Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BTLS Certificate Expiry & Recommendations186 days until leaf cert expires — 2 issues to addressREVIEW
Certificate validity
Recommended actions
- Submit your domain to hstspreload.org to be added to the Chrome preload list
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records4 A records, 94 ms lookupPASS
| A | 3.174.141.46, 3.174.141.51, 3.174.141.98, 3.174.141.15 |
| AAAA | 2600:9000:28fd:8400:6:d0d2:780:93a1, 2600:9000:28fd:be00:6:d0d2:780:93a1, 2600:9000:28fd:d800:6:d0d2:780:93a1, 2600:9000:28fd:e800:6:d0d2:780:93a1, 2600:9000:28fd:7600:6:d0d2:780:93a1, 2600:9000:28fd:ba00:6:d0d2:780:93a1, 2600:9000:28fd:4c00:6:d0d2:780:93a1, 2600:9000:28fd:1600:6:d0d2:780:93a1 |
| CNAME | — |
| NS | kim.ns.cloudflare.com, chip.ns.cloudflare.com |
| MX | 1 aspmx.l.google.com 5 alt2.aspmx.l.google.com 5 alt1.aspmx.l.google.com 10 aspmx2.googlemail.com 10 aspmx3.googlemail.com |
| TXT | google-site-verification=ZwvN7sFdASQRA2TVqpPkgIsRY0nxP1AhNevNKduButY MS=787B3E2FFA50666A738CC3767FFAAAD7DE78D7E9 _globalsign-domain-verification=T5-VK7xTMEy-qPcEnJL4pGgOKcJJ4dyplGYsa3tDRD mongodb-site-verification=R4d5ZTaweerkuQdcFvHhIt4Lb7qnpno0 SPF v=spf1 include:_spf.google.com include:mail.zendesk.com include:mg-spf.greenhous... docusign=d29b5a86-240e-4695-bda6-40fac836d1ff MS=ms69010546 _globalsign-domain-verification=WGzMAqWI13UY476xZnkBgLT3F7tQHWObKP9h9vLm15 brave-ledger-verification=fea1b86c84e90d36b577216805e316e1a073678b1fda846a9b6b5c... _globalsign-domain-verification=L_gCJjCp8BmJQV8Dw1zuHUrMXgEBInKkweJ0NqFGSE apple-domain-verification=5XuBJ6NV4KD8docJ hns-claim:aakdai3ypqcte6d7zzcpedduonetpg67lfap4fckaeaaaaaaaaaklzaororjdpl6qzexi7... _globalsign-domain-verification=HCquRZirWbyRekkdrNfZdytgWf8BuwrRiQbTsM9TFN SNAPCRAFT_IO_VERIFICATION=a6c419cd014cd335db14d30c0b0bffeb51648a8c1f006996aadb38... jetbrains-domain-verification=cmhccblslkxaex2x98x6rfhr5 stripe-verification=847220A91D9946797AF5B23AF5E5816819D7635F929A648A642F6F719B68... stripe-verification=abaf8277692b579a36980f8bce5c0e666d01940029ff29b49275347ad8dd... google-site-verification=pUm3K397g4pZPb55WFKVAH4tD5Dk8VGN0228pOZMzE0 |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://brave.com
84 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://brave.com | 200 | 84 ms | HTTP/1.1 | AmazonS3 |
A+IPv6 ReadinessIPv6 reachable (25 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 44 URLsPASS
User-agent: *
Sitemap: https://brave.com/sitemap.xml
- https://brave.com/en/sitemap.xml
- https://brave.com/ja/sitemap.xml
- https://brave.com/zh/sitemap.xml
- https://brave.com/ko/sitemap.xml
- https://brave.com/de/sitemap.xml
- https://brave.com/fr/sitemap.xml
- https://brave.com/es/sitemap.xml
- https://brave.com/da/sitemap.xml
- https://brave.com/it/sitemap.xml
- https://brave.com/pt-br/sitemap.xml
- https://brave.com/sv/sitemap.xml
- https://brave.com/fil/sitemap.xml
- https://brave.com/hi/sitemap.xml
- https://brave.com/id/sitemap.xml
- https://brave.com/nl/sitemap.xml
- https://brave.com/pl/sitemap.xml
- https://brave.com/ru/sitemap.xml
- https://brave.com/vi/sitemap.xml
- https://brave.com/ca/sitemap.xml
- https://brave.com/ro/sitemap.xml
- https://brave.com/tr/sitemap.xml
- https://brave.com/uk/sitemap.xml
- https://brave.com/th/sitemap.xml
- https://brave.com/bg/sitemap.xml
- https://brave.com/hr/sitemap.xml
- https://brave.com/cs/sitemap.xml
- https://brave.com/fi/sitemap.xml
- https://brave.com/el/sitemap.xml
- https://brave.com/hu/sitemap.xml
- https://brave.com/lv/sitemap.xml
- https://brave.com/lt/sitemap.xml
- https://brave.com/nb/sitemap.xml
- https://brave.com/sk/sitemap.xml
- https://brave.com/sl/sitemap.xml
- https://brave.com/sw/sitemap.xml
- https://brave.com/uz/sitemap.xml
- https://brave.com/zh-tw/sitemap.xml
- https://brave.com/ar/sitemap.xml
- https://brave.com/az/sitemap.xml
- https://brave.com/et/sitemap.xml
- https://brave.com/ka/sitemap.xml
- https://brave.com/kk/sitemap.xml
- https://brave.com/km/sitemap.xml
- https://brave.com/sr/sitemap.xml
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencebrave.com — via NameCheap, Inc., 31 years oldPASS
1161 days
September 17, 2029
186 days
Issued by Amazon
31 years
Registered September 18, 1995
Enabled
Protects against DNS spoofing
Unknown
2600:9000:28fd:7600:6:d0d2:780:93a1
NameCheap, Inc.
Expiry timeline
Recommended actions
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice