Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BCrawlabilityrobots.txt present, sitemap with 36521 URLsREVIEW
Search engines may not be able to parse the sitemap. Fix XML validation errors.
An unparseable sitemap is silently ignored by Google — the URLs it advertises are never queued for crawl.
Learn more ▾ ▴
Google's sitemap parser is strict about XML validity. A single unescaped `&` or unclosed tag invalidates the whole file. Run your sitemap through a validator (Search Console's Sitemaps report flags it) and fix the offending entry. Most generators escape correctly; mistakes usually come from manually-written entries.
Source: sitemaps.org / Google Search Central
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites like Yahoo!
# and Google. By telling these "robots" where not to go on your site,
# you save bandwidth and server resources.
#
# This file will be ignored unless it is at the root of your host:
# Used: http://example.com/robots.txt
# Ignored: http://example.com/site/robots.txt
#
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/robotstxt.html
# ----------------------------
# Sitemaps
# ----------------------------
Sitemap: https://builtin.com/sitemap.xml
Sitemap: https://builtin.com/sitemaps.txt
Sitemap: https://builtin.com/sitemaps-1.txt
Sitemap: https://builtin.com/sitemaps-2.txt
Sitemap: https://builtin.com/sitemaps-3.txt
Sitemap: https://builtin.com/sitemaps-4.txt
Sitemap: https://builtin.com/sitemaps-5.txt
Sitemap: https://builtin.com/sitemaps-6.txt
Sitemap: https://builtin.com/sitemaps-7.txt
Sitemap: https://builtin.com/sitemaps-8.txt
Sitemap: https://builtin.com/sitemaps-9.txt
Sitemap: https://builtin.com/companies/sitemap.xml
Sitemap: https://builtin.com/job-board-sitemap.xml
Sitemap: https://builtin.com/learning-labs/sitemap.xml
# ----------------------------
# Traditional Search Engines
# ----------------------------
User-agent: *
# CSS, JS, Images
Allow: /core/*.css
Allow: /core/*.js
Allow: /core/*.gif
Allow: /core/*.GIF
Allow: /core/*.jpg
Allow: /core/*.JPG
Allow: /core/*.jpeg
Allow: /core/*.JPEG
Allow: /core/*.png
Allow: /core/*.PNG
Allow: /core/*.svg
Allow: /core/*.SVG
Allow: /profiles/*.css
Allow: /profiles/*.js
Allow: /profiles/*.gif
Allow: /profiles/*.GIF
Allow: /profiles/*.jpg
Allow: /profiles/*.JPG
Allow: /profiles/*.jpeg
Allow: /profiles/*.JPEG
Allow: /profiles/*.png
Allow: /profiles/*.PNG
Allow: /profiles/*.svg
Allow: /profiles/*.SVG
Allow: /sites/*.gif
Allow: /sites/*.GIF
Allow: /sites/*.jpg
Allow: /sites/*.JPG
Allow: /sites/*.jpeg
Allow: /sites/*.JPEG
Allow: /sites/*.png
Allow: /sites/*.svg
Allow: /sites/*.SVG
Allow: /sites/*.css
Allow: /sites/*.js
Allow: /tag*?page=
# Directories
Disallow: /core/
Disallow: /profiles/
# Files
Disallow: /README.txt
Disallow: /web.config
# Drupal Paths
Disallow: /admin/
Disallow: /comment/reply/
Disallow: /filter/tips/
Disallow: /node/add/
Disallow: /search/
Disallow: /user/register/
Disallow: /user/password/
Disallow: /user/login/
Disallow: /user/logout/
Disallow: /index.php/admin/
Disallow: /index.php/comment/reply/
Disallow: /index.php/filter/tips/
Disallow: /index.php/node/add/
Disallow: /index.php/search/
Disallow: /index.php/user/password/
Disallow: /index.php/user/register/
Disallow: /index.php/user/login/
Disallow: /index.php/user/logout/
Disallow: /bix-job-newsletter/
Disallow: /taxonomy/
Disallow: /dashboard/
Disallow: /desktop/
Disallow: /mobile/
Disallow: /billing/
Disallow: /member/
Disallow: /members
Disallow: /event/*
Disallow: /flag
Disallow: /modal_forms/
# Company Directory
Disallow: /*?ni=5
Disallow: /companies/*hiring/office
Disallow: /companies/*san-francisco-bay-area
Disallow: /companies/*size
Disallow: /companies/*austin
Disallow: /companies/*boston
Disallow: /companies/*chicago
Disallow: /companies/*colorado
Disallow: /companies/*los-angeles
Disallow: /companies/*new-york-city
Disallow: /companies/*san-francisco
Disallow: /companies/*seattle
# Job Board
Disallow: /jobs/office*
Disallow: /jobs/*size
Disallow: /jobs*?search=
Disallow: /jobs*?trending*
Disallow: /jobs/*other
Disallow: /jobs/*dev-engineering/*sales-engineer
Disallow: /jobs/*not-specified
Disallow: /jobs/*mid-level
Disallow: /jobs/*analytics-industry
Disallow: /jobs/*business-intelligence-industry
Disallow: /jobs/*coupons
Disallow: /jobs/*kids-family
Disallow: /jobs/*consumer-web
Disallow: /jobs/*angel-vcfirm
Disallow: /jobs/*co-working-space-incubator
Disallow: /jobs/*machine-learning-industry
Disallow: /jobs/*sales-industry
Disallow: /jobs/*sharing-economy
Disallow: /jobs/*on-demand
Disallow: /jobs/*enterprise-web
Disallow: /jobs/*professional-services
Disallow: /jobs/*events
Disallow: /jobs/*financial-services
Disallow: /jobs/*hardware-industry
Disallow: /jobs/*hr-tech
Disallow: /jobs/*insurance
Disallow: /jobs/*marketing-tech
Disallow: /jobs/*nanotechnology
Disallow: /jobs/*news-entertainment
Disallow: /jobs/*payments
Disallow: /jobs/*pet$
Disallow: /jobs/*productivity
Disallow: /jobs/*retail
Disallow: /jobs/*security-industry
Disallow: /jobs/*travel
Disallow: /jobs/*virtual-reality
Disallow: /jobs/*wearables
Disallow: /jobs/*agriculture
Disallow: /jobs/*hospitality
Disallow: /jobs/*chemical
Disallow: /jobs/*appliances
Disallow: /jobs/*construction
Disallow: /jobs/*proptech
# LL Directory
Disallow: /learn/*price
Allow: /learn/*price*free
Disallow: /learn/*rating
#Salary Tool
Disallow: /salaries/get/
Disallow: *?salaries_lock=
# General
Disallow: /job/sitemap.xml
Allow: *sitemap.xml?page=
Disallow: /search
Disallow: /login*
Disallow: *?page=
Disallow: *?region_id=
Disallow: /apply/
Disallow: /featureflag
Disallow: /form/
Disallow: /External/Challenge*
Disallow: /Signup
Disallow: /connect/authorize*
Disallow: *?event_src=
Disallow: *?elementor_library
Disallow: *?state=
Disallow: *challenge-platform
Disallow: /signup
Disallow: /onboarding
Allow: /jobs*?page=
Disallow: /auth/
Disallow: /jobs*seattle
Disallow: /jobs*san-francisco
Disallow: /jobs*boston
Disallow: /jobs*austin
Disallow: /jobs*colorado
Disallow: /jobs*los-angeles
Disallow: /jobs*chicago
Disallow: /jobs*new-york-city
Disallow: /cdn-cgi/rum
# ----------------------------
# LLM Bots (OpenAI + Others)
# ----------------------------
User-agent: OAI-SearchBot
Disallow: /
Allow: /$
Allow: /companies*
Allow: /company/*
Allow: /jobs*
Allow: /job/*
Allow: /salaries*
Allow: /awards*
Allow: /articles*
Allow: /artificial-intelligence*
Allow: /blockchain*
Allow: /company-culture*
Allow: /data-science*
Allow: /diversity-inclusion*
Allow: /hardware*
Allow: /learn*
Allow: /machine-learning*
Allow: /recruiting*
Allow: /robotics*
Allow: /software-engineering-perspectives*
Allow: /tech-topics*
Allow: /tags*
User-agent: GPTBot
Disallow: /
Allow: /$
Allow: /companies*
Allow: /company/*
Allow: /jobs*
Allow: /job/*
Allow: /salaries*
Allow: /awards*
Allow: /articles*
Allow: /artificial-intelligence*
Allow: /blockchain*
Allow: /company-culture*
Allow: /data-science*
Allow: /diversity-inclusion*
Allow: /hardware*
Allow: /learn*
Allow: /machine-learning*
Allow: /recruiting*
Allow: /robotics*
Allow: /software-engineering-perspectives*
Allow: /tech-topics*
Allow: /tags*
User-agent: ChatGPT-User
Disallow: /
Allow: /$
Allow: /companies*
Allow: /company/*
Allow: /jobs*
Allow: /job/*
Allow: /salaries*
Allow: /awards*
Allow: /articles*
Allow: /artificial-intelligence*
Allow: /blockchain*
Allow: /company-culture*
Allow: /data-science*
Allow: /diversity-inclusion*
Allow: /hardware*
Allow: /learn*
Allow: /machine-learning*
Allow: /recruiting*
Allow: /robotics*
Allow: /software-engineering-perspectives*
Allow: /tech-topics*
Allow: /tags*
User-agent: PerplexityBot
Disallow: /
Allow: /$
Allow: /companies*
Allow: /company/*
Allow: /jobs*
Allow: /job/*
Allow: /salaries*
Allow: /awards*
Allow: /articles*
Allow: /artificial-intelligence*
Allow: /blockchain*
Allow: /company-culture*
Allow: /data-science*
Allow: /diversity-inclusion*
Allow: /hardware*
Allow: /learn*
Allow: /machine-learning*
Allow: /recruiting*
Allow: /robotics*
Allow: /software-engineering-perspectives*
Allow: /tech-topics*
Allow: /tags*
- https://builtin.com/recruiting/build-better-talent-pipeline-six-steps
- https://builtin.com/recruiting/high-growth-recruiting-4-tips-pros
- https://builtin.com/recruiting/top-sources-hire-tech-recruiters-2017
- https://builtin.com/articles/employer-brand-breakdown-facebook
- https://builtin.com/recruiting/psychological-sourcing-overcoming-loss-aversion
BTLS Certificate Expiry & Recommendations59 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Submit your domain to hstspreload.org to be added to the Chrome preload list
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records2 A records, 30 ms lookupPASS
| A | 104.17.75.82, 104.17.74.82 |
| AAAA | 2606:4700::6811:4a52, 2606:4700::6811:4b52 |
| CNAME | — |
| NS | michelle.ns.cloudflare.com, mitch.ns.cloudflare.com |
| MX | 10 aspmx.l.google.com 20 alt1.aspmx.l.google.com 30 alt2.aspmx.l.google.com 40 aspmx2.googlemail.com 50 aspmx3.googlemail.com |
| TXT | v=spf2.0/pra a:mail.builtin.com include:servers.mcsv.net include:_spf.google.com... google-site-verification=wRrfKkltqud5siBUWjvB4DdwLVv3fbGXix7_9BhrJns google-site-verification=tKZ9yYbfEooOfhMpjqJEz_9tdECIJnuVnp_n7kKlWTA apple-domain-verification=e6XGZoj2s81kZoB1 pardot_323011=7b62b2b035f77e1df13142d2c50de2f1c775657e171a7ac2984803c0019bbae0 asv=f0b3eda10d4ce0785910fe4eba9acbec SPF v=spf1 a:mail.builtin.com include:servers.mcsv.net include:_spf.google.com inclu... box-domain-verification=3ec4aba08c05cf232979412443aaf79398457a4ccf6fdd60d498e564... google-site-verification=Jm_tWHgOx5fKFeqFjiTlISkX9fNiipKsIY4shI98VeU |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://builtin.com
245 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://builtin.com | 200 | 245 ms | HTTP/1.1 | cloudflare |
A+IPv6 ReadinessIPv6 reachable (16 ms)PASS
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencebuiltin.com — via GoDaddy.com, LLC, 26 years, 11 months oldPASS
2254 days
September 18, 2032
59 days
Issued by Google Trust Services
26 years, 11 months
Registered September 18, 1999
Not enabled
Protects against DNS spoofing
Unknown
2606:4700::6811:4b52
GoDaddy.com, LLC
Expiry timeline
Recommended actions
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice