holidays.io

.io crawl

First seen 2026-04-26 · Last seen 2026-05-19 · ok HTTP/1.1 200 513 ms crawled 2026-05-19

US · 104.21.16.27 · AS13335 Cloudflare, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title: Sustainable and Eco-Friendly Travel
Description: Holidays, Holiday, Indian Ocean, Destinations, Accommodation, Attractions, Sustainable, travel
Language: en
Generator: html
Canonical: https://holidays.io/

Open Graph

url: https://holidays.io/
title: Sustainable and Eco-Friendly Travel
description: Our Indian Ocean holiday portal focuses on sustainable, eco-friendly travel, supporting locally owned and operated tour operators and service providers

Technology

CDN: Cloudflare
jQuery: 3.1.0 known XSS (<3.5)

Analytics

Google Tag Manager

Fonts

Google Fonts

Social widgets

YouTube Embed

Third-party hosts loaded (6)

ajax.googleapis.com×2
cdn.jsdelivr.net×2
cdnjs.cloudflare.com×2
fonts.googleapis.com×2
www.googletagmanager.com×1
www.youtube.com×1

Social

DNS records live

NS

addilyn.ns.cloudflare.com
sri.ns.cloudflare.com

MX

1 smtp.google.com

Verified for

Google

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; pct=50

policy: quarantine · pct=50

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstQ+UjkLc00uqmI809szW4fI6Y2XPKAeuZJzTlr6xZK1G3qCwYFGXVl/k6o1FDoJYECfsA1+Tn647U…

selectors probed

Certificate (current)

WE1

from 2026-05-10 to 2026-08-08

Expires in 80 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://holidays.io/

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy