xtm.cloud

HTML metadata

Title: XTM | Award-Winning Localization and Translation Software
Description: XTM helps global teams manage translation at scale. Our AI-powered platform streamlines localization, improves quality, and reduces translation costs.
Language: en
Generator: WPML ver:4.9.2.1 stt:1,3,28,40;
Canonical: https://xtm.cloud/

Open Graph

url: https://xtm.cloud/
title: Localization and Translation Management Software for Global Teams | XTM
locale: en_US
site name: XTM International
description: XTM helps global teams manage translation at scale. Our AI-powered platform streamlines localization, improves quality, and reduces translation costs.

Technology

Server: Apache
CMS: WordPress

Analytics

Google Tag Manager

Cookie consent

Cookiebot

Fonts

Google Fonts

Third-party hosts loaded (8)

fonts.googleapis.com×4
cdn.transifex.com×3
consent.cookiebot.com×2
kit.fontawesome.com×2
www.googletagmanager.com×2
ajax.googleapis.com×1
extend.vimeocdn.com×1
fonts.gstatic.com×1

Social

Registration

Registrar

IONOS SE

Created

2016-02-18

Expires

2027-02-18 275 days left

Updated

2026-04-04

Name servers

ns-1570.awsdns-04.co.uk
ns-846.awsdns-41.net
ns-1114.awsdns-11.org
ns-165.awsdns-20.com

DNS records live

NS

ns-1114.awsdns-11.org
ns-1570.awsdns-04.co.uk
ns-165.awsdns-20.com
ns-846.awsdns-41.net

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 5 TXT records

google-site-verification=Dl77-p14fbtiMN7oGPitxEDUlbijHRTDLSxfKCtQuKA
google-site-verification=SeU9666zqv9EJEqgPfzRAdEHgYy_6VYSVSXAeeHHEzo
google-site-verification=aSBMN9n4veF0HQFyKt0m7bZRpFCAMB7aY0y1b9vb6nk
google-site-verification=uaN6iRngjcALKGWqHBWStCkGiJNtS03e5gUrjQzFZ2A
google-site-verification=xG2-rYUtsJSLozE8l7OmS4EyjE8nvI-5vlIsQIneamI

Email authentication strong

SPF: v=spf1 include:_spf.google.com include:amazonses.com include:14487846.spf10.hubspotemail.net -all
strict (-all)
DMARC: v=DMARC1; p=quarantine; sp=quarantine; rua=mailto:dmarc-reports@xtm.cloud; ruf=mailto:dmarc-reports@xtm.cloud; fo=1
policy: quarantine · sp=quarantine
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-04-04 to 2026-07-03

Expires in 45 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://xtm.cloud/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: base-uri 'self' https://*.xtm.cloud; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.jquery.com *.g2crowd.com *.cookielaw.org *.cookiebot.com consent.cookiebot.com *.vimeocdn.com *.hs-scripts.com *.hs-analytics.net *.hsadspixel.net *.hs-banner.com *.hscollectedforms.net *.googletagmanager.com api.hubapi.com *.hsappstatic.net *.jsdelivr.net *.typeform.com *.fontawesome.com *.licdn.com *.google-analytics.com *.facebook.com *.facebook.net googleads.g.doubleclick.net bat.bing.com *.gstatic.com *.google.com *.hsforms.net js.hsforms.net *.6sc.co *.onetrust.com *.xtm.cloud *.demoboost.com *.pendo.io *.hubspot.com *.apollo.io *.api.irisagent.com player.vimeo.com plugin.sopro.io *.sopro.io cdn.taboola.com trc.taboola.com *.taboola.com a.quora.com *.quora.com tracking-api.g2.com www.clarity.ms *.clarity.ms scripts.clarity.ms yoast.com www.clickcease.com *.clickcease.com www.youtube.com *.feedbucket.app *.convertexperiments.com *.usemessages.com ws.zoominfo.com *.hotjar.com
strict-transport-security: max-age=31536000