oFy9Ix4nlyFCJqQuSSMbmDfJh+uHwRK7A…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3v5cmAKyHctUbWsZzVmZnXexPdF3qrRMSc+VmnDgvIKm577Ro/0vDowZ6JGtUSZfm+FNNt4/FFn2MmmOsO…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SbasxoOhE145zX8Yq6RCNrcV4ay1/wT6uxmobYXUWrZHQmndqWwo6INNJt5PZb6c7nSAy+rxPg3YpyLGF…

selectors probed

Certificate (current)

ZeroSSL ECC DV SSL CA 2

from 2026-04-15 to 2026-07-15

Expires in 44 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.tpa-group.pl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: no-referrer-when-downgrade, origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=(), accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, cross-origin-isolated=*, display-capture=*, document-domain=*, encrypted-media=*, execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=*, magnetometer=*, microphone=*, midi=*, navigation-override=*, payment=*, picture-in-picture=*, publickey-credentials-get=*, screen-wake-lock=*, sync-xhr=*, usb=*, web-share=*, xr-spatial-tracking=*
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: : same-site