Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DRedirect ChainAction2 redirect(s), 1538 ms totalFIX
https://niu.edu
495 ms · HTTP/1.1
https://www.niu.edu/
515 ms · HTTP/1.1
https://www.niu.edu/index.shtml
528 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://niu.edu | 301 | 495 ms | HTTP/1.1 | Microsoft-IIS/10.0 |
| 2 | https://www.niu.edu/ | 302 | 515 ms | HTTP/1.1 | Microsoft-IIS/10.0 |
| 3 | https://www.niu.edu/index.shtml | 200 | 528 ms | HTTP/1.1 | Microsoft-IIS/10.0 |
See the visual redirect chain in the HTTP Probe tab →
Each redirect adds latency. Try to minimize the chain to 1 hop.
Redirect chain — each hop adds latency; combine into one redirect where possible.
Source: Google Search Central / web.dev
If permanent, use 301 instead.
302 (Found) is for genuinely temporary redirects — if this redirect is permanent, switch to 301 to preserve SEO equity.
Learn more ▾ ▴
Search engines treat 302 as temporary, keeping the original URL indexed and not transferring full link equity to the destination. Use 301 (Moved Permanently) for permanent redirects (HTTP→HTTPS, www-vs-non-www, URL restructures).
Source: Google Search Central
DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BTLS Certificate Expiry & Recommendations198 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Prefer TLS 1.3 — TLS 1.2 is acceptable but TLS 1.3 removes RSA key exchange and improves latency
- Submit your domain to hstspreload.org to be added to the Chrome preload list
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records1 A records, 99 ms lookupPASS
| A | 131.156.223.14 |
| AAAA | — |
| CNAME | — |
| NS | dns-ext1.niu.edu, dns-ext2.niu.edu |
| MX | 0 niu-edu.mail.protection.outlook.com |
| TXT | autodesk-domain-verification=hw6d-miT9ba8-WuZ8Kq9 docusign=6a35ba1d-7ae3-4079-ac7a-9bd45439deb7 hkq6bl0v0cy3pb4g8z7f0vtvyc873vxr hibp-verify=dweb_r99aza50a2xwm44an13qtj2a google-site-verification=5cjSTz8DvO0x04PMYTFJcIbn-Rev9BFg8iNnE-HFPIU rua=mailto:dmarc_agg@dmarc.everest.email docusign=59eb093d-df34-43bc-83fb-3d7424734047 docusign=92e291cf-fcfa-436a-a9d9-09700cf0ce3e google-gws-recovery-domain-verification=62020772 MS=ms75199486 docusign=f58976bc-f626-4232-8836-844e17ff7832 yahoo-verification-key=d+mIoTFMPS/Pt6HVp/QfdwRulbR/Kme78Efv+qGPBUE=google-site-v... SPF v=spf1 ip4:131.156.0.0/16 include:spf-a.niu.edu include:spf-b.niu.edu -all |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Crawlabilityrobots.txt present, sitemap with 615 URLsPASS
Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.
robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.
Source: sitemaps.org
# NIU Robots.txt
# Last updated: 2-9-26-JMO
# General site access - block utility and paid landing pages
User-agent: *
Disallow: /sign_out.shtml
Disallow: /its/scripts/
Disallow: /explore/
Disallow: /why-niu/
Disallow: /lr/
# AI search crawlers - ALLOW for discoverability in ChatGPT, Perplexity, Google AI, Apple Intelligence
# CCBot (OpenAI/ChatGPT), Google-Extended (Gemini), Applebot-Extended (Apple Intelligence), cohere-ai (Perplexity)
# No additional blocks needed - inherits from User-agent: * above
# Social media crawlers - ALLOW for proper link preview cards on Facebook/Instagram
# FacebookBot, facebookexternalhit
# No additional blocks needed - inherits from User-agent: * above
# Scraping bots - BLOCK entirely
User-agent: Omgilibot
Disallow: /
User-agent: Omgili
Disallow: /
User-agent: Diffbot
Disallow: /
User-agent: Bytespider
Disallow: /
User-agent: ImagesiftBot
Disallow: /
AURL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Use 301 (permanent) instead of 302 (temporary)
A+Domain Intelligenceniu.edu — 37 years, 10 months old, hosted on NIU - Northern Illinois University, USPASS
776 days
July 31, 2028
198 days
Issued by DigiCert Inc
37 years, 10 months
Registered December 8, 1988
Status unknown
Protects against DNS spoofing
NIU - Northern Illinois University, US
ASN AS11417
131.156.223.14
Registrar unknown