Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DRedirect ChainAction2 redirect(s), 1055 ms totalFIX
https://nvidia.com
986 ms · HTTP/1.1
https://www.nvidia.com/
29 ms · HTTP/1.1
https://www.nvidia.com/zh-tw/
41 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://nvidia.com | 301 | 986 ms | HTTP/1.1 | nginx |
| 2 | https://www.nvidia.com/ | 307 | 29 ms | HTTP/1.1 | AkamaiGHost |
| 3 | https://www.nvidia.com/zh-tw/ | 200 | 41 ms | HTTP/1.1 | Apache |
See the visual redirect chain in the HTTP Probe tab →
Each redirect adds latency. Try to minimize the chain to 1 hop.
Redirect chain — each hop adds latency; combine into one redirect where possible.
Source: Google Search Central / web.dev
DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BHTTP Probe TimingTotal 1005 ms — DNS, TCP, TLS, TTFB, content transfer breakdownREVIEW
Connection waterfall
BTLS Certificate Expiry & Recommendations151 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Prefer TLS 1.3 — TLS 1.2 is acceptable but TLS 1.3 removes RSA key exchange and improves latency
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records1 A records, 11 ms lookupPASS
| A | 34.194.97.138 |
| AAAA | — |
| CNAME | — |
| NS | ns7.dnsmadeeasy.com, ns5.dnsmadeeasy.com, dns1.p09.nsone.net, dns2.p09.nsone.net, ns6.dnsmadeeasy.com |
| MX | 10 nvidia-com.mail.protection.outlook.com |
| TXT | google-site-verification=Bgm4VneS70f1CGZKg-D3tGoEQYxxHm56CH1v8frb1OA amazonses:tiDUkAUORs6LGjJXT0/6lf7qhM1Z/k+5ax6kvycH0KU= 2bv8cxn82sdc4jf5k46r4yjymyq99kx5 onetrust-domain-verification=94a8e142562349faa2ba5529c6cbdc30 v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pZXEi8/P4fDOafsJ88H48w2f8... kp6v5hv1mb3vfdljx9tgwd4l937vd14y gkr1fe2hai0i5lpj2jqmatdp4t webexdomainverification.4faf3ee01037479be053ad06fc0aecb4=d1b282f3-54e0-4575-9fac... apple-domain-verification=BVP359YB3NqbMfZN stripe-verification=87E8E0C1E618E41698A141FFBEF22C7F77D5AC285CD7404907CFB4D131F7... anthropic-domain-verification-yrjjcd=ej6XWEu0ENbzDBfGT2ApwOA9u apple-domain-verification=AB3LxniJsUaLUcY5HvdpX1R8DTt0wK00TTlz9bLWYqA docker-verification=c9680cb5-881b-4f8b-a803-42a918cdcf57 google-site-verification=2-satGFR6KHGOFKHt9pAAhY4xpgq1pmusepMak2uuFw smartsheet-site-validation=GesD_luIWHnX8PgyzkdwkP4zgJbEnWFG ek0aq24s0hi15hq4tqtkqjj1aj docusign=a95fd649-319d-4f9d-b832-6925ebd520fd 596hdfxvpnrhgnb5h0rd9jmpy5dgnmxm _z66mbl00eie3gk8qvoeo0jn57peolxo autodesk-domain-verification=DsRz7uyZ60rHqKxi31y9 atlassian-domain-verification=TkpNmmgTUPTLgab1/pTD1DQIwSM2wKR38idvHtF1/yzRlc7ajV... _xcqf40cqfhy8igzqdkbjdyb4nys65u9 _bsu0cnbbyliltohc5op1gjad09swnyb b47c0mpmnsxbg005dw6b5jpft3smyxc0 37e5g68gjeqgjjc64hlihvgiim 8cm9gxpghxsp9574p1nz7qyvfnsp7j8p jxp4dypdbq8k2qfh3csbxqk3mhtt3bc2 7iv8kqoklj3k99ad2hm1i3rp5u ZOOM_verify_8gBBD3UzStWKA3mt6lwsTA mn7s1rhpyt62qychj30kwqglk6m0xbf7 stripe-verification=99D9E45F72AD5546982F73E692E6BF04557C64DAB69C66E6200EE7B88D8B... rbdnz94w8kspd08l35ddj10s25lzfsn3 lptj19vv8ny9w6g7x730jr81fwjj5js1 _2e0v9clijhuv53e0z8ypnbin4pvcay5 wrike-verification=MzkwOTExMDpiYjg3NmMwYTY1MjhjODk1NWY1MzZiZDQxMDljOGU5ZjMyYTIzY... bua5v23vah91dl7u8q18uqeqi2 yandex-verification:050a0e32621f5209 4mq1tkhh4a1ah00o7fpl6l9e0g slack-domain-verification=JdqDQf1IlTnyYj3bjoNb5vAAQNY43wTMTka9JV6L xz3kx787d2v3sybkp648jh2xpb41w7ss 1pq0y02mf1v1m7k3lr86vyxmy4y2c68b domain-verification-yrjjcd=ej6XWEu0ENbzDBfGT2ApwOA9u mtdg5mrgrnvpqfxgzd0cyl6281w2qd83 openai-domain-verification=dv-NFgbKpjTQ0ahyMXgoAHmOxJY openai-domain-verification=dv-n75OVQToqSuaVb8uhdA5Gm5S openai-domain-verification=dv-NvYhgg87YsmEx1yhbZSJrBhQ facebook-domain-verification=8xnj9c1jc5elzjmp75cud9ty4ddqe1 _e97jw0iw78afuye7dwuhjyh3fpm0eua 6pz5xms6zpn4mngxrgm8xj6v2btwff06 mongodb-site-verification=ROIaNgdagjgVhIzbnNJrLtHAQerIZZ7G sonatype-verification=OSSRH-58518 teamviewer-sso-verification=2b7c86a77be24f7b8573b688a8e22e12 webexdomainverification.4C675B8BC9F4B136E053AB06FC0A3F65=7bca8485-5ef5-41d8-9095... onetrust-domain-verification=a82a3dc15f9f4b5ba1ebebc75ee8880d cxqdvl1xsmlvpwd2xd11mbp6tk4b2fn9 aliyun-site-verification=47b62ce6-8506-41f0-bb2f-07b3a645d506 webexdomainverification.JUIU=a2070f62-2329-43d5-a745-0506cd1e0be8 airtable-verification=d6d9ca2bacc2c108daad98a586ea9ae7 mailigen-site-verification=58788cc4908d5697c6ea4801a7fea3f6 docusign=96779a1c-034b-4e45-b43d-d542d10e71ec MS=ms46230291 xr3$HxkR2hjQBd6n8xLZeKkT2Weed2I&5t3srsv6yXqgeoGxwB#tZXM#e8JPGTJor^H#e1zRQO8@7fZm... perplexity-ai-domain-verification-q7nwx7=rsQck5ZDngPVcnFaBeEOnq8yy SPF v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all MagCfj2QvpMlValiiUpfiQk20jX6TQiVe2kRGvpC9oO5ndpTc5Lg2Rp4EPVYKjvIb/8f4U5tRMD8uqIu... 705HTG3G6VA7V2IN61PSCVLMDC 0ed1fe018a86de5c28fed445dda5cec48fd7d5cc0f amazonses:SJniAvY8SFy0o9cZGRDXV8eDcQ5oyo+QNtLHM37omUY= duo_sso_verification=TzxwSiyiqBThbUymIdN9VVIm6xPyKGCFQZZX6Gt8DBsSqPlhDgAz8H4maEw... ciscocidomainverification=5fdcd1977e45fc341a83e8f8c0149146995952cd51fb04a9d1b950... wrike-verification=MzQ5MDMzNjoxNGE4MDkxMDAyYzEyNGU5YWQxNGVhYWI4ZjkzNzhhMmIwZWY4M... |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Crawlabilityrobots.txt present, sitemap with 51 URLsPASS
#
# Welcome to NVIDIA
#
#@@@@@@@@@@@@@@@@@@@@@@@@@@@///////////////////////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@@@@@@@@@@@///////////////////////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@@@@@@@@@@%#@#////////////////////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@//////////@@@@@@@@@@@@///////////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@//////@@@@@@@@/////////@@@@@@@///////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@//////@@@@@@//////@@@@@@@//////@@@@@@////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@//////@@@@@//////@@@@///@@@@@@@/////&@@@@@//////////////@@@@@@@@@@@@@@@@@@
#@@@@@@//////@@@@////@@@@@@@/////@@@@/////@@@@@@///////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@/////@@@@/////@@@@@////////////@@@@@///////@//////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@//////@@@@/////@@@/////////@@@@@///////@@@@@@@@//////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@//////@@@@@/////@@@@@@@@@@////////@@@@@@@@@@@//////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@//////@@@@@@@/////////////@@@@@@@@@@@///////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@/////////%/////@@@@@@@@@@@@@/////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@@@@@@@&///@@@@@@@@///////////////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@@@@@@@@@@@///////////////////////////////////@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
#@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
#
# We dig it when people read our code! Check out the jobs while you're here.
# https://www.nvidia.com/en-us/about-nvidia/careers/
#
# Or check out our YouTube channel for our latest
# https://www.youtube.com/user/nvidia
#
# Last updated 19 Nov 2025 by LC
sitemap: https://www.nvidia.com/sitemap_index.xml
# AI Agents
User-agent: ai2bot
User-agent: anthropic-ai
User-agent: Amazonbot
User-agent: Amazon-kendra
User-agent: Applebot-extended
User-agent: AutoGPT
User-agent: BedrockBot
User-agent: Bytespider
User-agent: CCBot
User-agent: Chatglm-spider
User-agent: ChatGPT
User-agent: ChatGPT-User
User-agent: Claudebot
User-agent: Claude-user
User-agent: Claude-search
User-agent: Claude-web
User-agent: Cohere-ai
User-agent: Cotoyogi
User-agent: Deepseek
User-agent: Deepseek Chat
User-agent: Deepseekbot
User-agent: DuckAssistBot
User-agent: DuckDuckBot
User-agent: FacebookBot
User-agent: Geminiios
User-agent: Google-Extended
User-agent: Googleagent-manier
User-agent: GPTBot
User-agent: Grok
User-agent: ia-archiver
User-agent: iaskbot
User-agent: iaskspider
User-agent: ICC-crawler
User-agent: Linerbot
User-agent: Metaaib
User-agent: Meta-externalagent
User-agent: Meta-externalfetcher
User-agent: Meta-llama
User-agent: Mistralai-user
User-agent: NovaAct
User-agent: OAI-Searchbot
User-agent: Pangubot
User-agent: Perplexity
User-agent: PerplexityBot
User-agent: Perplexity-user
User-agent: Phindbot
User-agent: PoeBot
User-agent: Qwen
User-agent: Sogou
User-agent: Timpibot
User-agent: Tongyi
User-agent: Wenxiaobai
User-agent: Xinghuo
User-agent: Youbot
User-agent: Yuanbaobot
Allow: /*.llms.txt$
Allow: /*.md$
Allow: https://www.nvidia.com/llms.txt
User-agent: Googlebot
User-agent: Googlebot Smartphone
User-agent: Google AdsBot
User-agent: Bingbot
Disallow: /*.md$
Disallow:/*.llms.txt$
User-agent: *
# Gated Content
Disallow: /content/g/*
Disallow: /content/gated-pdfs/*
Disallow: /content/*/gated-resources/*
Disallow: /content/*/gated-pdfs/*
Disallow: /gated-resources/*
# GF Forums
Disallow: /*?topicPage=
Disallow: /*&topicPage=
Disallow: /*?commentPage=
Disallow: /*&commentPage=
Disallow: /admin/
Disallow: /attach/
Disallow: /content/experience-fragments/*
Disallow: /content/forms/
Disallow: /content/license/driver_license.aspx
Disallow: /content/nvidiaGDC.*\.(?!png|jpg|svg).+$
Disallow: /content/temp/*
Disallow: /ddl2*
Disallow: /email-verify/*
Disallow: /forms/*
Disallow: /*/geforce/release-notes/GFE/Rich/*
Disallow: /*/geforce/release-notes/GFN/Rich/*
Disallow: /*/geforce/release-notes/GFNB/Rich/*
Disallow: /*/geforce/comparisons/*
Disallow: /*/geforce/billboards/*
Disallow: /*/geforce/news/gfecnt/*
Disallow: /processFind*
Disallow: /props/
Disallow: /*.swf$
# Parameters
Disallow: /*[?&]accessToken=*
Disallow: /*[?&]cid=*
Disallow: /*[?&]eid=*
Disallow: /*[?&]hstc=*
Disallow: /*[?&]jso=*
Disallow: /*[?&]link=*
Disallow: /*[?&]lx=*
Disallow: /*[?&]ncid=*
Disallow: /*[?&]nv_excludes=*
Disallow: /*[?&]nvid=*
Disallow: /*[?&]page=*
Disallow: /*[?&]ref=*
Disallow: /*[?&]srsltid=*
Disallow: /*[?&]section=*
Disallow: /*[?&]target=*
Disallow: /*[?&]topicpage=*
Disallow: /*[?&]utm*
# GTC Fixes
Disallow: /*[?&]regcode=*
Disallow: /*[?&]wcmmode=*
Disallow: /*/gtc/gtc-chatbot/*
- https://www.nvidia.com/en-gb/en-gb.sitem...
- https://www.nvidia.com/cs-cz/cs-cz.sitem...
- https://www.nvidia.com/da-dk/da-dk.sitem...
- https://www.nvidia.com/de-at/de-at.sitem...
- https://www.nvidia.com/de-ch/de-ch.sitem...
- https://www.nvidia.com/de-de/de-de.sitem...
- https://www.nvidia.com/es-es/es-es.sitem...
- https://www.nvidia.com/fi-fi/fi-fi.sitem...
- https://www.nvidia.com/fr-be/fr-be.sitem...
- https://www.nvidia.com/fr-fr/fr-fr.sitem...
- https://www.nvidia.com/it-it/it-it.sitem...
- https://www.nvidia.com/nb-no/nb-no.sitem...
- https://www.nvidia.com/nl-nl/nl-nl.sitem...
- https://www.nvidia.com/pl-pl/pl-pl.sitem...
- https://www.nvidia.com/ro-ro/ro-ro.sitem...
- https://www.nvidia.com/ru-ru/ru-ru.sitem...
- https://www.nvidia.com/sv-se/sv-se.sitem...
- https://www.nvidia.com/tr-tr/tr-tr.sitem...
- https://www.nvidia.com/es-la/es-la.sitem...
- https://www.nvidia.com/pt-br/pt-br.sitem...
- https://www.nvidia.com/en-us/en-us.sitem...
- https://www.nvidia.com/en-au/en-au.sitem...
- https://www.nvidia.com/en-in/en-in.sitem...
- https://www.nvidia.com/ja-jp/ja-jp.sitem...
- https://www.nvidia.com/ko-kr/ko-kr.sitem...
- https://www.nvidia.com/en-sg/en-sg.sitem...
- https://www.nvidia.com/zh-tw/zh-tw.sitem...
- https://www.nvidia.cn/zh-cn.sitemap.xml
- https://www.nvidia.com/en-eu/en-eu.sitem...
- https://www.nvidia.com/en-me/en-me.sitem...
- https://www.nvidia.com/he-il/he-il.sitem...
- https://www.nvidia.com/en-my/en-my.sitem...
- https://www.nvidia.com/en-ph/en-ph.sitem...
- https://www.nvidia.com/id-id/id-id.sitem...
- https://www.nvidia.com/vi-vn/vi-vn.sitem...
- https://www.nvidia.com/th-th/th-th.sitem...
- https://www.nvidia.com/ar-sa/ar-sa.sitem...
- https://www.nvidia.com/en-sa/en-sa.sitem...
- https://www.nvidia.com/ru-am/ru-am.sitem...
- https://www.nvidia.com/uk-ua/uk-ua.sitem...
- https://www.nvidia.com/es-ar/es-ar.sitem...
- https://www.nvidia.com/es-cl/es-cl.sitem...
- https://www.nvidia.com/es-mx/es-mx.sitem...
- https://www.nvidia.com/en-ua/en-ua.sitem...
- https://www.nvidia.com/es-py/es-py.sitem...
- https://www.nvidia.com/en-am/en-am.sitem...
- https://www.nvidia.com/content/dam/sitem...
- https://www.nvidia.com/content/dam/sitem...
- https://www.nvidia.com/content/dam/sitem...
- https://www.nvidia.com/content/dam/sitem...
- https://www.nvidia.com/gtc/sitemap_index...
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencenvidia.com — via SafeNames Ltd., 33 years, 5 months old, hosted on AWSPASS
2838 days
April 21, 2034
151 days
Issued by Amazon
33 years, 5 months
Registered April 20, 1993
Not enabled
Protects against DNS spoofing
AWS
ASN AS14618
34.194.97.138
SafeNames Ltd.
Expiry timeline
Recommended actions
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice