thesma.org

.org crawl

First seen 2026-04-22 · Last seen 2026-05-12 · ok HTTP/1.1 200 3217 ms crawled 2026-05-16

US · 34.226.77.200 · AS14618 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Welcome to the SMA | The Association for Soft Tissue Therapists
Description: sports massage, sports massage association, sports massage near me, sports massage association UK, sports massage professional association, SMA, sports massage therapy, massage therapy, massage association, massage professional association, sports therapy, sports therapist, physio, injury treatment, recovery massage, post event massage, rehabilitation massage, injury massage, swedish massage, deep tissue massage, local massage therapist, massage therapist
Language: en

Open Graph

url: https://www.thesma.org/
title: The Sports Massage Association

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (5)

live-sf.wildapricot.org×6
sf.wildapricot.org×2
app.aminos.ai×1
kit-pro.fontawesome.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

Easyspace Limited

Created

2003-05-07

Expires

2027-05-07 353 days left

Updated

2025-04-13

Name servers

ns1.namecity.com
ns2.namecity.com

DNS records live

NS

ns1.namecity.com
ns2.namecity.com

MX

10 aspmx.l.google.com
20 alt1.aspmx.l.google.com
20 alt2.aspmx.l.google.com
30 aspmx2.googlemail.com
30 aspmx3.googlemail.com
30 aspmx4.googlemail.com
30 aspmx5.googlemail.com

Email authentication weak

SPF

v=spf1 mx include:wildapricot.org ~all

softfail (~all)

DMARC

not published

DKIM

default: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC253hHpKGM8zz4RPrDj1gOGAQy1jFmFZRdXFdoqyDSpHS6UTOvwWnxZQAjFsuaSxnYPeNpJBDovY+gJ/jkHAlaGb3Ohkn…

selectors probed

Certificate (current)

R13

from 2026-05-12 to 2026-08-10

Expires in 83 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://thesma.org/

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: report-uri https://csp.uel.wildapricot.com/report; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.appointlet.com *.appointletcdn.com *.aptrinsic.com *.cloudflare.com *.cloudfront.net *.doubleclick.net *.ecomm.events *.ecwid.com *.elev.io *.facebook.com *.facebook.net *.fontawesome.com *.google.com *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.jaris.co *.jaris.com *.linkedin.com *.mcjobboard.net *.mybillsystem.com *.newrelic.com *.nr-data.net *.pagespeed-mod.com *.paypal.com *.termly.io *.twitter.com *.typekit.net *.uservoice.com *.vimeo.com *.wildapricot.com *.youtube.com *.zdassets.com *.zendesk.com *.zopim.com api.preczn.com caas-sf.wildapricot.org https://*.forethought.ai live-sf.wildapricot.org maps.googleapis.com onlinestore-prod-digital-products.s3.amazonaws.com sf.wildapricot.org vimeo.com widget-mediator.zopim.com wss://widget-mediator.zopim.com/ bam.nr-data.net connect.facebook.net facebook.com google-analytics.com ht
strict-transport-security: max-age=31536000

Links to (8)

Linked from (1)

styro.net×1