Documentation

Check Status

DNS Records

InfraLens uses Node.js native DNS resolution to retrieve and analyze common DNS records. Results are cached in-memory to optimize performance. This provides visibility into hosting setup, email configuration, and domain delegation.

DNS Security

This check focuses on email and domain security signals:

• SPF: Sender Policy Framework for email authentication
• DKIM: DomainKeys Identified Mail signatures
• DMARC: Domain-based Message Authentication
• DNSSEC: DNS Security Extensions

Missing or misconfigured records may expose the domain to spoofing or delivery issues.

IP & Hosting Information

InfraLens uses the ipapi.co API (optional) to identify public IP address, Autonomous System Number (ASN), hosting provider, geographic location, and IPv6 availability. This provides a high-level view of where and how the site is hosted. The API key is optional—the service works without it but with rate limits.

Security Headers

InfraLens checks for the presence of five recommended HTTP security headers using a HEAD request. These headers help protect against common vulnerabilities such as XSS, clickjacking, and MIME-type sniffing. Missing headers trigger actionable recommendations.

HTTPS & TLS

This check verifies whether HTTPS is properly enforced and inspects TLS configuration:

• HTTPS availability
• HTTP to HTTPS redirection
• TLS protocol version (TLS 1.2 minimum, TLS 1.3 preferred)
• Certificate issuer
• Certificate expiration status

Redirect Behavior

InfraLens follows redirect chains (up to 10 redirects) to detect misconfigurations, including excessive redirects and potential redirect loops. The check identifies the final destination URL and analyzes redirect behavior. Clean redirect chains improve security, performance, and SEO.

security.txt

InfraLens checks for the presence of a security.txt file according to RFC 9116. This file provides security researchers with contact information and vulnerability disclosure policies. The check verifies:

• Presence at /.well-known/security.txt or /security.txt
• Required Contact field
• Required Expires field (must be present per RFC 9116)
• Other optional fields (Encryption, Acknowledgments, etc.)

A properly configured security.txt helps security researchers report vulnerabilities responsibly.

Firewall / WAF Detection

This check analyzes HTTP headers to detect common Web Application Firewalls (WAF) or CDN protections. Detection is based on characteristic headers and server responses. Examples include Cloudflare, Fastly, Akamai, AWS CloudFront, and Sucuri.

robots.txt

InfraLens checks for the presence of robots.txt, HTTP status, and basic syntax validity. robots.txt controls crawler access and indexing behavior.

Sitemap

This check verifies whether a sitemap is available and accessible. Signals include sitemap presence, format (XML / index), and basic URL count.

Linked Pages

InfraLens parses the HTML content using Cheerio to extract links and categorizes them as internal or external. The check validates external links by performing HEAD requests to detect unreachable or broken links. This provides insights into site structure and link health.

HTML Metadata

Checks for title, meta description, charset, and viewport. Missing metadata affects accessibility and SEO.

Social Tags

InfraLens inspects Open Graph tags, Twitter Card metadata, and social preview images.

Stack Detection

InfraLens analyzes HTTP headers, HTML content, and JavaScript patterns to detect frontend frameworks (React, Vue, Angular), CMS platforms (WordPress, Drupal), analytics tools (Google Analytics, Plausible), and CDN providers. Detection is heuristic-based and may not always be exhaustive.

Server Headers

This check analyzes server headers to identify server software, X-Powered-By exposure, and potential information leakage.

Accessibility Hints

InfraLens performs basic accessibility checks to identify common issues that affect screen readers and assistive technologies:

• lang attribute: Presence on the HTML element
• h1 heading: Presence and count (should be exactly one)
• Image alt text: Missing alt attributes on images
• ARIA landmarks: Semantic HTML elements and ARIA roles (header, nav, main, footer)
• Skip links: Presence of skip navigation links

These are basic checks and do not replace comprehensive accessibility audits, but they help identify common issues that impact users with disabilities.

Response Metrics

InfraLens collects lightweight performance signals using a single HTTP request:

• Approximate response time (measured client-side)
• Response size (Content-Length header or body size)
• Compression support (Content-Encoding: gzip, br, etc.)

These are indicative metrics from a single request, not comprehensive performance audits. Results may vary based on network conditions and server load.

Uptime Snapshot

InfraLens performs a HEAD request to verify reachability, HTTP status code, and timeout handling. This represents a single point-in-time snapshot of the website's availability, not historical uptime tracking or monitoring.

Category Weights

• HTTP & Security: 25 points
• Network & DNS: 20 points
• Infrastructure: 20 points
• Website Structure: 15 points
• Metadata & Stack: 10 points
• Performance Signals: 10 points

Status Points

• OK: 100% of category weight
• Warning: 60% of category weight
• Error: 0% of category weight

Final Grade

Grades (A–E) are visual aids only, not security certifications:

• 90–100: A (Excellent)
• 75–89: B (Good)
• 60–74: C (Average)
• 40–59: D (Poor)
• < 40: E (Critical)