Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BTLS Certificate Expiry & Recommendations50 days until leaf cert expires — 2 issues to addressREVIEW
Certificate validity
Recommended actions
- Submit your domain to hstspreload.org to be added to the Chrome preload list
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records3 A records, 20 ms lookupPASS
| A | 104.26.4.221, 104.26.5.221, 172.67.68.66 |
| AAAA | 2606:4700:20::681a:4dd, 2606:4700:20::681a:5dd, 2606:4700:20::ac43:4442 |
| CNAME | — |
| NS | may.ns.cloudflare.com, toby.ns.cloudflare.com |
| MX | 0 unric-org.mail.protection.outlook.com |
| TXT | Probely=65925e17-1836-4c78-8a58-a923def1d814 canva-site-verification=mXBcwbLHgbhlsjx-P6TIkw Sendinblue-code:19bd755197ce4a4082760ea33876e496 google-site-verification=fgSEnwfAutljRQuzxed7THGz219Opnf9b5zGbI0PTnQ SPF v=spf1 include:spf.protection.outlook.com include:spf.mailjet.com include:spf.se... |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://unric.org
41 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://unric.org | 200 | 41 ms | HTTP/1.1 | cloudflare |
A+IPv6 ReadinessIPv6 reachable (1 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 1 URLsPASS
# =============================================================
# robots.txt — UNRIC.org
# Last updated: Phil 8 April 2026
# =============================================================
User-agent: *
# --- Admin & system files ---
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php
Disallow: /wp-login.php
Disallow: /wp-signup.php
Disallow: /wp-activate.php
Disallow: /wp-cron.php
Disallow: /xmlrpc.php
Disallow: /cgi-bin/
# --- WP Rocket / RocketCDN cache ---
# On-disk cache folders are served by Cloudflare CDN;
# no crawling value, excluded to preserve crawl budget.
Disallow: /wp-content/cache/
Disallow: /wp-content/cache/min/
Disallow: /wp-content/cache/busting/
# --- REST API ---
# The public REST API endpoint has no indexing value
# and exposes user enumeration (/wp-json/wp/v2/users).
Disallow: /wp-json/
# --- Duplicate content & low-value URL patterns ---
Disallow: /?s=
Disallow: /search/
Disallow: /page/*/?s=
Disallow: */trackback/
Disallow: */comments/feed/
Disallow: */comment-page-*/
Disallow: /*?replytocom
Disallow: /*?doing_wp_cron
Disallow: /*?preview=true
# --- Assets: allow full access for Google rendering ---
Allow: /wp-includes/
Allow: /wp-content/plugins/
Allow: /*.css$
Allow: /*.js$
Allow: /*.woff$
Allow: /*.woff2$
Allow: /*.ttf$
Allow: /*.eot$
Allow: /*.svg$
Allow: /*.gif$
Allow: /*.jpg$
Allow: /*.jpeg$
Allow: /*.png$
Allow: /*.webp$
# --- Multisite: per-language admin directories ---
Disallow: /en/wp-admin/
Allow: /en/wp-admin/admin-ajax.php
Disallow: /fr/wp-admin/
Allow: /fr/wp-admin/admin-ajax.php
Disallow: /it/wp-admin/
Allow: /it/wp-admin/admin-ajax.php
Disallow: /pt/wp-admin/
Allow: /pt/wp-admin/admin-ajax.php
Disallow: /nl/wp-admin/
Allow: /nl/wp-admin/admin-ajax.php
Disallow: /es/wp-admin/
Allow: /es/wp-admin/admin-ajax.php
Disallow: /de/wp-admin/
Allow: /de/wp-admin/admin-ajax.php
Disallow: /sv/wp-admin/
Allow: /sv/wp-admin/admin-ajax.php
Disallow: /da/wp-admin/
Allow: /da/wp-admin/admin-ajax.php
Disallow: /no/wp-admin/
Allow: /no/wp-admin/admin-ajax.php
Disallow: /fi/wp-admin/
Allow: /fi/wp-admin/admin-ajax.php
Disallow: /is/wp-admin/
Allow: /is/wp-admin/admin-ajax.php
Disallow: /el/wp-admin/
Allow: /el/wp-admin/admin-ajax.php
# =============================================================
# AI CRAWLERS — explicit Allow for GEO / AEO visibility
# -------------------------------------------------------------
# Cloudflare Pro blocks AI bots by default. See config @Cloudflare
# =============================================================
User-agent: GPTBot
Allow: /
User-agent: OAI-SearchBot
Allow: /
User-agent: ChatGPT-User
Allow: /
User-agent: Google-Extended
Allow: /
User-agent: PerplexityBot
Allow: /
User-agent: ClaudeBot
Allow: /
User-agent: anthropic-ai
Allow: /
User-agent: Applebot-Extended
Allow: /
User-agent: Diffbot
Allow: /
User-agent: YouBot
Allow: /
User-agent: Bytespider
Allow: /
# --- Third-party SEO crawlers ---
# Rate-limit high-frequency audit bots to reduce server load.
# MJ12bot, DotBot and BLEXBot provide no operational value.
User-agent: AhrefsBot
Crawl-delay: 10
User-agent: SemrushBot
Crawl-delay: 10
User-agent: MJ12bot
Disallow: /
User-agent: DotBot
Disallow: /
User-agent: BLEXBot
Disallow: /
# =============================================================
# Sitemaps — Yoast SEO Premium (14 language subsites)
# -------------------------------------------------------------
# Submit each sitemap_index.xml individually in:
# - Google Search Console (one property per language path)
# - Bing Webmaster Tools (feeds ChatGPT real-time search)
# =============================================================
Sitemap: https://unric.org/sitemap_index.xml
Sitemap: https://unric.org/en/sitemap_index.xml
Sitemap: https://unric.org/fr/sitemap_index.xml
Sitemap: https://unric.org/it/sitemap_index.xml
Sitemap: https://unric.org/pt/sitemap_index.xml
Sitemap: https://unric.org/nl/sitemap_index.xml
Sitemap: https://unric.org/es/sitemap_index.xml
Sitemap: https://unric.org/de/sitemap_index.xml
Sitemap: https://unric.org/sv/sitemap_index.xml
Sitemap: https://unric.org/da/sitemap_index.xml
Sitemap: https://unric.org/no/sitemap_index.xml
Sitemap: https://unric.org/fi/sitemap_index.xml
Sitemap: https://unric.org/is/sitemap_index.xml
Sitemap: https://unric.org/el/sitemap_index.xml
# --- AI visibility file (GEO / AEO) ---
# llms.txt provides LLMs with a structured overview of UNRIC
# content, preferred citations and key page index.
# Deploy at: https://unric.org/llms.txt
Sitemap: https://unric.org/llms.txt
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligenceunric.org — via OVH sas, 20 years, 9 months oldPASS
843 days
November 3, 2028
50 days
Issued by Google Trust Services
20 years, 9 months
Registered November 3, 2005
Enabled
Protects against DNS spoofing
Unknown
2606:4700:20::681a:5dd
OVH sas
Expiry timeline
Recommended actions
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice