Infrastructure

· 9 checks — DNS, redirects, IPv6, crawlability, URL variants, and domain intelligence rolled into one auditable list.

SCORE

GRADE

FIX

REVIEW

PASS

INFO

Probed from Amsterdam, Netherlands

301 Moved Permanently

Checks

4 PASS 4 REVIEW 1 FIX

CDN & Delivery

Action

No CDN detected

FIX

No CDN detected

A CDN can significantly improve load times for users around the world by caching content at edge nodes closer to them.

No CDN detected

Consider using a CDN to improve global delivery speed and reduce origin load.

Redirect Chain

2 redirect(s), 284 ms total

REVIEW

2 redirect(s), 284 ms total

2 redirects before reaching final URL

Each redirect adds latency. Try to minimize the chain to 1 hop.

WWW normalization redirect

https://airbus.com

255 ms · HTTP/1.1

301

https://www.airbus.com/

12 ms · HTTP/1.1

301

https://www.airbus.com/en

17 ms · HTTP/1.1 FINAL

#	URL	Status	Time	Protocol
1	https://airbus.com	301	255 ms	HTTP/1.1
2	https://www.airbus.com/	301	12 ms	HTTP/1.1
3	https://www.airbus.com/en	200	17 ms	HTTP/1.1

See the visual redirect chain in the HTTP Probe tab →

Each redirect adds latency. Try to minimize the chain to 1 hop.

Why this matters

Redirect chain — each hop adds latency; combine into one redirect where possible.

Source: Google Search Central / web.dev

IPv6 Readiness

Action

No IPv6 support

REVIEW

No IPv6 support

No IPv6 (AAAA) records found

IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.

No IPv6 Support

About 40% of internet users have IPv6. Consider adding AAAA records.

IPv6 support is increasingly important for global accessibility. About 40% of internet users have IPv6 connectivity.

Why this matters

No AAAA records — same impact as 'no IPv6 (AAAA) records'; IPv6-preferring clients pay extra latency falling back to IPv4.

Source: Google IPv6 stats

URL Variants

www/non-www, trailing slash, HTTP→HTTPS

REVIEW

www/non-www, trailing slash, HTTP→HTTPS

www/non-www redirect configured correctly (preferred: non-www)

HTTP version does not redirect to HTTPS

Got: HTTP 301 Expected: 301 redirect to HTTPS

www / non-www

301https://www.airbus.com/

200https://airbus.com/

Preferred variant: non-www

HTTP → HTTPS

301http://airbus.com/ → http://www.airbus.com/

HTTP version does not redirect to HTTPS

TLS Certificate Expiry & Recommendations

60 days until leaf cert expires — 4 issues to address

REVIEW

Certificate validity

days left

0d 30d 60d 90d+

Recommended actions

Add includeSubDomains to the HSTS directive
Add the preload directive and submit to hstspreload.org once max-age + includeSubDomains are in place
Enable DNSSEC on your domain for DNS spoofing protection
Enable OCSP stapling on your TLS server to remove a CA roundtrip and protect user privacy

A+

DNS Records

2 A records, 8 ms lookup

PASS

2 A records, 8 ms lookup

Resolves to 2 IPv4 address(es)

Got: 107.154.75.155, 45.60.99.155

No IPv6 (AAAA) records

2 nameserver(s) configured

Got: udns1.cscdns.net, udns2.cscdns.uk

2 mail exchanger(s) configured

CAA records not checked

CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.

SPF record present in TXT

DNS resolution time: 8 ms

Got: 8 ms

A	107.154.75.155, 45.60.99.155
AAAA	—
CNAME	—
NS	udns1.cscdns.net, udns2.cscdns.uk
MX	4 mx1.myeers.net 8 mx2.myeers.net
TXT	MS=ms72405175 hbkp18nuko9q1brvvo5o7ks9i0 23ee18ba5aa545f8bb3f2804d9f976ae 46bdbe0d581a46bea3d303c4cbdf3e13 beb3cc1edd4645a99866e1acf4442b8a cff79e5864ac4472b7ff71c856f337b8 db5e5e1763f14e6591caecfacc0d7d23 IUER0JGUOJE30PQENEC12CFWAARXFMML4GB6831E zoho-verification=zb85545947.zmverify.zoho.eu .my._report._dmarc.airbus.com43200INTXTv=DMARC1; Sendinblue-code:294a1f31a32f329d549dc0c9f4ff3be0 cloudhealth=1aed8532-d4fd-4a64-b284-3d958a1f1654 adobe-sign-verification=2f4dae45d2b72e635dac42135987gst3 farmstar-conseil.com._report._dmarc.airbus.com ['v=DMARC1;'] farmstar-conseil.net._report._dmarc.airbus.com ['v=DMARC1;'] globalsign-domain-verification=27BF4DD070F5ACBABC726603879CAACD globalsign-domain-verification=566D2886DA55055DD8538ECAED48A820 globalsign-domain-verification=D538356CC2825C78FDFF4E7F9CA75D1D have-i-been-pwned-verification=7fe135d4984d163094afa624fdbe2988 google-site-verification=Aqw2RzMow4l23dhDs89OB9UbCZiBhpItAkKcW1SDsbE google-site-verification=JYZW70D33A_K0ZZslCJ1ZfMWiAwQaBJvGqRUCCEEYOs google-site-verification=RUfcS1trp49VOa0rg0ITEUFcM462b3FKB4DOXsbLmfc google-site-verification=aesGXJxKYX7XPor76fN8Xb-siLofh-HVagZu2_GUomM google-site-verification=xyTtJsk3bgkgplVKyeRKnAbyAVmNtHYKTdqksNr5eyA XQDGVODf68hlpGoBKumB0jC7WCGagWtGnvOV6NKX9X+rfT9uNpBadnmv5E3uTXwOL3mtj3xR+n/ttRUB... cisco-ci-domain-verification=669af5e7b8c6596620819eff6f98f2679469f9d9646d2b4e1f6... atlassian-domain-verification=VRZWvSq39haoZMYClFKkF/4nSNj/JHsoWe3R1qtaKClI/JOv4p... atlassian-domain-verification=nA2jAmP6jDXFf8NIBnNBTVhgw/pkLBK2/YjTi/EmsZlV44TL6I... paloaltonetworks-site-verification=2e0ea6ff9ddc469e3673b6207bcc4723a2a93209419f7... SPF v=spf1 ip4:87.190.7.224/28 ip4:80.242.167.16/28 ip4:217.239.138.48/28 ip4:62.217...
CAA	Lookup not available with standard resolver

Resolved in 8 ms

CAA record lookup requires a specialized DNS resolver. This check will be available in a future update.

Why this matters

Informational: CAA (Certification Authority Authorization) records weren't checked in this scan.

A+

Crawlability

robots.txt present, sitemap with 3 URLs

PASS

robots.txt present, sitemap with 3 URLs

robots.txt is present

Got: 7009 bytes

sitemap.xml is present

sitemap.xml is valid XML

sitemap.xml contains 3 entries

Sitemap index with 3 child sitemaps

robots.txt references sitemap

robots.txt 200 OK

Size 7009 B Sitemaps referenced 1 User-agents toCrawl/UrlDispatcher, humanlinks, JikeSpider, Exabot, MS Search 4.0 Robot, Szukacz/1.4, asterias, CopyRightCheck, NICErsPRO, Foobot, Openfind, OpenindexSpider, WebStripper, YisouSpider, LinkextractorPro, NetAttache, True_Robot, WinHTTrack, *, EmailCollector, EmailSiphon, Mister PiX, NetAnts, moget, suggybot, The Intraformant, Zookabot, CherryPicker, hloader, Microsoft URL Control - 5.01.4511, HTTrack 3.0, WikioFeedBot, BunnySlippers, ProPowerBot/2.14, UrlPouls, LinkWalker, lwp-trivial, SuperBot/2.6, Telesoft, ExtractorPro, yacy, YRSPider, grapeshot, JennyBot, libWeb/clsHTTP, RepoMonkey, SiteBot, True_Robot/1.0, URLy Warning, Website Quester, BotALot, spanner, SuperBot, WebEnhancer, wget, BLEXBot, CherryPickerElite/1.0, SiteSnagger, Teleport, WebBandit, WebmasterWorldForumBot, WWW-Collector-E, Cegbfeieh, dotbot, TightTwatBot, Web Image Collector, BackDoorBot/1.0, Black Hole, QuepasaCreep, AlphaSeoBot, Bytespider, cosmos, Flamingo_SearchEngine, Naverbot, WebZip, Zeus, DittoSpyder, httplib, LexiBot, MIIxpc, webcopy, EmailWolf, MS Search 5.0 Robot, psbot, TheNomad, WebReaper, Microsoft URL Control - 6.00.8169, suzuran, EroCrawler, trendictionbot, TurnitinBot, WebAuto, WebStripper/2.02, BlowFish/1.0, Crescent Internet ToolPak HTTP OLE Control v.1.0, ProWebWalker, SightupBot, WebBandit/3.50, LinkScan/8.1a Unix, BizInformation, CherryPickerSE/1.0, website extractor, Antenne Hatena, Bullseye/1.0, CheeseBot, DISCo Pump 3.1, lwp-trivial/1.34, Offline Explorer, TosCrawler, WebCopier, Alexibot, AlvinetSpider, MIIxpc/4.2, RMA, SiteSucker, VCI, webmirror, WebSauger, MLBot, QueryN Metasearch, Titan, Webster Pro, 008, BuiltBotTough, Igentia, SpankBot, Speedy, turingos, HTTrack, Mata Hari, Kenjin Spider, moget/2.1, ApocalXExplorerBot, Crescent, NetMechanic, Xenu Link Sleuth/1.3.8, AlphaSeoBot-SA, Harvest/1.5, InfoNaviRobot Blocking No — crawling allowed

#

# robots.txt

#

# This file is to prevent the crawling and indexing of certain parts

# of your site by web crawlers and spiders run by sites like Yahoo!

# and Google. By telling these "robots" where not to go on your site,

# you save bandwidth and server resources.

#

# This file will be ignored unless it is at the root of your host:

# Used:    http://example.com/robots.txt

# Ignored: http://example.com/site/robots.txt

#

# For more information about the robots.txt standard, see:

# http://www.robotstxt.org/robotstxt.html


User-agent: AlphaSeoBot

User-agent: AlphaSeoBot-SA

User-agent: BLEXBot

User-agent: 008

User-agent: Alexibot

User-agent: AlvinetSpider

User-agent: Antenne Hatena

User-agent: ApocalXExplorerBot

User-agent: asterias

User-agent: BackDoorBot/1.0

User-agent: BizInformation

User-agent: Black Hole

User-agent: BlowFish/1.0

User-agent: BotALot

User-agent: BuiltBotTough

User-agent: Bullseye/1.0

User-agent: BunnySlippers

User-agent: Bytespider

User-agent: Cegbfeieh

User-agent: CheeseBot

User-agent: CherryPicker

User-agent: CherryPickerElite/1.0

User-agent: CherryPickerSE/1.0

User-agent: CopyRightCheck

User-agent: cosmos

User-agent: Crescent

User-agent: Crescent Internet ToolPak HTTP OLE Control v.1.0

User-agent: DISCo Pump 3.1

User-agent: DittoSpyder

User-agent: dotbot

User-agent: EmailCollector

User-agent: EmailSiphon

User-agent: EmailWolf

User-agent: EroCrawler

User-agent: Exabot

User-agent: ExtractorPro

User-agent: Flamingo_SearchEngine

User-agent: Foobot

User-agent: grapeshot

User-agent: Harvest/1.5

User-agent: hloader

User-agent: httplib

User-agent: HTTrack

User-agent: HTTrack 3.0

User-agent: humanlinks

User-agent: Igentia

User-agent: InfoNaviRobot

User-agent: JennyBot

User-agent: JikeSpider

User-agent: Kenjin Spider

User-agent: LexiBot

User-agent: libWeb/clsHTTP

User-agent: LinkextractorPro

User-agent: LinkScan/8.1a Unix

User-agent: LinkWalker

User-agent: lwp-trivial

User-agent: lwp-trivial/1.34

User-agent: Mata Hari

User-agent: Microsoft URL Control - 5.01.4511

User-agent: Microsoft URL Control - 6.00.8169

User-agent: MIIxpc

User-agent: MIIxpc/4.2

User-agent: Mister PiX

User-agent: MLBot

User-agent: moget

User-agent: moget/2.1

User-agent: MS Search 4.0 Robot

User-agent: MS Search 5.0 Robot

User-agent: Naverbot

User-agent: NetAnts

User-agent: NetAttache

User-agent: NetMechanic

User-agent: NICErsPRO

User-agent: Offline Explorer

User-agent: Openfind

User-agent: OpenindexSpider

User-agent: ProPowerBot/2.14

User-agent: ProWebWalker

User-agent: psbot

User-agent: QuepasaCreep

User-agent: QueryN Metasearch

User-agent: RepoMonkey

User-agent: RMA

User-agent: SightupBot

User-agent: SiteBot

User-agent: SiteSnagger

User-agent: SiteSucker

User-agent: SpankBot

User-agent: spanner

User-agent: Speedy

User-agent: suggybot

User-agent: SuperBot

User-agent: SuperBot/2.6

User-agent: suzuran

User-agent: Szukacz/1.4

User-agent: Teleport

User-agent: Telesoft

User-agent: The Intraformant

User-agent: TheNomad

User-agent: TightTwatBot

User-agent: Titan

User-agent: toCrawl/UrlDispatcher

User-agent: TosCrawler

User-agent: trendictionbot

User-agent: True_Robot

User-agent: True_Robot/1.0

User-agent: turingos

User-agent: TurnitinBot

User-agent: UrlPouls

User-agent: URLy Warning

User-agent: VCI

User-agent: Web Image Collector

User-agent: WebAuto

User-agent: WebBandit

User-agent: WebBandit/3.50

User-agent: WebCopier

User-agent: webcopy

User-agent: WebEnhancer

User-agent: WebmasterWorldForumBot

User-agent: webmirror

User-agent: WebReaper

User-agent: WebSauger

User-agent: website extractor

User-agent: Website Quester

User-agent: Webster Pro

User-agent: WebStripper

User-agent: WebStripper/2.02

User-agent: WebZip

User-agent: wget

User-agent: WikioFeedBot

User-agent: WinHTTrack

User-agent: WWW-Collector-E

User-agent: Xenu Link Sleuth/1.3.8

User-agent: YisouSpider

User-agent: yacy

User-agent: YRSPider

User-agent: Zeus

User-agent: Zookabot

Disallow: /


User-agent: *

# FIXME TWO LINES UNDER TO REMOVE ON MARCH 1st, LINE FOR TESTS IN PRODUCTION

Disallow: /en/caching-tests/*

Disallow: /fr/caching-tests/*

# CSS, JS, Images

Allow: /core/*.css$

Allow: /core/*.css?

Allow: /core/*.js$

Allow: /core/*.js?

Allow: /core/*.gif

Allow: /core/*.jpg

Allow: /core/*.jpeg

Allow: /core/*.png

Allow: /core/*.svg

Allow: /profiles/*.css$

Allow: /profiles/*.css?

Allow: /profiles/*.js$

Allow: /profiles/*.js?

Allow: /profiles/*.gif

Allow: /profiles/*.jpg

Allow: /profiles/*.jpeg

Allow: /profiles/*.png

Allow: /profiles/*.svg

# Directories

Disallow: /core/

Disallow: /profiles/

# Files

Disallow: /README.txt

Disallow: /web.config

# Paths (clean URLs)

Disallow: /admin/

Disallow: /comment/reply/

Disallow: /filter/tips

Disallow: /node/add/

Disallow: /en/search*

Disallow: /fr/search*

Disallow: /de/search*

Disallow: /es/search*

Disallow: /zh-hans/search*

Disallow: /ja/search*

Disallow: /kk/search*

Disallow: /ru/search*

# Addition 20/03 new languages, part 1 (WEBFACT-4722)

Disallow: /fi/search*

Disallow: /pt-pt/search*

Disallow: /pt-br/search*

Disallow: /pl/search*

# End 20/03 new languages, part 1

Disallow: /en/asset-preview*

Disallow: /fr/asset-preview*

Disallow: /de/asset-preview*

Disallow: /es/asset-preview*

Disallow: /zh-hans/asset-preview*

Disallow: /ja/asset-preview*

Disallow: /kk/asset-preview*

Disallow: /ru/asset-preview*

# Addition 20/03 new languages, part 2  (WEBFACT-4722)

Disallow: /fi/asset-preview*

Disallow: /pt-pt/asset-preview*

Disallow: /pt-br/asset-preview*

Disallow: /pl/asset-preview*

# End 20/03 new languages, part 2

Disallow: /user/register/

Disallow: /user/password/

Disallow: /user/login/

Disallow: /user/logout/

Disallow: /en/products-services/space/in-space-infrastructure/bartolomeo/request-your-payload-slot-on-bartolomeo/bartolomeo-form-confirmation

Disallow: /en/innovation/the-airbus-nova-newsletter/the-nova-newsletter-subscription-confirmation

Disallow: /en/terms-of-use

Disallow: /en/thanks-for-signing-up-to-our-newsletter

Disallow: /en/statement-on-accessibility

Disallow: /de/die-h225-als-polizeihubschrauber

# Paths (no clean URLs)

Disallow: /index.php/admin/

Disallow: /index.php/comment/reply/

Disallow: /index.php/filter/tips

Disallow: /index.php/node/add/

Disallow: /index.php/search/

Disallow: /index.php/user/password/

Disallow: /index.php/user/register/

Disallow: /index.php/user/login/

Disallow: /index.php/user/logout/

Disallow: /fr/opportunites-dinterim-et-formations-cqpm-chez-airbus-en-aeronautique

Disallow: /*/node/

# June 5th Disallowing these Code of Conduct

Disallow: /sites/g/files/jlcbta136/files/2021-07/Airbus-Ethics-Compliance-Code-Conduct-EN_1.pdf

Disallow: /sites/g/files/jlcbta136/files/2021-07/Airbus-Ethics-Compliance-Code-Conduct-FR.pdf

Sitemap: https://www.airbus.com/sitemap.xml

# Disallow search factes and other search filters to be indexed

Disallow: /*/search?

sitemap.xml 200 OK

Type Sitemap Index URLs 3 entries Valid XML Yes

Child Sitemaps:

Domain Intelligence

airbus.com — via CSC Corporate Domains, Inc., 31 years, 4 months old, hosted on INCAPSULA - Incapsula Inc, US

PASS

airbus.com — via CSC Corporate Domains, Inc., 31 years, 4 months old, hosted on INCAPSULA - Incapsula Inc, US

Domain expires in 32 days

Consider enabling auto-renewal to prevent accidental expiration.

Got: Expires May 24, 2026

DNSSEC is not enabled

DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.

Registrar: CSC Corporate Domains, Inc.

Registrar lock is NOT enabled

The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.

Hosting: INCAPSULA - Incapsula Inc, US

Got: AS19551

Domain expiry

EXPIRED

May 24, 2026

SSL certificate

60 days

Issued by GlobalSign nv-sa

Domain age

31 years, 4 months

Registered May 23, 1995

DNSSEC

Not enabled

Protects against DNS spoofing

Hosting

INCAPSULA - Incapsula Inc, US

ASN AS19551

107.154.75.155

Registrar

CSC Corporate Domains, Inc.

Unlocked 2 NS records

Expiry timeline

Today

+1 year

Domain expiry SSL expiry Danger zone (≤30 days)

Recommended actions

Domain has EXPIRED — renew immediately to avoid total site outage
Enable DNSSEC to protect visitors from DNS spoofing
Enable registrar lock (clientTransferProhibited) to block unauthorized domain transfers

Registrar CSC Corporate Domains, Inc.

Created May 23, 1995 (31 years, 4 months ago)

Expires May 24, 2026 (1 months)

Last Updated May 20, 2025

Name Servers udns1.cscdns.net, udns2.cscdns.uk

DNSSEC Not enabled

Hosting

IP Address 107.154.75.155

ASN AS19551 (INCAPSULA - Incapsula Inc, US)

Provider INCAPSULA - Incapsula Inc, US

Data source: rdap (0.3s)

Consider enabling auto-renewal to prevent accidental expiration.

Why this matters

Domain expiry approaching — renew immediately and ensure auto-renew + alerting are configured.

Source: ICANN renewal policy

DNSSEC protects against DNS spoofing attacks. While not required, enabling DNSSEC adds an additional layer of security. Contact your DNS provider to enable it.

Why this matters

Without DNSSEC, an attacker who can poison your DNS can hijack your domain — and SSL certs alone don't stop them.

Learn more ▾

DNSSEC adds cryptographic signatures to DNS records, preventing forged responses from poisoning resolver caches. Without it, an attacker who controls the network path can redirect your domain to a malicious server before any HTTPS handshake happens. Most modern registrars (Cloudflare, Google Domains, Route 53) enable it with one toggle.

Source: ICANN / RFC 4033

The domain can be transferred without an unlock step. Enable registrar lock (clientTransferProhibited) in your registrar's control panel to protect against unauthorized or accidental transfers.

Why this matters

Without registrar lock, an attacker who phishes your registrar credentials can transfer the domain in minutes — total brand hijack.

Learn more ▾

Registrar lock (clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited) requires extra verification before any transfer/update/delete. Every major registrar offers it free. Combined with 2FA on your registrar account, it's the strongest defense against domain hijacking.

Source: ICANN / domain-security best practice

A+

HTTP Probe Timing

Total 267 ms — DNS, TCP, TLS, TTFB, content transfer breakdown

PASS

DNS Lookup

13 ms

TCP Connect

82 ms

TLS Handshake

85 ms

Time to First Byte

267 ms

Total Time

267 ms

Connection waterfall

DNS Lookup 13 ms TCP Connect 82 ms TLS Handshake 85 ms Server Processing 88 ms Content Transfer 0 ms

All checks on this page are automated. Results are estimates - run targeted manual reviews when the score affects a release decision.