Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BCrawlabilityno robots.txt, no sitemapREVIEW
robots.txt is optional but recommended. It tells search engine crawlers which pages to index.
No robots.txt — crawlers fetch /robots.txt and get 404; not breaking but means default crawl behavior with no directives or sitemap reference.
Learn more ▾ ▴
A minimal robots.txt with `User-agent: * / Allow: / / Sitemap: https://example.com/sitemap.xml` covers the basics. Without it, crawlers behave fine but lose the sitemap signal and can't be selectively blocked from crawl-traps.
Source: robotstxt.org
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
No robots.txt found
This is fine for most sites — a missing robots.txt allows all crawling by default.
No sitemap found
Adding a sitemap helps search engines discover your pages.
BTLS Certificate Expiry & Recommendations191 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records1 A records, 64 ms lookupPASS
| A | 52.30.171.72 |
| AAAA | — |
| CNAME | — |
| NS | a2-66.akam.net, a4-64.akam.net, a1-226.akam.net, a7-64.akam.net, a13-65.akam.net, a18-65.akam.net |
| MX | 10 mxb-00661e01.gslb.pphosted.com 10 mxa-00661e01.gslb.pphosted.com |
| TXT | fastly-domain-delegation-bkCcQWsZt5eCevQn-717055-2023-11-23 teamviewer-sso-verification=22ad046c81fa4ef1a6bc657e21c39d8b MS=ms29062192 sending_domain1118563=0d2c1e3c35c58a163f40e810f539ed5f98b4d6d5a4cab9ea0a226c7ed8... atlassian-domain-verification=cOP7223If6/JRntgJGsxKHcYw/H8I22pTbcnl/xMsipKDYnUBx... status-page-domain-verification=sfh00pwdwjn8 apple-domain-verification=S30z1UF7Nm4OoOcy sending_domain931162=14416eaf670eb07820dc5adbf344195fdd43018cf1c39bf2cf7537f2037... h1-domain-verification=S7hFDPvbNdKQ4KNCEhKtnHQvZzx528tWpPuM2BWcjYrowtXV sending_domain1130723=b3477aa5f850999bafc324957a3427cc3e8c433f738eef509f26f9faeb... adobe-idp-site-verification=83b59e7d783cac8c2de20388d5b1a83a1cc1c2d2cec1d6cbbc46... ms-domain-verification=5f85fe5e-ab82-4b1c-a077-8b6e4af2574b _duqdxx97x9rw6gdj2m2jt6x4tuii2iy atlassian-domain-verification=VT/aWGzG5IQsBlaNV8yug74d/c0NANQWYlysYIVrrmZ9P9Gw4Z... facebook-domain-verification=89vkkzdd8eqvv4goimk3rmkdsoczah ms-domain-verification=a2a1e305-7df6-437b-9be3-0544a855efa9 pardot501021=80998f32c2737fa074d94d963776bbf3bdfbdda91bb3fff04c76d0ff743f3e91 _ros1cwmoa83qgd4z6k42jk4r21vi56w ms-domain-verification=a3ef36fa-9053-4d3f-a12b-9deca487d8b8 docker-verification=2d531bc2-1da0-4ee2-8441-122fe3d1690e U2FsdGVkX1+0ZnBAvpbzpOIzYyud6tpMwhEOZyKr2q8kNA8spK/s5tcrQhRhYNAM 2tm9r5r3z5tp9w7mz6ds0svn4y5713zk SPF v=spf1 include:spf.abb.com ip4:212.108.233.70 ip4:203.19.232.232 ip4:92.52.113.1... pardot984552=a93666cdc7391a953f34f2b5b2aae6d3e13dbbee51d1c3246672df6df7375b0e pardot961062=23a99cb27b80af664f50e266555e0ea4b6bc549517ae5d7d4751100097ad0d29 pardot984572=21dc8460683095f2f1b9133bfcf8cb6dcb88b2af38982a71318c0eaf487438a9 wiz-domain-verification=fcf334d0e7160636129fd9a3c5e6e915ff084f4f39fc912e3b652f04... sending_domain961032=8064e9a8f8ac62367deb4d2c78b30662e1e01a87c76253c255a8b5211ea... _eqabwnh0xx6tokud1d892l34j5qeae5 ms-domain-verification=14e08c76-2dcb-4b71-8ae3-100b9dccd626 _pldcde15qy8jo9ts5xf7xk6v30pgfff status-page-domain-verification=5mwmgy0jnhbh atlassian-sending-domain-verification=16e342a4-f908-4476-818b-66627d0b3a05 docusign=d8b1efb5-cOb3-42ff-b8d8-fbf03a1b3175 google-site-verification=dWyR2UStLo390rlyFHsR8UyOqjVP9o7ektRs3eZw-Os pardot1114262=f904b9b20e7acc00a686d5fc75e412a15aa48b79fdb4d4c6621d5d72c1166a5a h3p7cm141mldeof9gicuhph8e7 _zmx054ki6ayzquqjow3oujhtv9jhv0n sending_domain835222=16faa59c5f40dfd68c558edfdd632d99b99dcbc49d7516cd6637d785ceb... pardot961032=b0a0f26b4b55d9d56da6c2f079a09e8a6ea8618cae02d6e3ad2bfecc20ba8928 sending_domain786743=373e2d4124c8d62b99883a16a7fc814fec1540dff30175119347177f1bc... amazonses:y79G+4Ei8w63xO8nOasceQwTerxyYJry5zvpES4M8/c= sending_domain921963=e31cbd08ff62c0d7bad8a0910f4d7054054f7f43f41a793dcec3ae9f472... 2nt7z472nfp50rpdbx9wrry5shw40scc pardot961052=5978f65e48a9bd10687691a54c523c984e175447a310e6d159650739c4ab460c dtm-domain-verification=zA8wbOxAlTWjb-K1NN2zcck_sDgLaNssDB2JKj3hD0A pardot980752=a25738e395ededdf8b2c574a023f82f48aa0746ab6ff20de592e03e2ae310e5a sending_domain786753=1e84a2511ba9f73024a2838786c6c0755adf99de885e4fb4dd17189a442... ms-domain-verification=2c9bb73c-6093-4f0b-9754-9117b773320f pardot1130703=b712e6f7ae4817c324b1fd936d81799c721eb94cfffadaadeda9f936bcc85b7a openai-domain-verification=dv-GZjmaasHiBvNamF3bUqZUw0j 7rwbm8ktsnjz1y0yks93vqqhcgts5wmh _u1c7l8o4hi1yy4egdzuban847aw8jux mindmanager-verification=f81cbc19556559843f933bc7672a0757128f83d183b2bd4e1f233da... sending_domain931152=6e89a601ba96eeba3691024019c6ad9259b7dd1e3a9f5d6529705a36a01... sending_domain1130703=a5372b5adecde07e76b25c73d1ce97b2d9bab4a905b748c0d1e352f155... _g1x6tvmdp23fs8wtiy8ucb7xijj9bht _x6fpktji4vzkgq2gxw5n2r98m54yj8q sending_domain1077053=cd36ca3df45b8770ea2e4d8eef37d56dd5573c067bf93caa18fedc88fa... flexera-domain-verification-yabtbvzgszuziuhu sending_domain786763=cc3c3f2dfc093e5f50044ae19a070fddb674a7dbcf28bb65b9a6f62d670... sending_domain1130743=c9de197ee069bab8880688b2e02f92fc30d7e73db357735c0cf23994f5... pardot1130743=5b48f3310281098dcc4f636a1d1710097d63431154ce5783b132bc0354355180 autodesk-domain-verification=M9KOs3vH0g4GMU1QYXWB vm3vdoudb4eche79tcimv9laso _9sbv0q7mdq7mhfxpbh9swojzprtkew4 x8gsnxtqq4mqgjgn9kpm8y4d2hj505n7 pardot961042=18555ac1d7a2e26ef875dc5a466144fdcb680acbafc8f2cb25b57afe434f8774 apple-domain-verification=y0mc5ZF5g1AAFCaD ms-domain-verification=c6561dd6-b62b-49a2-bb73-5d0400094b94 knowbe4-site-verification=2c0d8e1fdfb67fddbb488cb26a6dbb7d status-page-domain-verification=7yqqzbw89tkf sending_domain1076643=d623fa81dfa5450d8b47983b61b197eda0674bf322bd7a0b7f0f284f06... MS=ms27736631 _4rgsshw8ga2ll8ft1y2tfmvzfy8uur6 pardot475412=d76a56416e419371bddc5904b4643d9e6d04ac82105e41f0d6b77ad733113f3f ms-domain-verification=3a6b8242-e4d1-4c59-b534-a516eca8e24f pardot1118563=fecf92defcf6a548668f7f3398a8865218a3ffd4f88aef7c300027ae126d17f3 sending_domain838341=6bfaa2b91e14ee825a124e9c1963b0f56bb6e5e678ea7dfcbbea21bbf4e... sending_domain838321=ae714875a08a6190768948711929b604e891eeeece7b523555fce57e7e5... sending_domain1077063=3d5c3055ee4bf94f2c94dc8e2cc42628490796b9f3f8fc4277b523ee33... pardot984562=ed1ac433cc4f4bc3d5b5ac1543468232775c4cbeb9ff7c06ef0721f7c4fc6207 flexera-domain-verification-lhjjkrblkiibczas _c6mendpqevhudjn5mavschsm1g79a7k sending_domain931142=9b63b20e5ab6052a806e53364e692a1284fb8095e7c94b5da2df433fa2e... pardot1130723=9b959028b0f3c13c1938408372f5d2a3acd8a68698915c1dbf953d3f1ee4e838 yandex-verification: 168ee2c0543ed504 sending_domain838331=b89cfb745393732b7e5eca5c1edf9859815f41b0c15f49b8052b9ebdbd5... gpkgz1h1mw1j24vzrp2hjk7z4lyf4pty pardot1130723=598acb7deb8f74f6809eb5f6a3657034e25a2d41f982ff62a1d11f2bfd53dd6d sending_domain771432=9c4e556cb963839664e4eb729e087c54db8496678959be258b24fec8a17... atlassian-domain-verification=9BeLMpkPi2pxn3y/E6RpnC2VLhdhdC4fp1yi2mnVpdcKEND/xv... docusign=d8b1efb5-c0b3-42ff-b8d8-fbf03a1b3175 intacct-esk=4FED1A46998B64D6E0538E06A8C0A4F5 docker-verification=bf014919-ced1-4fab-a6ee-1f25c97daf13 sending_domain1071603=90cb5921b170c02842019ec4b0156da26e9c239df9a1b1120dc72ea38d... |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect Chain0 redirect(s), 104 ms totalPASS
https://abb.com
104 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://abb.com | 302 | 104 ms | HTTP/1.1 | nginx/1.28.1 |
If permanent, use 301 instead.
302 (Found) is for genuinely temporary redirects — if this redirect is permanent, switch to 301 to preserve SEO equity.
Learn more ▾ ▴
Search engines treat 302 as temporary, keeping the original URL indexed and not transferring full link equity to the destination. Use 301 (Moved Permanently) for permanent redirects (HTTP→HTTPS, www-vs-non-www, URL restructures).
Source: Google Search Central
AURL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
HTTP → HTTPS
Use 301 (permanent) instead of 302 (temporary)
A+Domain Intelligenceabb.com — via CSC Corporate Domains, Inc., 36 years, 8 months old, hosted on AWSPASS
227 days
February 28, 2027
191 days
Issued by DigiCert Inc
36 years, 8 months
Registered February 27, 1990
Not enabled
Protects against DNS spoofing
AWS
ASN AS16509
52.30.171.72
CSC Corporate Domains, Inc.
Expiry timeline
Recommended actions
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice