thegymgroup.com

HTML metadata

Title: The Gym Group | 24 Hour Gyms | No Contract Gyms
Description: Join The Gym Group for a wide range of classes and high-spec equipment. With flexible memberships, our 24-hour gyms are the affordable choice. Join today!
Language: en
Canonical: https://www.thegymgroup.com/

Open Graph

title: The Gym Group | 24 Hour Gyms | No Contract Gyms
description: Join The Gym Group for a wide range of classes and high-spec equipment. With flexible memberships, our 24-hour gyms are the affordable choice. Join today!

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (4)

cdn.media.amplience.net×11
cdn.optimizely.com×2
logx.optimizely.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

123-Reg Limited

Created

2006-09-18

Expires

2033-09-18 2678 days left

Updated

2023-09-20

Name servers

eoin.ns.cloudflare.com
laylah.ns.cloudflare.com

DNS records live

NS

eoin.ns.cloudflare.com
laylah.ns.cloudflare.com

MX

0 thegymgroup-com.mail.protection.outlook.com

TXT

Show 10 TXT records

7yh9ydg97gjgwby16fjbspv34dm91qnl
_6qjxz2zqvhnialwa97fk8rsa2xhktz7
_ite4g48kg70yd1th4mxwdc77hcal98l
asv=462f599efae79c5c03d673d59a400259
atlassian-domain-verification=xPMOEQT0e27/4u+Q7DrI9fvZrRY2SRXjsO3wl6NN0+7oKlkWFcLR/ELc4UmPxhrG
google-site-verification=s6pVQdCDwLjeFlEaLhi_zTykWQ9qxxruT4FZRkFZIG4
miro-verification=0a8f3bb1ca9547c2da6f5992782c777345217679
onetrust-domain-verification=87086dab79f34695b925d3b6434bfac6
stripe-verification=CDA79DD4F99210C5D9308B27FB6B29596C48BE34001CEE3139D481AAA0400BF8
4xfz7fwh94j25r5pbhl6s7m388qwn66r

Email authentication strong

SPF

v=spf1 ip4:134.213.4.32/28 ip4:176.34.191.30/32 ip4:54.247.79.128 ip4:50.116.58.222/32 ip4:80.85.84.201/32  include:spf.protection.outlook.com include:spf.exclaimer.net include:amazonses.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarc.reports@TheGymGroup.onmicrosoft.com; ruf=mailto:dmarc.reports@TheGymGroup.onmicrosoft.com; fo=1;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/Y7FO8fxQ0TVxC24zmMAsKLJM59i9uDsgzTBghUS4BTJnau53hr+laLssFA36IvakdIHw6px7FsbJwMBgV0…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFfChN+Pp3LoeU+jX/8rqVPxtiMdLhau9O3TgCQWzfM5A9MGS2s9uCT1j5Bwte94zg/P5iErC4K+xKPsdh…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dyRSzweGQ886lFC9L+7DSnB/BYqMk8bXGr6qzaN+5DkV/BbJDGkDA6XNtL8oe3VIs6ZnDJB9HDSeaQun2…

selectors probed

Certificate (current)

E7

from 2026-04-20 to 2026-07-19

Expires in 61 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.thegymgroup.com/

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.amplience.net https://*.optimizely.com/ https://*.optimizelyedit.com/; script-src 'self' *.onetrust.com *.thegymgroup.com https://www.google.com https://dc.services.visualstudio.com https://www.googletagmanager.com https://www.googleoptimize.com https://connect.facebook.net https://script.hotjar.com https://analytics.tiktok.com https://*.opayo.eu.elavon.com/ https://maps.googleapis.com https://*.paypal.com https://services.postcodeanywhere.co.uk https://bat.bing.com https://www.sjwoe.com https://wchat.freshchat.com https://*.licdn.com https://*.snapchat.com https://linkedin.com https://*.optimizely.com https://*.optimizelyedit.com/ https://optimizely.s3.amazonaws.com https://cdn-assets-prod.s3.amazonaws.com 'strict-dynamic' 'nonce-IlFV8q0jeiMLCYOkDMECYQ==' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https:
strict-transport-security: max-age=31536000