Skip to content
https://congress.gov

Infrastructure

· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.
SCORE
91
GRADE
A
FIX
0
REVIEW
3
PASS
6
INFO
0
Probed from Madrid, Spain
403 Forbidden
Checks
9
6 PASS 3 REVIEW
B
URL Variants
www/non-www, trailing slash, HTTP→HTTPS
REVIEW
www/non-www, trailing slash, HTTP→HTTPS
Critical::
HTTP version does not redirect to HTTPS
Got: HTTP 403 Expected: 301 redirect to HTTPS

www / non-www

403https://www.congress.gov/
200https://congress.gov/

HTTP → HTTPS

403http://congress.gov/

HTTP version does not redirect to HTTPS

B
TLS Certificate Expiry & Recommendations
60 days until leaf cert expires — 2 issues to address
REVIEW

Certificate validity

60
days left
0d 30d 60d 90d+

Recommended actions

  • Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
  • Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
B
CDN & Delivery
Cloudflare
REVIEW
Cloudflare
Info::
Site is served via Cloudflare CDN (edge: CDG)
Got: cf-ray: 9efeaf6fa84e6fee-CDG
CDN Detected: Cloudflare
Provider Cloudflare Evidence cf-ray: 9efeaf6fa84e6fee-CDG
A+
DNS Records
2 A records, 52 ms lookup
PASS
2 A records, 52 ms lookup
Info::
Resolves to 2 IPv4 address(es)
Got: 172.64.144.206, 104.18.43.50
Info::
Has 2 IPv6 (AAAA) record(s)
Got: 2a06:98c1:310d::ac40:90ce, 2a06:98c1:310a::6812:2b32
Info::
2 nameserver(s) configured
Got: kevin.ns.cloudflare.com, alice.ns.cloudflare.com
Info::
4 mail exchanger(s) configured
Info::
CAA records not checked
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Info::
SPF record present in TXT
Info::
DNS resolution time: 52 ms
Got: 52 ms
A172.64.144.206, 104.18.43.50
AAAA2a06:98c1:310d::ac40:90ce, 2a06:98c1:310a::6812:2b32
CNAME
NSkevin.ns.cloudflare.com, alice.ns.cloudflare.com
MX
5 mx23.loc.gov
5 mx41.loc.gov
5 mx42.loc.gov
5 mx22.loc.gov
TXT
SPF v=spf1 include:spf1.loc.gov include:spf2.loc.gov mx ~all
google-site-verification=NKXJwj1XXYcyc7HB9HJsgC_vnJWvx-Y1oO44EVXdgrc
CAALookup not available with standard resolver
Resolved in 52 ms

CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.

Why this matters

Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.

A+
Redirect Chain
0 redirect(s), 61 ms total
PASS
0 redirect(s), 61 ms total

https://congress.gov

61 ms · HTTP/1.1 FINAL

#URLStatusTimeProtocolServer
1https://congress.gov40361 msHTTP/1.1cloudflare
A+
IPv6 Readiness
IPv6 reachable (17 ms)
PASS
IPv6 reachable (17 ms)
Info::
IPv6 is configured and reachable at 2a06:98c1:310d::ac40:90ce, 2a06:98c1:310a::6812:2b32
Got: 17 ms connect
IPv6 Ready
AAAA Records 2a06:98c1:310d::ac40:90ce, 2a06:98c1:310a::6812:2b32 Connection Reachable (17 ms)
A
Crawlability
robots.txt present, no sitemap
PASS
robots.txt present, no sitemap
Info::
robots.txt is present
Got: 3529 bytes
Info::
No sitemap.xml found
A sitemap helps search engines discover and index your pages more efficiently.
Info::
robots.txt references sitemap

A sitemap helps search engines discover and index your pages more efficiently.

Why this matters

No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.

Learn more

A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.

Source: sitemaps.org / Google Search Central

robots.txt 200 OK
Size 3529 B Sitemaps referenced 1 User-agents bigsur.ai, Bravebot, Claude-SearchBot, ICC-Crawler, PetalBot, SBIntuitionsBot, Operator, Poggio-Citations, quillbot.com, AddSearchBot, amazon-kendra, DeepSeekBot, TerraCotta, ChatGPT Agent, aiHitBot, GoogleOther-Video, imageSpider, TavilyBot, TikTokSpider, Anomura, Crawl4AI, Kangaroo Bot, Meta-ExternalAgent, Meta-ExternalFetcher, SemrushBot-SWA, Gemini-Deep-Research, Manus-User, meta-externalagent, ShapBot, Datenbank Crawler, Diffbot, OAI-SearchBot, Brightbot 1.0, Perplexity-User, QualifiedBot, SemrushBot-OCOB, WARDBot, WRTNBot, meta-webindexer, webzio-extended, Andibot, LinerBot, YouBot, Cotoyogi, wpbot, YandexAdditional, GoogleOther-Image, anthropic-ai, atlassian-bot, facebookexternalhit, Google-Extended, Panscient, img2dataset, PerplexityBot, omgili, LinkupBot, MistralAI-User/1.0, Sidetrade indexer bot, TwinAgent, *, bedrockbot, laion-huggingface-processor, Timpibot, Claude-Web, iaskspider/2.0, LAIONDownloader, QuillBot, Scrapy, Spider, FacebookBot, Factset_spyderbot, Ai2Bot-Dolma, ChatGPT-User, Cloudflare-AutoRAG, Channel3Bot, iAskBot, NovaAct, OpenAI, VelenPublicWebCrawler, AI2Bot-DeepResearchEval, FirecrawlAgent, KlaviyoAIBot, netEstate Imprint Crawler, NotebookLM, YaK, BuddyBot, Claude-User, EchoboxBot, Webzio-Extended, Google-NotebookLM, GPTBot, KunatoCrawler, MistralAI-User, YandexAdditionalBot, Bytespider, ImagesiftBot, cohere-training-data-crawler, Echobot Bot, GoogleAgent-Mariner, PhindBot, CCBot, ChatGLM-Spider, ClaudeBot, meta-externalfetcher, PanguBot, panscient.com, AI2Bot, CloudVertexBot, cohere-ai, Devin, Google-Firebase, Amazonbot, GoogleOther, Poseidon Research Crawler, Thinkbot, AmazonBuyForMe, Crawlspace, DuckAssistBot, FriendlyCrawler, LCC, Awario, Google-CloudVertexBot, ISSCyberRiskCrawler, omgilibot, Linguee Bot, MyCentralAIScraperBot, ZanistaBot, iaskspider, IbouBot Blocking No — crawling allowed
User-agent: *
Crawl-delay: 2
Disallow: /search
Disallow: /quick-search
Disallow: /advanced-search
Disallow: /*?q=*
Disallow: /*&q=*
Disallow: /*?r=*
Disallow: /*&r=*
Disallow: /*?s=*
Disallow: /*&s=*
Disallow: /account
Disallow: /lac

Sitemap: https://www.congress.gov/sitemap/index.xml

User-agent: AddSearchBot
User-agent: AI2Bot
User-agent: AI2Bot-DeepResearchEval
User-agent: Ai2Bot-Dolma
User-agent: aiHitBot
User-agent: amazon-kendra
User-agent: Amazonbot
User-agent: AmazonBuyForMe
User-agent: Andibot
User-agent: Anomura
User-agent: anthropic-ai
User-agent: atlassian-bot
User-agent: Awario
User-agent: bedrockbot
User-agent: bigsur.ai
User-agent: Bravebot
User-agent: Brightbot 1.0
User-agent: BuddyBot
User-agent: Bytespider
User-agent: CCBot
User-agent: Channel3Bot
User-agent: ChatGLM-Spider
User-agent: ChatGPT Agent
User-agent: ChatGPT-User
User-agent: Claude-SearchBot
User-agent: Claude-User
User-agent: Claude-Web
User-agent: ClaudeBot
User-agent: Cloudflare-AutoRAG
User-agent: CloudVertexBot
User-agent: cohere-ai
User-agent: cohere-training-data-crawler
User-agent: Cotoyogi
User-agent: Crawl4AI
User-agent: Crawlspace
User-agent: Datenbank Crawler
User-agent: DeepSeekBot
User-agent: Devin
User-agent: Diffbot
User-agent: DuckAssistBot
User-agent: Echobot Bot
User-agent: EchoboxBot
User-agent: FacebookBot
User-agent: facebookexternalhit
User-agent: Factset_spyderbot
User-agent: FirecrawlAgent
User-agent: FriendlyCrawler
User-agent: Gemini-Deep-Research
User-agent: Google-CloudVertexBot
User-agent: Google-Extended
User-agent: Google-Firebase
User-agent: Google-NotebookLM
User-agent: GoogleAgent-Mariner
User-agent: GoogleOther
User-agent: GoogleOther-Image
User-agent: GoogleOther-Video
User-agent: GPTBot
User-agent: iAskBot
User-agent: iaskspider
User-agent: iaskspider/2.0
User-agent: IbouBot
User-agent: ICC-Crawler
User-agent: ImagesiftBot
User-agent: imageSpider
User-agent: img2dataset
User-agent: ISSCyberRiskCrawler
User-agent: Kangaroo Bot
User-agent: KlaviyoAIBot
User-agent: KunatoCrawler
User-agent: laion-huggingface-processor
User-agent: LAIONDownloader
User-agent: LCC
User-agent: LinerBot
User-agent: Linguee Bot
User-agent: LinkupBot
User-agent: Manus-User
User-agent: meta-externalagent
User-agent: Meta-ExternalAgent
User-agent: meta-externalfetcher
User-agent: Meta-ExternalFetcher
User-agent: meta-webindexer
User-agent: MistralAI-User
User-agent: MistralAI-User/1.0
User-agent: MyCentralAIScraperBot
User-agent: netEstate Imprint Crawler
User-agent: NotebookLM
User-agent: NovaAct
User-agent: OAI-SearchBot
User-agent: omgili
User-agent: omgilibot
User-agent: OpenAI
User-agent: Operator
User-agent: PanguBot
User-agent: Panscient
User-agent: panscient.com
User-agent: Perplexity-User
User-agent: PerplexityBot
User-agent: PetalBot
User-agent: PhindBot
User-agent: Poggio-Citations
User-agent: Poseidon Research Crawler
User-agent: QualifiedBot
User-agent: QuillBot
User-agent: quillbot.com
User-agent: SBIntuitionsBot
User-agent: Scrapy
User-agent: SemrushBot-OCOB
User-agent: SemrushBot-SWA
User-agent: ShapBot
User-agent: Sidetrade indexer bot
User-agent: Spider
User-agent: TavilyBot
User-agent: TerraCotta
User-agent: Thinkbot
User-agent: TikTokSpider
User-agent: Timpibot
User-agent: TwinAgent
User-agent: VelenPublicWebCrawler
User-agent: WARDBot
User-agent: Webzio-Extended
User-agent: webzio-extended
User-agent: wpbot
User-agent: WRTNBot
User-agent: YaK
User-agent: YandexAdditional
User-agent: YandexAdditionalBot
User-agent: YouBot
User-agent: ZanistaBot
Disallow: /

sitemap.xml No sitemap found

No sitemap found

Adding a sitemap helps search engines discover your pages.

A
Domain Intelligence
congress.gov — via get.gov, 28 years, 11 months old
PASS
congress.gov — via get.gov, 28 years, 11 months old
Warning::
Domain expires in 76 days
Consider enabling auto-renewal to prevent accidental expiration.
Got: Expires Jul 7, 2026
Info::
DNSSEC is enabled
Info::
Registrar: get.gov
Warning::
Registrar lock is NOT enabled
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Domain expiry

EXPIRED

July 7, 2026

SSL certificate

60 days

Issued by Google Trust Services

Domain age

28 years, 11 months

Registered October 2, 1997

DNSSEC

Enabled

Protects against DNS spoofing

Hosting

Unknown

2a06:98c1:310a::6812:2b32

Registrar

get.gov

Unlocked 2 NS records
Expiry timeline
Today
+1 year
Domain expiry SSL expiry Danger zone (≤30 days)
Recommended actions
  • Domain has EXPIRED — renew immediately to avoid total site outage
  • Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
Registrar get.gov
Created October 2, 1997 (28 years, 11 months ago)
Expires July 7, 2026 (2 months)
Last Updated July 12, 2025
Name Servers alice.ns.cloudflare.com, kevin.ns.cloudflare.com
DNSSEC Enabled
Registrant REDACTED FOR PRIVACY
Hosting
IP Address 2a06:98c1:310a::6812:2b32
Data source: rdap (0.3s)

Consider enabling auto-renewal to prevent accidental expiration.

Why this matters

Domain expiry approaching — renew immediately and ensure auto-renew + alerting are configured.

Source: ICANN renewal policy

The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.

Why this matters

Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.

Learn more

Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.

Source: ICANN / domain-security best practice

A+
HTTP Probe Timing
Total 112 ms — DNS, TCP, TLS, TTFB, content transfer breakdown
PASS
DNS Lookup DNS Lookup — time to resolve the domain name to an IP address.
49 ms
TCP Connect TCP Connect — time to establish a TCP connection to the server.
17 ms
TLS Handshake TLS Handshake — time to complete the HTTPS encryption handshake.
23 ms
Time to First Byte Time to First Byte — how long the server takes to respond with the first byte of data.
112 ms
Total Time Total request time from DNS lookup through full response.
113 ms

Connection waterfall

DNS Lookup 49 ms TCP Connect 17 ms TLS Handshake 23 ms Server Processing 23 ms Content Transfer 0 ms
All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.

Send Feedback