Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BTLS Certificate Expiry & Recommendations42 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records3 A records, 7 ms lookupPASS
| A | 172.67.71.206, 104.26.9.60, 104.26.8.60 |
| AAAA | 2606:4700:20::ac43:47ce, 2606:4700:20::681a:83c, 2606:4700:20::681a:93c |
| CNAME | — |
| NS | cleo.ns.cloudflare.com, cruz.ns.cloudflare.com |
| MX | 1 aspmx.l.google.com 5 alt1.aspmx.l.google.com 5 alt2.aspmx.l.google.com 10 aspmx3.googlemail.com 10 aspmx2.googlemail.com |
| TXT | google-site-verification=W5HjjaGCmyaQ2A_9WhP5fTNj6mNo7ZARhlCYYSrgk54 SPF v=spf1 include:_spf.google.com include:amazonses.com include:eu-central-1.amazon... |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://devowl.io
86 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://devowl.io | 200 | 86 ms | HTTP/1.1 | cloudflare |
A+IPv6 ReadinessIPv6 reachable (1 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 4 URLsPASS
User-agent: *
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php
Sitemap: https://devowl.io/sitemaps.xml
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencedevowl.io — via 1API GmbH, 6 years, 6 months oldPASS
471 days
October 31, 2027
42 days
Issued by Google Trust Services
6 years, 6 months
Registered October 31, 2019
Status unknown
Protects against DNS spoofing
Unknown
2606:4700:20::681a:93c
1API GmbH
Expiry timeline
Domain cannot be transferred without explicit unlock from the registrar. This protects against unauthorized transfers.
Registrar lock (clientTransferProhibited et al.) prevents unauthorized domain transfers — strongest defense against domain hijacking.
Source: ICANN / domain-security best practice