indexo.dev

sofaa.org

.org crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 407 ms crawled 2026-06-01

GB · 185.151.30.184 · AS48254 20i Limited

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
UK Professional Body - The Society Of Fine Art Auctioneers
Description
The only UK organisation exclusively representing Fine Art Auctioneers and Valuers, promoting best practice and high professional standards.
Language
en-GB
Generator
WordPress 7.0
Canonical
https://sofaa.org/
Feeds

Open Graph

url
https://sofaa.org/
title
UK Professional Body - The Society Of Fine Art Auctioneers
locale
en_GB
site name
The Society Of Fine Art Auctioneers
description
The only UK organisation exclusively representing Fine Art Auctioneers and Valuers, promoting best practice and high professional standards.

Technology

Server
Apache
CMS
WordPress 7.0
PHP
8.4.21
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • maps.googleapis.com×2
  • static.elfsight.com×2
  • www.googletagmanager.com×2
  • analytics.ahrefs.com×1
  • fonts.googleapis.com×1
  • gmpg.org×1

Social

Contact

Phone

DNS records live

NS
  • ns1.stackdns.com
  • ns2.stackdns.com
  • ns3.stackdns.com
  • ns4.stackdns.com
MX
  • 10 mx.stackmail.com

Email authentication partial

SPF
v=spf1 include:spf.stackmail.com a mx -all
strict (-all)
DMARC
v=DMARC1;p=none;sp=none;adkim=r;aspf=r;pct=100;rf=afrf;ri=86400
policy: none (monitoring only) · sp=none
DKIM
  • s1: v=DKIM1;k=rsa;h=sha256;n=;s=*;t=s;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnglrY4/MDibjMTIpROmxrCnPfvwxVSHzLpfu7Iesc/IX9V7YqvE5A8e2Qm7L…
selectors probed

Certificate (current)

R12
from 2026-04-29 to 2026-07-28
Expires in 53 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://sofaa.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • weak frame protection
  • weak content type protection
Header values
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN, SAMEORIGIN
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=(), accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
x-content-type-options
nosniff, nosniff
content-security-policy
upgrade-insecure-requests;, upgrade-insecure-requests;
strict-transport-security
max-age=63072000, max-age=63072000
cross-origin-opener-policy
unsafe-none, unsafe-none
cross-origin-embedder-policy
unsafe-none; report-to='default', unsafe-none; report-to='default'
cross-origin-resource-policy
cross-origin, cross-origin

Links to (4)

Linked from (1)