Infrastructure - https://belkin.com BeaverCheck Audit

B

URL Variants

www/non-www, trailing slash, HTTP→HTTPS

REVIEW

www/non-www, trailing slash, HTTP→HTTPS

Both www and non-www versions serve content

Got: Both variants return 200 Expected: One variant 301-redirects to the other

HTTP correctly 301-redirects to HTTPS

www / non-www

200https://www.belkin.com/

200https://belkin.com/

Inconsistent — duplicate content risk

HTTP → HTTPS

301http://belkin.com/ → https://www.belkin.com/

Consistent

B

TLS Certificate Expiry & Recommendations

67 days until leaf cert expires — 2 issues to address

REVIEW

Certificate validity

67

days left

0d 30d 60d 90d+

Recommended actions

Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy

B

CDN & Delivery

Cloudflare

REVIEW

Cloudflare

Site is served via Cloudflare CDN (edge: CDG)

Got: cf-ray: 9f08809dd8ec0f1e-CDG

CDN Detected: Cloudflare

Provider Cloudflare Evidence cf-ray: 9f08809dd8ec0f1e-CDG

A+

DNS Records

2 A records, 119 ms lookup

PASS

2 A records, 119 ms lookup

Resolves to 2 IPv4 address(es)

Got: 172.66.161.251, 104.20.18.168

Has 2 IPv6 (AAAA) record(s)

Got: 2606:4700:10::ac42:a1fb, 2606:4700:10::6814:12a8

2 nameserver(s) configured

Got: martin.ns.cloudflare.com, eve.ns.cloudflare.com

2 mail exchanger(s) configured

CAA records not checked

CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.

SPF record present in TXT

DNS resolution time: 119 ms

Got: 119 ms

A	172.66.161.251, 104.20.18.168
AAAA	2606:4700:10::ac42:a1fb, 2606:4700:10::6814:12a8
CNAME	—
NS	martin.ns.cloudflare.com, eve.ns.cloudflare.com
MX	10 us-smtp-inbound-2.mimecast.com 10 us-smtp-inbound-1.mimecast.com
TXT	google-site-verification=9vcdNo3sMnFrWWvriyGM-aSpCGPspxadNIp_RZjBhXc lor0mf83f6l9379cd02fui851m cankmn2q61nc1lmugi13kshfps SPF v=spf1 ip4:66.35.37.96/27 ip4:54.240.10.84/22 ip4:209.177.160.9/20 ip4:67.202.20... apple-domain-verification=zDA4DaUsoK60OKKf EAFMIQev+en0Yx8ka/BSHdTALnx0jqt6ZVINMYQnIMxJXNpO9gG/expreaX0S5gnUe6A+2UWFz8zzpoG... docusign=8bdf0481-2489-443f-a5b6-ecd7ed994a8a SFMC-YSlPVI_aH4xK8gwbRuh2tnbOa9T1JOBLKSQooBQr facebook-domain-verification=t5eraoalgwmr37ff442cg00cmvsuwz openai-domain-verification=dv-SlDu0ZNhxYFuWQEyp7Bdbjn0 INC0130297 docusign=2fcb5a7d-593f-4c63-9872-b21de652ef45 cisco-ci-domain-verification=1aed1b3e47b77ca7dac3b5a0be16ba72c4eccb7c2813d5e0de2...
CAA	Lookup not available with standard resolver

Resolved in 119 ms

CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.

Why this matters

Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.

A

Redirect Chain

1 redirect(s), 427 ms total

PASS

1 redirect(s), 427 ms total

Single redirect

Got: https://belkin.com → https://www.belkin.com/ (301)

WWW normalization redirect

https://belkin.com

59 ms · HTTP/1.1

301

https://www.belkin.com/

368 ms · HTTP/1.1 FINAL

#	URL	Status	Time	Protocol	Server
1	https://belkin.com	301	59 ms	HTTP/1.1	cloudflare
2	https://www.belkin.com/	200	368 ms	HTTP/1.1	cloudflare

See the visual redirect chain in the HTTP Probe tab →

A+

IPv6 Readiness

IPv6 reachable (17 ms)

PASS

IPv6 reachable (17 ms)

IPv6 is configured and reachable at 2606:4700:10::ac42:a1fb, 2606:4700:10::6814:12a8

Got: 17 ms connect

IPv6 Ready

AAAA Records 2606:4700:10::ac42:a1fb, 2606:4700:10::6814:12a8 Connection Reachable (17 ms)

A+

Crawlability

robots.txt present, sitemap with 4 URLs

PASS

robots.txt present, sitemap with 4 URLs

robots.txt is present

Got: 3031 bytes

sitemap.xml is present

sitemap.xml is valid XML

sitemap.xml contains 4 entries

Sitemap index with 4 child sitemaps

robots.txt references sitemap

robots.txt 200 OK

Size 3031 B Sitemaps referenced 21 User-agents Robozilla, Amazonbot, 360Spider, Yisouspider, PetalBot, yahoo-blogs/v3.9, Yandex, BLEXBot, *, Mediapartners-Google, Sogou web spider, asterias, Nutch, Storebot-Google, AdsBot-Google, Baiduspider, Sogou inst spider, yahoo-mmcrawler, Googlebot-Image, Bytespider, psbot Blocking No — crawling allowed

User-agent: *


Disallow: /*Account-Show*

Disallow: /*SendToFriend-Start/

Disallow: /*Wishlist*

Disallow: /wishlist/

Disallow: /*Product-Variation*

Disallow: /*Search-Show*

Disallow: /*Product-Show*

Disallow: /*Product?pid=*

Disallow: /*directRegistration*

Disallow: /*/null/

Disallow: /*/noname-*

Disallow: /*Cart-SubmitForm*

Disallow: /*Account-RegistrationForm*

Disallow: /*Account-SetNewPasswordForm*

Disallow: /*COCustomer-LoginForm*

Disallow: /*COShipping*

Disallow: /*CustomerService-Submit*

Disallow: /*Login-LoginForm*

Disallow: /*Login-OAuthReentryFacebook*

Disallow: /*pmin*

Disallow: /*pmax*

Disallow: /*prefn1*

Disallow: /*prefn2*

Disallow: /*prefn3*

Disallow: /*prefn4*

Disallow: /*prefv1*

Disallow: /*prefv2*

Disallow: /*prefv3*

Disallow: /*prefv4*

Disallow: /*srule*

Disallow: /cart*

Disallow: /*-amzn*


# Amazon's Bot

User-agent: Amazonbot

Allow: /*-amzn*


# Google's Imagebot Complete Access

user-agent: Googlebot-Image

Disallow:

Disallow: /*-amzn*


# Google's Adsense Complete Access

User-agent: Mediapartners-Google

Disallow:

Disallow: /*-amzn*


# Google's Storebot Complete Access

User-agent: Storebot-Google

Disallow:

Disallow: /*-amzn*


# Google's Adbot Complete Access

User-agent: AdsBot-Google

Disallow:

Disallow: /*-amzn*


# Bots Disallowed

User-agent: Baiduspider

Disallow: /

User-agent: 360Spider

Disallow: /

User-agent: Yisouspider

Disallow: /

User-agent: PetalBot

Disallow: /

User-agent: Bytespider

Disallow: /

User-agent: Sogou web spider

Disallow: /

User-agent: Sogou inst spider

Disallow: /

User-agent: Robozilla

Disallow: /

User-agent: yahoo-mmcrawler

Disallow: /

User-agent: psbot

Disallow: /

User-agent: asterias

Disallow: /

User-agent: yahoo-blogs/v3.9

Disallow: /

User-agent: Yandex

Disallow: /

User-agent: BLEXBot

Disallow: /

User-agent: Nutch

Disallow: /


# Sitemap List

Sitemap: https://www.belkin.com/sitemap_index.xml

Sitemap: https://www.belkin.com/id/sitemap_index.xml

Sitemap: https://www.belkin.com/kr/sitemap_index.xml

Sitemap: https://www.belkin.com/my/sitemap_index.xml

Sitemap: https://www.belkin.com/vn/sitemap_index.xml

Sitemap: https://www.belkin.com/th/sitemap_index.xml

Sitemap: https://www.belkin.com/in/sitemap_index.xml

Sitemap: https://www.belkin.com/uk/sitemap_index.xml

Sitemap: https://www.belkin.com/nl/sitemap_index.xml

Sitemap: https://www.belkin.com/fr/sitemap_index.xml

Sitemap: https://www.belkin.com/hk/sitemap_index.xml

Sitemap: https://www.belkin.com/es/sitemap_index.xml

Sitemap: https://www.belkin.com/sg/sitemap_index.xml

Sitemap: https://www.belkin.com/cn/sitemap_index.xml

Sitemap: https://www.belkin.com/ph/sitemap_index.xml

Sitemap: https://www.belkin.com/it/sitemap_index.xml

Sitemap: https://www.belkin.com/au/sitemap_index.xml

Sitemap: https://www.belkin.com/de/sitemap_index.xml

Sitemap: https://www.belkin.com/jp/sitemap_index.xml

Sitemap: https://www.belkin.com/ca/sitemap_index.xml

Sitemap: https://www.belkin.com/tw/sitemap_index.xml

sitemap.xml 200 OK

Type Sitemap Index URLs 4 entries Valid XML Yes

Child Sitemaps:

A+

Domain Intelligence

belkin.com — via Key-Systems GmbH, 30 years, 7 months old

PASS

belkin.com — via Key-Systems GmbH, 30 years, 7 months old

Domain registered until Feb 26, 2027 (10 months remaining)

DNSSEC is enabled

Registrar: Key-Systems GmbH

Registrar lock is NOT enabled

The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.

Domain expiry

255 days

February 26, 2027

SSL certificate

67 days

Issued by Google Trust Services

Domain age

30 years, 7 months

Registered February 25, 1996

DNSSEC

Enabled

Protects against DNS spoofing

Hosting

Unknown

2606:4700:10::ac42:a1fb

Registrar

Key-Systems GmbH

Unlocked 2 NS records

Expiry timeline

Today

+1 year

Domain expiry SSL expiry Danger zone (≤30 days)

Recommended actions

Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers

Registrar Key-Systems GmbH

Created February 25, 1996 (30 years, 7 months ago)

Expires February 26, 2027 (10 months)

Last Updated November 29, 2025

Name Servers eve.ns.cloudflare.com, martin.ns.cloudflare.com

DNSSEC Enabled

Hosting

IP Address 2606:4700:10::ac42:a1fb

Data source: rdap (0.2s)

The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.

Why this matters

Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.

Learn more ▾

Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.

Source: ICANN / domain-security best practice

A+

HTTP Probe Timing

Total 109 ms — DNS, TCP, TLS, TTFB, content transfer breakdown

PASS

DNS Lookup

53 ms

TCP Connect

16 ms

TLS Handshake

21 ms

Time to First Byte

109 ms

Total Time

109 ms

Connection waterfall

DNS Lookup 53 ms TCP Connect 16 ms TLS Handshake 21 ms Server Processing 19 ms Content Transfer 0 ms