Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BURL Variantswww/non-www, trailing slash, HTTP→HTTPSREVIEW
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
Consistent
BTLS Certificate Expiry & Recommendations83 days until leaf cert expires — 2 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryCloudflareREVIEW
A+DNS Records2 A records, 12 ms lookupPASS
| A | 104.18.105.113, 104.18.106.113 |
| AAAA | 2606:4700::6812:6971, 2606:4700::6812:6a71 |
| CNAME | — |
| NS | ivy.ns.cloudflare.com, buck.ns.cloudflare.com |
| MX | 1 aspmx.l.google.com 5 alt1.aspmx.l.google.com 5 alt2.aspmx.l.google.com 10 aspmx2.googlemail.com 10 aspmx3.googlemail.com |
| TXT | MS=ms98141657 TAILSCALE-uG5uCAWfqa4Wyw0gQrfq 642wtyy9sbct7tyf2j86ch5rx04rdz2f ALIAS for themuse.com.cdn.cloudflare.net loaderio=fefa7eab8eb4a9235df87456251d8a48 MS=53461F9853EFAD414982386418017FD767E2816B detectify-verification=2db35c991fca71013879c15e6dd2e967 facebook-domain-verification=e791khws22zcj2sy1id6ebwf29pgsq google-site-verification=1ygGINmzjO6_g428o-5zoUFWb8falFWVY2G2sy_I4qQ google-site-verification=BSEu4g9vObjlRI1huZYPQc89VA3m6mT6GYbcPKibJsA google-site-verification=FNjjcOiqmzwCdn8yvW1sxv9Q53AMiJSArimbJTGvKs0 google-site-verification=HUpiShgIJ8iGEEzqoq0kwr8ik5PHoOmv2XzCqqvgXg4 google-site-verification=QSV3xCuvyGCACHYGi0Q6y_oG1jldPApJX71nh4dgZsE google-site-verification=Ss2WQpqeEZONGC9KTZKzQ2ua9fi3GLHfgSqGY785nzM google-site-verification=aJGBA4A_5LJzoN-PxTRGdX9rm6k4GRVftqCqxjUzbBU google-site-verification=jN0xA_0mRtT2VyT51vr0psFcJxziGBZjSNh0PTPgAvE google-site-verification=jypKX4YSewd2uU40igejYwiqw8UHCbLer2Tdatf9zXI google-site-verification=md0s79GB0OZtbQCmY6vM7c7afOeDAClYwprDHEYVKHk google-site-verification=pU5RdZU5CSqFSQ699ZJx3txeQDO4yLx7FjiqwR-8s1g google-site-verification=qa13U_X7mA-RS2ajlu79AkyMG9iO_IuwGb2aUB9E1xg google-site-verification=rkqEevr-SbZsgCSDxIp6MfqhZ2aDtBevbh6BARugp6g globalsign-domain-verification=Wq9iztGUzQcBBi1OLrEOlXtefwOzX7yfvhbsw-CVdo ahrefs-site-verification_1d32d4dc8f89352030296faad26bcdaf28daefb721eaeab84cd6555... SPF v=spf1 a mx ip4:209.85.220.41 include:_spf.google.com include:mail.zendesk.com i... |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 88 ms totalPASS
https://themuse.com
20 ms · HTTP/1.1
https://www.themuse.com/
68 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://themuse.com | 301 | 20 ms | HTTP/1.1 | cloudflare |
| 2 | https://www.themuse.com/ | 200 | 68 ms | HTTP/1.1 | cloudflare |
See the visual redirect chain in the HTTP Probe tab →
A+IPv6 ReadinessIPv6 reachable (2 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 1299 URLsPASS
User-agent: *
Sitemap: https://www.themuse.com/sitemap.xml
Disallow: /clients/
Disallow: /dashboard/
Allow: /clients/*/media/*
Allow: /static/*
Disallow: /profiles/*/embed
Disallow: /profiles/*/embed?*
Disallow: /profiles/*/modules/*/embed
Disallow: /profiles/*/framed
Disallow: /profiles/*/framed?*
Disallow: /profiles/*/modules/*/framed
Disallow: /companies/*/embed
Disallow: /companies/*/embed?*
Disallow: /companies/*/modules/*/embed
Disallow: /companies/*/framed
Disallow: /companies/*/framed?*
Disallow: /companies/*/modules/*/framed
Disallow: /job/redirect/*
Disallow: /jobs/*/*?*framed*
Disallow: /vendor/*
Disallow: /tracking/amp*
Disallow: /api/users*
Disallow: /cdn-cgi/*
User-agent: Twitterbot
Allow: /*
User-agent: Pinterest
Allow: /*
A+Domain Intelligencethemuse.com — via Amazon Registrar, Inc., 27 years, 8 months oldPASS
166 days
December 29, 2026
83 days
Issued by Let's Encrypt
27 years, 8 months
Registered December 29, 1998
Enabled
Protects against DNS spoofing
Unknown
2606:4700::6812:6971
Amazon Registrar, Inc.
Expiry timeline
Recommended actions
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice