Amberloom Website Checker is the most comprehensive online scanner and website analyzer you have ever used. It offers a complete site analysis with just a few clicks. It checks everything about your website – it finds the servers your web operates on; performs a domain check, which analyzes your domain zone and DNS records; checks if your mail servers are configured properly and whether they are blacklisted; performs a vulnerability scan of your servers; checks your web pages for broken links; SEO scans your web pages; checks whether your HTML code is valid; retrieves your SERP rank; checks your website's TLS/SSL configuration, evaluates its speed, evaluates usability on mobile devices, checks your domain reputation and scans it for malware, etc. A full list can be seen below.
As a result, Amberloom Website Checker provides you with a detailed customizable report that you can work with. Not only the report gives you an information about the status of your website's infrastructure, but it also gives you a number handy recommendations on how to deal with revealed problems. You can use it for yourself to improve your project, or you can present the report to your target audience, your managers, colleagues, other teams in your company, to prove you are doing a great job.
For consultants and entrepreneurs, we have prepared fully white-labelled reports that you can present as your own and thus becoming a professional website analyzes reseller.
Here is a list of all checks that are currently being done by our system. This list can change as we improve the service.
Many different methods were developed to fight SPAM and other malicious activity on the Internet. One of the systems that is commonly being used is a system of blacklists. The Blacklist Check tests whether a specific mail server is listed in one or more of the well known and widely used DNS-based blackhole list (DNSBL) and real-time blackhole list (RBL) blacklists.
If a mail server's address is on one or more blacklists, it may cause that messages sent through it will never reach their recipients. When a blacklisted mail server attempts to send an email to a mail server that is protected against spam with a solution that relies on using blacklists, the target mail server refuses to accept the message or even blocks the initial network connection from the blacklisted address. For the blacklisted mail server, it is thus impossible to deliver emails to the target mail server.
A mail server can be blacklisted for various reasons, including a server hack or a malware infection. After the primary cause of the problem is mitigated, the mail server administrator is required to ask for a removal on all blacklists that do not delist the mail server automatically. For this purpose, for each blacklist the target server is listed on, the Blacklist Check provides links to delisting request forms, or web pages that contain more information.
Well configured DNS name servers and records are crucial for every Internet project because DNS is one the first technologies that are being used when a visitor is about to access a website, or other service, well before their browser tries to connect to the target server. If DNS is not configured properly, the visitor will be unable to reach the target server, or it might take the visitor much longer time than needed to get to the target service.
DNS Zone Health Check analyzes the status of the domain's DNS zone including IPv6 and DNSSEC settings. It validates all important features of DNS such as syntax, connectivity, delegation, consistency, name server availability, etc. DNS Zone Health Check is based on Zonemaster project by .SE and AFNIC.
Email harvesting is a technique of building a mailing list by searching for email addresses that are publicly available on the Internet. Email Privacy Check simulates a sophisticated email harvesting software and finds emails written in common formats in the source code of web pages. If this check reports a valid email, it should be removed from (or at least obfuscated in the code of) the target website in order to prevent receiving spam to this address – unless this is an intended behavior, e.g. it is a spam trap.
Geo Location check tries to obtain location information from an IP address. The quality of the IP address to location mapping data differs for different IP networks. For some IP addresses, the provided latitude and longitude is good enough to identify a part of the city the target server runs in. For other addresses, however, it might only be possibly to identify the country where the server is placed.
Besides the geographic location, this check provides an autonomous system number (ASN) and border gateway protocol (BGP) information, which are directly related with routing and connections of networks in the Internet. This information might help with finding an Internet Service Provider (ISP) of the given IP address. In many cases, however, smaller ISPs do not own their own autonomous system and belong under an autonomous system of a bigger provider.
HTML standards prescribe how HTML code should be written by developers and how it should be interpreted by web browsers. Violation of the HTML standards in a web page code causes that the page may be displayed differently to users with different browsers, or may worsen the web page performance as well as the user experience for some or all of the visitors. Some specific errors may also lead to security issues. It is thus vital for every web page to follow the standards as much as possible.
HTML Standards Check surfs the target website and validates the code of its web pages. It is based on The Nu Html Checker, a modern HTML5 validation engine.
Setting up a mail server so that it can really deliver emails to other systems is somehow a difficult task today. Mail server administrators need to know about different kinds of anti-spam mechanisms that are being used in order to setup their MX servers well. Mail Server Health Check helps with mail server configuration with a focus to achieve high email delivery rates.
The check includes finding mail servers for the target domain, checking their availability, evaluating DNS SPF, MX, and PTR records, and their compliance with RFC standards and high delivery rate best practices. Problems in mail server configuration can lead to a wide range of issues from delays in delivery to complete inability to deliver emails to some systems, or having outgoing messages marked as SPAM.
Phishing web pages and malware sources are often hosted on hacked or infected web sites of otherwise honest web owners, who rarely know about the problem until it is too late. When a web site is marked as a host of malicious content, the site automatically loses lots of its visitors, simply because search engines and security products will not let their users access it. The root cause of the problem can be a security hole in the code of the infected web site, but not always this is the case. The attackers could also exploited the web page hosting company, or even another client's code, whose code runs on the same server.
Malware and Reputation Check asks third party engines to scan the target web site for malware, and it also obtains trust scores from established web reputation services. Currently, the following third party services are used:
For an online system's security, a well configured firewall is crucial. The server administrators should be aware of all services that are exposed to remote access. Port Scan reveals both TCP and UDP services that run on the target machines and are accessible from the Internet. It also attempts to get information about the target operating system and additional version information about each revealed service.
Response Time Check simply evaluates access times to the target machine from different world-wide locations. It performs two types of checks – ICMP ECHO request and HTTP HEAD request on port 80/TCP. Each check is performed 3 times from each location. The results can be interpreted as a minimal service access times that are to be expected for its users from different locations.
Search Engine Optimization (SEO) techniques cover all kinds of techniques that were developed to help web sites to get better rankings in search engines. The techniques are commonly divided to two major categories – on-page and off-page. SEO Check focuses on an analysis of the code of the web pages, i.e. it is focused on some of the on-page factors, in order to reveal problems that might affect the page's search engine ranking performance and user experience. A large set of rules respecting the industry best practices is used to suggest possible improvements. SEO Check covers only some of the on-page factors, many other factors are untested.
Search Engine Results Page (SERP) rank is an absolute position of a web site that is returned by a specific search engine for a given keyword. Having the best possible rank of 1 means that the web site appears at the top of the first result page for the given keyword and that it receives the most visitors from searches for that keyword. For each keyword, SERP Check obtains the SERP rank of the target web site and other given domains.
There are many different metrics that can be used to evaluate a power, or a popularity, of a web site. Site Popularity Check collects values from several reputable sources of these metrics in order to provide a complex picture of the target web site's popularity. Some of the metrics reflect a number of visitors of a web site, which is something that does not change very quickly for most webs. Other metrics reflect a current level of interest in the web site on social networks. Some more complex systems that consider many different factors and combine them into a simplified rank value are also included.
SSL/TLS Check performs a detailed analysis of TLS/SSL certificate and configuration of the target server. The analysis includes checks for known TLS and SSL vulnerabilities, such as OpenSSL, CRIME, CCS injection, Heartbleed, POODLE, BREACH, etc. Security holes in SSL and TLS protocols and libraries have become very popular on the field of Internet security in last couple of years. They usually affect a large number of online servers and software packages and can lead to thefts of sensitive data, such as databases of users, their credentials, and even their identities.
Security holes are found on daily basis in all kinds of software on all platforms. Vulnerability Check uses a powerful OpenVAS vulnerability scanner to check for vulnerabilities in remotely accesible services that run on the target machines.
Having the latest security updates installed is usually the best way to fight software security holes and prevent being hacked. Vulnerability Check can help to identify services that are vulnerable and should be updated or closed.
This module evaluates web site speed and usability for both desktop and mobile users. Following the industry best practices and recommendations for optimizing the web site speed and usability can significantly increase user experience across all end-user devices. Today, these characteristics are even considered by search engines, and thus a well performing and mobile-ready web site has a higher chance of getting more visitors from search engines than a poorly designed one.
Website Speed and Usability Check uses two different engines – Google PageSpeed Insights and sitespeed.io – in order to deliver as many useful data as possible about the target web site performance and usability. Both engines use a large set of rules that is being used to evaluate the target web site, so it is possible that some recommendations are doubled in the report.
WHOIS is an old Internet protocol that is used to provide information about Internet resources, such as domains and IP address blocks.
The most common use of WHOIS tools is to find information about domain names. The WHOIS database domain record usually contains a full name of the owner, a person or a company, their physical address, telephone contact, and administrative and technical email contact. The record also contains information about the domain status, its date of registration, the date of last record change and the date of the domain expiration. Although the WHOIS protocol is widely used, there is no standard for the format of its records and hence every WHOIS server can give you information in different format. The quality and the accuracy of the information provided thus depends on each WHOIS server provider.
The original purpose of WHOIS was to provide an open directory of domain owners but this have changed since the spam and other forms of abuse started to be unbearable. Today, subjects that own Internet resources commonly use various proxy services in order to protect their personal information from being publicly available. A domain proxy registration service company registers domains for its clients under its own name, giving only its own information to the public and protecting its clients' identities and personal information.
Amberloom Website Checker is developed by AITIS s.r.o., which focuses on providing support for online businesses since 2010.AITIS s.r.o.