thegrandhotelnuwaraeliya.com

HTML metadata

Title

Luxury Hotels in Nuwara Eliya | The Grand Hotel

Description

Experience elegance and comfort at the finest luxury hotels in Nuwara Eliya. Find the perfect stay for your next getaway. Book your dream vacation now!

Language

en-US

Generator

All in One SEO (AIOSEO) 4.9.6.2

Canonical

https://www.thegrandhotelnuwaraeliya.com/

Feeds

Grand Hotel » Feed RSS
Grand Hotel » Comments Feed RSS

Open Graph

url: https://www.thegrandhotelnuwaraeliya.com/
title: Luxury Hotels in Nuwara Eliya | The Grand Hotel
locale: en_US
site name: Luxury Hotels in Nuwara Eliya | The Grand Hotel
description: Experience elegance and comfort at the finest luxury hotels in Nuwara Eliya. Find the perfect stay for your next getaway. Book your dream vacation now!

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Tag Manager

Ads

Google AdSense

Fonts

Google Fonts

Third-party hosts loaded (6)

fonts.googleapis.com×3
www.googletagmanager.com×3
pagead2.googlesyndication.com×2
cdn-cookieyes.com×1
fonts.gstatic.com×1
gmpg.org×1

Social

Contact

Phone

+94522222881

Registration

Registrar

GoDaddy.com, LLC

Created

2018-03-26

Expires

2028-03-26 675 days left

Updated

2024-01-26

Name servers

bella.ns.cloudflare.com
braden.ns.cloudflare.com

DNS records live

NS

bella.ns.cloudflare.com
braden.ns.cloudflare.com

MX

0 _dc-mx.4c3570dae359.thegrandhotelnuwaraeliya.com

Email authentication weak

SPF

v=spf1 a mx include:websitewelcome.com ~all

softfail (~all)

DMARC

not published

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpnoRssV+Jo0un7ex5eKErcBoa1UWlhwat0qh31ue+Uhp2k8Jr3E2j71dSQWFaILQtVWthWy0ayePP…

selectors probed

Certificate (current)

WE1

from 2026-05-02 to 2026-07-31

Expires in 71 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.thegrandhotelnuwaraeliya.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; default-src 'self'; frame-src 'self' https://player.vimeo.com/video/ https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://embed.tawk.to/; font-src 'self' 'nonce-JFtxvcrXenLDglWSNlQiMgKfDdFvJGzwtfD' https://fonts.gstatic.com https://embed.tawk.to/; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com https://www.google.com/recaptcha https://www.gstatic.com/recaptcha/ https://embed.tawk.to/ https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js https://www.google.com/recaptcha/api.js; img-src * data:; object-src 'none'; frame-ancestors 'self'; media-src 'self' https://player.vimeo.com https://download-video.akamaized.net; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://api.openweathermap.org https://va.tawk.to/ wss://*.tawk.to/
strict-transport-security: max-age=31536000

Links to (7)

Linked from (1)

antyrahospitality.com×2