Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.DCDN & DeliveryActionNo CDN detectedFIX
Consider using a CDN to improve global delivery speed and reduce origin load.
BURL Variantswww/non-www, trailing slash, HTTP→HTTPSREVIEW
www / non-www
Inconsistent — duplicate content risk
HTTP → HTTPS
Consistent
BTLS Certificate Expiry & Recommendations47 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Extend HSTS max-age to at least 31536000 (1 year) to meet the preload list criteria
- Add includeSubDomains to the HSTS directive
- Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
A+DNS Records2 A records, 52 ms lookupPASS
| A | 195.47.247.8, 195.47.247.9 |
| AAAA | 2a02:2350:6::6514:e26d |
| CNAME | — |
| NS | auth.g1-dns.one, auth.g1-dns.com |
| MX | 10 mx4.pub.mailpod12-cph3.one.com 10 mx3.pub.mailpod12-cph3.one.com 10 mx1.pub.mailpod12-cph3.one.com 10 mx2.pub.mailpod12-cph3.one.com |
| TXT | apple-domain-verification=NW7F5wIbiIMoDyGn facebook-domain-verification=bzipsayq3fcwysb04sfrb7n28umr70 google-site-verification=SJnzgdADXmE_K3rQEbVVmYXgxa_0Auh5oDN4KBGp_n8 google-site-verification=PxhP_oeeJYM6XtUKPbyWuAA4BSR1OgKY5Il_zMhZZ4g status-page-domain-verification=jxn9sv5yjjk0 SPF v=spf1 include:_spf.one.com include:spf.mail.intercom.io include:mail.zendesk.co... atlassian-domain-verification=KKeihQSanTHe0l1pqlAF48oghg9rSqxhRZakMd/Gq8e8xTF/ma... MS=ms80165880 slack-domain-verification=cKfMkGzW2T6D9IwrAfw3WqEMiCNY7Xsnd5cMo7VQ 0c2ce30eb74af62b8f39fe80d2821090 |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
ARedirect Chain1 redirect(s), 224 ms totalPASS
https://one.com
78 ms · HTTP/1.1
https://www.one.com/
146 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://one.com | 301 | 78 ms | HTTP/1.1 | Varnish |
| 2 | https://www.one.com/ | 200 | 146 ms | HTTP/1.1 | Apache |
See the visual redirect chain in the HTTP Probe tab →
A+IPv6 ReadinessIPv6 reachable (17 ms)PASS
A+Crawlabilityrobots.txt present, sitemap with 14 URLsPASS
User-agent: *
Allow: /en/admin/login
Allow: /da/admin/login
Allow: /de/admin/anmelden
Allow: /fr/admin/connecter
Allow: /nl/admin/inloggen
Allow: /no/admin/login
Allow: /sv/admin/login
Allow: /es/admin/acceso
Allow: /pt/admin/acesso
Allow: /it/admin/accedi
Disallow: /admin/
Disallow: /chat
Disallow: /en/resubscribe
Disallow: /it/rinnova-la-sottoscrizione
Disallow: /nl/opnieuw-abonneren
Disallow: /no/abonner-paa-nytt
Disallow: /pt/resubscrever
Disallow: /sv/aterregistrera
Disallow: /da/gentegn
Disallow: /de/weiter-abonnieren
Disallow: /es/nueva-suscripcion
Disallow: /fr/resouscrire
Disallow: /maintenance/
Disallow: /en/edc/
Disallow: /*.do$
Disallow: /en/size
Disallow: /sv/storlek
Disallow: /da/storrelse
Disallow: /no/storrelse
Disallow: /de/groesse
Disallow: /fr/taille
Disallow: /nl/grotte
Disallow: /packagesize.do
Disallow: /office-order-step2.do
Disallow: /*-begynner$
Disallow: /*-pluss$
Disallow: /*-baukasten$
Disallow: /*-debutant$
Disallow: /*-affaires$
Disallow: /fr/commerce-electronique-avec-site-web
Disallow: /es/solicitar
Disallow: /it/ordine
Disallow: /pt/encomenda
Disallow: /da/bestilling
Disallow: /de/bestellung
Disallow: /en/order
Disallow: /fr/commande
Disallow: /nl/bestelling
Disallow: /no/bestilling
Disallow: /sv/bestaellning
Disallow: /cs/objednavka
Disallow: /pt-BR/encomenda
Disallow: /fi/tilaus
Disallow: /pl/zamowienie
Sitemap: https://www.one.com/en-gb/sitemap.xml
Sitemap: https://www.one.com/da-dk/sitemap.xml
Sitemap: https://www.one.com/sv-se/sitemap.xml
Sitemap: https://www.one.com/fr-fr/sitemap.xml
Sitemap: https://www.one.com/nb-no/sitemap.xml
Sitemap: https://www.one.com/es-es/sitemap.xml
Sitemap: https://www.one.com/fi-fi/sitemap.xml
Sitemap: https://www.one.com/nl-nl/sitemap.xml
Sitemap: https://www.one.com/it-it/sitemap.xml
Sitemap: https://www.one.com/pt-pt/sitemap.xml
Sitemap: https://www.one.com/en-us/sitemap.xml
Sitemap: https://www.one.com/de-de/sitemap.xml
Sitemap: https://www.one.com/nl-be/sitemap.xml
- https://www.one.com/da-dk/sitemap/1.xml
- https://www.one.com/de-de/sitemap/1.xml
- https://www.one.com/en-gb/sitemap/1.xml
- https://www.one.com/en-us/sitemap/1.xml
- https://www.one.com/es-es/sitemap/1.xml
- https://www.one.com/fr-be/sitemap/1.xml
- https://www.one.com/fr-fr/sitemap/1.xml
- https://www.one.com/it-it/sitemap/1.xml
- https://www.one.com/nl-be/sitemap/1.xml
- https://www.one.com/nl-nl/sitemap/1.xml
- https://www.one.com/nb-no/sitemap/1.xml
- https://www.one.com/pt-pt/sitemap/1.xml
- https://www.one.com/fi-fi/sitemap/1.xml
- https://www.one.com/sv-se/sitemap/1.xml
A+Domain Intelligenceone.com — via CSL Computer Service Langenbach GmbH d/b/a joker.com, 34 years, 8 months oldPASS
2404 days
February 13, 2033
47 days
Issued by Let's Encrypt
34 years, 8 months
Registered February 12, 1992
Enabled
Protects against DNS spoofing
Unknown
2a02:2350:6::6514:e26d
CSL Computer Service Langenbach GmbH d/b/a joker.com
Expiry timeline
Recommended actions
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice