Infrastructure
· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.BRedirect Chain2 redirect(s), 107 ms totalREVIEW
https://trimble.com
29 ms · HTTP/1.1
https://www.trimble.com/
67 ms · HTTP/1.1
https://www.trimble.com/en
11 ms · HTTP/1.1 FINAL
| # | URL | Status | Time | Protocol | Server |
|---|---|---|---|---|---|
| 1 | https://trimble.com | 301 | 29 ms | HTTP/1.1 | Netlify |
| 2 | https://www.trimble.com/ | 301 | 67 ms | HTTP/1.1 | Netlify |
| 3 | https://www.trimble.com/en | 200 | 11 ms | HTTP/1.1 | Netlify |
See the visual redirect chain in the HTTP Probe tab →
Each redirect adds latency. Try to minimize the chain to 1 hop.
Redirect chain — each hop adds latency; combine into one redirect where possible.
Source: Google Search Central / web.dev
CIPv6 ReadinessActionNo IPv6 supportREVIEW
IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.
No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.
Source: Google IPv6 stats
BTLS Certificate Expiry & Recommendations61 days until leaf cert expires — 4 issues to addressREVIEW
Certificate validity
Recommended actions
- Add includeSubDomains to the HSTS directive
- Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
- Enable DNSSEC on your domain for DNS spoofing protection
- Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy
BCDN & DeliveryNetlifyREVIEW
A+DNS Records2 A records, 17 ms lookupPASS
| A | 15.197.167.90, 3.33.186.135 |
| AAAA | — |
| CNAME | — |
| NS | ns-1125.awsdns-12.org, ns-1653.awsdns-14.co.uk, ns-569.awsdns-07.net, ns-6.awsdns-00.com |
| MX | 1 aspmx.l.google.com 5 alt1.aspmx.l.google.com 5 alt2.aspmx.l.google.com 10 aspmx2.googlemail.com 10 aspmx3.googlemail.com |
| TXT | 82fQAmvdm06qmXZWueHvU6v76cBjIX2o2vjucC+3U6Tlaz5fuAepDVPIyxxfyYENoe/cy29i2A7253MM... 9b9f5237-3f67-4f06-b725-d16692ec751b _globalsign-domain-verification=h9wdXjKVfqHF6mQlSwHP_ELuZf-LxavSC1CQFigp0c adobe-idp-site-verification=6fb5c061ff4c970c4d55a440c9f475c9d65a2f15bf53fb36df3d... adobe-sign-verification=7a19b8eb4ef42d2f194791ca7fad62 airtable-verification=c27a2fd9b85406ecdc90ecfee3e9007d amazonses:wN/fO3EsSlTZRb+glhHMYuORTwE2M2sjx4T8u5nR9eo= apple-domain-verification=foR9wJdKX78oGV27 apple-domain-verification=xfuYEROjnTSUKhRA asv=2730dfa6f8e7331683e8168b7c3558eb atlassian-domain-verification=h0HBigAfPcNaaaY6BauYlGNtmYGi9coD7w9V7AIqXWxqnhm2aD... atlassian-sending-domain-verification=5fd820ba-1fa8-43b1-982b-b2649ba9fb15 autodesk-domain-verification=BO-YFRi8ok1mz7xYZfJy brevo-code:979f3192320aecff48be598427958846 calendly-site-verification=DvZtjkqEfQp4dBQjaFt66NQPN6sFzFIgpvpSrbCRT canva-site-verification=73PotytPbFmWarUr9EnxKg cursor-domain-verification-pm3z5b=0Wv351SUW2BCvpR1cTdyQT9n9 db31e2965bb44cff838996d5cc186097 docker-verification=5541c400-421f-4c84-895a-21c59301ecd7 drift-domain-verification=2800fa8acc1b8d63af884ced9eb8a5e80859bb4b9c70c537cf8b28... drift-domain-verification=35118354d12e1a8065391154257d18ccd12744e080ce01bab28af1... drift-domain-verification=909c297b9c0f406451bf86facb45865641ecf08a6711f7800a5902... drift-domain-verification=e848105b18e8314c16bc4084c3bb7ec381976e2a53b2521ffc1257... google-site-verification=uq9AoffXiTRjPISBV1clb6ZJqxTmrSivnGTYhOnOROA hubspot-ydIbdSCEX6epov jamf-site-verification=gdNSStErfxdZBF_TobWjgg knowbe4-site-verification=0158e18e2a3129c90869778acb15b87e lucid-verification=fY28Ify6Vw61 masv=SMaEqhkIeDXzyKgnwJdxCsoFcTKClTtu mgverify=1919c6c2fb1b203ecfcaf0fb21d89d9dbf79412a71137be57986513ebc19cece mongodb-site-verification=sWYtvd5IcM3PXvN2czxkr1fC7viIoPNE notion-domain-verification=1MdrSQTMzKaulalmGXlgA9HdNCUZDW6h0YTAgn6gVE5 onetrust-domain-verification=4a9b6d022335434ab6253e333394fa6d pardot1097602=81fccfa05790e8f2d924871d7ee348eec689998f59315cbaadd2ddc21b537482 pardot1123573=c1f9d659568582e238909313b014a152a7eb22ab2eb26f9f22d0ede5a6c17b4f pardot310631=7320e03ad9f8397829befaeae73867fd75ed949e89b92ccbfaf5b5ae4b744e82 pardot993022=4d3e5df80d1002dc4bb738e09183533ff0f3141acd5a34a2ea27a371fbca7d01 postman-domain-verification=cdfa33f782c98b0b323306276caeeab5b51d416fea17db68a925... qZtkNSrAIOEmMhgXrv5O5w8 sending_domain73762=e3ae11edde829c77c78699d9e2db3570ae61a927d919f8d5258eec41e501... smartsheet-site-validation=23RW1Wuu04WRsKvSoD6L48y11RnelV7h smartsheet-site-validation=H993sF9LdUrANq53jZ_pvX9pC0SyQjcd teamviewer-sso-verification=7a812da4e728455692c3fa42e3efffdc twilio-domain-verification=17400ac8aa9459ade400c7ae18625a1d SPF v=spf1 include:7aclx550um.powerspf.com -all wiz-domain-verification=8c4912cc90200065239859f17a3e229d8822662b3d717e4ba984e00b... wrike-verification=MTgyNDQ2ODozMGFlNTc2NzFkYzA4OTFjZWI4MzMzZWVkOWVjNzVlOGM2NGVlY... wrike-verification=MjUxOTk2Mzo3ZTczY2JhYWZmYjg5NDZmNGY5MmU1YmI1YTJjMmJjNWI4MWViZ... wrike-verification=NTAzOTExOjMxODc4YTM5ZGUxNjQyZDY3MjI3NWM3OGZmOWE0MzcwNDgzYjA4N... zoho-verification=zb34124959.zmverify.zoho.com |
| CAA | Lookup not available with standard resolver |
CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.
Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.
A+Crawlabilityrobots.txt present, sitemap with 1 URLsPASS
User-agent: *
Allow: /
Disallow: /en/?search*
Disallow: /en/downloads/
Disallow: /en/our-company/news-and-events/press-releases
Disallow: /en/error
Disallow: /fr-fr/?search*
Disallow: /fr-fr/downloads/
Disallow: /fr-fr/our-company/news-and-events/press-releases
Disallow: /fr-fr/error
Disallow: /de/?search*
Disallow: /de/downloads/
Disallow: /de/our-company/news-and-events/press-releases
Disallow: /de/error
Disallow: /nl-nl/?search*
Disallow: /nl-nl/downloads/
Disallow: /nl-nl/our-company/news-and-events/press-releases
Disallow: /nl-nl/error
Sitemap: https://www.trimble.com/en/sitemap-index.xml
Sitemap: https://www.trimble.com/fr-fr/sitemap-index.xml
Sitemap: https://www.trimble.com/de/sitemap-index.xml
Sitemap: https://www.trimble.com/nl-nl/sitemap-index.xml
Sitemap: https://www.trimble.com/blog/trimble/sitemap/index.xml
Host: https://www.trimble.com
A+URL Variantswww/non-www, trailing slash, HTTP→HTTPSPASS
www / non-www
Preferred variant: non-www
HTTP → HTTPS
Consistent
A+Domain Intelligencetrimble.com — via CSC Corporate Domains, Inc., 34 years, 2 months old, hosted on AWSPASS
21 days
August 9, 2026
61 days
Issued by Let's Encrypt
34 years, 2 months
Registered August 10, 1992
Not enabled
Protects against DNS spoofing
AWS
ASN AS16509
15.197.167.90
CSC Corporate Domains, Inc.
Expiry timeline
Recommended actions
- Renew the domain or enable auto-renewal to prevent accidental expiry
- Enable DNSSEC to protect visitors from DNS spoofing
- Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers
DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.
Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.
Learn more ▾ ▴
DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.
Source: ICANN / RFC 4033
The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.
Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.
Learn more ▾ ▴
Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.
Source: ICANN / domain-security best practice