Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DTLS Certificate Expiry & RecommendationsAction8 days until leaf cert expires — 4 issues to addressFIX
Certificate validity
Recommended actions
- Renew certificate — 8 days remaining
- Submit your domain to hstspreload.org to be added to the Chrome preload list
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
BCrawlabilityrobots.txt present, sitemap with 0 URLsREVIEW
Search engines may not be able to parse the sitemap. Fix XML validation errors.
An unparseable sitemap is silently ignored by Google — the URLs it advertises are never queued for crawl.
Learn more ▾ ▴
Google's sitemap parser is strict about XML validity. A single unescaped `&` or unclosed tag invalidates the whole file. Run your sitemap through a validator (Search Console's Sitemaps report flags it) and fix the offending entry. Most generators escape correctly; mistakes usually come from manually-written entries.
Source: sitemaps.org / Google Search Central
An empty sitemap provides no value. Add <url> entries for your pages.
An empty sitemap signals 'no content to index' to Google — actively harmful versus having no sitemap at all.
Learn more ▾ ▴
Google compares URLs in the sitemap against URLs it has crawled. An empty sitemap on a site with thousands of pages signals abandonment. Either populate it correctly (most CMSes auto-generate) or delete the file and let Google crawl normally.
Source: Google Search Central / sitemaps.org
# Notice: Collection of data on WhatsApp through automated means is prohibited
# See: https://www.whatsapp.com/legal/terms-of-service
user-agent: *
disallow: /usephone/
disallow: /message/
disallow: /qr/
disallow: /pay/
disallow: /stickerpack/
disallow: /biztools/
disallow: /settings/
disallow: /disappearing_messages/
disallow: /download/
disallow: /archive_settings/
disallow: /tos/
disallow: /support/
disallow: /bizsearch/
disallow: /directory/
disallow: /guia/
disallow: /profile/
disallow: /status/
disallow: /premium/
disallow: /community/
disallow: /advertise/
disallow: /biztab/
disallow: /biz-edit-profile/
disallow: /biz-edit-description/
disallow: /biz-edit-catalog/
disallow: /biz-location/
disallow: /biz-hours/
disallow: /biz-linked-accounts/
disallow: /privacy/
disallow: /biz-website/
disallow: /proxy/
disallow: /biz-price-tier/
disallow: /chat-transfer/
disallow: /calling/
disallow: /ais/
disallow: /marketing-message/
disallow: /invite/
disallow: /contacts/
disallow: /edit-profile-picture/
disallow: /wabai/
disallow: /notifications/
disallow: /favorites/
disallow: /meta_verified/
disallow: /biz-agents-onboarding/
disallow: /subscription_hub/
disallow: /share-whatsapp-web/
disallow: /biz-ai-learning-summary/
disallow: /waffle/
disallow: /family/
disallow: /daily-ads-summary/
disallow: /tools/
disallow: /join_nova_waitlist/
disallow: /man/
disallow: /hatch/
disallow: /subscriptions/
sitemap: https://wa.me/smp/wa_smb_custom_url.xml.gz
A+DNS Records1 A records, 30 ms lookupPASS
| A | 157.240.202.60 |
| AAAA | 2a03:2880:f27b:1cf:face:b00c:0:167 |
| CNAME | — |
| NS | a.ns.whatsapp.net, d.ns.whatsapp.net, b.ns.whatsapp.net, c.ns.whatsapp.net |
| MX | — |
| TXT | google-site-verification=g_0srn09J8IT5vHkTEcHfrCWRZ0Mk5NQZb35T02T8u4 SPF v=spf1 a ~all |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 519 ms totalPASS
https://wa.me
149 ms · HTTP/1.1
https://api.whatsapp.com/
371 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://wa.me | 302 | 149 ms | HTTP/1.1 | |
| 2 | https://api.whatsapp.com/ | 200 | 371 ms | HTTP/1.1 |
See the visual redirect chain in the HTTP Probe tab →
If permanent, use 301 instead.
302 (Found) is for genuinely temporary redirects — if this redirect is permanent, switch to 301 to preserve SEO equity.
Learn more ▾ ▴
Search engines treat 302 as temporary, keeping the original URL indexed and not transferring full link equity to the destination. Use 301 (Moved Permanently) for permanent redirects (HTTP→HTTPS, www-vs-non-www, URL restructures).
Source: Google Search Central
A+IPv6 ReadinessIPv6 reachable (16 ms)PASS
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencewa.me — via RegistrarSafe, LLC, 16 years, 11 months oldPASS
2960 days
July 24, 2034
8 days
Issued by DigiCert Inc
16 years, 11 months
Registered July 24, 2009
Status unknown
Protects against DNS spoofing
Unknown
2a03:2880:f27b:1cf:face:b00c:0:167
RegistrarSafe, LLC
Expiry timeline
Recommended actions
- Renew the TLS certificate or verify auto-renewal is working
Domain cannot be transferred without explicit unlock from the registrar. This protects against unauthorized transfers.
Registrar lock (clientTransferProhibited et al.) prevents unauthorized domain transfers — strongest defense against domain hijacking.
Source: ICANN / domain-security best practice