Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
CCrawlabilityActionrobots.txt present, sitemap with 30 URLsREVIEW
Disallow: / for all user-agents prevents search engines from indexing any page. This will remove the site from search results.
Disallow: / in robots.txt blocks every search crawler — the site becomes invisible in organic search.
Learn more ▾ ▴
Common deployment mistake: a staging robots.txt with `User-agent: * / Disallow: /` ships to prod. The site falls out of search results within days. Verify your robots.txt is the production-intended version. If this is intentional (private site), no action needed.
Source: Google Search Central
User-agent: Twitterbot
Allow: /file
Allow: /folder
Allow: /chat
Allow: /objectstorage
User-agent: facebookexternalhit
Allow: /file
Allow: /folder
Allow: /chat
Allow: /objectstorage
User-agent: *
Disallow: /
Allow: /$
Allow: /start
Allow: /business
Allow: /mobile
Allow: /ios
Allow: /android
Allow: /sync
Allow: /cmd
Allow: /extensions
Allow: /chrome
Allow: /edge
Allow: /firefox
Allow: /bird
Allow: /desktop
Allow: /secureboot
Allow: /favicon
Allow: /manifest.json
Allow: /*.css
Allow: /*.js
Allow: /*.json
Allow: /*.png
Allow: /*.svg
Allow: /nas
Allow: /help
Allow: /about
Allow: /developers
Allow: /uwp
Allow: /linux
Allow: /pro
Allow: /resellers
Allow: /corporate
Allow: /contact
Allow: /blog
Allow: /security
Allow: /collaboration
Allow: /securechat
Allow: /cookie
Allow: /storage
Allow: /credits
Allow: /terms
Allow: /privacy
Allow: /copyright
Allow: /takedown
Allow: /gdpr
Allow: /sourcecode
Allow: /sdk
Allow: /doc
Allow: /refer
Allow: /wp$
Allow: /downloadapp
Allow: /register
Allow: /recovery
Allow: /dev
Allow: /disputenotice
Allow: /login
Allow: /achievements
Allow: /registerb
Allow: /register
Allow: /cookie
Allow: /dispute
Allow: /sdkterms
Allow: /objectstorage
Allow: /Mega_Transparency_Report*
Allow: /*sitemap*
Allow: /ads.txt
Allow: /lang_*
Allow: /?ar
Allow: /?br
Allow: /?cn
Allow: /?ct
Allow: /?de
Allow: /?en
Allow: /?en-ph
Allow: /?es
Allow: /?fr
Allow: /?id
Allow: /?it
Allow: /?ja
Allow: /?jp
Allow: /?ko
Allow: /?kr
Allow: /?nl
Allow: /?pl
Allow: /?pt
Allow: /?pt-br
Allow: /?ro
Allow: /?ru
Allow: /?ru-mo
Allow: /?th
Allow: /?vn
Allow: /?vi
Allow: /?zh
Allow: /?zh-cn
Allow: /?zh-hk
Allow: /?zh-sg
Allow: /?zh-tw
Allow: /?nz=1
sitemap: https://mega.nz/sitemap.xml
sitemap: https://cms2.mega.nz/unsigned/sitemap-help.xml
sitemap: https://cms2.mega.nz/unsigned/blog.xml
CTLS Certificate Expiry & RecommendationsAction21 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Renew certificate — 21 days remaining
- Submit your domain to hstspreload.org to be added to the Chrome preload list
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records2 A records, 33 ms lookupPASS
| A | 31.216.145.5, 31.216.144.5 |
| AAAA | 2a0b:e46:1:145::5, 2a0b:e46:1:144::5 |
| CNAME | — |
| NS | nsnl2.mega.nz, nsnl1.mega.nz, nslu1.mega.nz, nslu2.mega.nz |
| MX | 10 mail.mega.co.nz |
| TXT | 6b9a442bef678c91ce4aaf66dfb6c438 SPF v=spf1 ip4:122.56.56.210 ip4:31.216.147.132/30 ip4:31.216.147.136/31 ip4:31.216.... google-site-verification=eYzEf0tV_bQerKRYO3PwDptch5jNR_isXfhbxn7EM0A |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://mega.nz
84 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://mega.nz | 200 | 84 ms | HTTP/1.1 |
A+IPv6 ReadinessIPv6 reachable (27 ms)PASS
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencemega.nz — via Instra Corporation Pty Ltd., 11 years, 8 months oldPASS
Unknown
21 days
Issued by Let's Encrypt
11 years, 8 months
Registered October 1, 2014
Status unknown
Protects against DNS spoofing
Unknown
2a0b:e46:1:144::5
Instra Corporation Pty Ltd.
Expiry timeline
Recommended actions
- Renew the TLS certificate or verify auto-renewal is working
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice