Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BCrawlabilityno robots.txt, no sitemapREVIEW
robots.txt is optional but recommended. It tells search engine crawlers which pages to index.
No robots.txt — crawlers fetch /robots.txt and get 404; not breaking but means default crawl behavior with no directives or sitemap reference.
Learn more ▾ ▴
A minimal robots.txt with `User-agent: * / Allow: / / Sitemap: https://example.com/sitemap.xml` covers the basics. Without it, crawlers behave fine but lose the sitemap signal and can't be selectively blocked from crawl-traps.
Source: robotstxt.org
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
No robots.txt found
This is fine for most sites — a missing robots.txt allows all crawling by default.
No sitemap found
Adding a sitemap helps search engines discover your pages.
CTLS Certificate Expiry & RecommendationsAction29 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Renew certificate — 29 days remaining
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryGoogle Cloud CDNREVIEW
ADNS Records1 A records, 54 ms lookupPASS
| A | 34.36.86.125 |
| AAAA | — |
| CNAME | — |
| NS | — |
| MX | — |
| TXT | — |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
SPF helps prevent email spoofing. Add a TXT record starting with 'v=spf1'.
Without SPF, receiving servers can't validate sending IPs — your domain is easier to spoof in phishing.
Learn more ▾ ▴
SPF complements DMARC. Both should be published. SPF records list authorized sending IPs (e.g., `v=spf1 include:_spf.google.com ~all` for Google Workspace). After publishing, verify in Google Postmaster Tools or mxtoolbox.
Source: RFC 7208 (SPF)
A+Redirect Chain0 redirect(s), 86 ms totalPASS
https://www.blablacar.fr
86 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://www.blablacar.fr | 403 | 86 ms | HTTP/1.1 | istio-envoy |
AURL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: www
HTTP → HTTPS
Use 301 (permanent) instead of 302 (temporary)
A+Domain Intelligenceblablacar.fr — via NAMESHIELD, 15 years, 9 months old, hosted on Google CloudPASS
165 days
December 24, 2026
29 days
Issued by Let's Encrypt
15 years, 9 months
Registered September 16, 2010
Enabled
Protects against DNS spoofing
Google Cloud
ASN AS396982
34.128.129.33
NAMESHIELD
Expiry timeline
Recommended actions
- Renew the TLS certificate or verify auto-renewal is working