Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BTLS Certificate Expiry & Recommendations86 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Extend HSTS max-age to at least 31536000 (1 year) to meet the preload list criteria
- Add includeSubDomains to the HSTS directive
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records3 A records, 8 ms lookupPASS
| A | 104.26.10.149, 104.26.11.149, 172.67.70.13 |
| AAAA | 2606:4700:20::681a:a95, 2606:4700:20::681a:b95, 2606:4700:20::ac43:460d |
| CNAME | — |
| NS | kip.ns.cloudflare.com, gina.ns.cloudflare.com |
| MX | 1 aspmx.l.google.com 5 alt1.aspmx.l.google.com 5 alt2.aspmx.l.google.com 10 alt4.aspmx.l.google.com 10 alt3.aspmx.l.google.com |
| TXT | ca3-d13c9193dc76426cb4fb694b6893e623 google-site-verification=8sHhuSEKf_fsUs0aonrAI1r_I9ucGiPtQdndr48v3AM SPF v=spf1 include:_spf.google.com include:sendgrid.net include:amazonses.com ~all |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://colorlib.com
40 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://colorlib.com | 200 | 40 ms | HTTP/1.1 | cloudflare |
A+IPv6 ReadinessIPv6 reachable (1 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 2 URLsPASS
User-agent: *
# feed urls
Disallow: */feed/
# login urls
Disallow: /wp-admin/
Disallow: /wp/wp-admin/
Disallow: /wp-login.php
Disallow: /wp/wp-login.php
#block access to internal search result pages
Disallow: */wp/?s=*
Disallow: */wp/search/*
Disallow: /*?s=
Disallow: */search/*
# Sitemaps
Sitemap: https://colorlib.com/sitemap_index.xml
Sitemap: https://colorlib.com/wp/sitemap_index.xml
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencecolorlib.com — via Cloudflare, Inc., 12 years, 9 months oldPASS
66 days
September 19, 2026
86 days
Issued by Google Trust Services
12 years, 9 months
Registered September 19, 2013
Enabled
Protects against DNS spoofing
Unknown
2606:4700:20::ac43:460d
Cloudflare, Inc.
Expiry timeline
Recommended actions
- Renew the domain or enable auto-renewal to prevent accidental expiry
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice