Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BCrawlabilityrobots.txt present, no sitemapREVIEW
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.
robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.
Source: sitemaps.org
User-agent: msnbot
User-agent: MJ12bot
User-agent: AhrefsBot
User-agent: Yandex
Disallow: /download/
Disallow: /*/store/
Disallow: /guestlogin/
Crawl-delay: 10
User-agent: bingbot
Disallow: /download/
Disallow: /*/store/
Disallow: /guestlogin/
User-agent: *
Disallow: /download/
Disallow: /*/store/
Disallow: /guestlogin/
Crawl-delay: 1
No sitemap found
Adding a sitemap helps search engines discover your pages.
BTLS Certificate Expiry & Recommendations74 days until leaf cert expires — 2 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records5 A records, 48 ms lookupPASS
| A | 104.16.189.173, 104.16.186.173, 104.16.188.173, 104.16.187.173, 104.16.185.173 |
| AAAA | 2606:4700::6810:bcad, 2606:4700::6810:bdad, 2606:4700::6810:baad, 2606:4700::6810:b9ad, 2606:4700::6810:bbad |
| CNAME | — |
| NS | lady.ns.cloudflare.com, tom.ns.cloudflare.com |
| MX | 1 aspmx.l.google.com 5 alt2.aspmx.l.google.com 5 alt1.aspmx.l.google.com 10 alt4.aspmx.l.google.com 10 alt3.aspmx.l.google.com |
| TXT | 1password-site-verification=CAE4M5FOXVCSBNFUPDYMYQT7YA atlassian-domain-verification=WzqBF9qJ9CAKKXFXBK5TMQm1B/QDxLvnj/pd9yUOaEjDbQwFpo... openai-domain-verification=dv-FvwzyYigijOuYcnLDbougir8 facebook-domain-verification=hs8w89byasu0tihwu8yh7v6jhzdxfr apple-domain-verification=gXdDtm3z6ELAOGrA notion-domain-verification=KccXcP2IicT86EjT9oRTNo4BS4q3hPrlrXVYQPq3nwy google-site-verification=X8XS5d1-KepuKRS25pOx0dDyWNsl-nbDPlQ2xUVJIf4 atlassian-sending-domain-verification=6243262e-21a3-4e5c-8710-934cd577c0df google-site-verification=rSEzrBDs2RVdCiSgPQe67dPWHSHgcD4PvwQliP4KGCU google-site-verification=t-nsiv6xlaiElTnJhuqZwpd67tTQ1rXn0XQ1M9ca8vw google-site-verification=lTBf07yMSVQ4lKNpGoEinsxOrGIzoMpvdTulMwykKsk cloudflare_dashboard_sso=fe74b01060c6cab1d5bc9896d47b60c2 pinterest-site-verification=1cad7d7816238bda4613381ea23173e1 new-relic-domain-verification=a4902603f68c4ee5aac06c4b1ec5b6f9 google-site-verification=YO6T51YJ5R7XJ6lJRM6y37Wb_vN9QwFY0M6Tr6JsEGo SPF v=spf1 include:_spf.google.com include:servers.mcsv.net include:spf.mandrillapp.... |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://pixieset.com
84 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://pixieset.com | 200 | 84 ms | HTTP/1.1 | cloudflare |
A+IPv6 ReadinessIPv6 reachable (16 ms)PASS
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencepixieset.com — via Cloudflare, Inc., 13 years, 3 months oldPASS
244 days
March 18, 2027
74 days
Issued by Google Trust Services
13 years, 3 months
Registered March 18, 2013
Enabled
Protects against DNS spoofing
Unknown
2606:4700::6810:baad
Cloudflare, Inc.
Expiry timeline
Recommended actions
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice