Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BURL Variantswww/non-www, trailing slash, HTTP→HTTPSREVIEW
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
Consistent
BTLS Certificate Expiry & Recommendations333 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Prefer TLS 1.3 — TLS 1.2 is acceptable but TLS 1.3 removes RSA key exchange and improves latency
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records3 A records, 83 ms lookupPASS
| A | 52.13.171.212, 54.68.22.26, 50.112.202.115 |
| AAAA | — |
| CNAME | — |
| NS | ns96.ultradns2.org, edns161.ultradns.org, edns161.ultradns.net, edns161.ultradns.com, ns96.ultradns2.com, edns161.ultradns.biz |
| MX | 10 smtp.google.com |
| TXT | 3008133 docusign=dd076d14-70a2-40c7-a441-d4cb7860ad89 status-page-domain-verification=1sgw6tqskp22 adobe-idp-site-verification=443d9c03-e33b-4c4e-8628-435071557144 docker-verification=d405e10f-acdc-4e6e-8fc2-f8158259db11 facebook-domain-verification=0tcbl83rw8jkgkus4wvdlwq7yazygp pardot_338801_*=b68999dcd3fe0d4ae9e5745665a045696a609145988182939ea322765323944f fastly-domain-delegation-mcdd458582-1112022 globalsign-domain-verification=GBReh3q0WFyqVPnQFxGNsyODk8eCNaLkivCfA80jp5 fastly-domain-delegation-ZWuvc6sWXdcHL2U2-2024-02-12 atlassian-domain-verification=E46gtaZGY5Z5hIZ1oT78C8s0sYRNxRaqNYwmyMrDKUrj2FQby8... google-site-verification=vYIAadCxu2LIMziO1aPTeG3d-1WQ5flIu70gpZVD590 MS=ms50045578 liveramp-site-verification=JEnENVIIqS5B-SRQTGSNPRMhno0_O2-iulud-BFvez0 amazonses:GFBIxLQ5P2/dqwwdIi0c4J6YTr8sLZXy/5r6RfsH2UQ= mongodb-site-verification=oeY3MqvbVh1mixlxfiX6m49ibtHVSnqI 00d400000009hqreay fastly-domain-delegation-KtCjsXrp5q-08032021 fastly-domain-delegation-6wkER3jIAz-146692-2019-06-24 status-page-domain-verification=rj8wh0bdxw3b status-page-domain-verification=trdsdy90xgqk Dynatrace-site-verification=b3c283b7-dd8c-4938-a4c3-faf7c1d24295__svvbldu9p8ceg0... google-site-verification=VKeG2sllOKLgCZCFS-YDbHjAlppBiLf7jfU17LhufiY MS=ms91527960 google-site-verification=gbOTDgi4N5jaxMBARxz2Z2E-9SRqtb-bagIMdbfbwYM globalsign-domain-verification=37C62FC3F2EBE2AA95A874665C90B161 vxzdv4ORPsq4PSb2rZaR9RywmzKiKxqE4siErezObK+TJ+ETGTBh9nHtusjC1DBYxd6XSNCHkJi8BLjP... wework-site-verification=xBKzSDF0JfmEqy4c amazonses:qiHMMWkqRG/G1KpKuot7AVDpNvK+JGUbDuE2Hbdh0MI= clickup-verification=mBlG6BNMsADia1ut6VjkuZqSEyE7nioLZYV-fWMbQuw 00df40000003u6teaa MS=ms74706581 status-page-domain-verification=yfz8ltqh8jjw google-site-verification=gW3y8W9JYhTs3PFc4QmqhVrdazaxKDSJ4uhp6juX224 atlassian-domain-verification=24ionyvJGeY4lZpilE1Y7FQrPBwwxklFBliMQj3WucL3s5KfWy... Dynatrace-site-verification=f65ac81d-9846-4100-b8e1-59d4ba734a21__mjhajhtgeuvij7... _globalsign-domain-verification=BEaeaS2zFLciLbNzABrdD9A1ghRtM395-qbg9FJmEu cisco-ci-domain-verification=27059d19cb800043bc73634add57b12174c18bd49dd3bfa4636... amazonses:a+yze0PpxSF/FtjGFCS6/RMOebY/dVPwk+qwG4zzKgI= amazonses:CF4N4hyd8lVZ9L/Sh3O4RWSmPX5lPDkLEagX85ph1Y4= globalsign-domain-verification=8ce5574842816c083dfd5f5cb3768012 amazonses:3DD/+IEGETxv2v4tVmNdc+dBriuj/bqEMm2q3TbQnGY= Dynatrace-site-verification=f878653e-4674-41c9-b233-629343406b8a__dsui9v58s7ouao... amazonses:0kvwPw9J4R4kusTDzYS1ZkLQb4VSpOhB/LX0mNAJDX4= google-site-verification=pGD4g64IeGz_IhUW8405-5XldaPcS0msUNZykWLZrmo SPF v=spf1 include:_spf.vmware.com include:_spop.vmware.com include:mktomail.com inc... amazonses:VSp8NJhnwKSEQ3BoAlGyg3asr0SCwBUjSuX+pFJ0AMs= docusign=37206071-cc3b-44cf-9f2d-f8c5f945be76 PETdvG2zEfifk8IKy3fYBD1C6FQdznnEoDtAF/lpAY8J1QuY4mmEZJkOrJg65NF6giUIXMB5ta8wcv5i... FASTLY-VERIFY-12-9-19 amazonses:i8Vqt+PN1+Mby/bRsf+1UegmAY1NyN1znDFWEzRhmR8= 99fxgmn8cj2fxk8x9qdqvk6hyv9pf3py status-page-domain-verification=ty89pncqjs7x _bjwmkkh45e9v4re8tujctglh2ql7b5n |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 847 ms totalPASS
https://vmware.com
717 ms · HTTP/1.1
https://www.vmware.com/
130 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://vmware.com | 301 | 717 ms | HTTP/1.1 | Apache |
| 2 | https://www.vmware.com/ | 200 | 130 ms | HTTP/1.1 | cloudflare |
See the visual redirect chain in the HTTP Probe tab →
A+Crawlabilityrobots.txt present, sitemap with 4 URLsPASS
##############################################
#### robots.txt for vmware.com 03/24/2026 ####
##############################################
User-agent: *
Sitemap: https://www.vmware.com/sitemap.xml
Allow: /
Disallow: /*thank-you*
# __ ___ __ ____ __ ____ _ _ __ ___
# \ \ / / '_ ` _ | \ \ /\ / / _` | '__/ _ \
# \ V /| | | | | | \ V V / (_| | | | __/
# \_/ |_| |_| |_| \_/\_/ \__,_|_| \___|
#
# by Broadcom
#
A+Domain Intelligencevmware.com — via CSC Corporate Domains, Inc., 28 years, 7 months old, hosted on AWSPASS
1294 days
January 29, 2030
333 days
Issued by DigiCert Inc
28 years, 7 months
Registered January 30, 1998
Not enabled
Protects against DNS spoofing
AWS
ASN AS16509
52.13.171.212
CSC Corporate Domains, Inc.
Expiry timeline
Recommended actions
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice