xola.com

.com crawl

First seen 2026-04-15 · Last seen 2026-05-18 · ok HTTP/1.1 200 1035 ms crawled 2026-05-10

US · 54.158.226.163 · AS14618 Amazon.com, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: Xola Booking and Marketing System - Online Booking Software
Description: Xola is an elegant and powerful online booking and distribution system. We help tour and activity providers reduce costs, grow revenue, and save time.
Language: en-US
Generator: WP Rocket 3.21.2
Canonical: https://www.xola.com/

Open Graph

url: https://www.xola.com/
title: Xola Booking and Marketing System
locale: en_US
site name: Xola
description: Xola is an elegant and powerful online booking and distribution system. We help tour and activity providers reduce costs, grow revenue, and save time.

Technology

CDN: Fastly
Server: Flywheel
CMS: WordPress

Analytics

Google Analytics
Google Tag Manager

Ads

Google Ads (DoubleClick)
Meta Pixel

Fonts

Google Fonts

Third-party hosts loaded (25)

fonts.googleapis.com×5
fonts.gstatic.com×3
js.hsforms.net×2
www.googletagmanager.com×2
xchat.xola.app×2
app.hubspot.com×1
cdn-cookieyes.com×1
cdn.snitcher.com×1
cdnjs.cloudflare.com×1
connect.facebook.net×1
gmpg.org×1
googleads.g.doubleclick.net×1
js.hs-analytics.net×1
js.hs-banner.com×1
js.hs-scripts.com×1
js.hsadspixel.net×1
js.hscollectedforms.net×1
js.hubspot.com×1
js.hubspotfeedback.com×1
js.usemessages.com×1
sc.lfeeder.com×1
snap.licdn.com×1
snid.snitcher.com×1
tracking.g2crowd.com×1
www.google-analytics.com×1

Social

Registration

Registrar

Amazon Registrar, Inc.

Created

1997-03-28

Expires

2027-03-29 314 days left

Updated

2026-02-22

Name servers

ns-1200.awsdns-22.org
ns-1861.awsdns-40.co.uk
ns-3.awsdns-00.com
ns-956.awsdns-55.net

DNS records live

NS

ns-1200.awsdns-22.org
ns-1861.awsdns-40.co.uk
ns-3.awsdns-00.com
ns-956.awsdns-55.net

MX

1 aspmx.l.google.com
10 aspmx2.googlemail.com
10 aspmx3.googlemail.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 5 TXT records

atlassian-domain-verification=0tYc7sOBablAsWa6EaTIl7IVTYFP7k15PG7D5eL1hDpKFrXzZzaNGg1xNOO2gn52
atlassian-domain-verification=d03ZWQmOeXl6cwP85iXVDx95mgmVt3N-NPEGp0lKaFk0mQivC2dpQ6XNQMYmPcw2
facebook-domain-verification=m453nsracmif92bwphv0xo9s8iu8ba
google-site-verification=zhRlY-kzC85kcpdr9QfGyytUOA57lFut7Wm5QIQf4j0
apple-domain-verification=PQSM5RV8fd90W4mO

Email authentication partial

SPF

v=spf1 include:_spf.google.com include:sendgrid.net include:mail.zendesk.com include:spf.mtasv.net include:4845250.spf02.hubspotemail.net ~all

softfail (~all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:re+cd685b73a2dd@inbound.dmarcdigests.com; aspf=r; pct=100

policy: none (monitoring only) · sp=none

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCcbUOE6jaAk9KKATrVq7sAlg/byFHfSUInH05Z6vfFhZowrgAFoIx3ffo+F0J5DPfMm6zOGQfMp1BXE4/tHv…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA628ewLleE0JXAMYsNW1GQJk/566qQKRNmsYxt6cxn2Vnk4czfHv/2huCVD3c/jI88hBDglB89YToWks/zL…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCi086KlyRRLsAfuFbrf7tQKF3MEDVJgM6YH6LIq18j1qIakD2NNrTB1lmGKqdGPxn98BlZGd5+FHxV3ztaCw4dGY…
smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2026-04-27 to 2026-11-11

Expires in 176 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.xola.com/

present

x-content-type-options
referrer-policy

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff