Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BCrawlabilityno robots.txt, no sitemapREVIEW
robots.txt is optional but recommended. It tells search engine crawlers which pages to index.
No robots.txt — crawlers fetch /robots.txt and get 404; not breaking but means default crawl behavior with no directives or sitemap reference.
Learn more ▾ ▴
A minimal robots.txt with `User-agent: * / Allow: / / Sitemap: https://example.com/sitemap.xml` covers the basics. Without it, crawlers behave fine but lose the sitemap signal and can't be selectively blocked from crawl-traps.
Source: robotstxt.org
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
No robots.txt found
This is fine for most sites — a missing robots.txt allows all crawling by default.
No sitemap found
Adding a sitemap helps search engines discover your pages.
BTLS Certificate Expiry & Recommendations331 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryAWS CloudFront (Error from cloudfront)REVIEW
A+DNS Records4 A records, 43 ms lookupPASS
| A | 13.249.228.64, 13.249.228.65, 13.249.228.6, 13.249.228.25 |
| AAAA | — |
| CNAME | — |
| NS | ns-1854.awsdns-39.co.uk, ns-686.awsdns-21.net, ns-379.awsdns-47.com, ns-1342.awsdns-39.org |
| MX | 0 cspan-org0c.mail.protection.outlook.com |
| TXT | apple-domain-verification=GsfhgEaClBkqfqyL google-site-verification=dqkpaVIOVJ7aD_uQBj90q702BbDPTYJoJAYQoyOyaJs facebook-domain-verification=zlps3la5du8o5fzq8rr1ny3pkteyw4 google-site-verification=hox6v_QP95zsd1KguNldfZRxeJIF_whL4mej-pXQyGc SPF v=spf1 include:spf.protection.outlook.com include:servers.mcsv.net include:44894... GEr/8Qmk1/XJqn9m1qITRd4r85d+K8DZwlfUj/YhgYoxzVAsljNOmCFhFpllmrOrChOdQlkKJX7X1XXj... MS=ms52400260 tollbit-domain-verification=851ac70b24159c39da6d47ea0e20fb0ff7e5c619ce848b82d571... |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect Chain0 redirect(s), 59 ms totalPASS
https://c-span.org
59 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://c-span.org | 403 | 59 ms | HTTP/1.1 | awselb/2.0 |
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
HTTP → HTTPS
Consistent
A+HTTP Probe TimingTotal 104 ms — DNS, TCP, TLS, TTFB, content transfer breakdownPASS
Connection waterfall
Domain IntelligenceDomain intelligence data not availableINFO
RDAP and WHOIS lookup both failed