Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BCrawlabilityno robots.txt, no sitemapREVIEW
robots.txt is optional but recommended. It tells search engine crawlers which pages to index.
No robots.txt — crawlers fetch /robots.txt and get 404; not breaking but means default crawl behavior with no directives or sitemap reference.
Learn more ▾ ▴
A minimal robots.txt with `User-agent: * / Allow: / / Sitemap: https://example.com/sitemap.xml` covers the basics. Without it, crawlers behave fine but lose the sitemap signal and can't be selectively blocked from crawl-traps.
Source: robotstxt.org
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
No robots.txt found
This is fine for most sites — a missing robots.txt allows all crawling by default.
No sitemap found
Adding a sitemap helps search engines discover your pages.
BTLS Certificate Expiry & Recommendations74 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Extend HSTS max-age to at least 31536000 (1 year) to meet the preload list criteria
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryCloudflareREVIEW
A+DNS Records2 A records, 95 ms lookupPASS
| A | 172.64.154.159, 104.18.33.97 |
| AAAA | 2a06:98c1:3107::ac40:9a9f, 2a06:98c1:3104::6812:2161 |
| CNAME | — |
| NS | nicole.ns.cloudflare.com, arch.ns.cloudflare.com |
| MX | 1 aspmx.l.google.com 5 alt1.aspmx.l.google.com 5 alt2.aspmx.l.google.com 10 aspmx2.googlemail.com 10 aspmx3.googlemail.com |
| TXT | google-site-verification=braA-lO3YtmBslz87lJyjQmLb3q-83yvP32MH5iNGWI hubspot-domain-verification=MjQ0ODU3MmQtMDNjNy00NGQ2LWFiMmYtNmZiMmY0YTRjOTEx miro-verification=80b1c4dd4450a54c6feb9480700b70a39581eb17 google-site-verification=Upmu4anGS7wtjB-FhJHxvdmqwEYrq04s8WUDnqfhjEg ZOOM_verify_dT6eM5gFyayVNcZLTDpZWt atlassian-domain-verification=1PfCmQaacw/ECNVuQ1AkodolOd/BVvpjNT4BffsbLWX8hJmZLv... google-site-verification=soMCXwlfW1npd1y97qtBFY0l15cQbf5lNJeGIxn4LYw tenderly-domain-verification-6ew91n=kXqE4FD0DGfbaE2SO9QEqX84p h1-domain-verification=Bsi7zNNMQJMdNUgs5PZWjP7AMYAkPVa9xbRL6wEf2ZLnM2JV figma-domain-verification=9f3e4bd497d0c0dd6e76edef8dfbb81f4f6b16c12237bc1173c73c... google-site-verification=sy3dn-WQedJSuSxHajKLzyRSWwCBif7xFCVbc7sxLl0 linear-domain-verification=137782 notion_verify_Rpy2bd1ub9za5gcm89mGXDDK3VZ7DMz7RGcJzUhpWi0AbHqvD3K1pu03mG6Y1LYv3p... slack-domain-verification=ZEyB9FuIdPL6k7REJmrdEo61PVJOlgoYQXNYIbpO perplexity-ai-domain-verification-785pgn=XPNsjGdlaWfDh4jdubuqwdU4Q cursor-domain-verification-4zfcpw=ari86tRXibV7TSmfbvGIq9tYf MS=ms16319070 google-site-verification=vz7ogOBr92dRknpeC28-TQbbEyVWvko_MF-J7WYMsNY anthropic-domain-verification-7k27ax=hT2KZAHNMV7a2tSh9cieoCUxK google-gws-recovery-domain-verification=44295434 google-site-verification=S14smBDLHtomTKysI7Xv4Wshyr1VF7FhrmyIkqrxlWQ segment-site-verification=LJOzXeBmqaKRNrmKF2GIlt4vJ442n8kn openai-domain-verification=dv-00wsOyw21EBhIl9i0SPLGghW google-site-verification=7KM8t2vfhMyCF9nNJie3tZK6FYBgZZ_tHd5me8-XxdQ 4171fc0b-1b5a-48cc-8924-f588ef7c83a6=77bf321a0a9a095aef0f6c457bc73a17da016ce604d... zapier-domain-verification-challenge=6d6abc15-dd7a-43d6-a1f5-cee105cc12e7 verification_token=OQQp4EWCL3hWigSSrbz2u0f9N mongodb-site-verification=zMhSNQQRjWhgVYFlPIaz2flrTB4vzqSb google-site-verification=2rBgjKc0-Qrso9Es_hnYv2deFHfxZePZPioPCgPjuUI SPF v=spf1 include:_spf.google.com include:mailgun.org include:_spf.atlassian.net in... atlassian-sending-domain-verification=374c8591-2263-48b1-a0b8-725ff1e8d543 google-site-verification=Lfrspbc4rm7jjOGg43aoYuNiZ6viBX0Q3s94b7-ehMo mixpanel-domain-verify=ee907c3f-76b4-40b4-8f2f-57c8f8aa58a3 apple-domain-verification=ELyRHhpBTyfufsty RBqq4TAfEQUBMWQAFRFmVt0 0nnq5lmm3ntn3z631zqdxy8rktd8n5qy docusign=21d05164-3b53-4865-88f4-fc093c7e84ff |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect Chain0 redirect(s), 64 ms totalPASS
https://opensea.io
64 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://opensea.io | 403 | 64 ms | HTTP/1.1 | cloudflare |
A+IPv6 ReadinessIPv6 reachable (17 ms)PASS
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligenceopensea.io — via Gandi SAS, 8 years, 5 months oldPASS
163 days
December 27, 2026
74 days
Issued by Google Trust Services
8 years, 5 months
Registered December 27, 2017
Status unknown
Protects against DNS spoofing
Unknown
2a06:98c1:3104::6812:2161
Gandi SAS
Expiry timeline
Domain cannot be transferred without explicit unlock from the registrar. This protects against unauthorized transfers.
Registrar lock (clientTransferProhibited et al.) prevents unauthorized domain transfers — strongest defense against domain hijacking.
Source: ICANN / domain-security best practice