Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BCrawlabilityno robots.txt, no sitemapREVIEW
robots.txt is optional but recommended. It tells search engine crawlers which pages to index.
No robots.txt — crawlers fetch /robots.txt and get 404; not breaking but means default crawl behavior with no directives or sitemap reference.
Learn more ▾ ▴
A minimal robots.txt with `User-agent: * / Allow: / / Sitemap: https://example.com/sitemap.xml` covers the basics. Without it, crawlers behave fine but lose the sitemap signal and can't be selectively blocked from crawl-traps.
Source: robotstxt.org
A sitemap helps search engines discover and index your pages more efficiently.
No sitemap.xml — Google relies on crawl-graph discovery alone, slowing indexing of deep or fresh URLs.
Learn more ▾ ▴
A sitemap accelerates Google's discovery of new and updated content. Most CMSes auto-generate one; static-site frameworks need a build-step plugin. Reference it from robots.txt and submit in Search Console to confirm Google can fetch it.
Source: sitemaps.org / Google Search Central
No robots.txt found
This is fine for most sites — a missing robots.txt allows all crawling by default.
No sitemap found
Adding a sitemap helps search engines discover your pages.
BTLS Certificate Expiry & Recommendations309 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records2 A records, 20 ms lookupPASS
| A | 44.218.59.236, 52.6.127.76 |
| AAAA | — |
| CNAME | — |
| NS | pdns1.cscdns.net, pdns2.cscdns.net |
| MX | 10 mxa-001d1709.gslb.pphosted.com 10 mxb-001d1709.gslb.pphosted.com |
| TXT | MS=ms30214679 SSI-BOX-verification=3005070 00D10000000YqLf=1TBdc000000046t 00D280000018Q2y=1TBRB0000000Aqc 00D2i0000008eKi=1TBWF00000007BG 00D3J0000008lPt=1TBWF00000007Hj 00D3h00000669Bv=1TBa600000000Pp 00D55000000AU1R=1TBWF00000007O6 00D6C00000010N1=1TBWF00000007Xn 00D6D0000008arA=1TBBS00000002Y5 00DAz000008a8yX=1TBAz00000006Bx 00DN0000000DziC=1TBBE00000003qk 00DP0000000Gvsm=1TBWF00000008X3 00DV9000003xfIL=1TBV900000008qQ 00DWF000004plvW=1TBWF0000000B1t 00DWF000004xt9R=1TBWF0000000J5t 00DWF000005oadJ=1TBWF00000009kr 00DWF000006X7Qf=1TBWF0000000EXf 00DWF000006yay1=1TBWF0000000Bzb 00DWF0000081Ulp=1TBWF0000000Ixp 00DWF00000BLrcT=1TBWF0000000JQr 00DWF00000BLrhJ=1TBWF0000000Kmk 00DWF00000BLrsb=1TBWF0000000Ihh 00DWG00000191fR=1TBWG00000005Nu 00DWG000002XHIf=1TBWG0000000DAC 00DWG0000034J2L=1TBWG0000000DgP 00DWG000003GOFx=1TBWG0000000Cdt 00DWG000003GQ0F=1TBWG0000000905 00DWG0000048OkV=1TBWG0000000989 00DWG000004ARsf=1TBWG00000005cQ 00DWG000004FIjt=1TBWG0000000ALx 00DWK000003CdyL=1TBWK0000000Ax3 00DWe000001Yqmn=1TBWe00000004bV 00Ddh000000n7A1=1TBdh0000000Aqc 00Ddl000004Jkw5=1TBdl0000000Xjx 00Ddn000002K0HF=1TBdn00000005Kg 00Ddq000005tB6P=1TBdq0000000Ikx 00Dfd000001lWn4=1TBfd00000000Cv _6be4o7b553lh0g4k3rz70s6pblav0zl _tl13flz107h4rbful1ic34v8450rf60 ZOOM_verify_rEu3V6YvT3iT4iHJy6N2TQ 3107e583-6c54-414f-8708-dadd2b68db17 625a9ec4-6651-49b8-8c83-74133987095f include:5133606.spf02.hubspotemail.net MFC=2c04db9e-a7b5-4b3c-a971-b8dbf1e148b3 0ed1fe018ab8b5050c7c8341b7b8894557d2554815 apple-domain-verification=HBPp89XmNImI9Qwc apple-domain-verification=nb7VlmdSF87vwM2c apple-domain-verification=t838FSLg4LjXckfk status-page-domain-verification=t7crx8w5wb4b docusign=3122656f-b5f7-497b-8782-4907222b538a docusign=877ac654-f0e6-4bc6-a293-49c26778da82 fastly-domain-delegation-sony-323730-2020-12-07 cloudhealth=ef6859d5-232b-4ff0-8811-ded26d79e7ee traction-guest=cdf7c589-6dec-4726-a5cf-63b199033f64 airtable-verification=7e3b774835059c30d789beabb4a07435 amazonses:OfVkq/yn1d+o09tdXhxkoHbIGCNeP8aYj3amzwACQ3c= amazonses:uiKa9HJAcBY9FnqDkcA2neYsNY7672GwLqmefcFcEeo= adobe-sign-verification=b4a30c4f74bb611dce0e5d515054481c adobe-sign-verification=d9afcd8ad833d41a47f92fec1bf30bf5 cursor-domain-verification-2m4vw3=BswYxH6hytFYk3sXuD4TPwmKW facebook-domain-verification=rn9nh6m7g7sxesufnk7gufxr7pht73 smartsheet-site-validation=6_otSYK33LBHB3hGD4yvBCRC3K36fKfy smartsheet-site-validation=8UHPs3KZLjpUj8xeJcFXQYzakQm_V7Aa smartsheet-site-validation=bKd1dTuQ8acbZh57Q5DDRrTEaI0qI2SW vizcom-domain-verification-krvt38=pNKLWPMfyeYHIB1ynoblsznrX onetrust-domain-verification=07d2af6be3aa4cdc99ebe26e053cdd18 adobe-idp-site-verification=cff4ddad-a01e-4226-a77f-8c081cde0aee webexdomainverification.ELPM=7682f227-dbc9-4df9-ae72-7649e05b521f google-site-verification=j1FfNnOllL0QdFSzHNHnHAcWV_54Kbd_bURGKTK3y4s google-site-verification=zfXryc1xAcIFps86mXmIJrDtpsur406Wn-pOMSS0i5w notion-domain-verification=be3uo8AorliA1f8sISmIWqJxGWhSGQKgTWhKhkHahR6 notion-domain-verification=zBpkBDL5tfCR1bTR8MKJbNbS9N1JU836BxnUDg5HDPW mgverify=11d18dfff6511cf00d0a1d5d7e1f6a0a2fcd0f2a554de658fa5b069b947fec18 intersight=e96be0bed3c84c3117ce32993955e9a8179f4a21ef59509de20f1b5beb03b23b stripe-verification=35ba23934a707a07c4c9be6e43adc627d3cb801a293fdb8ca7bc5a940d9c... stripe-verification=e3c5cc73ce14364162038aa39a921d6ad8cd17b95c69d1e35ebe7d776f41... duo_sso_verification=OCP7uIMPOgLi1G6lzhe7ytJ1mlBnCnegPoARYrbP5iaQz1lbBdgKOs7mxHq... YzcX/ANAcVb1c6oLNOXQzniFpgGypdlowJHvEvmRuqyhkvEsdv/zFQuiZuYakJL3xpHMmttCjOvNqxz3... vQmLLyL7EiCbLfmJNXSAa4CPvnWFHN6cAKmXtcETJbzKpwymXUQgnlIlaSlVd7JFTH2Rd4OeM2Fa1tg0... mindmanager-verification=2cb8b923f6d897035b2f7d5d73cc0e61690f625cef67ad7cdd39a19... Dynatrace-site-verification=1babd889-fadb-4ff7-8463-0980d5597143__9c12rjohn2l0ij... cisco-ci-domain-verification=221d305d2b1221f9d96ea9cde0d89df2a2ddc44fef8454a724e... cisco-ci-domain-verification=63d5c7eae53960e203dc78b5f8df051547793ec65388f2b6c98... atlassian-domain-verification=/PaoSe8zbFJuWVCT7GftJBGp94eYcxfj63DrEJ1FwO9TWOypzG... atlassian-domain-verification=952mPCXTF37KezRl6E/Bi2/ZatxPM1gKFPIf4MXehRtaz9DKaj... atlassian-domain-verification=CGwx36EaSg2BdGXaayaYz5HvMnQFyPmGSixHPOLfvIQyCIbQ7O... atlassian-domain-verification=J8IuFHzPA35SrowKp4YTkNaH2y55875Vd4ajfcdSaa8IwFnHFg... atlassian-domain-verification=ODIyKwRoeJmcccZvbpjcODmGQO8JB3slQhtNIaT/hatqwr4uUi... atlassian-domain-verification=eYbBPmkmHnq2Q12ZTfOxAq/iVMZaGO6bpwCblWnl3ZB0V9FIkH... atlassian-domain-verification=n7x5LmVD/gQIr0wswuMn6UPVWrFJHl7XYQPlf1T1RNdwdq87Ko... atlassian-domain-verification=r5fb2FayUvo8fOgFJFJEBAo2HglGDiEdGr/UdZm4wa442MjFHS... atlassian-domain-verification=wQ8HCOCZf3qKkVA9AJLbklKI2Vg3gLMCLGjitCRrWNPdK2uOnn... atlassian-domain-verification=waYuW8HMlUW/U3Dv4MxS16bX0nEfYNpuqW5c18LpYhqHUi280s... 00DIo000000LPcZ=1TBfU00000001SM;00DIk000000LHlF=1TBfd00000001c1;00D0w0000000UON=... k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBfF8XiPmS/aLbBcNnixpRclWpr1Z0MY4H... SPF v=spf1 include:amazonses.com include:spf.protection.outlook.com include:spfa.son... |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 239 ms totalPASS
https://sony.com
211 ms · HTTP/1.1
https://www.sony.com:443/
28 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://sony.com | 301 | 211 ms | HTTP/1.1 | awselb/2.0 |
| 2 | https://www.sony.com:443/ | 403 | 28 ms | HTTP/1.1 |
See the visual redirect chain in the HTTP Probe tab →
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
HTTP → HTTPS
Consistent
ADomain Intelligencesony.com — via CSC Corporate Domains, Inc., 37 years, 3 months old, hosted on AWSPASS
EXPIRED
July 6, 2026
309 days
Issued by Amazon
37 years, 3 months
Registered July 7, 1989
Not enabled
Protects against DNS spoofing
AWS
ASN AS14618
44.218.59.236
CSC Corporate Domains, Inc.
Expiry timeline
Recommended actions
- Domain has EXPIRED — renew immediately to avoid total site outage
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
Consider enabling auto-renewal to prevent accidental expiration.
Domain expiry approaching — renew immediately and ensure auto-renew + alerting are configured.
Source: ICANN renewal policy
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice