Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
BRedirect Chain2 redirect(s), 440 ms totalREVIEW
https://gmu.edu
305 ms · HTTP/1.1
http://www.gmu.edu/
65 ms · HTTP/1.1
https://www.gmu.edu/
70 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://gmu.edu | 302 | 305 ms | HTTP/1.1 | Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1k PHP/7.2.24 |
| 2 | http://www.gmu.edu/ | 301 | 65 ms | HTTP/1.1 | Sucuri/Cloudproxy |
| 3 | https://www.gmu.edu/ | 200 | 70 ms | HTTP/1.1 | Sucuri/Cloudproxy |
See the visual redirect chain in the HTTP Probe tab →
Each redirect adds latency. Try to minimize the chain to 1 hop.
Redirect chain — each hop adds latency; combine into one redirect where possible.
Source: Google Search Central / web.dev
Redirect directly from https://gmu.edu to https://www.gmu.edu/
Redirect chain could be flattened to one hop — server config tweak removes intermediate latency.
Source: web.dev
If permanent, use 301 instead.
302 (Found) is for genuinely temporary redirects — if this redirect is permanent, switch to 301 to preserve SEO equity.
Learn more ▾ ▴
Search engines treat 302 as temporary, keeping the original URL indexed and not transferring full link equity to the destination. Use 301 (Moved Permanently) for permanent redirects (HTTP→HTTPS, www-vs-non-www, URL restructures).
Source: Google Search Central
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
CURL VariantsActionwww/non-www, trailing slash, HTTP→HTTPSREVIEW
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
Use 301 (permanent) instead of 302 (temporary)
BTLS Certificate Expiry & Recommendations308 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
ADNS Records1 A records, 567 ms lookupPASS
| A | 129.174.134.28 |
| AAAA | — |
| CNAME | — |
| NS | magda.gmu.edu, eve.gmu.edu, ruth.gmu.edu |
| MX | 10 mx-h.gmu.edu |
| TXT | gi82en2u7s30ta5hsjgmvgpun1 jamf-site-verification=uyKUtI86kcfPNDmOH0gEVA d365mktkey=x2v6vzmrbhE7sBxdncLxT8weers1LXKv6RSbmrIRPx8x qh7f3m24p2tbr0ckuosi6todov vr41eaub4br1g1dfgb8l08pgv6 facebook-domain-verification=3m35a8tsb2a67nl9a6wd7ayu24hb4e qd0l0ce71v2nioib4josbcno98 SFMC-SopwlwR6cveuHFS7KOz97eE9yk3jymOoL6TTdcfH google-site-verification=_Skx3UdEaDozIeqzD-C9AwVx5sRr1NI8IXfyaTd6moo s9q49adajdfgvqg43sislqbhiu d365mktkey=bFMt20OAgOmsv1XIVseXwxdc9k8UE220is8m3mxRrfcx iContact1027505 4v5b9gnvkkunqfi0oteo4hdlvq ouihva01eq1ulrvr5im6tgb685 k7543c1ttvaspn5pt2avbm3uug autodesk-domain-verification=WU1qobCVRrB5_N-Xc1GB adobe-idp-site-verification=dea1df01-b37e-4954-952b-d2ea559cc824 440fc2gec6616g78csadprtppg rp9qfgp1vkp9cv4ibg01ggmjnd MS=ms42891787 2gollhj92h3gkuk0los7s32972 SFMC-kkoVfPGaCya4MuIVJRDglrAdiai-ZUj8ewCplNEm google-site-verification=w8J_colHMMY1H-ZFzIG24-Yzp7dt9AirADz2r3l74IQ SPF v=spf1 ip4:129.174.7.212 include:servers.mcsv.net include:spf.protection.outlook... c0mueu46crv0fm2dv2slcq8s27 iContact1023980 CDS858K2H92DFOL5GS4T6SF7OD SFMC-kkoVfPGaCya4MulVJRDg1rAdiai-ZUj8ewCplNEm 3a31dd48d02a8634bf29de88068e9f628757f2a2227360433f4272bddec99abc SFMC-SopwIwR6cveuHFS7KOz97eE9yk3jymOoL6TTdcfH SFMC-0y99zGFAUzJTIB-oLmRn54pZoMmH2Ep3XNRG0jU7 dkqo0egndtvoqgur62qm8deoe7 atlassian-domain-verification=/KdHCf7vz4R/YQyV/5mH9epGvDeqxIkfl51Xzx84ST7XYQO34J... google-site-verification=eCc-DpnhKTCzAcMmmL4ekpJrmRYdRbcR0vu-9xoHzkw SFMC-kkoVfPGaCya4MulVJRDg1rAdiai-ZUj8ewCpINEm e147ebudpbo816ro21lk4q7n7v e2ma-verification=h0wbb fise3kq573brip7cpjcaqs28rq 6qn2dl49rd4fsrha5d2d2lnhr7 lkbhbu34qnirr5niqubhpv9enj ZOOM_verify_Kw0cujPQa30CalZfL5WX5R SFMC-Sopw1wR6cveuHFS7KOz97eE9yk3jymOoL6TTdcfH airtable-verification=1ad52364b81969b187764a9cad5618f4 5eutkg5tkt9qkn05405c3c3kp4 eoa21j69bfthrhdg8on8r9atok SFMC-gOUEN4R5Uut8CL7u7V0In4F4Edk9l37m6PTjF7by pae130qhpscm3sp78vnmuq2vnq m61fnacp87u882gdldqi3o6i41 SFMC-29QTNFg9IQuJG8YZIgUQF-gPUhX36d0CHb40qlid SFMC-29QTNFg9lQuJG8YZIgUQF-gPUhX36d0CHb40qlid t2m9fglsc7p4bii0kukfgb7c8k SFMC-8HcX9NakMdO1uQ6eoVwRTJry-_hvaM-KMY3epkpH SFMC-29QTNFg9lQuJG8YZlgUQF-gPUhX36d0CHb40qlid d68eqv4rjiorv6ve01tlv3r2nc iseck5bcs7i46u28gn7no1eoi8 |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
Slow DNS adds latency to every page load. Consider a faster DNS provider.
DNS resolution is slow — anycast DNS providers (Cloudflare, Route 53) typically resolve <50ms globally.
Source: DNS performance benchmarks
A+Crawlabilityrobots.txt present, sitemap with 5 URLsPASS
Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.
robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.
Source: sitemaps.org
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites like Yahoo!
# and Google. By telling these "robots" where not to go on your site,
# you save bandwidth and server resources.
#
# This file will be ignored unless it is at the root of your host:
# Used: http://example.com/robots.txt
# Ignored: http://example.com/site/robots.txt
#
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/robotstxt.html
User-agent: *
# CSS, JS, Images
Allow: /core/*.css$
Allow: /core/*.css?
Allow: /core/*.js$
Allow: /core/*.js?
Allow: /core/*.gif
Allow: /core/*.jpg
Allow: /core/*.jpeg
Allow: /core/*.png
Allow: /core/*.svg
Allow: /profiles/*.css$
Allow: /profiles/*.css?
Allow: /profiles/*.js$
Allow: /profiles/*.js?
Allow: /profiles/*.gif
Allow: /profiles/*.jpg
Allow: /profiles/*.jpeg
Allow: /profiles/*.png
Allow: /profiles/*.svg
# Directories
Disallow: /core/
Disallow: /profiles/
# Files
Disallow: /README.md
Disallow: /composer/Metapackage/README.txt
Disallow: /composer/Plugin/ProjectMessage/README.md
Disallow: /composer/Plugin/Scaffold/README.md
Disallow: /composer/Plugin/VendorHardening/README.txt
Disallow: /composer/Template/README.txt
Disallow: /modules/README.txt
Disallow: /sites/README.txt
Disallow: /themes/README.txt
Disallow: /web.config
# Paths (clean URLs)
Disallow: /admin/
Disallow: /comment/reply/
Disallow: /filter/tips
Disallow: /node/add/
Disallow: /search/
Disallow: /user/register
Disallow: /user/password
Disallow: /user/login
Disallow: /user/logout
Disallow: /media/oembed
Disallow: /*/media/oembed
# Paths (no clean URLs)
Disallow: /index.php/admin/
Disallow: /index.php/comment/reply/
Disallow: /index.php/filter/tips
Disallow: /index.php/node/add/
Disallow: /index.php/search/
Disallow: /index.php/user/password
Disallow: /index.php/user/register
Disallow: /index.php/user/login
Disallow: /index.php/user/logout
Disallow: /index.php/media/oembed
Disallow: /index.php/*/media/oembed
A+Domain Intelligencegmu.edu — 39 years old, hosted on GEORGE-MASON-UNIV - George Mason University, USPASS
19 days
July 31, 2026
308 days
Issued by Internet2
39 years
Registered October 14, 1987
Status unknown
Protects against DNS spoofing
GEORGE-MASON-UNIV - George Mason University, US
ASN AS11279
129.174.134.28
Registrar unknown
Expiry timeline
Recommended actions
- Renew the domain or enable auto-renewal to prevent accidental expiry