Check DNS, Urls + Redirects, Certificates and Content of your Website

...

skip EDNS-Check

skip Content-Check

check links

old / weak connection

Checked:
03.09.2025 08:19:54

Older results

No older results found

1. IP-Addresses

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
excite.com	A	199.232.82.114 Marseille/Provence-Alpes-Côte d'Azur/France (FR) - Fastly, Inc. No Hostname found	yes	1	0
	AAAA		yes
www.excite.com	CNAME	askmedia.map.fastly.net	yes	1	0
	A	146.75.118.114 Frankfurt am Main/Hesse/Germany (DE) - Fastly, Inc. No Hostname found	yes
excite.com	A	146.75.118.114 Frankfurt am Main/Hesse/Germany (DE) - Fastly, Inc. No Hostname found	no
www.excite.com	A	146.75.122.114 Frankfurt am Main/Hesse/Germany (DE) - Fastly, Inc. No Hostname found	no
*.excite.com	A	Name Error	yes
	AAAA	Name Error	yes
	CNAME	Name Error	yes

2. DNSSEC

Zone (*)	DNSSEC - Informations

Zone: (root)
(root)	1 DS RR published


	DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=


	• Status: Valid because published


	4 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 46441, Flags 256


	Public Key with Algorithm 8, KeyTag 53148, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 20.09.2025, 00:00:00 +, Signature-Inception: 30.08.2025, 00:00:00 +, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com	1 DS RR in the parent zone found


	DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 16.09.2025, 05:00:00 +, Signature-Inception: 03.09.2025, 04:00:00 +, KeyTag 46441, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 46441 used to validate the DS RRSet in the parent zone


	2 DNSKEY RR found


	Public Key with Algorithm 13, KeyTag 19718, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 13, KeyTag 20545, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner com., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 14.09.2025, 14:02:35 +, Signature-Inception: 30.08.2025, 13:57:35 +, KeyTag 19718, Signer-Name: com


	• Status: Good - Algorithmus 13 and DNSKEY with KeyTag 19718 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest "isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: excite.com
excite.com	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "nt2scbkb5ibiv3botpv0k7kjp0vedcaj" between the hashed NSEC3-owner "nt2s9me1n0ebvum16vgic5mn09dd133p" and the hashed NextOwner "nt2snnfjr6c3mlg9h18bhaenvesncfbk". So the parent zone confirmes the not-existence of a DS RR. Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner nt2s9me1n0ebvum16vgic5mn09dd133p.com., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 10.09.2025, 00:52:54 +, Signature-Inception: 02.09.2025, 23:42:54 +, KeyTag 20545, Signer-Name: com


	DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q3udg8cekkae7rukpgct1dvssh8ll". So that domain name is the Closest Encloser of "excite.com". Opt-Out: True. Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 08.09.2025, 00:26:03 +, Signature-Inception: 31.08.2025, 23:16:03 +, KeyTag 20545, Signer-Name: com


	0 DNSKEY RR found




Zone: www.excite.com
www.excite.com	0 DS RR in the parent zone found

Zone: (root)
(root)	1 DS RR published


	DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=


	• Status: Valid because published


	4 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 46441, Flags 256


	Public Key with Algorithm 8, KeyTag 53148, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 20.09.2025, 00:00:00 +, Signature-Inception: 30.08.2025, 00:00:00 +, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: net
net	1 DS RR in the parent zone found


	DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 16.09.2025, 05:00:00 +, Signature-Inception: 03.09.2025, 04:00:00 +, KeyTag 46441, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 46441 used to validate the DS RRSet in the parent zone


	2 DNSKEY RR found


	Public Key with Algorithm 13, KeyTag 33296, Flags 256


	Public Key with Algorithm 13, KeyTag 37331, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner net., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 14.09.2025, 14:10:35 +, Signature-Inception: 30.08.2025, 14:05:35 +, KeyTag 37331, Signer-Name: net


	• Status: Good - Algorithmus 13 and DNSKEY with KeyTag 37331 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest "LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: fastly.net
fastly.net	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "ap27gbv43gq0pd0p7pujmpgv3q2t7q3o" between the hashed NSEC3-owner "ap22ie95pjt6ocm87u9k7g0ee9btj554" and the hashed NextOwner "ap284ecq9c9iqoag8i91ongr5784m4et". So the parent zone confirmes the not-existence of a DS RR. Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner ap22ie95pjt6ocm87u9k7g0ee9btj554.net., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 09.09.2025, 03:01:48 +, Signature-Inception: 02.09.2025, 01:51:48 +, KeyTag 33296, Signer-Name: net


	DS-Query in the parent zone sends valid NSEC3 RR with the Hash "a1rt98bs5qgc9nfi51s9hci47uljg6jh" as Owner. That's the Hash of "net" with the NextHashedOwnerName "a1rtlnpgulogn7b9a62shje1u3ttp8dr". So that domain name is the Closest Encloser of "fastly.net". Opt-Out: True. Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner a1rt98bs5qgc9nfi51s9hci47uljg6jh.net., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 08.09.2025, 03:06:33 +, Signature-Inception: 01.09.2025, 01:56:33 +, KeyTag 33296, Signer-Name: net


	0 DNSKEY RR found




Zone: map.fastly.net
map.fastly.net	0 DS RR in the parent zone found


	0 DNSKEY RR found




Zone: askmedia.map.fastly.net
askmedia.map.fastly.net	0 DS RR in the parent zone found


	0 DNSKEY RR found

3. Name Servers

Domain	Nameserver	NS-IP
excite.com	• dns1.p07.nsone.net	198.51.44.7 New York/United States (US) - NSONE Inc	•
	•	2620:4d:4000:6259:7:7:0:1 New York/United States (US) - NSONE Inc	•
	• dns2.p07.nsone.net	198.51.45.7 Kimball/Nebraska/United States (US) - NSONE Inc	•
	•	2a00:edc0:6259:7:7::2 Amsterdam/North Holland/The Netherlands (NL) - NS1	•
	• dns3.p07.nsone.net	198.51.44.71 New York/United States (US) - NSONE Inc	•
	•	2620:4d:4000:6259:7:7:0:3 New York/United States (US) - NSONE Inc	•
	• dns4.p07.nsone.net	198.51.45.71 Kimball/Nebraska/United States (US) - NSONE Inc	•
	•	2a00:edc0:6259:7:7::4 Amsterdam/North Holland/The Netherlands (NL) - NS1	•
com	• a.gtld-servers.net		•
	• b.gtld-servers.net		•
	• c.gtld-servers.net		•
	• d.gtld-servers.net		•
	• e.gtld-servers.net		•
	• f.gtld-servers.net		•
	• g.gtld-servers.net		•
	• h.gtld-servers.net		•
	• i.gtld-servers.net		•
	• j.gtld-servers.net		•
	• k.gtld-servers.net		•
	• l.gtld-servers.net		•
	• m.gtld-servers.net		•

askmedia.map.fastly.net	• ns1.fastly.net	23.235.32.32 San Francisco/California/United States (US) - Fastly, Inc.	•
map.fastly.net	• ns1.fastly.net	23.235.32.32 San Francisco/California/United States (US) - Fastly, Inc.	•
fastly.net	• ns1.fastly.net	23.235.32.32 San Francisco/California/United States (US) - Fastly, Inc.	•
	• ns2.fastly.net	104.156.80.32 Montreal/Quebec/Canada (CA) - Fastly, Inc.	•
	• ns3.fastly.net	23.235.36.32 Montreal/Quebec/Canada (CA) - Fastly, Inc.	•
	• ns4.fastly.net	104.156.84.32 Montreal/Quebec/Canada (CA) - Fastly, Inc.	•
net	• a.gtld-servers.net		•
	• b.gtld-servers.net		•
	• c.gtld-servers.net		•
	• d.gtld-servers.net		•
	• e.gtld-servers.net		•
	• f.gtld-servers.net		•
	• g.gtld-servers.net		•
	• h.gtld-servers.net		•
	• i.gtld-servers.net		•
	• j.gtld-servers.net		•
	• k.gtld-servers.net		•
	• l.gtld-servers.net		•
	• m.gtld-servers.net		•

4. SOA-Entries

Domain:	com
Zone-Name:	com
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1756880375
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	900
num Entries:	13

Domain:	excite.com
Zone-Name:	excite.com
Primary:	dns1.p07.nsone.net
Mail:	hostmaster.nsone.net
Serial:	1652202055
Refresh:	43200
Retry:	7200
Expire:	1209600
TTL:	3600
num Entries:	8


Domain:	net
Zone-Name:	net
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1756880375
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	900
num Entries:	5

Domain:	net
Zone-Name:	net
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1756880385
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	900
num Entries:	8

Domain:	fastly.net
Zone-Name:	fastly.net
Primary:	ns1.fastly.net
Mail:	hostmaster.fastly.com
Serial:	2017052201
Refresh:	3600
Retry:	600
Expire:	604800
TTL:	30
num Entries:	4

Domain:	map.fastly.net
Zone-Name:	fastly.net
Primary:	ns1.fastly.net
Mail:	hostmaster.fastly.com
Serial:	2017052201
Refresh:	3600
Retry:	600
Expire:	604800
TTL:	30
num Entries:	1

Domain:	askmedia.map.fastly.net
Zone-Name:	fastly.net
Primary:	ns1.fastly.net
Mail:	hostmaster.fastly.com
Serial:	2017052201
Refresh:	3600
Retry:	600
Expire:	604800
TTL:	30
num Entries:	1

5. Screenshots

Startaddress: https://www.excite.com/, address used: https://www.excite.com/, Screenshot created 2025-09-03 08:24:52 +00:0

Mobil (412px x 732px)

1102 milliseconds

Screenshot mobile - https://www.excite.com/

Mobil + Landscape (732px x 412px)

1070 milliseconds

Screenshot mobile landscape - https://www.excite.com/

Screen (1280px x 1680px)

1125 milliseconds

Screenshot Desktop - https://www.excite.com/

Mobile- and other Chrome-Checks

	width	height
visual Viewport	397	717
content Size	707	1714

Fatal: Horizontal scrollbar detected. Content-size width is greater then visual Viewport width.

6. Url-Checks

show header:

Domainname	Http-Status	redirect	Sec.	G
• http://excite.com/ 146.75.118.114	301	https://www.excite.com/	0.030	E
Connection: close
Retry-After: 0
Location: https://www.excite.com/
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:20:49 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-eddf8230163-FRA
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• http://excite.com/ 199.232.82.114	301	https://www.excite.com/	0.054	E
Connection: close
Retry-After: 0
Location: https://www.excite.com/
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:20:49 GMT
Via: 1.1 varnish
X-Served-By: cache-mrs10564-MRS
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• http://www.excite.com/ 146.75.118.114	301	https://www.excite.com/	0.027	A
Connection: close
Retry-After: 0
Location: https://www.excite.com/
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:20:49 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-eddf8230034-FRA
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• http://www.excite.com/ 146.75.122.114	301	https://www.excite.com/	0.057	A
Connection: close
Retry-After: 0
Location: https://www.excite.com/
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:20:49 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-etou8220061-FRA
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• https://excite.com/ 146.75.118.114	301	https://www.excite.com/	6.687	B
Connection: close
Retry-After: 0
Location: https://www.excite.com/
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:20:49 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-eddf8230161-FRA
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• https://excite.com/ 199.232.82.114	301	https://www.excite.com/	6.783	B
Connection: close
Retry-After: 0
Location: https://www.excite.com/
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:20:57 GMT
Via: 1.1 varnish
X-Served-By: cache-mrs10543-MRS
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• https://www.excite.com/ 146.75.118.114 br used - 5117 / 28887 - 82.29 %	200	Html is minified: 128.62 %	7.254	B
Connection: keep-alive
Content-Security-Policy: default-src * 'unsafe-inline';script-src * 'unsafe-eval' 'unsafe-inline';img-src * 'self' data:;frame-ancestors none;frame-src 'self' mailto: tel: https:
Cross-Origin-Opener-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
ETag: W/"70d7-hpIkIq3W9GhMU/xVob4dPsACL4Q"
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:21:06 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-eddf8230125-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1756880466.752310,VS0,VE324
Vary: Accept-Encoding,x-ua-device,geo-grid-id
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Content-Length: 5117

• https://www.excite.com/ 146.75.122.114 br used - 5117 / 28887 - 82.29 %	200	Html is minified: 128.62 %	7.457	B
Connection: keep-alive
Content-Security-Policy: default-src * 'unsafe-inline';script-src * 'unsafe-eval' 'unsafe-inline';img-src * 'self' data:;frame-ancestors none;frame-src 'self' mailto: tel: https:
Cross-Origin-Opener-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
ETag: W/"70d7-EYzQU652MEWDenwkLcZjgAzPX+M"
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:21:14 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-etou8220058-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1756880474.405144,VS0,VE326
Vary: Accept-Encoding,x-ua-device,geo-grid-id
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Content-Length: 5117

• http://excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 146.75.118.114	301	https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	0.034	E
Visible Content:
Connection: close
Retry-After: 0
Location: https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:21:23 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-eddf8230108-FRA
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• http://excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 199.232.82.114	301	https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	0.057	E
Visible Content:
Connection: close
Retry-After: 0
Location: https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:21:23 GMT
Via: 1.1 varnish
X-Served-By: cache-mrs1050102-MRS
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• http://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 146.75.118.114	301	https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	0.023	A
Visible Content:
Connection: close
Retry-After: 0
Location: https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:21:23 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-eddf8230148-FRA
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• http://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 146.75.122.114	301	https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	0.050	A
Visible Content:
Connection: close
Retry-After: 0
Location: https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:21:23 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-etou8220070-FRA
X-Cache: HIT
X-Cache-Hits: 0
Content-Length: 0

• https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de br used - 3079 / 9411 - 67.28 %	404	Html is minified: 124.07 %	7.420	A
Not Found
Visible Content:
Connection: keep-alive
Content-Security-Policy: default-src * 'unsafe-inline';script-src * 'unsafe-eval' 'unsafe-inline';img-src * 'self' data:;frame-ancestors none;frame-src 'self' mailto: tel: https:
Cross-Origin-Opener-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
ETag: W/"24c3-gSilS4zUHpNRN4lwZbSAvIxwrnc"
Accept-Ranges: bytes
Date: Wed, 03 Sep 2025 06:21:48 GMT
Via: 1.1 varnish
X-Served-By: cache-fra-etou8220130-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1756880508.195276,VS0,VE302
Vary: Accept-Encoding,x-ua-device,geo-grid-id
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: br
Content-Length: 3079

• https://146.75.118.114/ 146.75.118.114	421	Html is minified: 102.11 %	6.507	N
Misdirected Request
Certificate error: RemoteCertificateNameMismatch
Connection: keep-alive
x-served-by: cache-fra-eddf8230058
Content-Length: 291
Content-Type: text/plain; charset=utf-8

• https://146.75.122.114/ 146.75.122.114	421	Html is minified: 102.11 %	6.694	N
Misdirected Request
Certificate error: RemoteCertificateNameMismatch
Connection: keep-alive
x-served-by: cache-fra-etou8220091
Content-Length: 291
Content-Type: text/plain; charset=utf-8

• https://199.232.82.114/ 199.232.82.114	421	Html is minified: 102.11 %	6.707	N
Misdirected Request
Certificate error: RemoteCertificateNameMismatch
Connection: keep-alive
x-served-by: cache-mrs10533
Content-Length: 291
Content-Type: text/plain; charset=utf-8

7. Comments

	1. General Results, most used to calculate the result
A	name "excite.com" is domain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 108094 (complete: 276475)
A	Good: All ip addresses are public addresses
	Warning: Only one ip address found: excite.com has only one ip address.
	Warning: Only one ip address found: www.excite.com has only one ip address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: excite.com has no ipv6 address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.excite.com has no ipv6 address.
A	Good: No asked Authoritative Name Server had a timeout
A	Good: destination is https
A	Good - only one version with Http-Status 200
A	Good: one preferred version: www is preferred
A	Good: No cookie sent via http.
	HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
A	Good: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
A	http://www.excite.com/ 146.75.118.114	301	https://www.excite.com/	Correct redirect http - https with the same domain name
A	http://www.excite.com/ 146.75.122.114	301	https://www.excite.com/	Correct redirect http - https with the same domain name
B	Warning: HSTS max-age is too short - minimum 31536000 = 365 days required, 15552000 seconds = 180 days found
B	https://excite.com/ 146.75.118.114	301		Missing HSTS-Header
B	https://excite.com/ 199.232.82.114	301		Missing HSTS-Header
E	http://excite.com/ 146.75.118.114	301	https://www.excite.com/	Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
E	http://excite.com/ 199.232.82.114	301	https://www.excite.com/	Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
M	https://146.75.118.114/ 146.75.118.114	421		Misconfiguration - main pages should never send http status 400 - 499
M	https://199.232.82.114/ 199.232.82.114	421		Misconfiguration - main pages should never send http status 400 - 499
M	https://146.75.122.114/ 146.75.122.114	421		Misconfiguration - main pages should never send http status 400 - 499
N	https://146.75.118.114/ 146.75.118.114	421		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N	https://199.232.82.114/ 199.232.82.114	421		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N	https://146.75.122.114/ 146.75.122.114	421		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
O	excite.com / 199.232.82.114 / 443			Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 3 Cipher Suites without Forward Secrecy found
O	www.excite.com / 146.75.118.114 / 443			Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 3 Cipher Suites without Forward Secrecy found
	Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain excite.com, 1 ip addresses.
	Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain www.excite.com, 1 ip addresses.
B	No _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.excite.com
	2. Header-Checks
A	www.excite.com 146.75.118.114	Content-Security-Policy		Ok: Header without syntax errors found: default-src * 'unsafe-inline';script-src * 'unsafe-eval' 'unsafe-inline';img-src * 'self' data:;frame-ancestors none;frame-src 'self' mailto: tel: https:
F				Bad: default-src with "*" or a scheme found. That allows too much, don't use such a definition.
F				Bad: default-src with 'unsafe-inline' or 'unsave-eval'. That's dangerous, don't use it.
E				Bad: No form-action directive found. Use one to limit the form - action - destinations. form-action is a navigation-directive, so default-src isn't used.
A				Good: frame-ancestors directive found. That limits pages who are allowed to use this page in a frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
E				Bad: No base-uri directive found. Use one to limit the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
E				Critical: No object-src defined, the default-src used as fallback allows too much. object / embed / applet shouldn't be able to load these resources.
F				Critical: script-src with 'unsafe-inline' or 'unsafe-eval' and without a nonce found. That's dangerous, don't use it. If you really need one of these unsafe directives, add a nonce.
F				Critical: script-src with * or a scheme found. Never allow wildcard - sources.
A				Good: script-src without data: schema found. Why is this important? The data: schema allows hidden code injection. Insert <script src='data:application/javascript;base64,YWxlcnQoJ1hTUycpOw=='></script> in your page and see what happens.
A				Good: frame-src without data: defined or frame-src missing and the default-src used as fallback not allows the data: schema. That blocks hidden code injection. Insert <iframe src="data:text/html;charset=utf-8;base64,PCFET0NUWVBFIGh0bWw+PGh0bWw+PGJvZHk+PHA+YmVmb3JlPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPmFsZXJ0KCdYU1MnKTwvc2NyaXB0PjxwPmFmdGVyPC9ib2R5PjwvaHRtbD4="></iframe> in your page and see what happens.
A		X-Content-Type-Options		Ok: Header without syntax errors found: nosniff
A		Referrer-Policy		Ok: Header without syntax errors found: origin
A		X-Frame-Options		Ok: Header without syntax errors found: DENY
B				Info: Header is deprecated. May not longer work in modern browsers. DENY. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A		X-Xss-Protection		Ok: Header without syntax errors found: 0
B				Info: Header is deprecated. May not longer work in modern browsers. 0
A		Cross-Origin-Opener-Policy		Ok: Header without syntax errors found: same-origin
A	www.excite.com 146.75.122.114	Content-Security-Policy		Ok: Header without syntax errors found: default-src * 'unsafe-inline';script-src * 'unsafe-eval' 'unsafe-inline';img-src * 'self' data:;frame-ancestors none;frame-src 'self' mailto: tel: https:
F				Bad: default-src with "*" or a scheme found. That allows too much, don't use such a definition.
F				Bad: default-src with 'unsafe-inline' or 'unsave-eval'. That's dangerous, don't use it.
E				Bad: No form-action directive found. Use one to limit the form - action - destinations. form-action is a navigation-directive, so default-src isn't used.
A				Good: frame-ancestors directive found. That limits pages who are allowed to use this page in a frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
E				Bad: No base-uri directive found. Use one to limit the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
E				Critical: No object-src defined, the default-src used as fallback allows too much. object / embed / applet shouldn't be able to load these resources.
F				Critical: script-src with 'unsafe-inline' or 'unsafe-eval' and without a nonce found. That's dangerous, don't use it. If you really need one of these unsafe directives, add a nonce.
F				Critical: script-src with * or a scheme found. Never allow wildcard - sources.
A				Good: script-src without data: schema found. Why is this important? The data: schema allows hidden code injection. Insert <script src='data:application/javascript;base64,YWxlcnQoJ1hTUycpOw=='></script> in your page and see what happens.
A				Good: frame-src without data: defined or frame-src missing and the default-src used as fallback not allows the data: schema. That blocks hidden code injection. Insert <iframe src="data:text/html;charset=utf-8;base64,PCFET0NUWVBFIGh0bWw+PGh0bWw+PGJvZHk+PHA+YmVmb3JlPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPmFsZXJ0KCdYU1MnKTwvc2NyaXB0PjxwPmFmdGVyPC9ib2R5PjwvaHRtbD4="></iframe> in your page and see what happens.
A		X-Content-Type-Options		Ok: Header without syntax errors found: nosniff
A		Referrer-Policy		Ok: Header without syntax errors found: origin
A		X-Frame-Options		Ok: Header without syntax errors found: DENY
B				Info: Header is deprecated. May not longer work in modern browsers. DENY. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A		X-Xss-Protection		Ok: Header without syntax errors found: 0
B				Info: Header is deprecated. May not longer work in modern browsers. 0
A		Cross-Origin-Opener-Policy		Ok: Header without syntax errors found: same-origin
F	www.excite.com 146.75.118.114	Permissions-Policy		Critical: Missing Header:
B	www.excite.com 146.75.118.114	Cross-Origin-Embedder-Policy		Info: Missing Header
B	www.excite.com 146.75.118.114	Cross-Origin-Resource-Policy		Info: Missing Header
F	www.excite.com 146.75.122.114	Permissions-Policy		Critical: Missing Header:
B	www.excite.com 146.75.122.114	Cross-Origin-Embedder-Policy		Info: Missing Header
B	www.excite.com 146.75.122.114	Cross-Origin-Resource-Policy		Info: Missing Header
	3. DNS- and NameServer - Checks
A	Info:: 13 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 4 Name Servers.
A	Info:: 13 Queries complete, 13 with IPv6, 0 with IPv4.
A	Good: All DNS Queries done via IPv6.
	Ok (4 - 8):: An average of 3.3 queries per domain name server required to find all ip addresses of all name servers.
A	Info:: 4 different Name Servers found: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net, 4 Name Servers included in Delegation: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net, 4 Name Servers included in 1 Zone definitions: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net, 1 Name Servers listed in SOA.Primary: dns1.p07.nsone.net.
A	Good: Only one SOA.Primary Name Server found.: dns1.p07.nsone.net.
A	Good: SOA.Primary Name Server included in the delegation set.: dns1.p07.nsone.net.
A	Good: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net
A	Good: All Name Server Domain Names have a Public Suffix.
A	Good: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
A	Good: All Name Server ip addresses are public.
A	Good: Minimal 2 different name servers (public suffix and public ip address) found: 4 different Name Servers found
A	Good: All name servers have ipv4- and ipv6-addresses.: 4 different Name Servers found
	Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 4 Name Servers, 1 Top Level Domain: net
	Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: nsone.net
A	Good: Name servers with different Country locations found: 4 Name Servers, 2 Countries: NL, US
A	Info: Ipv4-Subnet-list: 4 Name Servers, 1 different subnets (first Byte): 198., 1 different subnets (first two Bytes): 198.51., 2 different subnets (first three Bytes): 198.51.44., 198.51.45.
A	Good: Name Server IPv4-addresses from different subnet found:
A	Info: IPv6-Subnet-list: 4 Name Servers with IPv6, 2 different subnets (first block): 2620:, 2a00:, 2 different subnets (first two blocks): 2620:004d:, 2a00:edc0:, 2 different subnets (first three blocks): 2620:004d:4000:, 2a00:edc0:6259:, 2 different subnets (first four blocks): 2620:004d:4000:6259:, 2a00:edc0:6259:0007:
A	Good: Name Server IPv6 addresses from different subnets found.
A	Good: Nameserver supports TCP connections: 8 good Nameserver
A	Good: Nameserver supports Echo Capitalization: 8 good Nameserver
A	Good: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 8 good Nameserver
A	Good: All SOA have the same Serial Number
A	Good: CAA entries found, creating certificate is limited: certainly.com is allowed to create certificates
A	Good: CAA entries found, creating certificate is limited: globalsign.com is allowed to create certificates
A	Good: CAA entries found, creating certificate is limited: letsencrypt.org is allowed to create certificates
	Warning: Unknown CAA found: certainly.com isn't defined. Unknown entry. May be wrong written, may be not longer valid. May be a missing entry in this tool.
	4. Content- and Performance-critical Checks
A	Good: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
A	Good: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
	https://www.excite.com/ 146.75.118.114	200		Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
	https://www.excite.com/ 146.75.122.114	200		Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
A	Good: Every https connection via port 443 supports the http/2 protocol via ALPN.
A	Info: No img element found, no alt attribute checked
A	Good: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
	https://www.excite.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	404	7.420 seconds	Warning: 404 needs more then one second
A	Duration: 305916 milliseconds, 305.916 seconds

8. Connections

Domain

Port

Cert.

Protocol

KeyExchange

Strength

Cipher

Strength

HashAlgorithm

OCSP stapling

Domain/KeyExchange

IP/Strength

Port/Cipher

Cert./Strength

Protocol/HashAlgorithm

OCSP stapling

excite.com

146.75.118.114

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

excite.com

146.75.118.114

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported
SNI required

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
SNI required

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

excite.com

199.232.82.114

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

excite.com

199.232.82.114

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported
SNI required

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
SNI required

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

www.excite.com

146.75.118.114

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

www.excite.com

146.75.118.114

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported
SNI required

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
SNI required

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

www.excite.com

146.75.122.114

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

www.excite.com

146.75.122.114

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported
SNI required

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
SNI required

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

www.excite.com

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

www.excite.com

443

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

146.75.118.114

443

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

146.75.118.114

443

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

146.75.122.114

443

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

146.75.122.114

443

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

199.232.82.114

443

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

199.232.82.114

443

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

supported

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

9. Certificates

CN=excite.com

28.07.2025

29.08.2026
expires in 170 days

excite.com - 1 entry

CN=excite.com

28.07.2025

29.08.2026
expires in 170 days

excite.com - 1 entry

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0157EDE1D3BE7AD2129CC3B5FC79ED76
Thumbprint:	2B551073CEA094FBE0A0931D5A9C81887ECFDD0B
SHA256 / Certificate:	Qpn0Km4awMpnbWb3z2W4hMY4Que/V23PocWaxba/xBM=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	e2abea5ff7cbd53ae16536c9db13d021a685a230f20f47be4ada99cd9467acef
SHA256 hex / Subject Public Key Information (SPKI):	e2abea5ff7cbd53ae16536c9db13d021a685a230f20f47be4ada99cd9467acef (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2025q3
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3, O=GlobalSign nv-sa, C=BE

16.04.2025

16.04.2027
expires in 400 days

CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3, O=GlobalSign nv-sa, C=BE

16.04.2025

16.04.2027
expires in 400 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0083431C440DB4D0F7867AFE7C3A53CC2D
Thumbprint:	AD94DF2C8FAC1FB5A0734F5E810E57B6C2CE9291
SHA256 / Certificate:	VTn4yQEFGDRfwhqF8ls53WrY1ZHHlxy7kAwstwgbv5A=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	688f38daca00737a95e0a623c15c59f9d89822849e793e86eeef472770b84504
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp2.globalsign.com/rootr3
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

18.03.2009

18.03.2029
expires in 1102 days

CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

18.03.2009

18.03.2029
expires in 1102 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	04000000000121585308A2
Thumbprint:	D69B561148F01C77C54578C10926DF5B856976AD
SHA256 / Certificate:	y7Ui17fxJ61qAROGW98c1BAufQdZr2NafPRyDcljxTs=
SHA256 hex / Cert (DANE * 0 1):	cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
SHA256 hex / PublicKey (DANE * 1 1):	706bb1017c855c59169bad5c1781cf597f12d2cad2f63d1a4aa37493800ffb80
SHA256 hex / Subject Public Key Information (SPKI):	706bb1017c855c59169bad5c1781cf597f12d2cad2f63d1a4aa37493800ffb80
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=*.excite.com

29.07.2025

30.08.2026
expires in 171 days

*.excite.com - 1 entry

CN=*.excite.com

29.07.2025

30.08.2026
expires in 171 days

*.excite.com - 1 entry

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0190BE30009F405ED38693464574C475
Thumbprint:	329017C253A25B9C97F27A8B87336574E33A4F1D
SHA256 / Certificate:	cAmCBNSBh/+KaRexQCSIBSAgDPwL2+abxUyfH/qgm2Q=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	e2abea5ff7cbd53ae16536c9db13d021a685a230f20f47be4ada99cd9467acef
SHA256 hex / Subject Public Key Information (SPKI):	e2abea5ff7cbd53ae16536c9db13d021a685a230f20f47be4ada99cd9467acef (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2025q3
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3, O=GlobalSign nv-sa, C=BE

16.04.2025

16.04.2027
expires in 400 days

CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3, O=GlobalSign nv-sa, C=BE

16.04.2025

16.04.2027
expires in 400 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0083431C440DB4D0F7867AFE7C3A53CC2D
Thumbprint:	AD94DF2C8FAC1FB5A0734F5E810E57B6C2CE9291
SHA256 / Certificate:	VTn4yQEFGDRfwhqF8ls53WrY1ZHHlxy7kAwstwgbv5A=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	688f38daca00737a95e0a623c15c59f9d89822849e793e86eeef472770b84504
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp2.globalsign.com/rootr3
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

18.03.2009

18.03.2029
expires in 1102 days

CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

18.03.2009

18.03.2029
expires in 1102 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	04000000000121585308A2
Thumbprint:	D69B561148F01C77C54578C10926DF5B856976AD
SHA256 / Certificate:	y7Ui17fxJ61qAROGW98c1BAufQdZr2NafPRyDcljxTs=
SHA256 hex / Cert (DANE * 0 1):	cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
SHA256 hex / PublicKey (DANE * 1 1):	706bb1017c855c59169bad5c1781cf597f12d2cad2f63d1a4aa37493800ffb80
SHA256 hex / Subject Public Key Information (SPKI):	706bb1017c855c59169bad5c1781cf597f12d2cad2f63d1a4aa37493800ffb80
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=g.sni-626-default.ssl.fastly.net

14.11.2024

16.12.2025
86 days expired

g.sni-626-default.ssl.fastly.net - 1 entry

CN=g.sni-626-default.ssl.fastly.net

14.11.2024

16.12.2025
86 days expired

g.sni-626-default.ssl.fastly.net - 1 entry

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	010AB89CA252ACDE0ECAD6901DBC388A
Thumbprint:	989D4AEC448C05CC166D754DAB4E9DCBC5B401B8
SHA256 / Certificate:	GKSFkZmzod5VQyNTxfv5g80FzXTAY85WSp61ED3pgco=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	c134176d2433c98d2ec91322ee9b51d5c7d2acdcc68a3883e9f5ae71a89d5175
SHA256 hex / Subject Public Key Information (SPKI):	c134176d2433c98d2ec91322ee9b51d5c7d2acdcc68a3883e9f5ae71a89d5175 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2024q4
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=GlobalSign Atlas R3 DV TLS CA 2024 Q4, O=GlobalSign nv-sa, C=BE

17.07.2024

17.07.2026
expires in 127 days

CN=GlobalSign Atlas R3 DV TLS CA 2024 Q4, O=GlobalSign nv-sa, C=BE

17.07.2024

17.07.2026
expires in 127 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	00817CD51426F2DDF6FF588022C88554F6
Thumbprint:	C528973F7C4ADA1BF46B903FE8EDF5D3A87E1BF7
SHA256 / Certificate:	t3bf8AeekKa/aJc4DUDWzwyA/obmWgbg3wLVgah3BeI=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	35e363291b0fe8cc051914bf2f755a43edccb9e4b12ed087e19a71b908d049d7
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp2.globalsign.com/rootr3
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

18.03.2009

18.03.2029
expires in 1102 days

CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

18.03.2009

18.03.2029
expires in 1102 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	04000000000121585308A2
Thumbprint:	D69B561148F01C77C54578C10926DF5B856976AD
SHA256 / Certificate:	y7Ui17fxJ61qAROGW98c1BAufQdZr2NafPRyDcljxTs=
SHA256 hex / Cert (DANE * 0 1):	cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
SHA256 hex / PublicKey (DANE * 1 1):	706bb1017c855c59169bad5c1781cf597f12d2cad2f63d1a4aa37493800ffb80
SHA256 hex / Subject Public Key Information (SPKI):	706bb1017c855c59169bad5c1781cf597f12d2cad2f63d1a4aa37493800ffb80
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuer				last 7 days	active	num Certs
CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3, O=GlobalSign nv-sa, C=BE				0	1	1

CertSpotter-Id	Issuer	not before	not after	Domain names	LE-Duplicate	next LE
11292417269 leaf cert	CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3, O=GlobalSign nv-sa, C=BE	2025-07-28 21:00:24	2026-08-29 21:00:23	excite.com - 1 entries

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

12. Html-Parsing via https://validator.w3.org/nu/

	Type	Message	num found
Url used (first standard-https-result with http status 200): https://www.excite.com/

Summary
	Good: No non-document-errors
	59 errors
	7 warnings
1.	error	Bad value `presentation` for attribute `role` on element `img`	24
2.	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.	8
3.	error	Bad value for attribute `id` on element `a`: An ID must not be the empty string.	7
4.	error	Duplicate ID .	6
5.	error	An element with the attribute `tabindex` must not appear as a descendant of an element with the attribute `role=button`.	4
6.	error	Attribute `priority` not allowed on element `script` at this point.	2
7.	error	Element `span` not allowed as child of element `time` in this context. (Suppressing further errors from this subtree.)	2
8.	error	The text content of element `time` was not in the required format: The literal did not satisfy the time-datetime format.	2
9.	error	Bad value for attribute `href` on element `link`: Must be non-empty.	1
10.	error	An `img` element must have an `alt` attribute, except under certain conditions. For details, consult guidance on providing text alternatives for images.	1
11.	error	Attribute `target` not allowed on element `button` at this point.	1
12.	error	Element `sup` not allowed as child of element `time` in this context. (Suppressing further errors from this subtree.)	1
13.	warning	The first occurrence of ID was here.	6
14.	warning	Consider avoiding viewport values that prevent users from resizing documents.	1
Details
	Type	Message + Sample
1	error	Attribute `priority` not allowed on element `script` at this point.
		From line 17, column 5 to line 17, column 152
		y --> <script priority="1" src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" data-domain-script="5a9ae5d2-5914-4f6d-a884-1b4559709aac" data-tc></scri
2	error	Attribute `priority` not allowed on element `script` at this point.
		From line 18, column 1 to line 18, column 121
		</script> <script priority="1" src="https://cdn.cookielaw.org/consent/5a9ae5d2-5914-4f6d-a884-1b4559709aac/OtAutoBlock.js" data-tc></scri
3	error	Bad value for attribute `href` on element `link`: Must be non-empty.
		From line 42, column 5 to line 42, column 36
		ico"> <link rel="canonical" href="" />
4	error	An `img` element must have an `alt` attribute, except under certain conditions. For details, consult guidance on providing text alternatives for images.
		From line 64, column 377 to line 64, column 417
		k-button"><img src="/static/logos/excite.com.svg"/></a></
5	error	An element with the attribute `tabindex` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2246 to line 64, column 2343
		dden"><li><div role="button" tabindex="0" class="search-type-menu-item" data-testid="search-type-menu-item"><input
6	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2344 to line 64, column 2477
		enu-item"><input type="radio" class="search-type-radio-button" id="searchTypeRadioButtonweb" data-testid="search-type-radio-button" checked=""/><span>
7	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2344 to line 64, column 2477
		enu-item"><input type="radio" class="search-type-radio-button" id="searchTypeRadioButtonweb" data-testid="search-type-radio-button" checked=""/><span>
8	error	An element with the attribute `tabindex` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2509 to line 64, column 2606
		></li><li><div role="button" tabindex="0" class="search-type-menu-item" data-testid="search-type-menu-item"><input
9	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2607 to line 64, column 2732
		enu-item"><input type="radio" class="search-type-radio-button" id="searchTypeRadioButtonimages" data-testid="search-type-radio-button"/><span>
10	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2607 to line 64, column 2732
		enu-item"><input type="radio" class="search-type-radio-button" id="searchTypeRadioButtonimages" data-testid="search-type-radio-button"/><span>
11	error	An element with the attribute `tabindex` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2767 to line 64, column 2864
		></li><li><div role="button" tabindex="0" class="search-type-menu-item" data-testid="search-type-menu-item"><input
12	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2865 to line 64, column 2988
		enu-item"><input type="radio" class="search-type-radio-button" id="searchTypeRadioButtonnews" data-testid="search-type-radio-button"/><span>
13	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 2865 to line 64, column 2988
		enu-item"><input type="radio" class="search-type-radio-button" id="searchTypeRadioButtonnews" data-testid="search-type-radio-button"/><span>
14	error	An element with the attribute `tabindex` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 3021 to line 64, column 3118
		></li><li><div role="button" tabindex="0" class="search-type-menu-item" data-testid="search-type-menu-item"><input
15	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 3119 to line 64, column 3243
		enu-item"><input type="radio" class="search-type-radio-button" id="searchTypeRadioButtonvideo" data-testid="search-type-radio-button"/><span>
16	error	The element `input` must not appear as a descendant of an element with the attribute `role=button`.
		From line 64, column 3119 to line 64, column 3243
		enu-item"><input type="radio" class="search-type-radio-button" id="searchTypeRadioButtonvideo" data-testid="search-type-radio-button"/><span>
17	error	Attribute `target` not allowed on element `button` at this point.
		From line 64, column 3284 to line 64, column 3364
		/ul></div><button type="button" class="search-btn" title="Search the Web!" target="_blank">Search
18	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 7323 to line 64, column 7441
		ontainer"><img class="image" src="/static/images/excite/quicklinks/amazon.jpeg" alt="Amazon" title="Amazon" role="presentation"/></span
19	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 7676 to line 64, column 7788
		ontainer"><img class="image" src="/static/images/excite/quicklinks/ebay.jpeg" alt="eBay" title="eBay" role="presentation"/></span
20	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 8029 to line 64, column 8150
		ontainer"><img class="image" src="/static/images/excite/quicklinks/stubhub.jpeg" alt="Stubhub" title="Stubhub" role="presentation"/></span
21	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 8385 to line 64, column 8503
		ontainer"><img class="image" src="/static/images/excite/quicklinks/casper.jpeg" alt="Casper" title="Casper" role="presentation"/></span
22	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 8746 to line 64, column 8870
		ontainer"><img class="image" src="/static/images/excite/quicklinks/experian.jpeg" alt="Experian" title="Experian" role="presentation"/></span
23	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 9120 to line 64, column 9251
		ontainer"><img class="image" src="/static/images/excite/quicklinks/quick-books.jpeg" alt="Quickbooks" title="Quickbooks" role="presentation"/></span
24	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 9486 to line 64, column 9604
		ontainer"><img class="image" src="/static/images/excite/quicklinks/blue-cross.jpeg" alt="BCBS" title="BCBS" role="presentation"/></span
25	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 9850 to line 64, column 9980
		ontainer"><img class="image" src="/static/images/excite/quicklinks/state-farm.jpeg" alt="State Farm" title="State Farm" role="presentation"/></span
26	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 10223 to line 64, column 10347
		ontainer"><img class="image" src="/static/images/excite/quicklinks/ancestry.jpeg" alt="Ancestry" title="Ancestry" role="presentation"/></span
27	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 10594 to line 64, column 10718
		ontainer"><img class="image" src="/static/images/excite/quicklinks/mercedes.jpeg" alt="Mercedes" title="Mercedes" role="presentation"/></span
28	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 10959 to line 64, column 11074
		ontainer"><img class="image" src="/static/images/excite/quicklinks/honey.jpeg" alt="Honey" title="Honey" role="presentation"/></span
29	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 11587 to line 64, column 11704
		ontainer"><img class="image" src="/static/images/excite/moreresources/autos.png" alt="Autos" title="Autos" role="presentation"/></span
30	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 11993 to line 64, column 12116
		ontainer"><img class="image" src="/static/images/excite/moreresources/culture.png" alt="Culture" title="Culture" role="presentation"/></span
31	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 12415 to line 64, column 12556
		ontainer"><img class="image" src="/static/images/excite/moreresources/entertainment.png" alt="Entertainment" title="Entertainment" role="presentation"/></span
32	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 12850 to line 64, column 12973
		ontainer"><img class="image" src="/static/images/excite/moreresources/finance.png" alt="Finance" title="Finance" role="presentation"/></span
33	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 13274 to line 64, column 13403
		ontainer"><img class="image" src="/static/images/excite/moreresources/geography.png" alt="Geography" title="Geography" role="presentation"/></span
34	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 13695 to line 64, column 13815
		ontainer"><img class="image" src="/static/images/excite/moreresources/health.png" alt="Health" title="Health" role="presentation"/></span
35	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 14111 to line 64, column 14234
		ontainer"><img class="image" src="/static/images/excite/moreresources/history.png" alt="History" title="History" role="presentation"/></span
36	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 14543 to line 64, column 14672
		ontainer"><img class="image" src="/static/images/excite/moreresources/lifestyle.png" alt="Lifestyle" title="Lifestyle" role="presentation"/></span
37	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 14983 to line 64, column 15123
		ontainer"><img class="image" src="/static/images/excite/moreresources/home.png" alt="Home & Garden" title="Home & Garden" role="presentation"/></span
38	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 15435 to line 64, column 15574
		ontainer"><img class="image" src="/static/images/excite/moreresources/product.png" alt="Product Reviews" title="Product Reviews" role="presentation"/></span
39	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 15879 to line 64, column 16002
		ontainer"><img class="image" src="/static/images/excite/moreresources/science.png" alt="Science" title="Science" role="presentation"/></span
40	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 16307 to line 64, column 16439
		ontainer"><img class="image" src="/static/images/excite/moreresources/technology.png" alt="Technology" title="Technology" role="presentation"/></span
41	error	Bad value `presentation` for attribute `role` on element `img`
		From line 64, column 16751 to line 64, column 16871
		ontainer"><img class="image" src="/static/images/excite/moreresources/travel.png" alt="Travel" title="Travel" role="presentation"/></span
42	error	Element `span` not allowed as child of element `time` in this context. (Suppressing further errors from this subtree.)
		From line 64, column 17200 to line 64, column 17205
		ss="time"><span>6:21</
43	error	Element `span` not allowed as child of element `time` in this context. (Suppressing further errors from this subtree.)
		From line 64, column 17217 to line 64, column 17239
		:21</span><span class="meridiem">AM</sp
44	error	The text content of element `time` was not in the required format: The literal did not satisfy the time-datetime format.
		From line 64, column 17249 to line 64, column 17255
		>AM</span></time><time
45	error	Element `sup` not allowed as child of element `time` in this context. (Suppressing further errors from this subtree.)
		From line 64, column 17306 to line 64, column 17310
		eptember 3<sup>rd</su
46	error	The text content of element `time` was not in the required format: The literal did not satisfy the time-datetime format.
		From line 64, column 17319 to line 64, column 17325
		p>rd</sup></time></div>
47	error	Bad value for attribute `id` on element `a`: An ID must not be the empty string.
		From line 64, column 17683 to line 64, column 17869
		ist-item"><a href="https://www.excite.com/sitemap" target="_self" rel="noopener noreferrer nofollow" title="Sitemap" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Sitema
48	error	Duplicate ID .
		From line 64, column 17941 to line 64, column 18120
		ist-item"><a href="https://login.excite.com/" target="_self" rel="noopener noreferrer nofollow" title="Email" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Email<
49	error	Bad value for attribute `id` on element `a`: An ID must not be the empty string.
		From line 64, column 17941 to line 64, column 18120
		ist-item"><a href="https://login.excite.com/" target="_self" rel="noopener noreferrer nofollow" title="Email" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Email<
50	error	Duplicate ID .
		From line 64, column 18190 to line 64, column 18381
		ist-item"><a href="https://www.excite.com/tos" target="_self" rel="noopener noreferrer nofollow" title="Terms of Service" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Terms
51	error	Bad value for attribute `id` on element `a`: An ID must not be the empty string.
		From line 64, column 18190 to line 64, column 18381
		ist-item"><a href="https://www.excite.com/tos" target="_self" rel="noopener noreferrer nofollow" title="Terms of Service" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Terms
52	error	Duplicate ID .
		From line 64, column 18462 to line 64, column 18655
		ist-item"><a href="https://www.excite.com/privacy" target="_self" rel="noopener noreferrer nofollow" title="Privacy Policy" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Privac
53	error	Bad value for attribute `id` on element `a`: An ID must not be the empty string.
		From line 64, column 18462 to line 64, column 18655
		ist-item"><a href="https://www.excite.com/privacy" target="_self" rel="noopener noreferrer nofollow" title="Privacy Policy" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Privac
54	error	Duplicate ID .
		From line 64, column 18734 to line 64, column 18925
		ist-item"><a href="https://www.excite.com/cookie" target="_self" rel="noopener noreferrer nofollow" title="Cookie Policy" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Cookie
55	error	Bad value for attribute `id` on element `a`: An ID must not be the empty string.
		From line 64, column 18734 to line 64, column 18925
		ist-item"><a href="https://www.excite.com/cookie" target="_self" rel="noopener noreferrer nofollow" title="Cookie Policy" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Cookie
56	error	Duplicate ID .
		From line 64, column 19003 to line 64, column 19218
		ist-item"><a href="https://www.excite.com/privacy#california" target="_self" rel="noopener noreferrer nofollow" title="California Privacy Rights" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Califo
57	error	Bad value for attribute `id` on element `a`: An ID must not be the empty string.
		From line 64, column 19003 to line 64, column 19218
		ist-item"><a href="https://www.excite.com/privacy#california" target="_self" rel="noopener noreferrer nofollow" title="California Privacy Rights" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Califo
58	error	Duplicate ID .
		From line 64, column 19308 to line 64, column 19499
		ist-item"><a href="https://support.excite.com/hc/en-us" target="_self" rel="noopener noreferrer nofollow" title="Support" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Suppor
59	error	Bad value for attribute `id` on element `a`: An ID must not be the empty string.
		From line 64, column 19308 to line 64, column 19499
		ist-item"><a href="https://support.excite.com/hc/en-us" target="_self" rel="noopener noreferrer nofollow" title="Support" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Suppor
60	warning	Consider avoiding viewport values that prevent users from resizing documents.
		From line 22, column 5 to line 22, column 146
		ade"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0, interactive-widget=resizes-content">
61	warning	The first occurrence of ID was here.
		From line 64, column 17683 to line 64, column 17869
		ist-item"><a href="https://www.excite.com/sitemap" target="_self" rel="noopener noreferrer nofollow" title="Sitemap" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Sitema
62	warning	The first occurrence of ID was here.
		From line 64, column 17683 to line 64, column 17869
		ist-item"><a href="https://www.excite.com/sitemap" target="_self" rel="noopener noreferrer nofollow" title="Sitemap" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Sitema
63	warning	The first occurrence of ID was here.
		From line 64, column 17683 to line 64, column 17869
		ist-item"><a href="https://www.excite.com/sitemap" target="_self" rel="noopener noreferrer nofollow" title="Sitemap" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Sitema
64	warning	The first occurrence of ID was here.
		From line 64, column 17683 to line 64, column 17869
		ist-item"><a href="https://www.excite.com/sitemap" target="_self" rel="noopener noreferrer nofollow" title="Sitemap" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Sitema
65	warning	The first occurrence of ID was here.
		From line 64, column 17683 to line 64, column 17869
		ist-item"><a href="https://www.excite.com/sitemap" target="_self" rel="noopener noreferrer nofollow" title="Sitemap" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Sitema
66	warning	The first occurrence of ID was here.
		From line 64, column 17683 to line 64, column 17869
		ist-item"><a href="https://www.excite.com/sitemap" target="_self" rel="noopener noreferrer nofollow" title="Sitemap" class="ask-button link-button footer-item-link" data-testid="link-button" id="">Sitema

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net

QNr.	Domain	Type	NS used
1	net	NS	d.root-servers.net (2001:500:2d::d)
	Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2	dns1.p07.nsone.net	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: dns1.p01.nsone.net, dns2.p01.nsone.net, dns3.p01.nsone.net, dns4.p01.nsone.net
	Answer: dns4.p01.nsone.net 198.51.45.65, 2a00:edc0:6259:7:1::4
	Answer: dns3.p01.nsone.net 198.51.44.65, 2620:4d:4000:6259:7:1:0:3
	Answer: dns2.p01.nsone.net 198.51.45.1, 2a00:edc0:6259:7:1::2
	Answer: dns1.p01.nsone.net 198.51.44.1, 2620:4d:4000:6259:7:1:0:1
3	dns2.p07.nsone.net	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: dns1.p01.nsone.net, dns2.p01.nsone.net, dns3.p01.nsone.net, dns4.p01.nsone.net
	Answer: dns4.p01.nsone.net 198.51.45.65, 2a00:edc0:6259:7:1::4
	Answer: dns3.p01.nsone.net 198.51.44.65, 2620:4d:4000:6259:7:1:0:3
	Answer: dns2.p01.nsone.net 198.51.45.1, 2a00:edc0:6259:7:1::2
	Answer: dns1.p01.nsone.net 198.51.44.1, 2620:4d:4000:6259:7:1:0:1
4	dns3.p07.nsone.net	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: dns1.p01.nsone.net, dns2.p01.nsone.net, dns3.p01.nsone.net, dns4.p01.nsone.net
	Answer: dns4.p01.nsone.net 198.51.45.65, 2a00:edc0:6259:7:1::4
	Answer: dns3.p01.nsone.net 198.51.44.65, 2620:4d:4000:6259:7:1:0:3
	Answer: dns2.p01.nsone.net 198.51.45.1, 2a00:edc0:6259:7:1::2
	Answer: dns1.p01.nsone.net 198.51.44.1, 2620:4d:4000:6259:7:1:0:1
5	dns4.p07.nsone.net	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: dns1.p01.nsone.net, dns2.p01.nsone.net, dns3.p01.nsone.net, dns4.p01.nsone.net
	Answer: dns2.p01.nsone.net 198.51.45.1, 2a00:edc0:6259:7:1::2
	Answer: dns1.p01.nsone.net 198.51.44.1, 2620:4d:4000:6259:7:1:0:1
	Answer: dns3.p01.nsone.net 198.51.44.65, 2620:4d:4000:6259:7:1:0:3
	Answer: dns4.p01.nsone.net 198.51.45.65, 2a00:edc0:6259:7:1::4
6	dns1.p07.nsone.net: 198.51.44.7	A	dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
7	dns1.p07.nsone.net: 2620:4d:4000:6259:7:7:0:1	AAAA	dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
8	dns2.p07.nsone.net: 198.51.45.7	A	dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
9	dns2.p07.nsone.net: 2a00:edc0:6259:7:7::2	AAAA	dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
10	dns3.p07.nsone.net: 198.51.44.71	A	dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
11	dns3.p07.nsone.net: 2620:4d:4000:6259:7:7:0:3	AAAA	dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
12	dns4.p07.nsone.net: 198.51.45.71	A	dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
13	dns4.p07.nsone.net: 2a00:edc0:6259:7:7::4	AAAA	dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)

14. CAA - Entries

Domainname	flag	Name	Value	∑ Queries
askmedia.map.fastly.net	0		no CAA entry found	1
map.fastly.net	0		no CAA entry found	1
www.excite.com				1
excite.com	0		no CAA entry found	1
fastly.net	5	issue	certainly.com;validationmethods=dns-01	1
	5	issue	globalsign.com	1
	5	issue	letsencrypt.org;validationmethods=dns-01	1
	5	iodef	mailto:security@fastly.com	1
net	0		no CAA entry found	1
com	0		no CAA entry found	1

15. TXT - Entries

Domainname	TXT Entry	Status	∑ Queries
excite.com	google-site-verification=-GqX3IwTu4Q5efWD6U00qwQs72SgTwdZjcxrV1iQDVY	ok	1
excite.com	v=spf1 ip4:208.89.132.0/23 ip4:74.113.232.0/23 include:spf.bluetie.com ~all	ok	1
www.excite.com			1
askmedia.map.fastly.net		ok	1
_acme-challenge.excite.com			1
_acme-challenge.www.excite.com		Name Error - The domain name does not exist	1
_acme-challenge.excite.com.excite.com		Name Error - The domain name does not exist	1
_acme-challenge.askmedia.map.fastly.net		Name Error - The domain name does not exist	1
_acme-challenge.www.excite.com.excite.com		Name Error - The domain name does not exist	1
_acme-challenge.www.excite.com.www.excite.com		Name Error - The domain name does not exist	1
_acme-challenge.askmedia.map.fastly.net.askmedia.map.fastly.net		Name Error - The domain name does not exist	1

16. DomainService - Entries

Type		Domain	Pref	Value	DNS-error	num Answers	Status	Description
MX		excite.com	1	aspmx.l.google.com	0	2	ok
	A			142.250.110.26	0	1	ok
	AAAA			2a00:1450:400c:c06::1b	0	1	ok
	CNAME				0	0	ok
MX		excite.com	5	alt1.aspmx.l.google.com	0	2	ok
	A			192.178.156.26	0	1	ok
	AAAA			2a00:1450:4013:c1c::1a	0	1	ok
	CNAME				0	0	ok
SPF	TXT	excite.com		v=spf1 ip4:208.89.132.0/23 ip4:74.113.232.0/23 include:spf.bluetie.com ~all			ok
	TXT	excite.com		ip4:208.89.132.0/23			8192	Duplicated ipv4 found.
	TXT	spf.bluetie.com		ip4:208.89.132.0/22			8192	Duplicated ipv4 found.
	TXT	spf.bluetie.com		v=spf1 ip4:208.89.132.0/22 ip4:71.19.237.0/24 include:spf.serverdata.net include:spf.protection.outlook.com include:_spf.prod.hydra.sophos.com -all			ok
	TXT	spf.serverdata.net		v=spf1 ip4:64.78.0.0/18 ip4:162.244.196.0/22 ip4:199.193.200.0/21 ip4:206.225.164.0/22 ip4:162.216.192.0/22 ip4:185.64.212.0/22 ip4:103.211.140.0/23 ip4:64.28.112.143/32 ip4:64.28.115.143/32 ~all			ok
	TXT	spf.protection.outlook.com		v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/15 ip4:52.102.0.0/16 ip4:52.103.0.0/17 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/51 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all			ok
	TXT	_spf.prod.hydra.sophos.com		v=spf1 include:_spf_uswest2.prod.hydra.sophos.com include:_spf_euwest1.prod.hydra.sophos.com include:_spf_eucentral1.prod.hydra.sophos.com include:_spf_useast2.prod.hydra.sophos.com ~all			ok
	TXT	_spf_uswest2.prod.hydra.sophos.com		v=spf1 ip4:198.154.181.0/24 ip4:64.69.223.0/24 ip4:192.175.3.0/24 ip4:198.160.151.0/24 ip4:34.213.30.40/29 ip4:34.213.30.104/29 ip4:34.212.96.64/28 ip4:34.213.30.95/32 ip4:34.213.30.120/32 ip4:34.212.96.123/32 ~all			ok
	TXT	_spf_euwest1.prod.hydra.sophos.com		v=spf1 ip4:198.154.180.0/24 ip4:34.253.219.128/28 ip4:34.253.219.152/29 ip4:34.253.219.160/29 ip4:34.253.219.248/30 ip4:34.253.219.144/32 ~all			ok
	TXT	_spf_eucentral1.prod.hydra.sophos.com		v=spf1 ip4:94.140.18.0/24 ip4:35.159.27.8/30 ip4:35.159.27.28/30 ip4:35.159.27.32/30 ip4:35.159.27.48/29 ip4:35.159.27.160/28 ~all			ok
	TXT	_spf_useast2.prod.hydra.sophos.com		v=spf1 ip4:85.113.84.0/24 ip4:103.246.251.0/24 ip4:18.216.23.16/28 ip4:18.216.23.48/28 ip4:18.216.23.15/32 ip4:18.216.13.134/31 ip4:18.216.13.136/32 ~all			ok

17. Cipher Suites

Summary
Domain	IP	Port	num Ciphers	time	Std.Protocol	Forward Secrecy
excite.com	199.232.82.114	443	9 Ciphers	50.04 sec		3 without, 6 FS	66.67 %
www.excite.com	146.75.118.114	443	9 Ciphers	46.39 sec		3 without, 6 FS	66.67 %
Complete		2	18 Ciphers 9.00 Ciphers/Check	96.43 sec	48.22 sec/Check	6 without, 12 FS	66.67 %

Details
Domain	IP	Port	Cipher (OpenSsl / IANA)
excite.com	199.232.82.114	443	ECDHE-RSA-CHACHA20-POLY1305		(Secure)	TLSv1.2	0xCC,0xA8	FS
9 Ciphers, 50.04 sec			TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
			ECDH		RSA	CHACHA20/POLY1305(256)	AEAD
			ECDHE-RSA-AES256-GCM-SHA384		(Secure)	TLSv1.2	0xC0,0x30	FS
			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
			ECDH		RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256		(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH		RSA	AESGCM(128)	AEAD
			ECDHE-RSA-AES128-SHA256		(Weak)	TLSv1.2	0xC0,0x27	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
			ECDH		RSA	AES(128)	SHA256
			AES128-GCM-SHA256		(Weak)	TLSv1.2	0x00,0x9C	No FS
			TLS_RSA_WITH_AES_128_GCM_SHA256
			RSA		RSA	AESGCM(128)	AEAD
			ECDHE-RSA-AES256-SHA		(Weak)	TLSv1	0xC0,0x14	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
			ECDH		RSA	AES(256)	SHA1
			ECDHE-RSA-AES128-SHA		(Weak)	TLSv1	0xC0,0x13	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
			ECDH		RSA	AES(128)	SHA1
			AES256-SHA		(Weak)	SSLv3	0x00,0x35	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA
			RSA		RSA	AES(256)	SHA1
			AES128-SHA		(Weak)	SSLv3	0x00,0x2F	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA
			RSA		RSA	AES(128)	SHA1
www.excite.com	146.75.118.114	443	ECDHE-RSA-CHACHA20-POLY1305		(Secure)	TLSv1.2	0xCC,0xA8	FS
9 Ciphers, 46.39 sec			TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
			ECDH		RSA	CHACHA20/POLY1305(256)	AEAD
			ECDHE-RSA-AES256-GCM-SHA384		(Secure)	TLSv1.2	0xC0,0x30	FS
			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
			ECDH		RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256		(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH		RSA	AESGCM(128)	AEAD
			ECDHE-RSA-AES128-SHA256		(Weak)	TLSv1.2	0xC0,0x27	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
			ECDH		RSA	AES(128)	SHA256
			AES128-GCM-SHA256		(Weak)	TLSv1.2	0x00,0x9C	No FS
			TLS_RSA_WITH_AES_128_GCM_SHA256
			RSA		RSA	AESGCM(128)	AEAD
			ECDHE-RSA-AES256-SHA		(Weak)	TLSv1	0xC0,0x14	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
			ECDH		RSA	AES(256)	SHA1
			ECDHE-RSA-AES128-SHA		(Weak)	TLSv1	0xC0,0x13	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
			ECDH		RSA	AES(128)	SHA1
			AES256-SHA		(Weak)	SSLv3	0x00,0x35	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA
			RSA		RSA	AES(256)	SHA1
			AES128-SHA		(Weak)	SSLv3	0x00,0x2F	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA
			RSA		RSA	AES(128)	SHA1

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

Permalink: https://check-your-website.server-daten.de/?i=b760203f-cf7c-43aa-acbb-dc81cd734443

Last Result: https://check-your-website.server-daten.de/?q=excite.com - 2025-09-03 08:19:54

Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=excite.com" target="_blank">Check this Site: excite.com</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=excite.com

Check DNS, Urls + Redirects, Certificates and Content of your Website

Older results

1. IP-Addresses

2. DNSSEC

3. Name Servers

4. SOA-Entries

5. Screenshots

Mobile- and other Chrome-Checks

6. Url-Checks

7. Comments

1. General Results, most used to calculate the result

2. Header-Checks

3. DNS- and NameServer - Checks

4. Content- and Performance-critical Checks

8. Connections

9. Certificates

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

11. Html-Content - Entries

12. Html-Parsing via https://validator.w3.org/nu/

Summary

Details

13. Nameserver - IP-Adresses

14. CAA - Entries

15. TXT - Entries

16. DomainService - Entries

17. Cipher Suites

18. Portchecks