Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DURL VariantsActionwww/non-www, trailing slash, HTTP→HTTPSFIX
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
HTTP version does not redirect to HTTPS
DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
BRedirect Chain1 redirect(s), 1338 ms totalREVIEW
https://uc.edu
595 ms · HTTP/1.0
https://www.uc.edu/
742 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://uc.edu | 301 | 595 ms | HTTP/1.0 | BigIP |
| 2 | https://www.uc.edu/ | 200 | 742 ms | HTTP/1.1 |
See the visual redirect chain in the HTTP Probe tab →
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BTLS Certificate Expiry & Recommendations189 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Prefer TLS 1.3 — TLS 1.2 is acceptable but TLS 1.3 removes RSA key exchange and improves latency
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
ADNS Records1 A records, 656 ms lookupPASS
| A | 129.137.4.225 |
| AAAA | — |
| CNAME | — |
| NS | ucdnsb.uc.edu, ucdnsa.uc.edu, domainkey.journals.uc.edu |
| MX | 10 uc-edu.mail.protection.outlook.com |
| TXT | MS=ms53665973 e2ma-verification=yz1bb google-site-verification=C_iv7QbxXNurOpxyYFh5fLf0ot6HAsJD2jaxffH8CC0 adobe-idp-site-verification=a457a018c7521a1b9aec806acdcd9cbde2b0c0fec5f83791fe4b... e2ma-verification=9fqgb apple-domain-verification=39onPGWa1rM7aOwt mailerlite-domain-verification=40b3af4339094ec203fac3eb2c76ca448b8d5a57 MS=ms97300204 d365mktkey=1xtohdy6wasjuo3e0hodc1xve Oyyi08/mpdZN/n4/Qdy6tmEoGI+ZRFHIiRyIKHyhnlJCwiHmUAm23n5OOVKVvGDGYbndMU08NsTZA3Dk... e2ma-verification=tqlgb docusign=9e0db14e-9a66-4dc6-8b05-19215ff1a107 asv=8d2e8e2802c887e482a3eb8b8b4f5f04 MS=ms32493827 MS=045195AD9D7F9D60040082F3E2D54AB88833094C MS=B46B9D52012A9C41A289E46E066AB8B32D828CD8 SPF v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email include:_spf.mlsend.com ... docusign=83075e3b-43be-43e5-8cf4-96869c4e4cc7 d365mktkey=5mjwopy7ccj8t8e0ezl566iod google-site-verification=MQ9coDFt5h1X0zYAL8cIIykgvrtYKMYhOcCMyf0f0d8 pardot989952=efeaa3be3746473306e44ab33e8d491e541e5ffa035e760d6234e6ec08acd6a7 e2ma-verification=43mcb e2ma-verification=sbzbb atlassian-domain-verification=7gS5WxRMMm0EcXaNrKV6S3haguQFevlr5LOCom117nHDkpmiIW... |
| CAA | Lookup not available with standard resolver |
Multiple A records provide failover if one server goes down.
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
Slow DNS adds latency to every page load. Consider a faster DNS provider.
DNS resolution is slow — anycast DNS providers (Cloudflare, Route 53) typically resolve <50ms globally.
Source: DNS performance benchmarks
A+Crawlabilityrobots.txt present, sitemap with 14469 URLsPASS
Add a 'Sitemap:' directive to robots.txt so search engines can discover your sitemap.
robots.txt omits Sitemap: directive — crawlers must fetch /sitemap.xml by convention; reliable but missing the explicit hint.
Source: sitemaps.org
# robots.txt for production environments
User-agent: *
Disallow: /content/dam/*
Disallow: /system/
Disallow: /libs/
Disallow: /apps/
Disallow: /bin/
Disallow: /content/forms/
Disallow: /content/experience-fragments/
Disallow: /content/launches/
Disallow: /content/campaigns/
Disallow: /content/uc/news/articles/legacy/
# Explicitly allow Googlebot
User-agent: Googlebot
Allow: /
# Allow Siteimprove bot
User-agent: Siteimprove
Allow: /
# Block aggressive bots
User-agent: GPTBot
Disallow: /
User-agent: Bytespider
Disallow: /
User-agent: TikTokSpider
Disallow: /
# Explicitly allow Googlebot
User-agent: Googlebot
Allow: /
A+Domain Intelligenceuc.edu — 38 years, 11 months old, hosted on UC-DOM - University of Cincinnati, USPASS
377 days
July 31, 2027
189 days
Issued by Internet2
38 years, 11 months
Registered November 16, 1987
Status unknown
Protects against DNS spoofing
UC-DOM - University of Cincinnati, US
ASN AS20126
129.137.4.225
Registrar unknown