https://umbc.edu
Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.SCORE
97
GRADE
A+
FIX
0
REVIEW
1
PASS
8
INFO
0
Probed from Madrid, Spain
200 OK
Checks
98 PASS 1 REVIEW
BTLS Certificate Expiry & Recommendations60 days until leaf cert expires — 4 issues to addressREVIEW
TLS Certificate Expiry & Recommendations
60 days until leaf cert expires — 4 issues to address
Certificate validity
60
days left
0d 30d 60d 90d+
Recommended actions
- Add includeSubDomains to the HSTS directive
- Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
ADNS Records1 A records, 278 ms lookupPASS
DNS Records
1 A records, 278 ms lookup
1 A records, 278 ms lookup
Info::
Resolves to 1 IPv4 address(es)
Got: 23.185.0.4
Info::
Single A record — no DNS redundancy
Multiple A records provide failover if one server goes down.
Info::
Has 2 IPv6 (AAAA) record(s)
Got: 2620:12a:8001::4, 2620:12a:8000::4
Info::
5 nameserver(s) configured
Got: dnsexternal3.umbc.edu, dnsexternal4.umbc.edu, dnsexternal2.umbc.edu, dnsexternal.umbc.edu, dnsexternal1.umbc.edu
Info::
1 mail exchanger(s) configured
Info::
CAA records not checked
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Info::
SPF record present in TXT
Warning::
DNS resolution is slow (278 ms)
Slow DNS adds latency to every page load. Consider a faster DNS provider.
Got: 278 ms
| A | 23.185.0.4 |
| AAAA | 2620:12a:8001::4, 2620:12a:8000::4 |
| CNAME | — |
| NS | dnsexternal3.umbc.edu, dnsexternal4.umbc.edu, dnsexternal2.umbc.edu, dnsexternal.umbc.edu, dnsexternal1.umbc.edu |
| MX | 10 mxin.umbc.edu |
| TXT | smartsheet-site-validation=JhSCbxw7wX7eCT4G3xhhiEbvHkI-Z8K3 docusign=bce67f31-88f6-4139-a4af-9036ef6b9aa5 e2ma-verification=20fcb google-site-verification=CZdGLsbiltmqC5-2J3kp9I2rbKpSrmXGbgok_K3pP_c SPF v=spf1 ip4:176.31.145.254 ip4:130.85.0.0/16 ip4:34.194.230.233 ip4:34.230.107.21... e2ma-verification=qckbb apple-domain-verification=UBZIMi8zrC9IoHEf e2ma-verification=w1fcb amazonses:5Ig0nUCHQaSuDREQBSQdfBNjCWLAfbaqjIGuaOKwjCw= docusign=139f743c-ee8c-4242-bc29-018380e725d1 google-site-verification=aq2r8eEF9ahoe1Kfwl8WsU9eimb74eWZ-87kEdpkLtg google-site-verification=AGF4kWdXql9DWgUO8kJf_jPBmqT1H6WsUPIGX20FFzE atlassian-sending-domain-verification=5f76a00e-c69b-4037-8323-1af5c4db3f99 b2ea09e7-d5cc-4f05-8e5f-4fd8a3b77754 e2ma-verification=30fcb canva-site-verification=ZwCYjofoyy-LAblE1q_PjQ google-site-verification=KUnf_9RHLz7bdEdAAiZWZl3a0htpseavDZdDSrjnhF4 jamf-site-verification=kPdT9OXdjhUToLYf7TEj1Q atlassian-domain-verification=wmmJH/d6HSSunwA8a9RXFfnPX30yiRU1UFWm77aRncWH4mIFTi... |
| CAA | Lookup not available with standard resolver |
Resolved in 278 ms
Multiple A records provide failover if one server goes down.
Why this matters
Single A record means a single point of failure — if that IP goes down, your site is unreachable until DNS TTL expires.
Learn more ▾ ▴
Add multiple A records for round-robin failover, or use a managed DNS provider with health-checked failover (Route 53, Cloudflare, NS1). Short TTL (60-300s) lets clients recover faster on outages.
Source: SRE practice / DNS architecture
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Why this matters
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
Slow DNS adds latency to every page load. Consider a faster DNS provider.
Why this matters
DNS resolution is slow — anycast DNS providers (Cloudflare, Route 53) typically resolve <50ms globally.
Source: DNS performance benchmarks
A+Redirect ChainNo redirects — direct accessPASS
Redirect Chain
No redirects — direct access
No redirects — direct access
Info::
No redirects — direct access
Got: https://umbc.edu
https://umbc.edu
10 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://umbc.edu | 200 | 10 ms | HTTP/1.1 | nginx |
A+IPv6 ReadinessIPv6 reachable (1 ms)PASS
IPv6 Readiness
IPv6 reachable (1 ms)
IPv6 reachable (1 ms)
Info::
IPv6 is configured and reachable at 2620:12a:8001::4, 2620:12a:8000::4
Got: 1 ms connect
IPv6 Ready
AAAA Records 2620:12a:8001::4, 2620:12a:8000::4 Connection Reachable (1 ms)
A+Crawlabilityrobots.txt present, sitemap with 21 URLsPASS
Crawlability
robots.txt present, sitemap with 21 URLs
robots.txt present, sitemap with 21 URLs
Info::
robots.txt is present
Got: 1264 bytes
Info::
sitemap.xml is present
Info::
sitemap.xml is valid XML
Info::
sitemap.xml contains 21 entries
Info::
Sitemap index with 21 child sitemaps
Info::
robots.txt references sitemap
robots.txt 200 OK
Size 1264 B Sitemaps referenced 1 User-agents ChatGPT-User, OAI-SearchBot, GPTBot, ClaudeBot, PerplexityBot, * Blocking No — crawling allowed
# robots.txt for https://umbc.edu/
# Last updated: 2025-06-17
# Standard WP hygiene
User-agent: *
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php
# Legacy and non-public directories
Disallow: /documents/
Disallow: /emergency_test/
Disallow: /fonts/
Disallow: /givingday/
Disallow: /go/
Disallow: /graduate/
Disallow: /help/
Disallow: /ilsb/
Disallow: /images/
Disallow: /img/
Disallow: /images_email/
Disallow: /images_homepage/
Disallow: /images_new/
Disallow: /include/
Disallow: /includes/
Disallow: /innovate/
Disallow: /interns/
Disallow: /js/
Disallow: /lightcity/
Disallow: /marchmadness/
Disallow: /orientation/
Disallow: /retrievernation/
Disallow: /search/
Disallow: /stats/
Disallow: /stylesheets/
Disallow: /summer_interns2013/
Disallow: /templates/
Disallow: /template/
Disallow: /TSA/
Disallow: /tsaprequalified/
Disallow: /wordsofwisdom/
# API & feed endpoints
Disallow: /feed/
Disallow: /wp-json/
# Media
Allow: /uploads/
Disallow: /uploads/private/
Disallow: /uploads/temp/
# AI crawler rules (see notes above)
User-agent: ChatGPT-User
Allow: /
User-agent: OAI-SearchBot
Allow: /
User-agent: GPTBot
Disallow: /
User-agent: ClaudeBot
Disallow: /
User-agent: PerplexityBot
Disallow: /
# Sitemap
Sitemap: https://umbc.edu/sitemap_index.xml
sitemap.xml 200 OK
Type Sitemap Index URLs 21 entries Valid XML Yes
Child Sitemaps:
- https://umbc.edu/post-sitemap1.xml
- https://umbc.edu/post-sitemap2.xml
- https://umbc.edu/post-sitemap3.xml
- https://umbc.edu/post-sitemap4.xml
- https://umbc.edu/post-sitemap5.xml
- https://umbc.edu/post-sitemap6.xml
- https://umbc.edu/post-sitemap7.xml
- https://umbc.edu/post-sitemap8.xml
- https://umbc.edu/post-sitemap9.xml
- https://umbc.edu/post-sitemap10.xml
- https://umbc.edu/post-sitemap11.xml
- https://umbc.edu/post-sitemap12.xml
- https://umbc.edu/post-sitemap13.xml
- https://umbc.edu/post-sitemap14.xml
- https://umbc.edu/page-sitemap.xml
- https://umbc.edu/programs-sitemap.xml
- https://umbc.edu/tribe_events-sitemap.xm...
- https://umbc.edu/quick-post-sitemap.xml
- https://umbc.edu/news-sitemap.xml
- https://umbc.edu/video-sitemap.xml
- https://umbc.edu/local-sitemap.xml
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
URL Variants
www/non-www, trailing slash, HTTP→HTTPS
www/non-www, trailing slash, HTTP→HTTPS
Info::
www/non-www redirect configured correctly (preferred: non-www)
Info::
HTTP correctly 301-redirects to HTTPS
www / non-www
301https://www.umbc.edu/
200https://umbc.edu/
Preferred variant: non-www
HTTP → HTTPS
301http://umbc.edu/ → https://umbc.edu/
Consistent
A+Domain Intelligenceumbc.edu — 38 years, 2 months oldPASS
Domain Intelligence
umbc.edu — 38 years, 2 months old
umbc.edu — 38 years, 2 months old
Info::
Domain registered until Jul 31, 2027 (1 years, 3 months remaining)
Domain expiry
410 days
July 31, 2027
SSL certificate
60 days
Issued by Let's Encrypt
Domain age
38 years, 2 months
Registered August 12, 1988
DNSSEC
Status unknown
Protects against DNS spoofing
Hosting
Unknown
2620:12a:8000::4
Registrar
Registrar unknown
Lock status unknown 5 NS records
Expiry timeline
Today
+1 year
Domain expiry SSL expiry Danger zone (≤30 days)
Registrar
Created August 12, 1988 (38 years, 2 months ago)
Expires July 31, 2027 (1 years, 3 months)
Last Updated October 14, 2024
Name Servers dnsexternal4.umbc.edu, dnsexternal.umbc.edu, dnsexternal3.umbc.edu, dnsexternal2.umbc.edu, dnsexternal1.umbc.edu
Registrant University of Maryland Baltimore County (UMBC-DOM
Hosting
IP Address 2620:12a:8000::4
Data source: whois (0.7s)
A+HTTP Probe TimingTotal 343 ms — DNS, TCP, TLS, TTFB, content transfer breakdownPASS
HTTP Probe Timing
Total 343 ms — DNS, TCP, TLS, TTFB, content transfer breakdown
DNS Lookup DNS Lookup — time to resolve the domain name to an IP address.
107 msTCP Connect TCP Connect — time to establish a TCP connection to the server.
0 msTLS Handshake TLS Handshake — time to complete the HTTPS encryption handshake.
4 msTime to First Byte Time to First Byte — how long the server takes to respond with the first byte of data.
341 msTotal Time Total request time from DNS lookup through full response.
343 msConnection waterfall
DNS Lookup 107 ms TCP Connect 0 ms TLS Handshake 4 ms Server Processing 230 ms Content Transfer 2 ms
A+CDN & DeliveryFastly (HIT, MISS, MISS, MISS)PASS
CDN & Delivery
Fastly (HIT, MISS, MISS, MISS)
Fastly (HIT, MISS, MISS, MISS)
Info::
Site is served via Fastly CDN
Got: x-served-by: cache-chi-kigq8000149-CHI, cache-toj-leto2350079-TOJ, cache-toj-leto2350067-TOJ, cache-toj-leto2350067-TOJ
Info::
CDN cache status: HIT, MISS, MISS, MISS
CDN Detected: Fastly
Provider Fastly Cache Status HIT, MISS, MISS, MISS Evidence x-served-by: cache-chi-kigq8000149-CHI, cache-toj-leto2350079-TOJ, cache-toj-leto2350067-TOJ, cache-toj-leto2350067-TOJ
All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.