Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BCrawlabilityno robots.txt, no sitemapREVIEW
robots.txt is optional but recommended. It tells search engine crawlers which pages to index.
No robots.txt — crawlers fetch /robots.txt and get 404; not breaking but means default crawl behavior with no directives or sitemap reference.
Learn more ▾ ▴
A minimal robots.txt with `User-agent: * / Allow: / / Sitemap: https://example.com/sitemap.xml` covers the basics. Without it, crawlers behave fine but lose the sitemap signal and can't be selectively blocked from crawl-traps.
Source: robotstxt.org
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
No robots.txt found
This is fine for most sites — a missing robots.txt allows all crawling by default.
No sitemap found
Adding a sitemap helps search engines discover your pages.
BTLS Certificate Expiry & Recommendations167 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Add includeSubDomains to the HSTS directive
- Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
ADNS Records4 A records, 44 ms lookupPASS
| A | 13.224.83.10, 13.224.83.99, 13.224.83.46, 13.224.83.78 |
| AAAA | 2600:9000:2131:cc00:9:dcf4:5ec0:93a1, 2600:9000:2131:3800:9:dcf4:5ec0:93a1, 2600:9000:2131:3400:9:dcf4:5ec0:93a1, 2600:9000:2131:2800:9:dcf4:5ec0:93a1, 2600:9000:2131:e600:9:dcf4:5ec0:93a1, 2600:9000:2131:1200:9:dcf4:5ec0:93a1, 2600:9000:2131:1a00:9:dcf4:5ec0:93a1, 2600:9000:2131:f000:9:dcf4:5ec0:93a1 |
| CNAME | dh9uikqsvnji3.cloudfront.net |
| NS | ns-173.awsdns-21.com, ns-1482.awsdns-57.org, ns-687.awsdns-21.net, ns-1787.awsdns-31.co.uk |
| MX | — |
| TXT | — |
| CAA | Lookup not available with standard resolver |
A CNAME at the zone apex can break MX and NS records. Use ALIAS/ANAME or A records instead.
CNAME at the apex (example.com) breaks every other apex record (MX, TXT, NS) — DNS-protocol violation per RFC 1034.
Learn more ▾ ▴
RFC 1034 forbids CNAME alongside other records at the same name. Some DNS providers offer ALIAS / ANAME / flattened-CNAME records that work around this — use those instead. Otherwise apex-level CNAME breaks email (no MX), domain ownership verification (no TXT), and more.
Source: RFC 1034
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
SPF helps prevent email spoofing. Add a TXT record starting with 'v=spf1'.
Without SPF, receiving servers can't validate sending IPs — your domain is easier to spoof in phishing.
Learn more ▾ ▴
SPF complements DMARC. Both should be published. SPF records list authorized sending IPs (e.g., `v=spf1 include:_spf.google.com ~all` for Google Workspace). After publishing, verify in Google Postmaster Tools or mxtoolbox.
Source: RFC 7208 (SPF)
ARedirect Chain1 redirect(s), 19 ms totalPASS
https://www.keio.ac.jp
9 ms · HTTP/1.1
https://www.keio.ac.jp/ja/
10 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://www.keio.ac.jp | 301 | 9 ms | HTTP/1.1 | CloudFront |
| 2 | https://www.keio.ac.jp/ja/ | 200 | 10 ms | HTTP/1.1 | CloudFront |
See the visual redirect chain in the HTTP Probe tab →
A+IPv6 ReadinessIPv6 reachable (1 ms)PASS
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
HTTP → HTTPS
Consistent
A+HTTP Probe TimingTotal 59 ms — DNS, TCP, TLS, TTFB, content transfer breakdownPASS
Connection waterfall
A+CDN & DeliveryAWS CloudFront (Hit from cloudfront)PASS
Domain IntelligenceDomain intelligence data not availableINFO
RDAP and WHOIS lookup both failed