Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BTLS Certificate Expiry & Recommendations73 days until leaf cert expires — 5 issues to addressREVIEW
Certificate validity
Recommended actions
- Extend HSTS max-age to at least 31536000 (1 year) to meet the preload list criteria
- Add includeSubDomains to the HSTS directive
- Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records1 A records, 110 ms lookupPASS
| A | 23.185.0.3 |
| AAAA | 2620:12a:8001::3, 2620:12a:8000::3 |
| CNAME | — |
| NS | megan.ns.cloudflare.com, ram.ns.cloudflare.com |
| MX | 0 tulane-edu.mail.protection.outlook.com |
| TXT | docusign=fad22bc9-0fc9-4933-9ae9-1b1760a20bf6 google-site-verification=UEAHp3baz1L_7btnv6H62BhtaH3voFZSYJcAUfwUbTE d365mktkey=eIQ26eq0eX6AhUFnK6qzx01vrjlfFPQaEa1Z9wmpZM0x docusign=34fd4f96-1489-4115-be61-0be4196d0f57 e2ma-verification=qr7eb e2ma-verification=xj4fb adobe-sign-verification=ac81dd89620ad923f21772b12c8a5dc google-site-verification=kq0_3cWV871zP3J9dSs8pwQn6TPOG6fr80Tkq2KDu_0 d365mktkey=t9bj2oYxcWviVFcRJYkBjgYRzJZMX68xFPa2dxpmxx0x atlassian-domain-verification=PWQo3wE63rhd0f1Q3j7tSobcdUESwH6eSiDthJPRD84UDW7TsQ... docusign=349fbe8b-660f-4ea2-be35-3b0fc7046426 e2ma-verification=fqxeb ZOOM_verify_j69jJkbWE4ry8IkWdUO6qi rhino_accounts=bbe43d6f6a891dbac526b504e3c35f91 MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC16vMJZRGjBGzpJKo/UvKEUg6/rBIjJplOdaLUft3A... intersight=96cf5c1c5eca7b695a1069e8940a63c4473c6bf2ba0111be347aa43471a18c47 amazonses:bo6UOJuBKw6HOMmyavF7aY30YGwflHWCBtML4Qd0TnM= jamf-site-verification=bfagen8Z8SUAMfQ47_0XrA google-site-verification=LSUWqTnn0ZlVl9Sg1ybOiR6CcV9Jm5PsITtzyU_ALSI SPF v=spf1 include:spf.protection.outlook.com include:mail.zendesk.com include:_u.tu... PYWWE54OG8QNUSEJO8NMKFV2ITK8Z268FK9CQ1ZIO airtable-manual-domain-verification=c5fd33f0-ef0e-4bb5-a994-0f9e9f7559ec google-site-verification=rQ_SYjtcHsIgEKFRW9iLT6O5XMf5Nnf2DCF0lHa-12w atlassian-sending-domain-verification=71e1dc47-a790-4122-b26b-8944f64cd020 onetrust-domain-verification=a4d531cde7154b5ca91bb3d5ffe5e12a ALVTSPCD=e10675237d256218439f464843e2e85364a73cc8 |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Redirect ChainNo redirects — direct accessPASS
https://tulane.edu
7 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://tulane.edu | 200 | 7 ms | HTTP/1.1 | nginx |
A+IPv6 ReadinessIPv6 reachable (0 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 188 URLsPASS
Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.
robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.
Source: sitemaps.org
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites like Yahoo!
# and Google. By telling these "robots" where not to go on your site,
# you save bandwidth and server resources.
#
# This file will be ignored unless it is at the root of your host:
# Used: http://example.com/robots.txt
# Ignored: http://example.com/site/robots.txt
#
# For more information about the robots.txt standard, see:
# http://www.robotstxt.org/robotstxt.html
User-agent: *
# CSS, JS, Images
Allow: /core/*.css$
Allow: /core/*.css?
Allow: /core/*.js$
Allow: /core/*.js?
Allow: /core/*.gif
Allow: /core/*.jpg
Allow: /core/*.jpeg
Allow: /core/*.png
Allow: /core/*.svg
Allow: /profiles/*.css$
Allow: /profiles/*.css?
Allow: /profiles/*.js$
Allow: /profiles/*.js?
Allow: /profiles/*.gif
Allow: /profiles/*.jpg
Allow: /profiles/*.jpeg
Allow: /profiles/*.png
Allow: /profiles/*.svg
# Directories
Disallow: /core/
Disallow: /profiles/
# Files
Disallow: /README.md
Disallow: /composer/Metapackage/README.txt
Disallow: /composer/Plugin/ProjectMessage/README.md
Disallow: /composer/Plugin/Scaffold/README.md
Disallow: /composer/Plugin/VendorHardening/README.txt
Disallow: /composer/Template/README.txt
Disallow: /modules/README.txt
Disallow: /sites/README.txt
Disallow: /themes/README.txt
Disallow: /web.config
# Paths (clean URLs)
Disallow: /admin/
Disallow: /comment/reply/
Disallow: /filter/tips
Disallow: /node/add/
Disallow: /search/
Disallow: /user/register
Disallow: /user/password
Disallow: /user/login
Disallow: /user/logout
Disallow: /media/oembed
Disallow: /*/media/oembed
# Paths (no clean URLs)
Disallow: /index.php/admin/
Disallow: /index.php/comment/reply/
Disallow: /index.php/filter/tips
Disallow: /index.php/node/add/
Disallow: /index.php/search/
Disallow: /index.php/user/password
Disallow: /index.php/user/register
Disallow: /index.php/user/login
Disallow: /index.php/user/logout
Disallow: /index.php/media/oembed
Disallow: /index.php/*/media/oembed
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencetulane.edu — 39 years, 7 months oldPASS
750 days
July 31, 2028
73 days
Issued by Let's Encrypt
39 years, 7 months
Registered April 14, 1987
Status unknown
Protects against DNS spoofing
Unknown
2620:12a:8000::3
Registrar unknown