Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BCrawlabilityno robots.txt, no sitemapREVIEW
robots.txt is optional but recommended. It tells search engine crawlers which pages to index.
No robots.txt — crawlers fetch /robots.txt and get 404; not breaking but means default crawl behavior with no directives or sitemap reference.
Learn more ▾ ▴
A minimal robots.txt with `User-agent: * / Allow: / / Sitemap: https://example.com/sitemap.xml` covers the basics. Without it, crawlers behave fine but lose the sitemap signal and can't be selectively blocked from crawl-traps.
Source: robotstxt.org
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
No robots.txt found
This is fine for most sites — a missing robots.txt allows all crawling by default.
No sitemap found
Adding a sitemap helps search engines discover your pages.
BURL Variantswww/non-www, trailing slash, HTTP→HTTPSREVIEW
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
Consistent
BTLS Certificate Expiry & Recommendations105 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Prefer TLS 1.3 — TLS 1.2 is acceptable but TLS 1.3 removes RSA key exchange and improves latency
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records6 A records, 37 ms lookupPASS
| A | 34.232.236.218, 52.72.201.238, 34.205.188.38, 3.216.24.241, 3.226.163.91, 52.86.9.92 |
| AAAA | — |
| CNAME | — |
| NS | ns-1213.awsdns-23.org, ns-1828.awsdns-36.co.uk, ns-575.awsdns-07.net, ns-452.awsdns-56.com |
| MX | 10 mxa.mailgun.org 10 mxb.mailgun.org |
| TXT | SPF v=spf1 include:mailgun.org include:mail.zendesk.com ~all google-site-verification=nHiu8E2-dflzFcWvVOZhEAs7JdW-Et4kZ231_8D18jE |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 894 ms totalPASS
https://shinyapps.io
386 ms · HTTP/1.1
https://www.shinyapps.io:443/
508 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://shinyapps.io | 301 | 386 ms | HTTP/1.1 | awselb/2.0 |
| 2 | https://www.shinyapps.io:443/ | 200 | 508 ms | HTTP/1.1 | TornadoServer/6.5.5 |
See the visual redirect chain in the HTTP Probe tab →
A+Domain Intelligenceshinyapps.io — via Gandi SAS, 12 years, 9 months old, hosted on AWSPASS
53 days
September 7, 2026
105 days
Issued by Amazon
12 years, 9 months
Registered September 7, 2013
Status unknown
Protects against DNS spoofing
AWS
ASN AS16509
52.72.201.238
Gandi SAS
Expiry timeline
Recommended actions
- Renew the domain or enable auto-renewal to prevent accidental expiry
Domain cannot be transferred without explicit unlock from the registrar. This protects against unauthorized transfers.
Registrar lock (clientTransferProhibited et al.) prevents unauthorized domain transfers — strongest defense against domain hijacking.
Source: ICANN / domain-security best practice