indexo.dev

xtale.co.uk

.uk crawl

First seen 2026-05-01 · Last seen 2026-05-01 · ok HTTP/1.1 200 1805 ms crawled 2026-05-08

GB · 109.228.34.81 · AS8560 IONOS SE

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
Home - XTALE Digital Growth Partner for Startups & SMEs
Description
XTALE is the digital growth partner for startups & SMEs, aligning brand, CRM & marketing into one seamless system for clarity and scale.
Language
en
Generator
WordPress 6.9.4
Canonical
https://xtale.co.uk/
Feeds

Open Graph

url
https://xtale.co.uk/
title
Home - XTALE Digital Growth Partner for Startups & SMEs
locale
en_US
site name
XTALE
description
XTALE is the digital growth partner for startups & SMEs, aligning brand, CRM & marketing into one seamless system for clarity and scale.

Technology

Server
Apache
CMS
WordPress
Analytics
  • Google Tag Manager
Third-party hosts loaded (8)
  • i0.wp.com×25
  • cdn.elementor.com×2
  • js-eu1.hs-scripts.com×2
  • stats.wp.com×2
  • www.googletagmanager.com×2
  • c0.wp.com×1
  • gmpg.org×1
  • wp.me×1

Social

Contact

Email
Phone

Registration

Registrar
Fasthosts Internet Ltd
Created
2024-04-04
Expires
2028-04-04 685 days left
Updated
2026-03-05
Name servers
  • ns1.livedns.co.uk.
  • ns2.livedns.co.uk.
  • ns3.livedns.co.uk.

DNS records live

NS
  • ns1.livedns.co.uk
  • ns2.livedns.co.uk
  • ns3.livedns.co.uk
MX
  • 1 smtp.google.com
TXT
  • google-site-verification=PKADx2EQhznt9KvmXRsEUZHrU4byfarOPY8Yr9Ch8so
  • canva-domain-verify=cd70db94-5130-4f18-aae9-fa3469cbf114

Email authentication partial

SPF
v=spf1 mx a include:_spf.livemail.co.uk ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-03-23 to 2026-10-06
Expires in 139 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://xtale.co.uk/

present
  • permissions-policy
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
Header values
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Links to (4)

Linked from (1)