Infrastructure
· 17 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BDNSSECUnsigned (DNSSEC not deployed)REVIEW
BCAA RecordsNo CAA records (any CA may issue certificates)REVIEW
BReverse DNS0/12 IPs match cert SANREVIEW
BTLS Certificate Expiry & Recommendations58 days until leaf cert expires — 2 issues to addressREVIEW
Certificate validity
Recommended actions
- Submit your domain to hstspreload.org to be added to the Chrome preload list
- Enable DNSSEC on your domain for DNS spoofing protection
BOperational Status PageNo status page link detectedREVIEW
BHealth Check EndpointNo conventional health endpoint foundREVIEW
A+DNS Records4 A records, 22 ms lookupPASS
| A | 18.155.24.175, 18.155.24.231, 18.155.24.135, 18.155.24.162 |
| AAAA | 2600:9000:294e:2c00:e:2f62:43c0:21, 2600:9000:294e:6600:e:2f62:43c0:21, 2600:9000:294e:c200:e:2f62:43c0:21, 2600:9000:294e:e00:e:2f62:43c0:21, 2600:9000:294e:d200:e:2f62:43c0:21, 2600:9000:294e:da00:e:2f62:43c0:21, 2600:9000:294e:4c00:e:2f62:43c0:21, 2600:9000:294e:4600:e:2f62:43c0:21 |
| CNAME | — |
| NS | ns-1040.awsdns-02.org, ns-1730.awsdns-24.co.uk, ns-30.awsdns-03.com, ns-707.awsdns-24.net |
| MX | — |
| TXT | — |
| CAA | Lookup not available with standard resolver |
SPF helps prevent email spoofing. Add a TXT record starting with 'v=spf1'.
Without SPF, receiving servers can't validate sending IPs — your domain is easier to spoof in phishing.
Learn more ▾ ▴
SPF complements DMARC. Both should be published. SPF records list authorized sending IPs (e.g., `v=spf1 include:_spf.google.com ~all` for Google Workspace). After publishing, verify in Google Postmaster Tools or mxtoolbox.
Source: RFC 7208 (SPF)
A+Subdomain TakeoverNo subdomain takeover risk detectedPASS
A+Multi-Resolver DNS SpeedMean 7ms across 3 resolvers (spread 9ms)PASS
A+Redirect ChainNo redirects — direct accessPASS
https://d2gtr1ztczy3gv.cloudfront.net
471 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://d2gtr1ztczy3gv.cloudfront.net | 200 | 471 ms | HTTP/1.1 | AmazonS3 |
A+IPv6 ReadinessIPv6 reachable (2 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 4 URLsPASS
User-Agent: *
Allow: /
Sitemap: https://paradiseandparadisecare.com.au/sitemap.xml
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
HTTP → HTTPS
Consistent
AHTTP Probe TimingTotal 739 ms — DNS, TCP, TLS, TTFB, content transfer breakdownPASS
Connection waterfall
ACDN & DeliveryAWS CloudFront (Miss from cloudfront)PASS
A+CDN Cache ObservabilityCache state: MISSPASS
Domain IntelligenceDomain intelligence data not availableINFO
RDAP and WHOIS lookup both failed