https://dailymail.co.uk
Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.SCORE
97
GRADE
A+
FIX
0
REVIEW
2
PASS
7
INFO
0
Probed from Madrid, Spain
301 Moved Permanently
Checks
97 PASS 2 REVIEW
BTLS Certificate Expiry & Recommendations41 days until leaf cert expires — 3 issues to addressREVIEW
TLS Certificate Expiry & Recommendations
41 days until leaf cert expires — 3 issues to address
Certificate validity
41
days left
0d 30d 60d 90d+
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryAkamaiREVIEW
CDN & Delivery
Akamai
Akamai
Info::
Site is served via Akamai CDN
Got: server header
CDN Detected: Akamai
Provider Akamai Evidence server header
A+DNS Records1 A records, 59 ms lookupPASS
DNS Records
1 A records, 59 ms lookup
1 A records, 59 ms lookup
Info::
Resolves to 1 IPv4 address(es)
Got: 2.22.208.199
Info::
Single A record — no DNS redundancy
Multiple A records provide failover if one server goes down.
Info::
Has 2 IPv6 (AAAA) record(s)
Got: 2a02:26f0:2380:282::16c2, 2a02:26f0:2380:28d::16c2
Info::
6 nameserver(s) configured
Got: a1-204.akam.net, a6-64.akam.net, a24-65.akam.net, a16-67.akam.net, a4-67.akam.net, a7-66.akam.net
Info::
1 mail exchanger(s) configured
Info::
CAA records not checked
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Info::
SPF record present in TXT
Info::
DNS resolution time: 59 ms
Got: 59 ms
| A | 2.22.208.199 |
| AAAA | 2a02:26f0:2380:282::16c2, 2a02:26f0:2380:28d::16c2 |
| CNAME | — |
| NS | a1-204.akam.net, a6-64.akam.net, a24-65.akam.net, a16-67.akam.net, a4-67.akam.net, a7-66.akam.net |
| MX | 10 dailymail-co-uk.mail.protection.outlook.com |
| TXT | _7xc0lf6yhr5g7ihpalkzvo254uqvy6a SPF v=spf1 include:spf.protection.outlook.com include:aspmx.sailthru.com ip4:195.234... google-site-verification=bru3h3dUMhuYxCIXW60rOHn3j8xMH722nmDZnnxcQG0 gyh723zym9l5qyzdzf5dsydytfsx1zgh TjeFGMMrzAyPlnsEMwA7i6zAsJklP/wmHf5THwMtKkqLCKTnJx7ZdAFWdrF6ElhqjlkpKQbEI+OPglsK... 1fp4vxjk11q4q63vscg21n1dslzdw3b1 docusign=2d9f3ae4-e255-4ed6-8876-3087cc3f797e yandex-verification:71d8c2ce363b3914 fastly-domain-delegation-3463SDF234m2m86v-08-02-2017 0ed1fe018a23f8be5d0a7d4bc9a78265e1d5a17104 kvzcpm3ztm0y78p64j420bhcsbmx3hkk anthropic-domain-verification-gx99ce=TH9ybBWiagDHnpBKjAlV6f0Ya 3bl4pgbjdsfxpj3lpf54fzdkcmpmkxxn airtable-verification=21f08445d3c56642dc465f311797c229 atlassian-domain-verification=YVO51xB8CMklZCk2cV3OMCVY9wIEP2GoyyujEBzpfD3CD2vSK2... google-site-verification=Lp77kZWjF0Jg705A3rAgu9NGLCffWueTAnWh3A23wtg adobe-idp-site-verification=5c874982d9eb77c27639f75fe9649403668793e47bc55164e579... airtable-verification=3bb2a5f315d7628ea1f95adc0e5bbc7a dropbox-domain-verification=0qhbyzhoj7mx google-site-verification=CPqEM78yOuMa6Dw-VQv7RbAyVwHKNL2IowCZ5VyOcxA GEX4X8SO4VF8fJqGrBuM/vus9zuiuxq8UF0lJ5rivVnQyDwLr5Q9peUDEEU40fjk5YDntPePRj0FQBdz... ahrefs-site-verification_c74469942c35ec57d7e087ba798606c29a244e1cb9e9ca547738ec6... figma-domain-verification=ebca25303f471ce3867317e3556ef95c999442e8d0dd46fc5f3259... j0khn07csrr3k194hz4grsf02f4f5g08 detectify-verification=94ed4d44021c21e7d47cd9788b8f0e3e google-site-verification=xBYitCaJ0-xP-B_VBlz1Sf4mN42qWuALYjI0JWvnQPQ google-site-verification=xQmY6oOQGHKYUiU8jPliorLM4XR4O4bseLgnOP9TX1I notion-domain-verification=vPfE5cpcj43uN1YTtcsYDWil2h0lXintg2wGjPseJP9 _zzjc96a1jk94bzh4edjdhgm35aavf26 google-site-verification=sfJdSjffwAaSi5o-OrBOG1lFGWqRTczGOiob3OD2vos MS=ms93908591 |
| CAA | Lookup not available with standard resolver |
Resolved in 59 ms
Multiple A records provide failover if one server goes down.
Why this matters
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Why this matters
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 886 ms totalPASS
Redirect Chain
1 redirect(s), 886 ms total
1 redirect(s), 886 ms total
Info::
Single redirect
Got: https://dailymail.co.uk → https://www.dailymail.co.uk/home/index.html (301)
Info::
WWW normalization redirect
Info::
Redirect overhead: 886 ms total
Got: 886 ms
https://dailymail.co.uk
6 ms · HTTP/1.1
301
https://www.dailymail.co.uk/home/index.h...
880 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://dailymail.co.uk | 301 | 6 ms | HTTP/1.1 | AkamaiGHost |
| 2 | https://www.dailymail.co.uk/home/index.h... | 200 | 880 ms | HTTP/1.1 |
See the visual redirect chain in the HTTP Probe tab →
A+IPv6 ReadinessIPv6 reachable (1 ms)PASS
IPv6 Readiness
IPv6 reachable (1 ms)
IPv6 reachable (1 ms)
Info::
IPv6 is configured and reachable at 2a02:26f0:2380:282::16c2, 2a02:26f0:2380:28d::16c2
Got: 1 ms connect
IPv6 Ready
AAAA Records 2a02:26f0:2380:282::16c2, 2a02:26f0:2380:28d::16c2 Connection Reachable (1 ms)
A+Crawlabilityrobots.txt present, sitemap with 1 URLsPASS
Crawlability
robots.txt present, sitemap with 1 URLs
robots.txt present, sitemap with 1 URLs
Info::
robots.txt is present
Got: 6069 bytes
Info::
sitemap.xml is present
Info::
sitemap.xml is valid XML
Info::
sitemap.xml contains 1 entries
Info::
Sitemap index with 1 child sitemaps
Info::
robots.txt references sitemap
robots.txt 200 OK
Size 6069 B Sitemaps referenced 23 User-agents archive-it.org, nlnbot, WordPress.com mShots, FacebookBot, iaskspider/2.0, OAI-Operator, PageFreezer, CCBot, Diffbot, Meta-ExternalFetcher, PerplexityBot, tkl.iis.u-tokyo.ac.jp, XY-Archive-Compliance-Archiver, Claude-User, GoogleOther-Image, Meltwater, TaraGroup Intelligent Bot, Webzio-Extended, ecoresearchCrawler, TurnitinBot, Ai2Bot-Dolma, bedrockbot, Cotoyogi, ICC-Crawler, Sidetrade indexer bot, VelenPublicWebCrawler, CrystalSemanticsBot, babel, XY-Archive-Compliance-Crawler, AI2Bot, amazon-kendra-, Bytespider, ChatGLM-Spider, EchoboxBot, Googlebot-News, bnf.fr_bot, Claude-Web, cohere-ai, FriendlyCrawler, Google-CloudVertexBot, Google-Extended, GoogleOther-Video, nl-israel_iaharvester2026, Authory, Europarchive.org, Kulturarw3, nationalarchives.gov.uk, DeepSeekBot, ImagesiftBot, omgilibot, kb.dk_bot, AhrefsBot, Gemini-Deep-Research, GoogleOther, Grok, LinerBot, Meta-ExternalAgent, omgili, bl.uk_ldfc_bot, bne.es_bot, anthropic-ai, img2dataset, ISSCyberRiskCrawler, MistralAI-User, OAI-SearchBot, PetalBot, Mediapartners-Google, bl.uk_ldfc_renderbot, mediacloud, ChatGPT-User, DuckAssistBot, Perplexity-User, Scrapy, WARDBot, *, archive.org_bot, ArchiveBot, netarkivet.dk, Applebot-Extended, Seekr, SafeDNS, CloudflareBrowserRenderingCrawler, Claude-SearchBot, QualifiedBot, Timpibot, WRTNBot, Nicecrawler, webarchiv.cz, YouBot, special_archiver, ClaudeBot, GPTBot, KunatoCrawler, TikTokSpider, Arquivo-web-crawler, LivelapBot, mirrorweb, MSIECrawler, netEstate NE Crawler, wpbot, ecoresearch, nlncrawler, SmarshBot, Amazonbot, Kangaroo Bot, PanguBot Blocking No — crawling allowed
# Robots.txt for https://www.dailymail.co.uk/ updated 13/04/2026
#
#
# Daily Mail content is made available for your personal and non-commercial
# use subject to our Terms and Conditions of use:
# https://www.dailymail.co.uk/terms
# Use of any device, tool, or process designed to data mine or scrape the content
# using automated means is prohibited without prior written permission from
# DMG MEDIA LIMITED. Prohibited uses include but are not limited to:
# (1) text and data mining activities under Art. 4 of the EU Directive on Copyright in
# the Digital Single Market;
# (2) the development of any software, machine learning, artificial intelligence (AI),
# and/or large language models (LLMs);
# (3) creating or providing archived or cached data sets containing our content to others; and/or
# (4) any commercial purposes.
# For any licensing queries please contact partnerships@dmgmedia.co.uk.
#
#
# All Robots
User-agent: *
#
# Begin Standard Rules
Disallow: /*readcommentshtml*
Disallow: /*login?redirectPath=
Disallow: /*logout?redirectPath=
Disallow: /*nextThread.html
Disallow: /*previousThread.html
Disallow: /*questionId*
Disallow: /*selectedImage*
Disallow: /*threadIndex=*
Disallow: /*topGallery*
Disallow: /ce/item.cms*
Disallow: /guide/*
Disallow: /registration/*
Disallow: /best-buys/clickout/*
Disallow: /best-buys/m/clickout/*
Disallow: /weather.html?latitude=*
Disallow: /weather.html?old=*
Disallow: /home/search.html*
Disallow: /best-buys/mercury/out*
Disallow: /api/infinite-list.html
Disallow: /api/infinite-list.html
Disallow: /mobileapps/*
#
# Disallow Money for Google News
User-agent: Googlebot-News
Disallow: /tmoney/*
#
# Allow Adsense
User-agent: Mediapartners-Google
Disallow:
#
#
User-agent: CrystalSemanticsBot
Disallow: /
#
User-agent: archive-it.org
User-agent: archive.org_bot
User-agent: ArchiveBot
User-agent: Arquivo-web-crawler
User-agent: Authory
User-agent: babel
User-agent: bl.uk_ldfc_bot
User-agent: bl.uk_ldfc_renderbot
User-agent: bne.es_bot
User-agent: bnf.fr_bot
User-agent: ecoresearch
User-agent: ecoresearchCrawler
User-agent: Europarchive.org
User-agent: kb.dk_bot
User-agent: Kulturarw3
User-agent: LivelapBot
User-agent: mediacloud
User-agent: mirrorweb
User-agent: MSIECrawler
User-agent: nationalarchives.gov.uk
User-agent: netarkivet.dk
User-agent: netEstate NE Crawler
User-agent: Nicecrawler
User-agent: nl-israel_iaharvester2026
User-agent: nlnbot
User-agent: nlncrawler
User-agent: PageFreezer
User-agent: SafeDNS
User-agent: SmarshBot
User-agent: special_archiver
User-agent: tkl.iis.u-tokyo.ac.jp
User-agent: TurnitinBot
User-agent: webarchiv.cz
User-agent: WordPress.com mShots
User-agent: XY-Archive-Compliance-Archiver
User-agent: XY-Archive-Compliance-Crawler
Disallow: /
#
User-agent: AhrefsBot
User-agent: AI2Bot
User-agent: Ai2Bot-Dolma
User-agent: Amazonbot
User-agent: amazon-kendra-
User-agent: anthropic-ai
User-agent: Applebot-Extended
User-agent: bedrockbot
User-agent: Bytespider
User-agent: CloudflareBrowserRenderingCrawler
User-agent: CCBot
User-agent: ChatGLM-Spider
User-agent: ChatGPT-User
User-agent: ClaudeBot
User-agent: Claude-SearchBot
User-agent: Claude-User
User-agent: Claude-Web
User-agent: cohere-ai
User-agent: Cotoyogi
User-agent: DeepSeekBot
User-agent: Diffbot
User-agent: DuckAssistBot
User-agent: EchoboxBot
User-agent: FacebookBot
User-agent: FriendlyCrawler
User-agent: Gemini-Deep-Research
User-agent: Google-CloudVertexBot
User-agent: Google-Extended
User-agent: GoogleOther
User-agent: GoogleOther-Image
User-agent: GoogleOther-Video
User-agent: GPTBot
User-agent: Grok
User-agent: iaskspider/2.0
User-agent: ICC-Crawler
User-agent: ImagesiftBot
User-agent: img2dataset
User-agent: ISSCyberRiskCrawler
User-agent: Kangaroo Bot
User-agent: KunatoCrawler
User-agent: LinerBot
User-agent: Meltwater
User-agent: Meta-ExternalAgent
User-agent: Meta-ExternalFetcher
User-agent: MistralAI-User
User-agent: OAI-Operator
User-agent: OAI-SearchBot
User-agent: omgili
User-agent: omgilibot
User-agent: PanguBot
User-agent: PerplexityBot
User-agent: Perplexity-User
User-agent: PetalBot
User-agent: QualifiedBot
User-agent: Scrapy
User-agent: Seekr
User-agent: Sidetrade indexer bot
User-agent: TaraGroup Intelligent Bot
User-agent: TikTokSpider
User-agent: Timpibot
User-agent: VelenPublicWebCrawler
User-agent: WARDBot
User-agent: Webzio-Extended
User-agent: wpbot
User-agent: WRTNBot
User-agent: YouBot
Allow: /buyline/
Allow: /*_.html
Disallow: /
#
#Allow Google sandbox privacy testing
User-agent: GoogleOther
Allow: /.well-known/privacy-sandbox-attestations.json
#
# Sitemap Files
Sitemap: https://www.dailymail.co.uk/google-news-sitemap.xml
Sitemap: https://www.dailymail.co.uk/sitemap-channels.xml
Sitemap: https://www.dailymail.co.uk/sitemap-columnist.xml
Sitemap: https://www.dailymail.co.uk/sitemap-topics.xml
Sitemap: https://www.dailymail.co.uk/sitemap-videos-year~2021.xml
Sitemap: https://www.dailymail.co.uk/sitemap-facts-year~2021.xml
Sitemap: https://www.dailymail.co.uk/sitemap-articles-year~2021.xml
Sitemap: https://www.dailymail.co.uk/sitemap-videos-year~2022.xml
Sitemap: https://www.dailymail.co.uk/sitemap-articles-year~2022.xml
Sitemap: https://www.dailymail.co.uk/sitemap-facts-year~2022.xml
Sitemap: https://www.dailymail.co.uk/sitemap-videos-year~2023.xml
Sitemap: https://www.dailymail.co.uk/sitemap-articles-year~2023.xml
Sitemap: https://www.dailymail.co.uk/sitemap-facts-year~2023.xml
Sitemap: https://www.dailymail.co.uk/sitemap-videos-year~2024.xml
Sitemap: https://www.dailymail.co.uk/sitemap-articles-year~2024.xml
Sitemap: https://www.dailymail.co.uk/sitemap-facts-year~2024.xml
Sitemap: https://www.dailymail.co.uk/sitemap-videos-year~2025.xml
Sitemap: https://www.dailymail.co.uk/sitemap-articles-year~2025.xml
Sitemap: https://www.dailymail.co.uk/sitemap-facts-year~2025.xml
Sitemap: https://www.dailymail.co.uk/sitemap-videos-year~2026.xml
Sitemap: https://www.dailymail.co.uk/sitemap-articles-year~2026.xml
Sitemap: https://www.dailymail.co.uk/sitemap-facts-year~2026.xml
Sitemap: https://www.dailymail.co.uk/sitemap-authors.xml
sitemap.xml 200 OK
Type Sitemap Index URLs 1 entries Valid XML Yes
Child Sitemaps:
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
URL Variants
www/non-www, trailing slash, HTTP→HTTPS
www/non-www, trailing slash, HTTP→HTTPS
Info::
HTTP correctly 301-redirects to HTTPS
www / non-www
403https://www.dailymail.co.uk/
200https://dailymail.co.uk/
HTTP → HTTPS
301http://dailymail.co.uk/ → https://www.dailymail.co.uk/home/index.html
Consistent
A+Domain Intelligencedailymail.co.uk — via Nom-IQ Limited t/a Com Laude, 31 years, 3 months oldPASS
Domain Intelligence
dailymail.co.uk — via Nom-IQ Limited t/a Com Laude, 31 years, 3 months old
dailymail.co.uk — via Nom-IQ Limited t/a Com Laude, 31 years, 3 months old
Info::
Domain registered until Jun 16, 2028 (2 years, 2 months remaining)
Info::
DNSSEC is not enabled
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Info::
Registrar: Nom-IQ Limited t/a Com Laude
Warning::
Registrar lock is NOT enabled
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Domain expiry
732 days
June 16, 2028
SSL certificate
41 days
Issued by DigiCert Inc
Domain age
31 years, 3 months
Registered June 16, 1995
DNSSEC
Not enabled
Protects against DNS spoofing
Hosting
Unknown
2a02:26f0:2380:28d::16c2
Registrar
Nom-IQ Limited t/a Com Laude
Unlocked 6 NS records
Expiry timeline
Today
+1 year
Domain expiry SSL expiry Danger zone (≤30 days)
Recommended actions
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
Registrar Nom-IQ Limited t/a Com Laude
Created June 16, 1995 (31 years, 3 months ago)
Expires June 16, 2028 (2 years, 2 months)
Last Updated February 15, 2019
Name Servers a1-204.akam.net., a16-67.akam.net., a24-65.akam.net., a4-67.akam.net., a6-64.akam.net., a7-66.akam.net.
DNSSEC Not enabled
Hosting
IP Address 2a02:26f0:2380:28d::16c2
Data source: rdap (0.3s)
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Why this matters
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Why this matters
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice
A+HTTP Probe TimingTotal 32 ms — DNS, TCP, TLS, TTFB, content transfer breakdownPASS
HTTP Probe Timing
Total 32 ms — DNS, TCP, TLS, TTFB, content transfer breakdown
DNS Lookup DNS Lookup — time to resolve the domain name to an IP address.
27 msTCP Connect TCP Connect — time to establish a TCP connection to the server.
0 msTLS Handshake TLS Handshake — time to complete the HTTPS encryption handshake.
3 msTime to First Byte Time to First Byte — how long the server takes to respond with the first byte of data.
33 msTotal Time Total request time from DNS lookup through full response.
33 msConnection waterfall
DNS Lookup 27 ms TCP Connect 0 ms TLS Handshake 3 ms Server Processing 2 ms Content Transfer 0 ms
All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.