Infrastructure

· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.

SCORE

GRADE

FIX

REVIEW

PASS

INFO

Probed from Amsterdam, Netherlands

301 Moved Permanently

Checks

4 PASS 3 REVIEW 2 FIX

Redirect Chain

Action

2 redirect(s), 1556 ms total

FIX

2 redirect(s), 1556 ms total

2 redirects before reaching final URL

Each redirect adds latency. Try to minimize the chain to 1 hop.

WWW normalization redirect

Uses 302 (temporary) redirect

If permanent, use 301 instead.

Got: https://www.asp.net/

Redirect overhead: 1556 ms total

Got: 1556 ms

Cross-domain redirect detected

https://asp.net

274 ms · HTTP/1.1

301

https://www.asp.net/

663 ms · HTTP/1.1

302

https://dotnet.microsoft.com/en-us/apps/...

620 ms · HTTP/1.1 FINAL

#	URL	Status	Time	Protocol	Server
1	https://asp.net	301	274 ms	HTTP/1.1	Kestrel
2	https://www.asp.net/	302	663 ms	HTTP/1.1
3	https://dotnet.microsoft.com/en-us/apps/...	200	620 ms	HTTP/1.1

See the visual redirect chain in the HTTP Probe tab →

Each redirect adds latency. Try to minimize the chain to 1 hop.

Why this matters

Redirect chain — each hop adds latency; combine into one redirect where possible.

Source: Google Search Central / web.dev

If permanent, use 301 instead.

Why this matters

302 (Found) is for genuinely temporary redirects — if this redirect is permanent, switch to 301 to preserve SEO equity.

Learn more ▾

Search engines treat 302 as temporary, keeping the original URL indexed and not transferring full link equity to the destination. Use 301 (Moved Permanently) for permanent redirects (HTTP→HTTPS, www-vs-non-www, URL restructures).

Source: Google Search Central

CDN & Delivery

Action

No CDN detected

FIX

No CDN detected

A CDN can significantly improve load times for users around the world by caching content at edge nodes closer to them.

No CDN detected

Consider using a CDN to improve global delivery speed and reduce origin load.

IPv6 Readiness

Action

No IPv6 support

REVIEW

No IPv6 support

No IPv6 (AAAA) records found

IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.

No IPv6 Support

About 40% of internet users have IPv6. Consider adding AAAA records.

IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.

Why this matters

No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.

Source: Google IPv6 stats

Crawlability

Action

robots.txt present, sitemap with 0 URLs

REVIEW

robots.txt present, sitemap with 0 URLs

robots.txt is present

Got: 10240 bytes

sitemap.xml is present

sitemap.xml contains invalid XML

Search engines may not be able to parse the sitemap. Fix XML validation errors.

sitemap.xml is empty — no URLs found

An empty sitemap provides no value. Add <url> entries for your pages.

robots.txt does not reference a sitemap

Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.

Search engines may not be able to parse the sitemap. Fix XML validation errors.

Why this matters

An unparseable sitemap is silently ignored by Google — the URLs it advertises are never queued for crawl.

Learn more ▾

Google's sitemap parser is strict about XML validity. A single unescaped `&` or unclosed tag invalidates the whole file. Run your sitemap through a validator (Search Console's Sitemaps report flags it) and fix the offending entry. Most generators escape correctly; mistakes usually come from manually-written entries.

Source: sitemaps.org / Google Search Central

An empty sitemap provides no value. Add <url> entries for your pages.

Why this matters

An empty sitemap signals 'no content to index' to Google — actively harmful versus having no sitemap at all.

Learn more ▾

Google compares URLs in the sitemap against URLs it has crawled. An empty sitemap on a site with thousands of pages signals abandonment. Either populate it correctly (most CMSes auto-generate) or delete the file and let Google crawl normally.

Source: Google Search Central / sitemaps.org

Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.

Why this matters

robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.

Source: sitemaps.org

robots.txt 200 OK

Size 10240 B Sitemaps referenced 0 User-agents Blocking No — crawling allowed




<!DOCTYPE html>
<html lang="en-US" >

<head>
    <meta charset="utf-8">

    <!-- Custom meta tag for differentiate env -->
    <meta name="env" content="Production" />

    <link rel="preload" href="/static/fonts/space-grotesk-v12-latin-700.woff" as="font" type="font/woff" crossorigin>
    <link rel="preload" href="/static/fonts/space-grotesk-v12-latin-700.woff2" as="font" type="font/woff2" crossorigin>
    <link rel="preload" href="/static/fonts/open-sans-v34-latin-regular.woff" as="font" type="font/woff" crossorigin>
    <link rel="preload" href="/static/fonts/open-sans-v34-latin-regular.woff2" as="font" type="font/woff2" crossorigin>
    <link rel="preload" href="/static/fonts/open-sans-v34-latin-600.woff" as="font" type="font/woff" crossorigin>
    <link rel="preload" href="/static/fonts/open-sans-v34-latin-600.woff2" as="font" type="font/woff2" crossorigin>
    <link rel="preload" href="/static/fonts/open-sans-v34-latin-700.woff" as="font" type="font/woff" crossorigin>
    <link rel="preload" href="/static/fonts/open-sans-v34-latin-700.woff2" as="font" type="font/woff2" crossorigin>

    <title>ASP.NET Core, an open-source web development framework | .NET</title>
    <meta name="description" content="Build web apps and services that run on Windows, Linux, and macOS using C#, HTML, CSS, and JavaScript. Get started for free on Windows, Linux, or macOS." />

    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="color-scheme" content="dark light">
    <meta name="viewport" content="width=device-width, initial-scale=1">

    <meta name="msapplication-config" content="/browserconfig.xml" />

    <meta property="og:title" content="ASP.NET Core, an open-source web development framework | .NET" />
    <meta property="og:description" content="Build web apps and services that run on Windows, Linux, and macOS using C#, HTML, CSS, and JavaScript. Get started for free on Windows, Linux, or macOS." />
    <meta property="og:image" content="https://dotnet.microsoft.com/blob-assets/images/dotnet-icons/square.png" />
    <meta property="og:image:secure_url"
          content="https://dotnet.microsoft.com/blob-assets/images/dotnet-icons/square.png" />
    <meta property="og:type" content="website" />
    <meta property="og:site_name" content="Microsoft" />
    <meta property="og:url" content="https://dotnet.microsoft.com/en-us/apps/aspnet" />

    <meta name="twitter:card" content="summary_large_image">
    <meta name="twitter:site" content="@dotnet">
    <meta name="twitter:image" content="https://dotnet.microsoft.com/blob-assets/images/dotnet-icons/large.png" />

    <meta name="msvalidate.01" content="6FBA9892BF5F904A89B922361CDABCF8" />

        <meta name="awa-env" content="prod" />




    
<style>
    uhf-header:not(:defined) {
        display: block;
        height: 54px;
    }

    uhf-brand:not(:defined),
    uhf-contextual-nav:not(:defined),
    uhf-actions:not(:defined),
    uhf-global-nav:not(:defined),
    uhf-search:not(:defined),
    uhf-mecontrol:not(:defined),
    uhf-cart:not(:defined),
    uhf-dropdown:not(:defined),
    uhf-popout:not(:defined) {
        visibility: hidden;
    }
</style>
<link rel="stylesheet" href="https://uhf.microsoft.com/statics/20260421.16.02/css/style-BpAANDpw.css" />

    <link rel="prefetch" href="/static/fonts/dotnetmdl2-icons-061622.woff" as="font" type="font/woff" crossorigin>
    <link rel="prefetch" href="/static/fonts/dotnetmdl2-icons-061622.ttf" as="font" type="font/ttf" crossorigin>
    <link rel="preconnect" href="https://js.monitor.azure.com">
    <link rel="apple-touch-icon" href="/apple-touch-icon.png">

        <link rel="stylesheet" href="/static/css/bootstrap-custom.min.css?v=IftXf1dte1yxkBhZUaoYiwhE96WxlRnUdGyBghFOM70" />
    <link rel="canonical" href="https://dotnet.microsoft.com/en-us/apps/aspnet" />
    <script type="text/javascript" src="https://js.monitor.azure.com/scripts/c/ms.analytics-web-4.min.js"></script>
    <link rel="dns-prefetch" href="https://target.microsoft.com">
    <link rel="dns-prefetch" href="https://microsoftmscompoc.tt.omtrdc.net">
    <script>
            var enableAdobeTarget = false;
    </script>
    <script type="text/javascript" src="/static/js/cookie-consent.min.js?v=cPwRYK_KXC_97Lbz_R3EFgGKqN3we23dMoCDF5iaWgQ"></script>

    <script>
            if (localStorage.theme === 'dark' || (!('theme' in localStorage) && window.matchMedia('(prefers-color-scheme: dark)').matches)) {
                document.documentElement.classList.add('dark');
            } else {
                document.documentElement.classList.remove('dark');
            }
    </script>

</head>

<body class=" ms-Fabric">
    <svg xmlns="http://www.w3.org/2000/svg"><symbol id="add-square-regular" viewBox="0 0 24 24"> <path d="M12 7C12.4142 7 12.75 7.33579 12.75 7.75V11.25H16.25C16.6642 11.25 17 11.5858 17 12C17 12.4142 16.6642 12.75 16.25 12.75H12.75V16.25C12.75 16.6642 12.4142 17 12 17C11.5858 17 11.25 16.6642 11.25 16.25V12.75H7.75C7.33579 12.75 7 12.4142 7 12C7 11.5858 7.33579 11.25 7.75 11.25H11.25V7.75C11.25 7.33579 11.5858 7 12 7ZM3 6.25C3 4.45507 4.45507 3 6.25 3H17.75C19.5449 3 21 4.45507 21 6.25V17.75C21 19.5449 19.5449 21 17.75 21H6.25C4.45507 21 3 19.5449 3 17.75V6.25ZM6.25 4.5C5.2835 4.5 4.5 5.2835 4.5 6.25V17.75C4.5 18.7165 5.2835 19.5 6.25 19.5H17.75C18.7165 19.5 19.5 18.7165 19.5 17.75V6.25C19.5 5.2835 18.7165 4.5 17.75 4.5H6.25Z"/> </symbol><symbol id="alert-danger" viewBox="0 0 20 20"> <circle cx="10" cy="10.0002" r="10" fill="#C42B1C"/> <path d="M10 4.00024C13.3137 4.00024 16 6.68654 16 10.0002C16 13.314 13.3137 16.0002 10 16.0002C6.68629 16.0002 4 13.314 4 10.0002C4 6.68654 6.68629 4.00024 10 4.00024ZM10 5.00024C7.23858 5.00024 5 7.23882 5 10.0002C5 12.7617 7.23858 15.0002 10 15.0002C12.7614 15.0002 15 12.7617 15 10.0002C15 7.23882 12.7614 5.00024 10 5.00024ZM7.83859 7.96594L7.89645 7.89669C8.07001 7.72312 8.33944 7.70384 8.53431 7.83884L8.60355 7.89669L10 9.29324L11.3964 7.89669C11.57 7.72312 11.8394 7.70384 12.0343 7.83884L12.1036 7.89669C12.2771 8.07026 12.2964 8.33968 12.1614 8.53455L12.1036 8.6038L10.707 10.0002L12.1036 11.3967C12.2771 11.5703 12.2964 11.8397 12.1614 12.0345L12.1036 12.1038C11.93 12.2774 11.6606 12.2966 11.4657 12.1617L11.3964 12.1038L10 10.7072L8.60355 12.1038C8.42999 12.2774 8.16056 12.2966 7.96569 12.1617L7.89645 12.1038C7.72288 11.9302 7.7036 11.6608 7.83859 11.4659L7.89645 11.3967L9.293 10.0002L7.89645 8.6038C7.72288 8.43023 7.7036 8.16081 7.83859 7.96594L7.89645 7.89669L7.83859 7.96594Z" fill="white"/> </symbol><symbol id="alert-info" viewBox="0 0 20 20"> <circle cx="10" cy="10" r="10" fill="#005FB7"/> <path d="M10 9C10.2761 9 10.5 9.22386 10.5 9.5V12.5C10.5 12.7761 10.2761 13 10 13C9.72386 13 9.5 12.7761 9.5 12.5V9.5C9.5 9.22386 9.72386 9 10 9ZM10 8.24907C10.4137 8.24907 10.749 7.91371 10.749 7.50003C10.749 7.08635 10.4137 6.751 10 6.751C9.58633 6.751 9.25098 7.08635 9.25098 7.50003C9.25098 7.91371 9.58633 8.24907 10 8.24907ZM4 10C4 6.68629 6.68629 4 10 4C13.3137 4 16 6.68629 16 10C16 13.3137 13.3137 16 10 16C6.68629 16 4 13.3137 4 10ZM10 5C7.23858 5 5 7.23858 5 10C5 12.7614 7.23858 15 10 15C12.7614 15 15 12.7614 15 10C15 7.23858 12.7614 5 10 5Z" fill="white"/> </symbol><symbol id="alert-promo" viewBox="0 0 20 20"> <circle cx="10" cy="10.0002" r="10" fill="url(#paint0_linear_1787_3485)"/> <path d="M12.8712 3.01513C13.1391 3.08207 13.302 3.35352 13.2351 3.62142L12.9852 4.6215C12.9183 4.8894 12.6468 5.05232 12.3789 4.98538C12.111 4.91844 11.9481 4.64699 12.015 4.37908L12.2649 3.37901C12.3319 3.11111 12.6033 2.94819 12.8712 3.01513ZM15.8536 4.14669C16.0488 4.34196 16.0488 4.65854 15.8536 4.8538L14.8536 5.8538C14.6583 6.04906 14.3417 6.04906 14.1465 5.8538C13.9512 5.65854 13.9512 5.34196 14.1465 5.14669L15.1465 4.14669C15.3417 3.95143 15.6583 3.95143 15.8536 4.14669ZM8.28367 15.0327C8.7966 15.8861 9.87741 16.2425 10.8102 15.8272C11.7399 15.4133 12.1982 14.3774 11.9134 13.4278L8.28367 15.0327ZM7.36426 15.4392L6.36554 15.8807C5.83756 16.1142 5.21978 15.9998 4.81088 15.592L4.41013 15.1924C4.00252 14.7859 3.88618 14.1712 4.11785 13.6441L7.98912 4.83567C8.38472 3.93554 9.56246 3.71539 10.258 4.40888L15.5897 9.72509C16.2853 10.4187 16.0653 11.5921 15.1678 11.9889L12.8328 13.0213C13.3372 14.4775 12.6508 16.1024 11.217 16.7408C9.77838 17.3813 8.10516 16.7981 7.36426 15.4392ZM16.5 7.00025H15.5C15.2239 7.00025 15 7.2241 15 7.50025C15 7.77639 15.2239 8.00025 15.5 8.00025H16.5C16.7762 8.00025 17 7.77639 17 7.50025C17 7.2241 16.7762 7.00025 16.5 7.00025ZM8.9046 5.23802L5.03334 14.0465C4.96796 14.1952 5.00054 14.3689 5.11623 14.4843L5.51698 14.8839C5.63338 15 5.81001 15.033 5.96116 14.9662L14.7634 11.0743C15.0192 10.9612 15.0801 10.6292 14.8836 10.4332L9.5519 5.11702C9.35297 4.91867 9.01672 4.98292 8.9046 5.23802Z" fill="white"/> <defs> <linearGradient id="paint0_linear_1787_3485" x1="1.78004e-08" y1="6.29771" x2="16.476" y2="19.5779" gradientUnits="userSpaceOnUse"> <stop offset="0" stop-color="#D600AA"/> <stop offset="1" stop-color="#512BD4"/> </linearGradient> </defs> </symbol><symbol id="alert-success" viewBox="0 0 20 20"> <circle cx="10" cy="10.0002" r="10" fill="#0F7B0F"/> <path d="M10 4.00024C13.3137 4.00024 16 6.68654 16 10.0002C16 13.314 13.3137 16.0002 10 16.0002C6.68629 16.0002 4 13.314 4 10.0002C4 6.68654 6.68629 4.00024 10 4.00024ZM10 5.00024C7.23858 5.00024 5 7.23882 5 10.0002C5 12.7617 7.23858 15.0002 10 15.0002C12.7614 15.0002 15 12.7617 15 10.0002C15 7.23882 12.7614 5.00024 10 5.00024ZM9.24953 11.0427L12.1203 8.16423C12.3153 7.9687 12.6319 7.96828 12.8274 8.16328C13.0012 8.33661 13.0208 8.60601 12.8861 8.80106L12.8283 8.87039L9.60403 12.1033C9.43053 12.2773 9.16082 12.2968 8.96576 12.1617L8.89645 12.1038L7.14645 10.3538C6.95118 10.1585 6.95118 9.84195 7.14645 9.64669C7.32001 9.47312 7.58944 9.45384 7.78431 9.58884L7.85355 9.64669L9.24953 11.0427L12.1203 8.16423L9.24953 11.0427Z" fill="white"/> </symbol><symbol id="apps-regular" viewBox="0 0 24 24"> <path d="M18.4923 2.33088L21.671 5.50966C22.5497 6.38834 22.5497 7.81296 21.671 8.69164L19.0866 11.2756C20.1696 11.438 21 12.3723 21 13.5006V18.7506C21 19.9932 19.9926 21.0006 18.75 21.0006H5.25C4.00736 21.0006

sitemap.xml 200 OK

Type URL Set URLs 0 entries Valid XML No

TLS Certificate Expiry & Recommendations

139 days until leaf cert expires — 4 issues to address

REVIEW

Certificate validity

139

days left

0d 30d 60d 90d+

Recommended actions

Add includeSubDomains to the HSTS directive
Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
Enable DNSSEC on your domain for DNS spoofing protection
Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy

A+

DNS Records

5 A records, 7 ms lookup

PASS

5 A records, 7 ms lookup

Resolves to 5 IPv4 address(es)

Got: 20.231.239.246, 20.76.201.171, 20.70.246.20, 20.236.44.162, 20.112.250.133

No IPv6 (AAAA) records

4 nameserver(s) configured

Got: ns1-04.azure-dns.com, ns2-04.azure-dns.net, ns3-04.azure-dns.org, ns4-04.azure-dns.info

1 mail exchanger(s) configured

CAA records not checked

CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.

SPF record present in TXT

DNS resolution time: 7 ms

Got: 7 ms

A	20.231.239.246, 20.76.201.171, 20.70.246.20, 20.236.44.162, 20.112.250.133
AAAA	—
CNAME	—
NS	ns1-04.azure-dns.com, ns2-04.azure-dns.net, ns3-04.azure-dns.org, ns4-04.azure-dns.info
MX	1 asp-net.mail.protection.outlook.com
TXT	SPF v=spf1 include:spf.mandrillapp.com include:spf.protection.outlook.com ip4:64.34.... MS=ms47371022 v=DMARC1; p=none pct=100; rua=mailto:d@rua.agari.com; ruf=mailto:d@ruf.agari.com...
CAA	Lookup not available with standard resolver

Resolved in 7 ms

CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.

Why this matters

Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.

A+

URL Variants

www/non-www, trailing slash, HTTP→HTTPS

PASS

www/non-www, trailing slash, HTTP→HTTPS

www/non-www redirect configured correctly (preferred: non-www)

HTTP correctly 301-redirects to HTTPS

www / non-www

302https://www.asp.net/

200https://asp.net/

Preferred variant: non-www

HTTP → HTTPS

301http://asp.net/ → https://www.asp.net/

Consistent

A+

Domain Intelligence

asp.net — via MarkMonitor Inc., 30 years, 8 months old, hosted on Microsoft Azure

PASS

asp.net — via MarkMonitor Inc., 30 years, 8 months old, hosted on Microsoft Azure

Domain registered until Jan 5, 2027 (8 months remaining)

DNSSEC is not enabled

DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.

Registrar: MarkMonitor Inc.

Registrar lock is NOT enabled

The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.

Hosting: Microsoft Azure

Got: AS8075

Domain expiry

203 days

January 5, 2027

SSL certificate

139 days

Issued by Microsoft Corporation

Domain age

30 years, 8 months

Registered January 6, 1996

DNSSEC

Not enabled

Protects against DNS spoofing

Hosting

Microsoft Azure

ASN AS8075

20.231.239.246

Registrar

MarkMonitor Inc.

Unlocked 4 NS records

Expiry timeline

Today

+1 year

Domain expiry SSL expiry Danger zone (≤30 days)

Recommended actions

Enable DNSSEC to protect visitors from DNS spoofing
Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers

Registrar MarkMonitor Inc.

Created January 6, 1996 (30 years, 8 months ago)

Expires January 5, 2027 (8 months)

Last Updated December 4, 2025

Name Servers ns1-04.azure-dns.com, ns2-04.azure-dns.net, ns3-04.azure-dns.org, ns4-04.azure-dns.info

DNSSEC Not enabled

Hosting

IP Address 20.231.239.246

ASN AS8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

Provider Microsoft Azure

Data source: rdap (0.1s)

DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.

Why this matters

Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.

Learn more ▾

DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.

Source: ICANN / RFC 4033

The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.

Why this matters

Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.

Learn more ▾

Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.

Source: ICANN / domain-security best practice

A+

HTTP Probe Timing

Total 260 ms — DNS, TCP, TLS, TTFB, content transfer breakdown

PASS

DNS Lookup

7 ms

TCP Connect

83 ms

TLS Handshake

88 ms

Time to First Byte

260 ms

Total Time

260 ms

Connection waterfall

DNS Lookup 7 ms TCP Connect 83 ms TLS Handshake 88 ms Server Processing 83 ms Content Transfer 0 ms

All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.