Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BURL Variantswww/non-www, trailing slash, HTTP→HTTPSREVIEW
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
Consistent
BTLS Certificate Expiry & Recommendations93 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
ADNS Records4 A records, 394 ms lookupPASS
| A | 13.226.2.110, 13.226.2.47, 13.226.2.89, 13.226.2.36 |
| AAAA | — |
| CNAME | — |
| NS | ns-1360.awsdns-42.org, ns-1735.awsdns-24.co.uk, ns-83.awsdns-10.com, ns-879.awsdns-45.net |
| MX | 0 theglobeandmail-com.mail.protection.outlook.com |
| TXT | 6gkfshf5ypx2wrxnsp4423b9hgmgjdts MS=ms69832701 _6bgtba2maddeiojjgx9grlya3xl6ztm _e0s5bmeg7af5bhu59q5bldrzs9583sd facebook-domain-verification=vyvhgyjf7h5w5m4x0n1h9yo6tb9u4e google-site-verification=JbYafuhokuYPG9fdhI9_cp72T-gzJb0SdY12egIim2s google-site-verification=LIEWlsRXAqltXzbQPSMrb0WtpeSjYyzOuReLti6oJ0Q google-site-verification=MMVxMHg6IBbku4rU92fAm6GtTQg9Kku9Hb9KzOpw248 google-site-verification=WIcJqh1zq8kpe2QWckfMgKZl2iUmUzjng720S6oE-2I google-site-verification=XRP2v9gJXiZQZ9UUXtqplx_Ml0OqsvPr2weECoq8ghY google-site-verification=jPu9xKKc8GXg2h7A7c3B69t1o8NFRXrltLV-iYmHWpI google-site-verification=necbf0FNwI_u4-2OhMaqKl8SzdIVjD8KYu7BWhl40h0 google-site-verification=q-uVhRmlAwvdTD6ZK5G-oqkWRzAgX5RuT844O8lm70A pinterest-site-verification=c721ac3400ab64737f9e5d6408992d07 tollbit-domain-verification=23d1181a7606245c6d412b03778ed7a1573ffc7e4b8217f07489... |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
SPF helps prevent email spoofing. Add a TXT record starting with 'v=spf1'.
Without SPF, receiving servers can't validate sending IPs — your domain is easier to spoof in phishing.
Learn more ▾ ▴
SPF complements DMARC. Both should be published. SPF records list authorized sending IPs (e.g., `v=spf1 include:_spf.google.com ~all` for Google Workspace). After publishing, verify in Google Postmaster Tools or mxtoolbox.
Source: RFC 7208 (SPF)
Slow DNS adds latency to every page load. Consider a faster DNS provider.
DNS resolution is slow — anycast DNS providers (Cloudflare, Route 53) typically resolve <50ms globally.
Source: DNS performance benchmarks
ARedirect Chain1 redirect(s), 768 ms totalPASS
https://theglobeandmail.com
691 ms · HTTP/1.1
https://www.theglobeandmail.com/
76 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://theglobeandmail.com | 301 | 691 ms | HTTP/1.1 | AmazonS3 |
| 2 | https://www.theglobeandmail.com/ | 200 | 76 ms | HTTP/1.1 | openresty |
See the visual redirect chain in the HTTP Probe tab →
A+Crawlabilityrobots.txt present, sitemap with 3 URLsPASS
User-agent: AmazonAdBot
Allow: /
User-agent: Googlebot-News
Disallow: /feeds/
Disallow: /incoming/
Disallow: /test/
Disallow: /partners/
Disallow: /search/
Disallow: /business/adv/appointmentnotices/search/
Disallow: /gift/
User-agent: AdsBot-Google
Disallow: /feeds/
Disallow: /incoming/
Disallow: /test/
Disallow: /search/
Disallow: /business/adv/appointmentnotices/search/
Disallow: /gift/
User-agent: *
Disallow: /feeds/
Disallow: /incoming/
Disallow: /test/
Disallow: /search/
Disallow: /business/adv/appointmentnotices/search/
Disallow: /marketing-containers/
Disallow: /coupons/
Disallow: /files/advertising/
Disallow: /gift/
User-agent: AddSearchBot
Disallow: /
User-agent: AhrefsBot
Disallow: /
User-agent: AI2Bot
Disallow: /
User-agent: AI2Bot-DeepResearchEval
Disallow: /
User-agent: AI2Bot-Dolma
Disallow: /
User-agent: aiHitBot
Disallow: /
User-agent: AliyunSecBot
Disallow: /
User-agent: Amazonbot
Disallow: /
User-agent: AmazonBuyForMe
Disallow: /
User-agent: amazon-kendra
Disallow: /
User-agent: Amzn-SearchBot
Disallow: /
User-agent: Amzn-User
Disallow: /
User-agent: Andibot
Disallow: /
User-agent: Anthropic-ai
Disallow: /
User-agent: Anomura
Disallow: /
User-agent: archive.org_bot
Disallow: /
User-agent: Archive-It
Disallow: /
User-agent: atlassian-bot
Disallow: /
User-agent: AudigentAdBot
Disallow: /
User-agent: Awario
Disallow: /
User-agent: AwarioRssBot
Disallow: /
User-agent: AwarioSmartBot
Disallow: /
User-agent: BaiduSpider
Disallow: /
User-agent: bedrockbot
Disallow: /
User-agent: bigsur.ai
Disallow: /
User-agent: BLEXBot
Disallow: /
User-agent: Brandwatch
Disallow: /
User-agent: Bravebot
Disallow: /
User-agent: Brightbot 1.0
Disallow: /
User-agent: Bytespider
Disallow: /
User-agent: carbon-umbrella-bot/1.0
Disallow: /
User-agent: CCBot
Disallow: /
User-agent: Channel3Bot
Disallow: /
User-agent: ChatGLM-Spider
Disallow: /
User-agent: ChatGPT Agent
Disallow: /
User-agent: ChatGPT-User
Disallow: /
User-agent: Cision
Disallow: /
User-agent: Claude-SearchBot
Disallow: /
User-agent: Claude-User
Disallow: /
User-agent: Claude-Web
Disallow: /
User-agent: ClaudeBot
Disallow: /
User-agent: Cloudflare-AutoRAG
Disallow: /
User-agent: CloudVertexBot
Disallow: /
User-agent: cohere-ai
Disallow: /
User-agent: cohere-training-data-crawler
Disallow: /
User-agent: Cotoyogi
Disallow: /
User-agent: Crawl4AI
Disallow: /
User-agent: Crawlspace
Disallow: /
User-agent: DataForSeoBot
Disallow: /
User-agent: Datenbank Crawler
Disallow: /
User-agent: DeepSeekBot
Disallow: /
User-agent: Deepseek
Disallow: /
User-agent: Devin
Disallow: /
User-agent: Diffbot
Disallow: /
User-agent: DuckAssistBot
Disallow: /
User-agent: EchoboxBot
Disallow: /
User-agent: ErisBot
Disallow: /
User-agent: Factset_spyderbot
Disallow: /
User-agent: fiperbot/0.1
Disallow: /
User-agent: FirecrawlAgent
Disallow: /
User-agent: FriendlyCrawler
Disallow: /
User-agent: Gemini-Deep-Research
Disallow: /
User-agent: Gnowit
Disallow: /
User-agent: GnowitNewsbot
Disallow: /
User-agent: Google-CloudVertexBot
Disallow: /
User-agent: Google-Extended
Disallow: /
User-agent: Google-NotebookLM
Disallow: /
User-agent: GoogleAgent-Mariner
Disallow: /
User-agent: GoogleOther
Disallow: /
User-agent: GoogleOther-Image
Disallow: /
User-agent: GoogleOther-Video
Disallow: /
User-agent: GPTBot
Disallow: /
User-agent: Grok
Disallow: /
User-agent: Heritrix
Disallow: /
User-agent: ia_archiver
Disallow: /
User-agent: iAskBot
Disallow: /
User-agent: iaskspider/2.0
Disallow: /
User-agent: IbouBot
Disallow: /
User-agent: ICC-Crawler
Disallow: /
User-agent: imageSpider
Disallow: /
User-agent: ImagesiftBot
Disallow: /
User-agent: img2dataset
Disallow: /
User-agent: Imprint (netEstate Imprint Crawler)
Disallow: /
User-agent: Info2424.info
Disallow: /
User-agent: ISSCyberRiskCrawler
Disallow: /
User-agent: Kangaroo Bot
Disallow: /
User-agent: KlaviyoAIBot
Disallow: /
User-agent: KunatoCrawler
Disallow: /
User-agent: LAIONDownloader
Disallow: /
User-agent: laion-huggingface-processor
Disallow: /
User-agent: LCC
Disallow: /
User-agent: LinerBot
Disallow: /
User-agent: Linguee Bot
Disallow: /
User-agent: linkfluence
Disallow: /
User-agent: LinkupBot
Disallow: /
User-agent: LinkupBot/1.0
Disallow: /
User-agent: magpie-crawler
Disallow: /
User-agent: Manus-User
Disallow: /
User-agent: mediatoolkit.com
Disallow: /
User-agent: Meltwater
Disallow: /
User-agent: Meta-ExternalAgent
Disallow: /
User-agent: meta-externalagent
Disallow: /
User-agent: Meta-ExternalFetcher
Disallow: /
User-agent: meta-externalfetcher
Disallow: /
User-agent: meta-webindexer
Disallow: /
User-agent: MistralAI-User
Disallow: /
User-agent: MistralAI-User/1.0
Disallow: /
User-agent: Muckrack
Disallow: /
User-agent: MyCentralAIScraperBot
Disallow: /
User-agent: netEstate
Disallow: /
User-agent: netEstate Imprint Crawler
Disallow: /
User-agent: news-api.org
Disallow: /
User-agent: NewsNow
Disallow: /
User-agent: news-please
Disallow: /
User-agent: NotebookLM
Disallow: /
User-agent: NovaAct
Disallow: /
User-agent: OAI-SearchBot
Disallow: /
User-agent: Observer/1.0 (obsrvr.net)
Disallow: /
User-agent: omgili
Disallow: /
User-agent: omgilibot
Disallow: /
User-agent: openai
Disallow: /
User-agent: OpenAI
Disallow: /
User-agent: Operator
Disallow: /
User-agent: Opoint
Disallow: /
User-agent: OTMedia
Disallow: /
User-agent: PanguBot
Disallow: /
User-agent: Panscient
Disallow: /
User-agent: panscient.com
Disallow: /
User-agent: peer39_crawler
Disallow: /
User-agent: peer39_crawler/1.0
Disallow: /
User-agent: Perplexity
Disallow: /
User-agent: Perplexity-User
Disallow: /
User-agent: PerplexityBot
Disallow: /
User-agent: PetalBot
Disallow: /
User-agent: PhindBot
Disallow: /
User-agent: Poggio-Citations
Disallow: /
User-agent: Poseidon Research Crawler
Disallow: /
User-agent: PressEngineBot
Disallow: /
User-agent: QualifiedBot
Disallow: /
User-agent: QuillBot
Disallow: /
User-agent: quillbot.com
Disallow: /
User-agent: Quora-Bot
Disallow: /
User-agent: Qwantbot
Disallow: /
User-agent: SBIntuitionsBot
Disallow: /
User-agent: scoopit
Disallow: /
User-agent: scpitspi-rs
Disallow: /
User-agent: Scrapy
Disallow: /
User-agent: SeekrBot
Disallow: /
User-agent: semantic-visions.com
Disallow: /
User-agent: SemrushBot-SWA
Disallow: /
User-agent: SentiBot
Disallow: /
User-agent: SeznamHomepageCrawler
Disallow: /
User-agent: ShapBot
Disallow: /
User-agent: Sidetrade indexer bot
Disallow: /
User-agent: Sindup
Disallow: /
User-agent: Slurp
Disallow: /
User-agent: Spider
Disallow: /
User-agent: Squidbot
Disallow: /
User-agent: Squidbot/1.0
Disallow: /
User-agent: TaraGroup Intelligent Bot
Disallow: /
User-agent: TavilyBot
Disallow: /
User-agent: TerraCotta
Disallow: /
User-agent: Thinkbot
Disallow: /
User-agent: Timpibot
Disallow: /
User-agent: Timpibot/0.9
Disallow: /
User-agent: Tor
Disallow: /
User-agent: trendictionbot
Disallow: /
User-agent: TurnitinBot
Disallow: /
User-agent: TwinAgent
Disallow: /
User-agent: VelenPublicWebCrawler
Disallow: /
User-agent: ViennaTinyBot
Disallow: /
User-agent: WARDBot
Disallow: /
User-agent: webzio
Disallow: /
User-agent: Webzio-Extended
Disallow: /
User-agent: wpbot
Disallow: /
User-agent: WRTNBot
Disallow: /
User-agent: YaK
Disallow: /
User-agent: YandexAdditionalBot
Disallow: /
User-agent: YouBot
Disallow: /
User-agent: ZanistaBot
Disallow: /
Sitemap: https://www.theglobeandmail.com/sitemap.xml?outputType=xml
A+Domain Intelligencetheglobeandmail.com — via Webnames.ca Inc., 31 years old, hosted on AWSPASS
64 days
September 17, 2026
93 days
Issued by Amazon
31 years
Registered September 18, 1995
Not enabled
Protects against DNS spoofing
AWS
ASN AS16509
3.174.255.104
Webnames.ca Inc.
Expiry timeline
Recommended actions
- Renew the domain or enable auto-renewal to prevent accidental expiry
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice