Test Descriptions

A list of each validation test that we run as part of a comprehensive domain checkup. This page also lists some tests that we plan to implement in the future.

Domain Validation

Domain Registration Test

This test checks to see if information about the domain can be found in the domain name registry.

Domain Expiration Date Test

Tests to make sure the domain's registration will not expire soon.

Domain Lock Test

Tests to make sure the domain is locked, which helps prevent unauthorized attempts to transfer the domain to another registrar.

EPP Status Codes Test

Tests to make sure there isn't a problem with the status of the domain.

Private Registration Test

Tests that the registrant's personal information remains private.

Domain Age Future

Tests the age of the domain

DNS Validation

Name Server Redundancy Test

Checks that the domain has at least two name servers defined, for redundancy.

Responsive Name Servers Test

Tests that the name servers for this domain respond to queries.

Authoritative Name Servers Test

Checks that the name servers for this domain report that they are authoritative.

Local NS Matches Whois Test

Checks that the name servers defined in the whois record match those given by name servers themselves.

Local NS Matches Parent Test

Checks that the authoritative name servers and their parent have matching records.

Open Recursive Name Servers Test

Makes sure that the name servers do not respond to open recursive queries.

Name Servers Are Dispersed Test

Checks that all of the name servers are on different subnets, for fault tolerance.

Apex CNAME Record Test

Checks that the apex domain name record (without the www) is an A record, and not a CNAME record.

TTL for NS Record Test

Checks the TTL (Time to Live) for the name server DNS record.

'A' Record Test

Tests that an IP address can be found for the domain name.

TTL for 'A' Record Test

Checks the TTL (Time to Live) for the 'A' record.

'www' Subdomain Test

Tests that an IP address can be found for the 'www' subdomain.

TTL for 'www' Subdomain Test

Checks the TTL (Time to Live) for the www subdomain's 'A' record.

Apex and 'www' Subdomain IP Test

Confirms that the IP addresses match for the website with and without the www subdomain.

SOA Refresh Value Test

Tests that the Start of Authority (SOA) refresh value is in the recommended range.

SOA Retry Value Test

Tests that the Start of Authority (SOA) retry value is in the recommended range.

SOA Expire Value Test

Tests that the Start of Authority (SOA) expire value is in the recommended range.

SOA Minimum Value Test

Tests that the Start of Authority (SOA) minimum value is in the recommended range.

Name Server in SOA Test

Tests that the name server in the SOA record matches one found for the domain.

SOA Serial Number Future

Test that the SOA serial number is valid and matches across all the name servers.

Public DNS Resolves Future

Test that Google (8.8.8.8) and Cloudflare (1.1.1.1) public DNS servers resolve.

Name Servers Agree Future

Test that all name servers return the same answer for the domain's IP.

Glue Future

Test for missing or bad glue from the name servers.

Open Zone Transfer Future

Make sure server does not allow zone transfer.

TXT Record Length Future

Test that TXT records longer than 255 characters are defined and concatenated correctly.

Server Validation

HTTP Status Code Test

The server accepts a connection and returns a "200 OK" status code.

Appropriate Redirects Test

A website should have one canonical URL for the homepage (https://www.example.com). The other URLs should redirect there.

HTTP Upgrades to HTTPS Test

Tests that "http" requests for a page are upgraded to use SSL.

HSTS (Strict-Transport-Security) Test

This tells web browsers that it should only use HTTPS connections to view this website.

SSL : Certificate Exists Test

Checks to make sure an SSL certificate exists for this domain.

Redirect Chain Test

Tests that there is at most one redirect when accessing the website.

SSL : Expiration Date Test

Confirms that the SSL certificate is not going to expire soon.

SSL : Hostname Matches Test

Tests that the hostname defined in the SSL certificate matches the domain name.

SSL : Let's Encrypt DNS Record Test

If a Let's Encrypt DNS record is found, this tests the TTL for that record.

Server Description Test

Examines what software the server reports that it uses.

Content Type Test

Confirms that the webpage is declared to be an HTML page with UTF8 encoding.

X-Frame-Options Test

Tests the 'X-Frame-Options' header which prevents sites from being displayed inside an iframe.

X-XSS-Protection Test

Checks for the presence of the 'X-XSS-Protection' header, which protects against some attacks.

X-Content-Type-Options Test

Checks for the presence of the 'X-Content-Type-Options' header, which protects against some attacks.

Referrer-Policy Test

Checks for the presence of the 'Referrer-Policy' header, which protects data from being leaked to insecure origins.

Content-Security-Policy Test

Checks for the presence of the 'Content-Security-Policy' header, which helps prevent certain types of attacks.

Feature-Policy Test

Checks for the presence of the 'Feature-Policy' header, which helps protect your users by limiting certain browser features.

Permissions-Policy Test

Checks for the presence of the 'Permissions-Policy' header, which helps protect your users by limiting certain browser features.

FLoC Test

Checks to see if the website allows the browser to track users using the FLoC algorithm.

Caching Headers Future

Checks the caching headers to make sure they have appropriate values.

Compression Headers Future

Checks the compressions headers to make sure the server can serve pages optimally.

Cookies Future

Test that cookies are set with best practices

Expect-CT Future

Checks to see if the site enforces Certificate Transparency.

Cross-Origin-Embedder-Policy Future

Tests whether the site strictly enforces CORS.

SSL : SSL Labs Future

Tests that 3rd party testing site SSL Labs returns a good grade.

ads.txt Existence Future

Checks for the existence of the ads.txt file which can reveal which advertisers the website uses.

.well_known Existence Future

Checks for a variety of known endpoints found within the .well_known directory and reports what it finds.

HTTP Version 2 Future

Checks to see if the server supports HTTP/2.

SSL : Proper Key Length Future

Confirms that the SSL certificate uses strong encryption.

Common File Validation

Icons : Favicon File Existence Test

Checks for the existence of a favicon image that is formatted correctly.

Icons : Favicon Image Sizes Test

Tests that the favicon contains 16x16 and 32x32 icons.

Icons : 16x16 Icon Test

Checks that an icon is defined in the HTML for the 16x16 size.

Icons : 32x32 Icon Test

Checks that an icon is defined in the HTML for the 32x32 size.

Icons : 192x192 Icon Test

Checks the web manifest for a 192x192 icon and checks to make sure the image is correct.

Icons : 512x512 Icon Test

Checks the web manifest for a 512x512 icon and checks to make sure the image is correct.

Icons : Apple Touch Icon Test

Checks that the "apple-touch-icon.png" is defined, located in the correct spot and is the right size.

Icons : Safari Pinned Tab Icon Test

Checks that a mask icon is defined and formatted correctly.

Manifest : File Existence Test

Looks for a web manifest file declared in the HTML and checks to make sure it exists.

Manifest : JSON file format Test

Checks that the web manifest file has contents formatted as JSON.

Manifest : Formatting Test

Checks each key/value inside the web manifest file to make sure they are formatted correctly.

Robots.txt : File Existence Test

Makes sure that a robots.txt file exists.

Robots.txt : Sitemap Location Test

Checks the robots.txt file for the location of a sitemap.

Robots.txt : Disallow All Test

Checks to make sure robots can crawl parts of the website.

Robots.txt : Filesize Test

The filesize of a robots.txt file should be less than 500KiB.

Robots.txt : Validation Test

Tests each line of the robots.txt file to check for syntax errors.

Robots.txt : Sitemap Future

Check to see if a sitemap is defined and validates the file format if it exists.

Page Validation

Content on Homepage Test

Tests that there is HTML content that can be viewed on the homepage.

PageSpeed : Cumulative Layout Shift (CLS) Test

Measures the degree to which content moves or jiggles as other content continues to load, causing a poor user experience.

PageSpeed : First Contentful Paint (FCP) Test

Measures the time when the page first displays anything other than a blank screen.

PageSpeed : First Input Delay (FID) Test

Measures the time from when a user interacts with the page to when the browser can process that interaction.

PageSpeed : Largest Contentful Paint (LCP) Test

Measures the perceived load speed by marking when the first large chunk of content is displayed.

PageSpeed : Speed Category Test

The overall summary of the speed of the website.

PageSpeed : Speed Index Test

Checks how quickly the contents of the page are visibly loaded.

PageSpeed : Total Blocking Time Test

The total time that the browser is blocked from handling user inputs.

PageSpeed : Time to Interactive Test

How long it takes for the page to become responsive to user inputs.

HTML Head : Page Title Test

Checks the title of the page to make sure it exists in the right spot and is a good length.

HTML Head : Charset Test

Looks for the Charset meta tag and makes sure it is UTF-8.

HTML Head : Page Description Test

Checks for a description meta tag and makes sure it is the proper length.

HTML Head : Viewport Test

Checks that a viewport meta tag exists with width and initial-scale attributes.

HTML Head : Canonical Test

Looks for the canonical link tag in the <head> section of the html.

Javascript Test

Performs some basic tests on the amount of Javascript loaded in the page.

CSS Test

Tests for unused or unminified CSS.

Email Validation

SPF : Record Existence Test

An SPF record helps prevent forged emails from being sent from the domain.

SPF : Record Formatting Test

Checks the SPF record to make sure it is formatted correctly and has no errors.

SPF : Record Length Test

Checks the length of the SPF record to make sure it isn't too long.

SPF : Qualifier for Default Mechanism Test

To get the most value from a SPF record, it should use the strictest matching.

SPF : TTL Test

Checks the TTL (Time to Live) for the SPF record.

SPF : Unnecessary Mechanisms Test

Suggests optimizations to the SPF record if certain criteria are met.

DKIM : Record Existence Test

A DKIM record provides a way for a receiver to authenticate that an email is valid.

DKIM : Records Per Selector Test

Checks that each DKIM selector returns a record.

DKIM : Record Formatting Test

Validates that the DKIM record is formatted correctly and has no errors.

DKIM : Keylength Test

Tests that the DKIM record using strong encryption.

DMARC : Record Existence Test

A DMARC record improves email authentication and allows errors to be reported.

DMARC : Record Formatting Test

Validates that the DMARC record is formatted correctly and has no errors.

DMARC : Receiver Policy Test

Tests that the DMARC policy is enabled and not in testing mode.

DMARC : Failure Reports Test

Confirms that DMARC error reports are enabled.

BIMI : Record Existence Test

A BIMI record defines how a logo can appear in the customer's inbox.

BIMI : Record Formatting Test

Tests whether the BIMI record is formatted correctly.

BIMI : DMARC Policy Test

A valid DMARC record with a quarantine or reject policy is required for BIMI to function.

MX : Record Existence Test

An MX record defines how email is received by the domain owners.

MX : Valid Hostname Test

Tests that the MX record is a valid hostname.

MX : Hostname IP Test

Tests that an IP address can be found for the MX records.

MX : Preference Value Test

Validates the Preference/Priority number for each MX record.

MX : TTL Test

Checks the TTL (Time to Live) for the MX record.

MX : Duplicates Test

Checks the MX records for duplicates.

SPF : Order of Mechanisms Tip

Offers a suggestion for reordering the SPF mechanisms in order of importance.

DKIM : Email Delivery Tip

Test that emails sent from the domain are correctly signed.

BIMI : Registered Trademark Tip

A suggestion to register a trademark. This is a requirement for having a BIMI record.

BIMI : Image Format Future

Validate the SVG image to make sure it is formatted correctly.

BIMI : Certificate Future

Validate the certificate

MX : PTR Record Future

Checks to see if a PTR record can be found, for reverse DNS lookups.

MX : Connection Time Future

Tests that the mail server responds quickly.

MX : Open Relay Future

Checks that the mail server does not behave as an open relay.

MX : Blacklist Future

Checks to see if the mail server appears on a variety of public blacklists.

BIMI : Image Format Future

Tests that the SVG image provided in the BIMI record is formatted correctly.