indexo.dev

chinatours.co.uk

.uk crawl

First seen 2026-05-01 · Last seen 2026-05-08 · ok HTTP/1.1 200 995 ms crawled 2026-05-08

US · 104.21.14.89 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
China Travel | China Tours: Holidays in the Middle Kingdom
Description
China Tours is Germany's China specialist, offering trips to Beijing, Xi'an, Yangtze River cruises, Shanghai, Hong Kong, South China, Yunnan and Tibet.
Language
gb

Open Graph

url
https://www.chinatours.co.uk/
title
China Travel | China Tours: Holidays in the Middle Kingdom
description
China Tours is Germany's China specialist, offering trips to Beijing, Xi'an, Yangtze River cruises, Shanghai, Hong Kong, South China, Yunnan and Tibet.

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Cloudflare Insights

Third-party hosts loaded (5)

  • cdn.venturatravel.org×2
  • get.geojs.io×2
  • media.venturatravel.org×1
  • static.cloudflareinsights.com×1
  • storage.googleapis.com×1

Registration

Registrar
Marcaria.com International Inc
Created
2004-06-14
Expires
2027-06-14 389 days left
Updated
2026-01-27
Name servers
  • jim.ns.cloudflare.com.
  • lara.ns.cloudflare.com.

DNS records live

NS
  • jim.ns.cloudflare.com
  • lara.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-03-27 to 2026-06-25
Expires in 36 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.chinatours.co.uk/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
font-src 'self' data: https://media.venturatravel.org https://static.klaviyo.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://static.klaviyo.com *.ekonsilio.io https://fonts.googleapis.com; script-src * 'unsafe-inline' 'unsafe-eval' *.ekonsilio.io blob:; worker-src blob: 'self'; img-src * data: blob: *.ekonsilio.io; connect-src * ws: wss: *.ekonsilio.io *.simplelocalize.io;

Links to (11)

Linked from (2)