Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BDNS Records2 A records, 31 ms lookupREVIEW
| A | 104.16.118.10, 104.16.117.10 |
| AAAA | — |
| CNAME | www.pagerduty.com.cdn.cloudflare.net |
| NS | — |
| MX | — |
| TXT | — |
| CAA | Lookup not available with standard resolver |
A CNAME at the zone apex can break MX and NS records. Use ALIAS/ANAME or A records instead.
CNAME at the apex (example.com) breaks every other apex record (MX, TXT, NS) — DNS-protocol violation per RFC 1034.
Learn more ▾ ▴
RFC 1034 forbids CNAME alongside other records at the same name. Some DNS providers offer ALIAS / ANAME / flattened-CNAME records that work around this — use those instead. Otherwise apex-level CNAME breaks email (no MX), domain ownership verification (no TXT), and more.
Source: RFC 1034
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
SPF helps prevent email spoofing. Add a TXT record starting with 'v=spf1'.
Without SPF, receiving servers can't validate sending IPs — your domain is easier to spoof in phishing.
Learn more ▾ ▴
SPF complements DMARC. Both should be published. SPF records list authorized sending IPs (e.g., `v=spf1 include:_spf.google.com ~all` for Google Workspace). After publishing, verify in Google Postmaster Tools or mxtoolbox.
Source: RFC 7208 (SPF)
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BTLS Certificate Expiry & Recommendations87 days until leaf cert expires — 2 issues to addressREVIEW
Certificate validity
Recommended actions
- Enable HSTS: Strict-Transport-Security: max-age=31536000; includeSubDomains
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryCloudflareREVIEW
A+Redirect ChainNo redirects — direct accessPASS
https://www.pagerduty.com
309 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://www.pagerduty.com | 200 | 309 ms | HTTP/1.1 | cloudflare |
A+Crawlabilityrobots.txt present, sitemap with 15 URLsPASS
User-agent: *
Disallow: /cgi-bin/
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php
Disallow: /_wpeprivate/
Disallow: /wp-snapshots/
Disallow: /wp-config.php
Disallow: /unpublished/
Disallow: /assets/*.pdf
Disallow: /ty/*
Disallow: /blog/?s=*
Disallow: /search/?q=*
Disallow: /elements
Disallow: /blog/tag/*
Disallow: /nlp/*
Disallow: /ssi-footer
SITEMAP: https://www.pagerduty.com/sitemap_index.xml
- https://www.pagerduty.com/post-sitemap.x...
- https://www.pagerduty.com/page-sitemap.x...
- https://www.pagerduty.com/resource-sitem...
- https://www.pagerduty.com/customer-sitem...
- https://www.pagerduty.com/executive-arti...
- https://www.pagerduty.com/ops-practices-...
- https://www.pagerduty.com/dutonian-stori...
- https://www.pagerduty.com/article-sitema...
- https://www.pagerduty.com/automation-sit...
- https://www.pagerduty.com/eng-blog-sitem...
- https://www.pagerduty.com/category-sitem...
- https://www.pagerduty.com/ops-stage-site...
- https://www.pagerduty.com/automation_use...
- https://www.pagerduty.com/automation_cat...
- https://www.pagerduty.com/automation_sol...
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: www
HTTP → HTTPS
Consistent
A+Domain Intelligencepagerduty.com — via MarkMonitor Inc., 17 years, 4 months old, hosted on AWSPASS
203 days
January 31, 2027
87 days
Issued by Google Trust Services
17 years, 4 months
Registered February 12, 2009
Enabled
Protects against DNS spoofing
AWS
ASN AS16509
52.36.64.228
MarkMonitor Inc.