Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BTLS Certificate Expiry & Recommendations89 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Submit your domain to hstspreload.org to be added to the Chrome preload list
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryCloudflare (UPDATING)REVIEW
A+DNS Records2 A records, 31 ms lookupPASS
| A | 104.18.3.215, 104.18.2.215 |
| AAAA | 2606:4700::6812:2d7, 2606:4700::6812:3d7 |
| CNAME | — |
| NS | mimi.ns.cloudflare.com, wesley.ns.cloudflare.com |
| MX | 1 aspmx.l.google.com 5 alt2.aspmx.l.google.com 5 alt1.aspmx.l.google.com 10 aspmx3.googlemail.com 10 aspmx2.googlemail.com |
| TXT | google-site-verification=nCpbeluBD6Ne131niLZ5L3lc5VMkcv-R3APEbk_BG7E linkedin-site-verification=80c73098-bfaa-49a2-81c0-6be245868fcf ahrefs-site-verification_5d02bf65d66a55e20a6613204c60be7b2c3f0e97abfa6ea1bbeaade... SPF v=spf1 include:_spf.mlsend.com include:_spf.google.com ~all MS=ms68859981 google-site-verification=EKSTyhVsynqixYBg3vlqdSow1Hj6yzgv3acVAYsoO4k rippling-domain-verification=79fe9b6b49fde77a |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://decrypt.co
65 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://decrypt.co | 200 | 65 ms | HTTP/1.1 | cloudflare |
A+IPv6 ReadinessIPv6 reachable (17 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 66 URLsPASS
User-agent: *
Sitemap: https://decrypt.co/sitemap_index.xml
Sitemap: https://decrypt.co/es/sitemap_index.xml
Sitemap: https://decrypt.co/fr/sitemap_index.xml
- https://decrypt.co/post-sitemap.xml
- https://decrypt.co/post-sitemap2.xml
- https://decrypt.co/post-sitemap3.xml
- https://decrypt.co/post-sitemap4.xml
- https://decrypt.co/post-sitemap5.xml
- https://decrypt.co/post-sitemap6.xml
- https://decrypt.co/post-sitemap7.xml
- https://decrypt.co/post-sitemap8.xml
- https://decrypt.co/post-sitemap9.xml
- https://decrypt.co/post-sitemap10.xml
- https://decrypt.co/post-sitemap11.xml
- https://decrypt.co/post-sitemap12.xml
- https://decrypt.co/post-sitemap13.xml
- https://decrypt.co/post-sitemap14.xml
- https://decrypt.co/post-sitemap15.xml
- https://decrypt.co/post-sitemap16.xml
- https://decrypt.co/post-sitemap17.xml
- https://decrypt.co/post-sitemap18.xml
- https://decrypt.co/post-sitemap19.xml
- https://decrypt.co/post-sitemap20.xml
- https://decrypt.co/post-sitemap21.xml
- https://decrypt.co/post-sitemap22.xml
- https://decrypt.co/post-sitemap23.xml
- https://decrypt.co/post-sitemap24.xml
- https://decrypt.co/post-sitemap25.xml
- https://decrypt.co/post-sitemap26.xml
- https://decrypt.co/post-sitemap27.xml
- https://decrypt.co/post-sitemap28.xml
- https://decrypt.co/post-sitemap29.xml
- https://decrypt.co/post-sitemap30.xml
- https://decrypt.co/post-sitemap31.xml
- https://decrypt.co/post-sitemap32.xml
- https://decrypt.co/post-sitemap33.xml
- https://decrypt.co/post-sitemap34.xml
- https://decrypt.co/post-sitemap35.xml
- https://decrypt.co/post-sitemap36.xml
- https://decrypt.co/post-sitemap37.xml
- https://decrypt.co/post-sitemap38.xml
- https://decrypt.co/post-sitemap39.xml
- https://decrypt.co/post-sitemap40.xml
- https://decrypt.co/post-sitemap41.xml
- https://decrypt.co/post-sitemap42.xml
- https://decrypt.co/post-sitemap43.xml
- https://decrypt.co/post-sitemap44.xml
- https://decrypt.co/post-sitemap45.xml
- https://decrypt.co/post-sitemap46.xml
- https://decrypt.co/post-sitemap47.xml
- https://decrypt.co/post-sitemap48.xml
- https://decrypt.co/post-sitemap49.xml
- https://decrypt.co/post-sitemap50.xml
- https://decrypt.co/post-sitemap51.xml
- https://decrypt.co/post-sitemap52.xml
- https://decrypt.co/post-sitemap53.xml
- https://decrypt.co/post-sitemap54.xml
- https://decrypt.co/post-sitemap55.xml
- https://decrypt.co/page-sitemap.xml
- https://decrypt.co/person_profile-sitema...
- https://decrypt.co/project_profile-sitem...
- https://decrypt.co/rollup-sitemap.xml
- https://decrypt.co/course-sitemap.xml
- https://decrypt.co/category-sitemap.xml
- https://decrypt.co/collection-sitemap.xm...
- https://decrypt.co/link-sitemap.xml
- https://decrypt.co/author-sitemap.xml
- https://decrypt.co/video-sitemap.xml
- https://decrypt.co/web-stories-sitemap.x...
AURL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Use 301 (permanent) instead of 302 (temporary)
A+Domain Intelligencedecrypt.co — via Cloudflare, Inc., 14 years, 4 months oldPASS
232 days
February 28, 2027
89 days
Issued by Google Trust Services
14 years, 4 months
Registered March 1, 2012
Status unknown
Protects against DNS spoofing
Unknown
2606:4700::6812:3d7
Cloudflare, Inc.
Expiry timeline
Domain cannot be transferred without explicit unlock from the registrar. This protects against unauthorized transfers.
Registrar lock (clientTransferProhibited et al.) prevents unauthorized domain transfers — strongest defense against domain hijacking.
Source: ICANN / domain-security best practice