Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.FIPv6 ReadinessActionIPv6 records exist but unreachableFIX
Having AAAA records but an unreachable server is worse than no AAAA — clients may experience delays before falling back to IPv4.
Advertising IPv6 (AAAA records) without a reachable server means IPv6-preferring clients silently fail every connection.
Learn more ▾ ▴
Modern browsers prefer IPv6 if AAAA exists (Happy Eyeballs algorithm). If the IPv6 server isn't reachable, browsers fall back to IPv4 — but with seconds of added latency per request. Either fix IPv6 reachability or remove the AAAA records.
Source: RFC 8305 (Happy Eyeballs)
DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
BHTTP Probe TimingTotal 1185 ms — DNS, TCP, TLS, TTFB, content transfer breakdownREVIEW
Connection waterfall
BTLS Certificate Expiry & Recommendations112 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records3 A records, 166 ms lookupPASS
| A | 77.88.44.55, 77.88.55.88, 5.255.255.77 |
| AAAA | 2a02:6b8:a::a |
| CNAME | — |
| NS | ns1.yandex.net, ns2.yandex.net |
| MX | 10 mx.yandex.ru |
| TXT | SPF v=spf1 redirect=_spf.yandex.ru 5849d1f0fc8a9e73d82dfed9f2c33931 facebook-domain-verification=625igbkehyfptcek6nh1hz7q4s3h4a facebook-domain-verification=gy3xj2e9mxu0vtcdgqcznoaxoaiv63 google-site-verification=FVk3gum7zZLdkqi96ypScROFMew0wMetq1Gpu4rkzPI _globalsign-domain-verification=8aYUGAQODFyrof27L_Cshxo2JkvQcQeCBU1Zb-tf8f |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://yandex.com
668 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://yandex.com | 200 | 668 ms | HTTP/1.1 |
A+Crawlabilityrobots.txt present, sitemap with 64 URLsPASS
# yandex.com
User-agent: *
Disallow: /?
Disallow: /403.html
Disallow: /404.html
Disallow: /500.html
Disallow: /about.html
Disallow: /adddata
Disallow: /adresa-segmentator
Disallow: /advanced_engl.html
Disallow: /advertising
Disallow: /ads/
Disallow: /adfox/
Disallow: /an/
Disallow: /all-supported-params
Disallow: /articles
Disallow: /blog/*?text=
Disallow: /blog/*?tag=
Disallow: /blog/*/*/*
Disallow: /blog/punto
Disallow: /activity/
Disallow: /business/widget
Disallow: /MAPS/
Disallow: /MaPS/
Disallow: /MapS/
Disallow: /Maps/
Disallow: /mApS/
Disallow: /harita/business/
Disallow: /maps/business/
Disallow: /maps-api/docs/js-api/reference-guide/instruction-gxs.html
Disallow: /maps-api/docs/js-api/reference-guide/instruction-rs.html
Disallow: /blogs*
Allow: /blogs/$
Allow: /blogs/pad/$
Allow: /blogs/pad$
Disallow: /masters
Disallow: /services
Disallow: /catalog/?text=
Disallow: /cgi-bin/
Disallow: /cgi/
Disallow: /chisla.html
Disallow: /clck
Disallow: /news
Disallow: /news/
Disallow: /collections/
Disallow: /company/*.rss
Disallow: /company/search
Disallow: /comments/*
Disallow: /conflagexp
Disallow: /cy
Disallow: /cycounter
Disallow: /dzen
Disallow: /edu/ping
Disallow: /edu/tasks
Disallow: /edu/teachers
Disallow: /edu/test
Disallow: /experiments.xml
Disallow: /efir
Disallow: /formfeedback
Disallow: /gorsel/*
Allow: /gorsel/$
Allow: /gorsel/?*
Allow: /gorsel/smart/$
Allow: /gorsel/touch/$
Allow: /gorsel/touch/?*
Disallow: /gundem
Disallow: /goto_issue/
Disallow: /goto_rubric/
Disallow: /i/
Disallow: /images-data
Disallow: /images.html
Disallow: /images/*
Disallow: /images-apphost/*
Allow: /images/$
Allow: /images/?*
Allow: /images/smart/$
Allow: /images/touch/$
Allow: /images/touch/?
Disallow: /index_m
Disallow: /infected
Disallow: /iznanka/
Disallow: /int_search_summary
Disallow: /delivery_tracking
Disallow: /keyboard_qwerty.html
Disallow: /logotypes
Disallow: /map-constructor/loader*
Disallow: /more_samples
Disallow: /msearch
Disallow: /msearchpart
Disallow: /maps/print/*
Allow: /maps/*?lang=kk$
Allow: /maps/*?lang=uz$
Disallow: /nmaps/*?
Disallow: /mapeditor/*?
Disallow: /metro/*?from
Disallow: /neuralsearch/api
Disallow: /norobot
Disallow: /opensearch.xml
Disallow: /padsearch
Disallow: /people*
Disallow: /person
Disallow: /podpiska/login.pl
Disallow: /polling
Disallow: /portal/set/
Disallow: /portal/tune/
Disallow: /promo/diskelement
Disallow: /promo/*goodbye*
Disallow: /promo/skype*?*
Disallow: /promo/skype/*/*
Disallow: /promo/launcher/feedback
Disallow: /promo/launcher/mgoodbye/*
Disallow: /promo/*welcome*
Disallow: /promo/yobject/changelog*
Disallow: /soft/bm/goodbye
Disallow: /soft/chrome/ext-install/*
Disallow: /soft/chrome/searchline-install/*
Disallow: /soft/*goodbye*
Disallow: /soft/punto/mac/uninstall/*
Disallow: /soft/punto/win/uninstall/*
Disallow: /soft/*welcome*
Disallow: /soft/win/?*
Disallow: /quotes
Disallow: /redir
Disallow: /region_map
Disallow: /regions_list.xml
Disallow: /regions.html?
Disallow: /rubric2sport
Disallow: /s/
Disallow: /save
Disallow: /safety/?
Disallow: /safety?
Disallow: /search
Disallow: /setup
Disallow: /showcaptcha
Disallow: /sitesearch
Disallow: /skazki
Disallow: /sl/*.html
Disallow: /soft/extensions/goodbye
Disallow: /sportagent
Disallow: /storeclick
Disallow: /storerequest
Disallow: /subscribe/confirm.pl
Disallow: /subscribe/view.pl
Disallow: /support/direct-images
Disallow: /support/direct-tooltips
Disallow: /support/distr
Disallow: /support/dsp
Disallow: /support/fe4be44a295cc679e19bf0b8f133083d
Disallow: /support/maps-beta
Disallow: /support/market-images
Disallow: /support/security
Disallow: /support/webmaster-images
Disallow: /support/*zout_
Disallow: /support/search-results/
Disallow: /support/praktikum/flow.html
Disallow: /support/praktikum-english/
Disallow: /telsearch
Disallow: /themes
Disallow: /toggle-experiment
Disallow: /touchsearch
Disallow: /tune*retpath=
Disallow: /versions
Disallow: /v$
Disallow: /viewconfig$
Disallow: /video/v$
Disallow: /video/viewconfig$
Disallow: /images/v$
Disallow: /images/viewconfig$
Allow: /uslugi/$
Disallow: /uslugi/*
Disallow: /video/*
Disallow: /video/*filmId=*
Disallow: /video/search
Disallow: /video/preview
Disallow: /video/*/search
Disallow: /video/*/preview
Allow: /video/$
Allow: /video/?
Allow: /video/sitemap
Allow: /video/dizi-izle/
Allow: /video/dizi-izle/?
Allow: /video/yerli-dizi-izle/
Allow: /video/yabanci-dizi-izle/
Allow: /video/touch/
Allow: /video/pad/
Disallow: /xmlsearch
Disallow: /yaca
Disallow: /yandsearch
Disallow: /yca/cy
Disallow: /soft/distribution
Disallow: /soft/?*
Disallow: /promo/launcher/?*
Disallow: /opera/?*
Disallow: /firefox/?*
Disallow: /soft/bm/?*
Disallow: /soft/browsers/?*
Disallow: /soft/punto/?*
Disallow: /ie/?*
Disallow: /element/?*
Disallow: /element/*goodbye*
Disallow: /soft/*goodbye*
Disallow: /adult
Disallow: /sport*?*parent-reqid*
Disallow: /mirror*?*parent-reqid*
Disallow: /turbo*?*parent-reqid*
Disallow: /mirror/hide
Disallow: /pogoda/0
Disallow: /turbo*?*ajax=1
Disallow: /sport*?*ajax=1
Disallow: /mirror*?*ajax=1
Disallow: /games/*?*reqId
Disallow: /games/*?*pageId
Disallow: /games/preview/
Disallow: /games/install
Disallow: /games/*?experimental=
Disallow: /games/*?*app-id=
Disallow: /games/*?*game-id=
Disallow: /games/*?*div-rtx-reqid=
Disallow: /games/*?*header=
Disallow: /games/*?*from=
Disallow: /weather/*
Disallow: /weather*
Disallow: /pogoda/*
Disallow: /pogod*
Disallow: /hava/*
Disallow: /hava*
Disallow: *maps/covid19*
Disallow: /support2/*zout_
Disallow: /sport
Disallow: /support2/sport*
Disallow: /video/%D0%B7%D0%B0%D0%BF%D1%80%D0%BE%D1%81/*
Disallow: /video/touch/%D0%B7%D0%B0%D0%BF%D1%80%D0%BE%D1%81/*
Disallow: /medicine
Allow: /medicine/doctors
Allow: /medicine/clinics
Disallow: /finance
Clean-Param: ncrnd&redircnt&clid&_&win /
Clean-Param: random_cgi&sign /turbo*
Clean-Param: ll&z&sll /maps
Clean-Param: appsearch_header /pogoda
Sitemap: https://yandex.com/support/sitemap.xml
Sitemap: https://yandex.com/blog/sitemap.xml
Sitemap: https://yandex.com/turbo/public/sitemap.xml
Sitemap: https://yandex.com/games/sitemaps/sitemap.index.xml
User-agent: yandex
Disallow: /?
Disallow: /403.html
Disallow: /404.html
Disallow: /500.html
Disallow: /about.html
Disallow: /adddata
Disallow: /adresa-segmentator
Disallow: /advanced_engl.html
Disallow: /advertising
Disallow: /all-supported-params
Disallow: /articles
Disallow: /activity/
Disallow: /blog/*?text=
Disallow: /blog/*?tag=
Disallow: /blog/*/*/*
Disallow: /blog/punto
Disallow: /business/widget
Disallow: /MAPS/
Disallow: /MaPS/
Disallow: /MapS/
Disallow: /Maps/
Disallow: /mApS/
Disallow: /harita/business/
Disallow: /maps/business/
Disallow: /maps-api/docs/js-api/reference-guide/instruction-gxs.html
Disallow: /maps-api/docs/js-api/reference-guide/instruction-rs.html
Disallow: /blogs*
Allow: /blogs/$
Allow: /blogs/pad/$
Allow: /blogs/pad$
Disallow: /masters
Disallow: /services
Disallow: /catalog/?text=
Disallow: /chat
Disallow: /cgi-bin/
Disallow: /cgi/
Disallow: /chisla.html
Disallow: /clck
Disallow: /news
Disallow: /news/
Disallow: /collections/
Disallow: /company/*.rss
Disallow: /company/search
Disallow: /comments/*
Disallow: /conflagexp
Disallow: /cy
Disallow: /cycounter
Disallow: /dzen
Disallow: /edu/ping
Disallow: /edu/tasks
Disallow: /edu/teachers
Disallow: /edu/test
Disallow: /experiments.xml
Disallow: /efir
Disallow: /formfeedback
Disallow: /games/preview/
Disallow: /games/install
Disallow: /games/*?experimental=
Disallow: /gorsel/*
Allow: /gorsel/$
Allow: /gorsel/?*
Allow: /gorsel/smart/$
Allow: /gorsel/touch/$
Allow: /gorsel/touch/?*
Disallow: /goto_issue/
Disallow: /goto_rubric/
Disallow: /i/
Disallow: /gundem
Disallow: /images-data
Disallow: /images.html
Disallow: /images/*
Disallow: /images-apphost/*
Allow: /images/$
Allow: /images/?*
Allow: /images/smart/$
Allow: /images/touch/$
Allow: /images/touch/?
Disallow: /index_m
Disallow: /infected
Disallow: /iznanka/
Disallow: /int_search_summary
Disallow: /delivery_tracking
Disallow: /keyboard_qwerty.html
Disallow: /logotypes
Disallow: /map-constructor/loader*
Disallow: /more_samples
Disallow: /msearch
Disallow: /msearchpart
Disallow: /maps/print/*
Allow: /maps/*?lang=kk$
Allow: /maps/*?lang=uz$
Disallow: /nmaps/*?
Disallow: /mapeditor/*?
Disallow: /metro/*?from
Disallow: /neuralsearch/api
Disallow: /norobot
Disallow: /opensearch.xml
Disallow: /padsearch
Disallow: /people*
Disallow: /person
Disallow: /podpiska/login.pl
Disallow: /polling
Disallow: /portal/set/
Disallow: /portal/tune/
Disallow: /pogoda/0
Disallow: /promo/diskelement
Disallow: /promo/*goodbye*
Disallow: /promo/skype*?*
Disallow: /promo/skype/*/*
Disallow: /promo/launcher/feedback
Disallow: /promo/launcher/mgoodbye/*
Disallow: /promo/*welcome*
Disallow: /promo/yobject/changelog*
Disallow: /soft/bm/goodbye
Disallow: /soft/chrome/ext-install/*
Disallow: /soft/chrome/searchline-install/*
Disallow: /soft/*goodbye*
Disallow: /soft/punto/mac/uninstall/*
Disallow: /soft/punto/win/uninstall/*
Disallow: /soft/*welcome*
Disallow: /soft/win/?*
Disallow: /quotes
Disallow: /redir
Disallow: /region_map
Disallow: /regions_list.xml
Disallow: /regions.html?
Disallow: /rubric2sport
Disallow: /s/
Disallow: /save
Disallow: /safety/?*
Disallow: /search
Disallow: /setup
Disallow: /showcaptcha
Disallow: /sitesearch
Disallow: /skazki
Disallow: /sl/*.html
Disallow: /soft/extensions/goodbye
Disallow: /sportagent
Disallow: /storeclick
Disallow: /storerequest
Disallow: /subscribe/confirm.pl
Disallow: /subscribe/view.pl
Disallow: /support/direct-images
Disallow: /support/direct-tooltips
Disallow: /support/distr
Disallow: /support/dsp
Disallow: /support/fe4be44a295cc679e19bf0b8f133083d
Disallow: /support/maps-beta
Disallow: /support/market-images
Disallow: /support/security
Disallow: /support/webmaster-images
Disallow: /support/*zout_
Disallow: /support/search-results/
Disallow: /support/praktikum/flow.html
Disallow: /support/praktikum-english/
Disallow: /telsearch
Disallow: /themes
Disallow: /toggle-experiment
Disallow: /touchsearch
Disallow: /tune*retpath=
Disallow: /versions
Disallow: /v$
Disallow: /viewconfig$
Disallow: /video/v$
Disallow: /video/viewconfig$
Disallow: /images/v$
Disallow: /images/viewconfig$
All
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligenceyandex.com — via Regional Network Information Center, JSC dba RU-CENTER, 27 years, 11 months oldPASS
72 days
September 23, 2026
112 days
Issued by GlobalSign nv-sa
27 years, 11 months
Registered September 24, 1998
Not enabled
Protects against DNS spoofing
Unknown
ASN AS13238 208398
5.255.255.77
Regional Network Information Center, JSC dba RU-CENTER
Expiry timeline
Recommended actions
- Renew the domain or enable auto-renewal to prevent accidental expiry
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice