Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BTLS Certificate Expiry & Recommendations58 days until leaf cert expires — 3 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryCloudflareREVIEW
ADNS Records2 A records, 33 ms lookupPASS
| A | 104.18.10.246, 104.18.11.246 |
| AAAA | 2606:4700::6812:af6, 2606:4700::6812:bf6 |
| CNAME | — |
| NS | — |
| MX | — |
| TXT | — |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
SPF helps prevent email spoofing. Add a TXT record starting with 'v=spf1'.
Without SPF, receiving servers can't validate sending IPs — your domain is easier to spoof in phishing.
Learn more ▾ ▴
SPF complements DMARC. Both should be published. SPF records list authorized sending IPs (e.g., `v=spf1 include:_spf.google.com ~all` for Google Workspace). After publishing, verify in Google Postmaster Tools or mxtoolbox.
Source: RFC 7208 (SPF)
ARedirect Chain1 redirect(s), 365 ms totalPASS
https://www.railway.app
66 ms · HTTP/1.1
https://railway.com/
299 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://www.railway.app | 301 | 66 ms | HTTP/1.1 | cloudflare |
| 2 | https://railway.com/ | 200 | 299 ms | HTTP/1.1 | railway-edge |
See the visual redirect chain in the HTTP Probe tab →
A+IPv6 ReadinessIPv6 reachable (17 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 3 URLsPASS
User-agent: *
Disallow: /account
Disallow: /workspace
Disallow: /admin
Disallow: /auth
Disallow: /dashboard
Disallow: /project
Disallow: /new
Disallow: /preferences
Disallow: /graphiql
Disallow: /design
User-agent: AdsBot-Google
Allow: /
User-agent: Googlebot
Allow: /
Sitemap: https://railway.com/sitemap.xml
Sitemap: https://railway.com/changelog-sitemap.xml
Sitemap: https://railway.com/templates-sitemap.xml
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: www
HTTP → HTTPS
Consistent
A+HTTP Probe TimingTotal 94 ms — DNS, TCP, TLS, TTFB, content transfer breakdownPASS
Connection waterfall
Domain IntelligenceDomain intelligence data not availableINFO
RDAP and WHOIS lookup both failed