Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BCrawlabilityno robots.txt, no sitemapREVIEW
robots.txt is optional but recommended. It tells search engine crawlers which pages to index.
No robots.txt — crawlers fetch /robots.txt and get 404; not breaking but means default crawl behavior with no directives or sitemap reference.
Learn more ▾ ▴
A minimal robots.txt with `User-agent: * / Allow: / / Sitemap: https://example.com/sitemap.xml` covers the basics. Without it, crawlers behave fine but lose the sitemap signal and can't be selectively blocked from crawl-traps.
Source: robotstxt.org
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
No robots.txt found
This is fine for most sites — a missing robots.txt allows all crawling by default.
No sitemap found
Adding a sitemap helps search engines discover your pages.
BTLS Certificate Expiry & Recommendations88 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records2 A records, 93 ms lookupPASS
| A | 104.18.0.202, 104.18.1.202 |
| AAAA | — |
| CNAME | — |
| NS | davina.ns.cloudflare.com, ace.ns.cloudflare.com |
| MX | 5 ademe.mailinblack.com |
| TXT | brevo-code:8105c71bb3195e3f491efc7533a0a88b google-site-verification=tI0t8WvLiZxylQ7l6_tihQfLRwhFcS4ax-ZNcdAXLdY atlassian-sending-domain-verification=455f261e-bd5e-4ce2-bdd1-ded1986db465 canva-site-verification=OkGeKifJSxJwxkRAoHogog OVLpl0UVnFRa3MkAROUc5/No7ac= brevo-code:3a4e67e57a3f5c89129a37eaf6ed1b50 adobe-idp-site-verification=45bd589cdf6aafa17a39d55c67d5e3d7b977d20b665e56a91154... google-site-verification=EpWraIYGslCcWLkGIlPKsm1tcCTrEd5Uw5bK1KKXa2c google-site-verification=InImj-_6ZcrcbAZMXdA4MHKIylJXe0FItCXeN4t0P9M google-site-verification=FLp88tTJfGkx7zz5OGsem68djZx7j_hNhc_HQ93trPs gQ3L3/75sv9pYYQlGUWb4eYAEQdCRirD6v+K+pZGvzOOaxWXAhjKNUAWW0Ko46lBDbRhVu29Sm6sggBZ... iqkbmakut6j93j2h1hs0lqp5jl SPF v=spf1 mx a ip4:217.108.11.24 ip4:51.91.146.15 ip4:144.76.131.213 ip4:176.9.118... tryane-verification=Q6D9hFZfo3MAq5Ambp4LbNlNlICtI8qw Sendinblue-code:8aebc28393d922a7601c986f7907c0bf brevo-code:bb333b7dbf895398f8d36d98a96ff240 google-site-verification=7KEhuc9P6zfh2aucSnv_pkYR6ZH1lUeAO0RpXOWSD2A MS=ms41151651 atlassian-domain-verification=SFRh0NkQsOAw74Bs4l4xf2U3aOQZQqHdgP9x48o/1i7GNLXnVI... brevo-code:87ce2e7629cb703b72f4765c6339898e MS=D46D4A5BAA4298BB82B4CD9CAA3CE6B8977A40E4 |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 752 ms totalPASS
https://ademe.fr
654 ms · HTTP/1.1
https://www.ademe.fr/
98 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://ademe.fr | 301 | 654 ms | HTTP/1.1 | cloudflare |
| 2 | https://www.ademe.fr/ | 403 | 98 ms | HTTP/1.1 | cloudflare |
See the visual redirect chain in the HTTP Probe tab →
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
HTTP → HTTPS
Consistent
A+Domain Intelligenceademe.fr — via NAMESHIELD, 30 years, 8 months old, hosted on CloudflarePASS
199 days
January 27, 2027
88 days
Issued by Google Trust Services
30 years, 8 months
Registered January 7, 1996
Status unknown
Protects against DNS spoofing
Cloudflare
ASN AS13335
104.18.0.202
NAMESHIELD
Expiry timeline
Recommended actions
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice