Skip to content
https://corsair.com

Infrastructure

· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.
SCORE
87
GRADE
B
FIX
1
REVIEW
3
PASS
5
INFO
0
Probed from New York, United Stated
301 Moved Permanently
Checks
9
5 PASS 3 REVIEW 1 FIX
D
Redirect Chain
Action
3 redirect(s), 183 ms total
FIX
3 redirect(s), 183 ms total
Warning::
3 redirects before reaching final URL
Each redirect adds latency. Try to minimize the chain to 1 hop.
Info::
WWW normalization redirect
Info::
Uses 302 (temporary) redirect
If permanent, use 301 instead.
Got: https://www.corsair.com/

https://corsair.com

16 ms · HTTP/1.1

301

https://www.corsair.com/

27 ms · HTTP/1.1

302

https://www.corsair.com/us/en/

68 ms · HTTP/1.1

308

https://www.corsair.com/us/en

72 ms · HTTP/1.1 FINAL

#URLStatusTimeProtocolServer
1https://corsair.com30116 msHTTP/1.1cloudflare
2https://www.corsair.com/30227 msHTTP/1.1AkamaiGHost
3https://www.corsair.com/us/en/30868 msHTTP/1.1Webscale
4https://www.corsair.com/us/en20072 msHTTP/1.1Webscale

See the visual redirect chain in the HTTP Probe tab →

Each redirect adds latency. Try to minimize the chain to 1 hop.

Why this matters

Redirect chain — each hop adds latency; combine into one redirect where possible.

Source: Google Search Central / web.dev

If permanent, use 301 instead.

Why this matters

302 (Found) is for genuinely temporary redirects — if this redirect is permanent, switch to 301 to preserve SEO equity.

Learn more

Search engines treat 302 as temporary, keeping the original URL indexed and not transferring full link equity to the destination. Use 301 (Moved Permanently) for permanent redirects (HTTP→HTTPS, www-vs-non-www, URL restructures).

Source: Google Search Central

B
URL Variants
www/non-www, trailing slash, HTTP→HTTPS
REVIEW
www/non-www, trailing slash, HTTP→HTTPS
Info::
www/non-www redirect configured correctly (preferred: non-www)
Critical::
HTTP version does not redirect to HTTPS
Got: HTTP 301 Expected: 301 redirect to HTTPS

www / non-www

302https://www.corsair.com/
200https://corsair.com/

Preferred variant: non-www

HTTP → HTTPS

301http://corsair.com/ http://www.corsair.com/

HTTP version does not redirect to HTTPS

B
TLS Certificate Expiry & Recommendations
54 days until leaf cert expires — 3 issues to address
REVIEW

Certificate validity

54
days left
0d 30d 60d 90d+

Recommended actions

  • Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
  • Enable DNSSEC on your domain for DNS spoofing protection
  • Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
B
CDN & Delivery
Cloudflare
REVIEW
Cloudflare
Info::
Site is served via Cloudflare CDN (edge: EWR)
Got: cf-ray: 9f0842daf963f98d-EWR
CDN Detected: Cloudflare
Provider Cloudflare Evidence cf-ray: 9f0842daf963f98d-EWR
A+
DNS Records
2 A records, 9 ms lookup
PASS
2 A records, 9 ms lookup
Info::
Resolves to 2 IPv4 address(es)
Got: 104.18.25.228, 104.18.24.228
Info::
Has 2 IPv6 (AAAA) record(s)
Got: 2606:4700::6812:18e4, 2606:4700::6812:19e4
Info::
2 nameserver(s) configured
Got: huxley.ns.cloudflare.com, shaz.ns.cloudflare.com
Info::
2 mail exchanger(s) configured
Info::
CAA records not checked
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Info::
SPF record present in TXT
Info::
DNS resolution time: 9 ms
Got: 9 ms
A104.18.25.228, 104.18.24.228
AAAA2606:4700::6812:18e4, 2606:4700::6812:19e4
CNAME
NShuxley.ns.cloudflare.com, shaz.ns.cloudflare.com
MX
10 us-smtp-inbound-2.mimecast.com
10 us-smtp-inbound-1.mimecast.com
TXT
9b953d34dedf4bc521ac54a18d26c9137b3ce2ea478e4615e3
D5ELtP2BheOJJ9mGU8KhZAdgmIU5HXWZpNPe6SlVeZvZg0WOUPCDAV6cG1yKWRoYTUs9t1XFTnvbsr0M...
_sh9g29xtkguvak3gkuh2mdvv2li9i39
anthropic-domain-verification-yk7wsq=W71Nh86CWsh6vDMbqXchSRi7x
apple-domain-verification=0IZFqWVMMvA7RTSm
atlassian-domain-verification=ftFWXhFixkagAjM/qx0cEg2iqUX3C/DYcbN7BqhYlPuEFFxnXB...
facebook-domain-verification=kh61z87lvqtdd47i0wtt29cbzr40ap
globalsign-domain-verification=0d7a02642ac2c5d5fe1cb827d977d507
globalsign-domain-verification=atC1h9nhBBHgJJL0dbxrKZfIRpWDpmDWBnKvansTJb
globalsign-domain-verification=be1d805be00eb6b1daea9c4cead1367b
globalsign-domain-verification=fc3d995732e06a0e8bcfe897877ce700
google-site-verification=AGCcHj2liXl0eGHNZujA1HDqPNZvqYzHbuR0CPI_l2M
google-site-verification=RO8gtlWKSy_v3ypr5etX-anFeFGp_x_jVd_vhIYg-Fk
google-site-verification=tk4HaM3e8ZAgGrStOHaDQTFt92R7d7mlqWQ9kIxbR3Q
h1-domain-verification=vhoRpk6QscTQE7xGPv7tnDSNQvSRSf6MwQkvBz6S5y8MWTuM
kytf6.x.incapdns.net
openai-domain-verification=dv-87C8QljRnI23qmnIMaJidopW
shopify-verification-code=qFnuzKNOMgSiXdA0gyYU4E9CfoSUEv
stripe-verification=15bc75a00991139790d4322de8daf596d62cc737a50abd920aac08fe3866...
tiktok-developers-site-verification=5EyKoPocqrG1emxgzYFDadBIT3DSXToB
SPF v=spf1 ip4:12.23.21.116 ip4:63.137.180.136/29 ip4:54.240.58.216/30 ip4:198.37.15...
CAALookup not available with standard resolver
Resolved in 9 ms

CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.

Why this matters

Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.

A+
IPv6 Readiness
IPv6 reachable (2 ms)
PASS
IPv6 reachable (2 ms)
Info::
IPv6 is configured and reachable at 2606:4700::6812:18e4, 2606:4700::6812:19e4
Got: 2 ms connect
IPv6 Ready
AAAA Records 2606:4700::6812:18e4, 2606:4700::6812:19e4 Connection Reachable (2 ms)
A+
Crawlability
robots.txt present, sitemap with 4 URLs
PASS
robots.txt present, sitemap with 4 URLs
Info::
robots.txt is present
Got: 2082 bytes
Info::
sitemap.xml is present
Info::
sitemap.xml is valid XML
Info::
sitemap.xml contains 4 entries
Info::
Sitemap index with 4 child sitemaps
Info::
robots.txt references sitemap
robots.txt 200 OK
Size 2082 B Sitemaps referenced 21 User-agents dotbot/1.0, Semrushbot-SA, Semrushbot-SI, Caliperbot/1.0, Googlebot-image, *, CazoodleBot, MJ12bot, Gigabot, Googlebot, OAI-SearchBot Blocking No — crawling allowed
# For all robots
User-agent: *

# Block access to specific groups of pages
Disallow: /*/cart
Disallow: /*/checkout
Disallow: /*/account
Disallow: /*/memoryfinderForMindFactory
Disallow: /*/guest/order/
Disallow: /*?*redirectKey

#Request-rate: 1/10              # maximum rate is one page every 10 seconds
#Crawl-delay: 10                 # 10 seconds between page requests
#Visit-time: 0400-0845           # only visit between 04:00 and 08:45 UTC

# Allow search crawlers to discover the sitemap
Sitemap: https://www.corsair.com/us-sitemap.xml
Sitemap: https://www.corsair.com/de-sitemap.xml
Sitemap: https://www.corsair.com/fr-sitemap.xml
Sitemap: https://www.corsair.com/it-sitemap.xml
Sitemap: https://www.corsair.com/pt-sitemap.xml
Sitemap: https://www.corsair.com/uk-sitemap.xml
Sitemap: https://www.corsair.com/tw-sitemap.xml
Sitemap: https://www.corsair.com/ru-sitemap.xml
Sitemap: https://www.corsair.com/ca-sitemap.xml
Sitemap: https://www.corsair.com/jp-sitemap.xml
Sitemap: https://www.corsair.com/cn-sitemap.xml
Sitemap: https://www.corsair.com/es-sitemap.xml
Sitemap: https://www.corsair.com/pl-sitemap.xml
Sitemap: https://www.corsair.com/br-sitemap.xml
Sitemap: https://www.corsair.com/lm-sitemap.xml
Sitemap: https://www.corsair.com/eu-sitemap.xml
Sitemap: https://www.corsair.com/kr-sitemap.xml
Sitemap: https://www.corsair.com/se-sitemap.xml
Sitemap: https://www.corsair.com/ch-sitemap.xml
Sitemap: https://www.corsair.com/ww-sitemap.xml
Sitemap: https://forum.corsair.com/sitemap.php

# Block CazoodleBot as it does not present correct accept content headers
User-agent: CazoodleBot
Disallow: /

# Block MJ12bot as it is just noise
User-agent: MJ12bot
Disallow: /

# Block dotbot as it cannot parse base urls properly
User-agent: dotbot/1.0
Disallow: /

# Block Gigabot
User-agent: Gigabot
Disallow: /

User-agent: Semrushbot-SA
Allow: /

User-agent: Semrushbot-SI
Allow: /

User-agent: Caliperbot/1.0
Allow: /

User-agent: Googlebot
Disallow:

User-agent: Googlebot-image
Disallow:

# Allow OpenAI's OAI-SearchBot specifically
User-agent: OAI-SearchBot
Allow: /
A+
Domain Intelligence
corsair.com — via GoDaddy.com, LLC, 31 years, 4 months old
PASS
corsair.com — via GoDaddy.com, LLC, 31 years, 4 months old
Info::
Domain registered until May 23, 2028 (2 years, 1 months remaining)
Info::
DNSSEC is not enabled
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Info::
Registrar: GoDaddy.com, LLC
Warning::
Registrar lock is NOT enabled
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Domain expiry

679 days

May 23, 2028

SSL certificate

54 days

Issued by Google Trust Services

Domain age

31 years, 4 months

Registered May 22, 1995

DNSSEC

Not enabled

Protects against DNS spoofing

Hosting

Unknown

2606:4700::6812:18e4

Registrar

GoDaddy.com, LLC

Unlocked 2 NS records
Expiry timeline
Today
+1 year
Domain expiry SSL expiry Danger zone (≤30 days)
Recommended actions
  • Enable DNSSEC to protect visitors from DNS spoofing
  • Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
Registrar GoDaddy.com, LLC
Created May 22, 1995 (31 years, 4 months ago)
Expires May 23, 2028 (2 years, 1 months)
Last Updated May 23, 2025
Name Servers huxley.ns.cloudflare.com, shaz.ns.cloudflare.com
DNSSEC Not enabled
Hosting
IP Address 2606:4700::6812:18e4
Data source: rdap (0.0s)

DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.

Why this matters

Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.

Learn more

DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.

Source: ICANN / RFC 4033

The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.

Why this matters

Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.

Learn more

Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.

Source: ICANN / domain-security best practice

A+
HTTP Probe Timing
Total 21 ms — DNS, TCP, TLS, TTFB, content transfer breakdown
PASS
DNS Lookup DNS Lookup — time to resolve the domain name to an IP address.
4 ms
TCP Connect TCP Connect — time to establish a TCP connection to the server.
2 ms
TLS Handshake TLS Handshake — time to complete the HTTPS encryption handshake.
10 ms
Time to First Byte Time to First Byte — how long the server takes to respond with the first byte of data.
21 ms
Total Time Total request time from DNS lookup through full response.
21 ms

Connection waterfall

DNS Lookup 4 ms TCP Connect 2 ms TLS Handshake 10 ms Server Processing 5 ms Content Transfer 0 ms
All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.

Send Feedback