Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BURL Variantswww/non-www, trailing slash, HTTP→HTTPSREVIEW
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
Consistent
BTLS Certificate Expiry & Recommendations76 days until leaf cert expires — 5 issues to addressREVIEW
Certificate validity
Recommended actions
- Extend HSTS max-age to at least 31536000 (1 year) to meet the preload list criteria
- Add includeSubDomains to the HSTS directive
- Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records1 A records, 98 ms lookupPASS
| A | 23.185.0.4 |
| AAAA | 2620:12a:8001::4, 2620:12a:8000::4 |
| CNAME | — |
| NS | ns0105.secondary.cloudflare.com, ns0229.secondary.cloudflare.com |
| MX | 10 ucdavis-edu.mail.protection.outlook.com |
| TXT | asv=af4f0f0dcb51ac182b114f60bc3bcad5 e2ma-verification=hbcfb LsLJegP1aMdw+3v6ZkyozyKZcIwpmbeBlchLzLA/PTPrU2q1X1r8ZLW8Dze2ra4oxw4IJyPZbv300gLz... docusign=c0335722-c3dc-4b37-9b04-5a592dbc32e7 e2ma-verification=xhmcb airtable-verification=5223a50fd0f6c3b638d27eecb43adf83 e2ma-verification=zuxcb e2ma-verification=gfefb 7015203e6e471f5d974f1015cedca924205c5e0157ebf35e782325bce482f88c e2ma-verification=bwlgb e2ma-verification=nc3 e2ma-verification=21sab e2ma-verification=vhmcb _globalsign-domain-verification=VPemhDee0EKRXi0IPzeSUrn849jHevrjIaTeDYOTZ4 d365mktkey=CA4N6npfsxuhf5N93wME3P92VuSNiD9AKVD9zVP7sjkx google-site-verification=y46hjyb7VdhTkCq0MRCC7zkhP0p1QbAlrdDL1XL0D2U e2ma-verification=11u e2ma-verification=yvy e2ma-verification=wttbb openai-domain-verification=dv-JEOkDYfxASqbdmVc75fyAixV brevo-code:26c509fa781c523d40905cfc19afbee2 status-page-domain-verification=c7dgm3ckj4pg mailerlite-domain-verification=ba41e1155d57b5e7555ccd672227c212ad67422b infoblox-domain-mastery=44167b47dc4bf19c94764b3ebede8a4e01027811a13883117f55af1a... d365mktkey=2ZPzUxfaJiRFZdfI1eR772gYXl5WsxvZbczq47arDgYx e2ma-verification=i7gfb airtable-verification=fa4cb2754d214ff0738e6244f641f774 e2ma-verification=6c8ab airtable-manual-domain-verification=94fbe66e-444e-4c7c-aaa6-47bac207f2cd docusign=fa6ce95b-aa85-4802-9b5d-6b5831f00998 e2ma-verification=ifefb SPF v=spf1 ip4:169.237.0.0/16 ip4:152.79.0.0/16 ip4:128.120.0.0/16 ip4:40.92.0.0/15 ... e2ma-verification=aq0 e2ma-verification=dfefb e2ma-verification=qisfb brevo-code:bc5a29b52c6deb910a18d2eee3172b2a e2ma-verification=9aefb e2ma-verification=z6ncb klaviyo-site-verification=Y58rtW e2ma-verification=majbb e2ma-verification=h4ifb e2ma-verification=efefb e2ma-verification=ffefb brevo-code:b1414e0a234265a2faa294058248ae06 Sendinblue-code:160d1089769095a328703e634f5de06f b660498d-3383-40f3-bdcf-eb7f50c2ca57 airtable-manual-domain-verification=209e13d7-7ede-4387-b7c7-3ea6ce7f7f56 duo_sso_verification=yTWpmgrlUv1gZA4GDefJU6J4nDQE3LdTVkeuDOTowVOP1gGgr3jNai3T92r... e2ma-verification=psagb e2ma-verification=0ka4 adobe-idp-site-verification=d83d1376076ca797697b723c2c3d1dfe35f8ff6d0ec0f4caf3c9... brevo-code:791904bdd34983aa0a684c12410ef1ec e2ma-verification=yfgcb |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 57 ms totalPASS
https://ucdavis.edu
10 ms · HTTP/1.1
https://www.ucdavis.edu/
47 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://ucdavis.edu | 301 | 10 ms | HTTP/1.1 | nginx |
| 2 | https://www.ucdavis.edu/ | 200 | 47 ms | HTTP/1.1 | nginx |
See the visual redirect chain in the HTTP Probe tab →
A+IPv6 ReadinessIPv6 reachable (1 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 16 URLsPASS
Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.
robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.
Source: sitemaps.org
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites like Yahoo!
# and Google. By telling these "robots" where not to go on your site,
# you save bandwidth and server resources.
#
# This file will be ignored unless it is at the root of your host:
# Used: http://example.com/robots.txt
# Ignored: http://example.com/site/robots.txt
#
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/robotstxt.html
User-agent: *
# CSS, JS, Images
Allow: /core/*.css$
Allow: /core/*.css?
Allow: /core/*.js$
Allow: /core/*.js?
Allow: /core/*.gif
Allow: /core/*.jpg
Allow: /core/*.jpeg
Allow: /core/*.png
Allow: /core/*.svg
Allow: /profiles/*.css$
Allow: /profiles/*.css?
Allow: /profiles/*.js$
Allow: /profiles/*.js?
Allow: /profiles/*.gif
Allow: /profiles/*.jpg
Allow: /profiles/*.jpeg
Allow: /profiles/*.png
Allow: /profiles/*.svg
# Directories
Disallow: /core/
Disallow: /profiles/
# Files
Disallow: /README.txt
Disallow: /web.config
# Paths (clean URLs)
Disallow: /admin/
Disallow: /comment/reply/
Disallow: /filter/tips
Disallow: /node/add/
Disallow: /search/
Disallow: /user/register/
Disallow: /user/password/
Disallow: /user/login/
Disallow: /user/logout/
# Paths (no clean URLs)
Disallow: /index.php/admin/
Disallow: /index.php/comment/reply/
Disallow: /index.php/filter/tips
Disallow: /index.php/node/add/
Disallow: /index.php/search/
Disallow: /index.php/user/password/
Disallow: /index.php/user/register/
Disallow: /index.php/user/login/
Disallow: /index.php/user/logout/
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
- https://www.ucdavis.edu/sitemap.xml?page...
A+Domain Intelligenceucdavis.edu — 40 years, 8 months oldPASS
19 days
July 31, 2026
76 days
Issued by Let's Encrypt
40 years, 8 months
Registered March 19, 1986
Status unknown
Protects against DNS spoofing
Unknown
2620:12a:8000::4
Registrar unknown
Expiry timeline
Recommended actions
- Renew the domain or enable auto-renewal to prevent accidental expiry