Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DURL VariantsActionwww/non-www, trailing slash, HTTP→HTTPSFIX
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
HTTP version does not redirect to HTTPS
DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BTLS Certificate Expiry & Recommendations52 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Prefer TLS 1.3 — TLS 1.2 is acceptable but TLS 1.3 removes RSA key exchange and improves latency
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records1 A records, 29 ms lookupPASS
| A | 140.180.223.22 |
| AAAA | — |
| CNAME | — |
| NS | ns5.dnsmadeeasy.com, a20-65.akam.net, a6-64.akam.net, a24-66.akam.net, a1-158.akam.net, ns7.dnsmadeeasy.com, a7-65.akam.net, ns6.dnsmadeeasy.com, a3-67.akam.net |
| MX | 10 princeton-edu.mail.protection.outlook.com |
| TXT | google-site-verification=9spyuhtdpgltj4ba6qol87mlltsvqwtwpfpjckhxuaa apple-domain-verification=M2IB2C41pkMXfS91 adobe-idp-site-verification=73f4a96f-50ca-4b7f-858e-6cef4af902aa docusign=9b74122b-7e36-4311-9fd4-a1f8200928a9 paloaltonetworks-site-verification=fb3d98b6d82f4593542f655e32a264fe763b0b1ce0a80... SPF v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all kwaacu+go+erbui7ikfpg6udfqlprkz9e2pxxeafjplnmhnkyjnfg0uokvami2f8iz7qet4dr+j8ou3/... airtable-verification=f404295b37024f7747d2de8944a93fee google-site-verification=fxbfrfkt_fmpamiadsiqhygwsrxgcfsmxpkveva7bhk verifying for Netlify support case #19507 ms=ms98806852 R6TEJ9GJ2ECTYPQRT0T76RZIKOG4TQV1Z6TD75P33 jamf-site-verification=gOHFT5mfGhE1m6aC3XEdag 57dmsH4y22BIE+OMFrnNvGtt3xyyh2Z/XhvRbQfkhMSIMh88zNcjCr/Bj0nOzrEDguiuGBxFOcYuCiw5... atlassian-domain-verification=uT+jiLnKmr+CvFxx3GGJaEAobMxLzqz6Kl+AO4ha-HGmEtTXui... dropbox-domain-verification=xf71iopc45pc github-verification=fRwTRsEqERcBV3GgKMdt4RYrb8CWTfLrN72Z5WdW docusign=8ee25fec-197b-476d-9659-5a3717059bc0 |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 589 ms totalPASS
https://princeton.edu
488 ms · HTTP/1.0
https://www.Princeton.EDU/
101 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://princeton.edu | 302 | 488 ms | HTTP/1.0 | BigIP |
| 2 | https://www.Princeton.EDU/ | 200 | 101 ms | HTTP/1.1 | cloudflare |
See the visual redirect chain in the HTTP Probe tab →
If permanent, use 301 instead.
302 (Found) is for genuinely temporary redirects — if this redirect is permanent, switch to 301 to preserve SEO equity.
Learn more ▾ ▴
Search engines treat 302 as temporary, keeping the original URL indexed and not transferring full link equity to the destination. Use 301 (Moved Permanently) for permanent redirects (HTTP→HTTPS, www-vs-non-www, URL restructures).
Source: Google Search Central
A+Crawlabilityrobots.txt present, sitemap with 14 URLsPASS
Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.
robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.
Source: sitemaps.org
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites like Yahoo!
# and Google. By telling these "robots" where not to go on your site,
# you save bandwidth and server resources.
#
# This file will be ignored unless it is at the root of your host:
# Used: http://example.com/robots.txt
# Ignored: http://example.com/site/robots.txt
#
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/robotstxt.html
User-agent: *
# CSS, JS, Images
Allow: /core/*.css$
Allow: /core/*.css?
Allow: /core/*.js$
Allow: /core/*.js?
Allow: /core/*.gif
Allow: /core/*.jpg
Allow: /core/*.jpeg
Allow: /core/*.png
Allow: /core/*.svg
Allow: /profiles/*.css$
Allow: /profiles/*.css?
Allow: /profiles/*.js$
Allow: /profiles/*.js?
Allow: /profiles/*.gif
Allow: /profiles/*.jpg
Allow: /profiles/*.jpeg
Allow: /profiles/*.png
Allow: /profiles/*.svg
# Directories
Disallow: /core/
Disallow: /profiles/
# Files
Disallow: /README.md
Disallow: /composer/Metapackage/README.txt
Disallow: /composer/Plugin/ProjectMessage/README.md
Disallow: /composer/Plugin/Scaffold/README.md
Disallow: /composer/Plugin/VendorHardening/README.txt
Disallow: /composer/Template/README.txt
Disallow: /modules/README.txt
Disallow: /sites/README.txt
Disallow: /themes/README.txt
Disallow: /web.config
# Paths (clean URLs)
Disallow: /admin/
Disallow: /comment/reply/
Disallow: /filter/tips
Disallow: /node/add/
Disallow: /search/
Disallow: /user/register
Disallow: /user/password
Disallow: /user/login
Disallow: /user/logout
Disallow: /media/oembed
Disallow: /*/media/oembed
# Paths (no clean URLs)
Disallow: /index.php/admin/
Disallow: /index.php/comment/reply/
Disallow: /index.php/filter/tips
Disallow: /index.php/node/add/
Disallow: /index.php/search/
Disallow: /index.php/user/password
Disallow: /index.php/user/register
Disallow: /index.php/user/login
Disallow: /index.php/user/logout
Disallow: /index.php/media/oembed
Disallow: /index.php/*/media/oembed
# Pager links. All the stuff we want paginated is already exposed
# in the XML sitemap. No need to crawlers to waste time going thru
# the news and events pagers.
Disallow: /*?page=
Disallow: /*&page=
# Search with keys
Disallow: /search?search=
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
- https://www.princeton.edu/sitemap.xml?pa...
A+Domain Intelligenceprinceton.edu — 39 years, 7 months old, hosted on PRINCETON-AS - Princeton University, USPASS
382 days
July 31, 2027
52 days
Issued by Internet2
39 years, 7 months
Registered April 3, 1987
Status unknown
Protects against DNS spoofing
PRINCETON-AS - Princeton University, US
ASN AS88
140.180.223.22
Registrar unknown