https://scholastic.com
Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.SCORE
95
GRADE
A
FIX
0
REVIEW
3
PASS
6
INFO
0
Probed from New York, United Stated
301 Moved Permanently
Checks
96 PASS 3 REVIEW
BRedirect Chain2 redirect(s), 80 ms totalREVIEW
Redirect Chain
2 redirect(s), 80 ms total
2 redirect(s), 80 ms total
Warning::
2 redirects before reaching final URL
Each redirect adds latency. Try to minimize the chain to 1 hop.
Info::
WWW normalization redirect
https://scholastic.com
23 ms · HTTP/1.1
301
https://www.scholastic.com/
23 ms · HTTP/1.1
301
https://www.scholastic.com/home
35 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://scholastic.com | 301 | 23 ms | HTTP/1.1 | cloudflare |
| 2 | https://www.scholastic.com/ | 301 | 23 ms | HTTP/1.1 | cloudflare |
| 3 | https://www.scholastic.com/home | 200 | 35 ms | HTTP/1.1 | cloudflare |
See the visual redirect chain in the HTTP Probe tab →
Each redirect adds latency. Try to minimize the chain to 1 hop.
Why this matters
Redirect chain — each hop adds latency; combine into one redirect where possible.
Source: Google Search Central / web.dev
BTLS Certificate Expiry & Recommendations77 days until leaf cert expires — 3 issues to addressREVIEW
TLS Certificate Expiry & Recommendations
77 days until leaf cert expires — 3 issues to address
Certificate validity
77
days left
0d 30d 60d 90d+
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryCloudflareREVIEW
CDN & Delivery
Cloudflare
Cloudflare
Info::
Site is served via Cloudflare CDN (edge: EWR)
Got: cf-ray: 9eff9d031d3bd474-EWR
CDN Detected: Cloudflare
Provider Cloudflare Evidence cf-ray: 9eff9d031d3bd474-EWR
A+DNS Records2 A records, 18 ms lookupPASS
DNS Records
2 A records, 18 ms lookup
2 A records, 18 ms lookup
Info::
Resolves to 2 IPv4 address(es)
Got: 172.64.150.216, 104.18.37.40
Info::
Has 2 IPv6 (AAAA) record(s)
Got: 2a06:98c1:310a::ac40:96d8, 2606:4700:440c::6812:2528
Info::
8 nameserver(s) configured
Got: ns1.scholastic.com, ns2.scholastic.com, pdns1.ultradns.net, pdns2.ultradns.net, pdns3.ultradns.org, pdns4.ultradns.org, pdns5.ultradns.info, pdns6.ultradns.co.uk
Info::
2 mail exchanger(s) configured
Info::
CAA records not checked
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Info::
SPF record present in TXT
Info::
DNS resolution time: 18 ms
Got: 18 ms
| A | 172.64.150.216, 104.18.37.40 |
| AAAA | 2a06:98c1:310a::ac40:96d8, 2606:4700:440c::6812:2528 |
| CNAME | — |
| NS | ns1.scholastic.com, ns2.scholastic.com, pdns1.ultradns.net, pdns2.ultradns.net, pdns3.ultradns.org, pdns4.ultradns.org, pdns5.ultradns.info, pdns6.ultradns.co.uk |
| MX | 10 mxb-003a5d01.gslb.pphosted.com 10 mxa-003a5d01.gslb.pphosted.com |
| TXT | 262965386-618540055 7j52glcbkqn1d2vbgi3cd35s98 ZOOM_verify_rVR0dF0sQA2w5Iut5hjzUg logmein-verification-code=wcuup9fPYGyNarovuQuCcAMU0 airtable-verification=933ff51c6212adad42be3f3eebcbf7b6 amazonses:RKGbr/0gYQXw5wiRteVEAqODx1rffdotPM6Tur6h/R4= adobe-sign-verification=3c027c5345f021e3f9c8ddf0846a01c2 knowbe4-site-verification=8b57e731ef3c2b9523a6dff80cf7d849 mongodb-site-verification=YwGDqUy39MT6gVYcanSdrRaB1GajnuyM smartsheet-site-validation=h0GUxoGEL58VLnq30t3JWxOP2doKa8vn teamviewer-sso-verification=be6a2bba75984d15b67ff847f2447490 onetrust-domain-verification=0dc020b5411444528f5f60d83f532da8 onetrust-domain-verification=246b3394378b494190a35f196b3c6e69 globalsign-domain-verification=75FCE4B50EAAF22794D42CC9DB06025B extensis-domain-verification=6a8cc93c-7b42-4fb1-9f93-e426e27ec55c beautifulai-site-verification=28c40cf7-01b9-4e84-b1e3-7edb66f7394b google-site-verification=4XPvEqU4FqehpWWAjhGEKax3ok9efWWtEjJDQ8L1K3g google-site-verification=JqQy0CkenACfC-yy8Lz51mNaBZOoRn6RLudvYMq_jtY google-site-verification=grjrvIPfAvbBzg9HsldNEppCxRgfhzkYvA4zOjRC8V4 google-site-verification=tyI87ks_Wlo0_S4mNxqOfdih9abUwY8GojDHCKVQSWU google-site-verification=yIAakZ8DypOqzd4QJQXOtcHY31vwHlWDq-o11RSEWYA apple-domain-verification=7x4qme6ifA9WmOhTdM-69Yf7ky-KO9p9XjbmG4M7_zM google-site-verification=oZ39o-ecWKQtKrfFoiSVMLJ69e4lDl_HmPV4bZukmKA
6sdzzfSDw8OeZ3FHnOwfKJUPPgWnAMcrV/LLvqMsJXFR6N2Y5XF95HoYbifb9oSDLbeuyopNPac3Sl4x... JgjYwoA7Efw4l45NLVGhqGLtqWcjGn2HIwHNtQtYoGV/o0W+WL3QWXnjZrXC2gNnJ+iOfvQQmaVXGTDg... Loz5FFsqfh5tPNp6ZBrlQZoO7dui+uOPOPB4UQ+5VH5ao8P8Xk1ddYRIiJENVFctFJLZA0xEF/v1mVjA... XJ85mYRW2XRNnHThTYAIfG2e3S9niDojH6Dpn2AfM3vWJbZMrLM8J86Auub/tzNLf+0RM5ilRXt8dfKn... adobe-idp-site-verification=545395c08ff118bae08a87e50b95baad56453c8239be08b09492... atlassian-domain-verification=Oa5ay2XEe/jTwO7BSk5CWdZjmXAE1TGM0aTUahNehNvyrAANV6... atlassian-domain-verification=aaWAgT227wjWH8pnxiKGCeirN5eyPHw696tud5iGYHd0BvO62p... atlassian-domain-verification=1gJUhwgrAZ12jH2qo4y5OzKngBTpFRbFL2LaeDB38hcCb942ua... SPF v=spf1 include:spf-003a5d01.pphosted.com include:spf-003a5d02.pphosted.com inclu... |
| CAA | Lookup not available with standard resolver |
Resolved in 18 ms
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Why this matters
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+IPv6 ReadinessIPv6 reachable (2 ms)PASS
IPv6 Readiness
IPv6 reachable (2 ms)
IPv6 reachable (2 ms)
Info::
IPv6 is configured and reachable at 2a06:98c1:310a::ac40:96d8, 2606:4700:440c::6812:2528
Got: 2 ms connect
IPv6 Ready
AAAA Records 2a06:98c1:310a::ac40:96d8, 2606:4700:440c::6812:2528 Connection Reachable (2 ms)
A+Crawlabilityrobots.txt present, sitemap with 3 URLsPASS
Crawlability
robots.txt present, sitemap with 3 URLs
robots.txt present, sitemap with 3 URLs
Info::
robots.txt is present
Got: 2492 bytes
Info::
sitemap.xml is present
Info::
sitemap.xml is valid XML
Info::
sitemap.xml contains 3 entries
Info::
Sitemap index with 3 child sitemaps
Info::
robots.txt references sitemap
robots.txt 200 OK
Size 2492 B Sitemaps referenced 3 User-agents * Blocking No — crawling allowed
User-agent: *
Disallow: /beta/index.htm
Disallow: /harrypotter/activities/review/vote.asp
Disallow: /harrypotter/activities/review/write.asp
Disallow: /harrypotter/activities/review/archive.asp
Disallow: /teachers/includes/*
Disallow: /teachers/misc/*
Disallow: /teachers/modules/*
Disallow: /teachers/profiles/*
Disallow: /teachers/scripts/*
Disallow: /teachers/themes/*
Disallow: /scopemagazine/*
Disallow: /content/collateral_resources/pdf/*
Disallow: /teachers/sources/*
Disallow: /teachers/product/*
Disallow: /teachers/placement/*
Disallow: /teachers/advert/*
Disallow: /teachers/promotionals/*
Disallow: /teachers/taxonomy/*
Disallow: /teachers/category/*
Disallow: /m/*
Disallow: /mobile/*
Disallow: /parents/play/*
Disallow: /ispy/*
Disallow: /astroblast/*
Disallow: /wordgirl/*
Disallow: /mayaandmiguel/*
Disallow: /magicschoolbus/*
Disallow: /elliotspark/*
Disallow: /canyouseewhatisee/*
Disallow: /littlescholastic/*
Disallow: /learningarcade/*
Disallow: /titles/alice/*
Disallow: /qubo/*
Disallow: /titles/dinogoodnight/*
Disallow: /titles/missspider/*
Disallow: /teachers/CHANGELOG.txt
Disallow: /teachers/cron.php
Disallow: /teachers/INSTALL.mysql.txt
Disallow: /teachers/INSTALL.pgsql.txt
Disallow: /teachers/install.php
Disallow: /teachers/INSTALL.txt
Disallow: /teachers/LICENSE.txt
Disallow: /teachers/MAINTAINERS.txt
Disallow: /teachers/update.php
Disallow: /teachers/UPGRADE.txt
Disallow: /teachers/xmlrpc.php
Disallow: /teachers/admin/
Disallow: /teachers/comment/reply/
Disallow: /teachers/contact/
Disallow: /teachers/logout/
Disallow: /teachers/node/add/
Disallow: /teachers/search/
Disallow: /teachers/user/register/
Disallow: /teachers/user/password/
Disallow: /teachers/user/login/
Disallow: /teachers/product/
Disallow: /teachers/article/collateral_resources/pdf/
Disallow: /tennessee
Disallow: /teachers/?q=admin/
Disallow: /teachers/?q=comment/reply/
Disallow: /teachers/?q=contact/
Disallow: /teachers/?q=logout/
Disallow: /teachers/?q=node/add/
Disallow: /teachers/?q=search/
Disallow: /teachers/?q=user/password/
Disallow: /teachers/?q=user/register/
Disallow: /teachers/?q=user/login/
Disallow: /teachers/?q=product/
Disallow: /*Ntk=TBW*
Disallow: /*/search-overview/
Disallow: /*/search-results/
Disallow: /bin/*
Disallow: *.jsp
Disallow: *.php
Sitemap: https://www.scholastic.com/teachers/sitemap_index.xml
Sitemap: https://www.scholastic.com/parents/parents-sitemap0.xml
Sitemap: https://www.scholastic.com/teachers/teaching-tools/educators-sitemap0.xml
sitemap.xml 200 OK
Type Sitemap Index URLs 3 entries Valid XML Yes
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
URL Variants
www/non-www, trailing slash, HTTP→HTTPS
www/non-www, trailing slash, HTTP→HTTPS
Info::
www/non-www redirect configured correctly (preferred: non-www)
Info::
HTTP correctly 301-redirects to HTTPS
www / non-www
301https://www.scholastic.com/
200https://scholastic.com/
Preferred variant: non-www
HTTP → HTTPS
301http://scholastic.com/ → https://scholastic.com/
Consistent
A+Domain Intelligencescholastic.com — via MarkMonitor Inc., 32 years, 11 months oldPASS
Domain Intelligence
scholastic.com — via MarkMonitor Inc., 32 years, 11 months old
scholastic.com — via MarkMonitor Inc., 32 years, 11 months old
Info::
Domain registered until Oct 20, 2027 (1 years, 6 months remaining)
Info::
DNSSEC is not enabled
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Info::
Registrar: MarkMonitor Inc.
Warning::
Registrar lock is NOT enabled
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Domain expiry
491 days
October 20, 2027
SSL certificate
77 days
Issued by Google Trust Services
Domain age
32 years, 11 months
Registered October 21, 1993
DNSSEC
Not enabled
Protects against DNS spoofing
Hosting
Unknown
2a06:98c1:310a::ac40:96d8
Registrar
MarkMonitor Inc.
Unlocked 5 NS records
Expiry timeline
Today
+1 year
Domain expiry SSL expiry Danger zone (≤30 days)
Recommended actions
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
Registrar MarkMonitor Inc.
Created October 21, 1993 (32 years, 11 months ago)
Expires October 20, 2027 (1 years, 6 months)
Last Updated September 18, 2025
Name Servers pdns1.ultradns.net, pdns2.ultradns.net, pdns3.ultradns.org, pdns4.ultradns.org, pdns5.ultradns.info
DNSSEC Not enabled
Hosting
IP Address 2a06:98c1:310a::ac40:96d8
Data source: rdap (0.1s)
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Why this matters
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Why this matters
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice
A+HTTP Probe TimingTotal 19 ms — DNS, TCP, TLS, TTFB, content transfer breakdownPASS
HTTP Probe Timing
Total 19 ms — DNS, TCP, TLS, TTFB, content transfer breakdown
DNS Lookup DNS Lookup — time to resolve the domain name to an IP address.
5 msTCP Connect TCP Connect — time to establish a TCP connection to the server.
2 msTLS Handshake TLS Handshake — time to complete the HTTPS encryption handshake.
8 msTime to First Byte Time to First Byte — how long the server takes to respond with the first byte of data.
19 msTotal Time Total request time from DNS lookup through full response.
19 msConnection waterfall
DNS Lookup 5 ms TCP Connect 2 ms TLS Handshake 8 ms Server Processing 3 ms Content Transfer 0 ms
All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.