Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=excelut.com
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 01, 2026
Valid Until
August 30, 2026
77 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
05:C5:66:3F:46:B4:DD:7F:FC:39:D3:61:A6:CA:E5:5A:D5:C2:4A:F2:92:48:AD:55:7E:6C:10:F8:8E:C8:E1:DD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
ecomtiger.com
*.ecomtiger.com
05436.co
*.05436.co
388cchd6.cc
*.388cchd6.cc
73670.vip
*.73670.vip
81493.my
*.81493.my
8555614.com
*.8555614.com
95049.one
*.95049.one
bangkokroyalwaco.com
*.bangkokroyalwaco.com
*.bi.bangkokroyalwaco.com
*.insight.bangkokroyalwaco.com
*.magento.bangkokroyalwaco.com
*.random.bangkokroyalwaco.com
*.ww38.bangkokroyalwaco.com
cellidfinder.com
*.cellidfinder.com
chungw.com
*.chungw.com
claspedhands.org
*.claspedhands.org
continuemailmendsolutions.info
*.continuemailmendsolutions.info
d4p2s7d2n1e3z.top
*.d4p2s7d2n1e3z.top
digen-ai.com
*.digen-ai.com
dwfmdqhvr2vamlv.my
*.dwfmdqhvr2vamlv.my
e5496961.vip
*.e5496961.vip
ecombuyers.com
*.ecombuyers.com
*.dl.excelut.com
excelut.com
*.excelut.com
exks64k.top
*.exks64k.top
g5synbdp0s.top
*.g5synbdp0s.top
healthyfitplan.coupons
*.healthyfitplan.coupons
improverrb2bcircle.info
*.improverrb2bcircle.info
istanbulpazar.com
*.istanbulpazar.com
*.lpr.newtechreach.com
newtechreach.com
*.newtechreach.com
phkwu0.shop
*.phkwu0.shop
premierpathway.live
*.premierpathway.live
pucuktoto.co
*.pucuktoto.co
pwwsqrg414.vip
*.pwwsqrg414.vip
qm73vn2dsl09wy8rh4bc6jxhfop.cc
*.qm73vn2dsl09wy8rh4bc6jxhfop.cc
qqjcw.xyz
*.qqjcw.xyz
qwe87fgbdnsuegr23kdn.top
*.qwe87fgbdnsuegr23kdn.top
rabr72y.top
*.rabr72y.top
rapidpieplatform.info
*.rapidpieplatform.info
rdn578g.top
*.rdn578g.top
reel-estate.info
*.reel-estate.info
revampmailmendplatform.info
*.revampmailmendplatform.info
riches-triumph-us-hxf.xyz
*.riches-triumph-us-hxf.xyz
rpdry.sbs
*.rpdry.sbs
rsxgysu3jd.top
*.rsxgysu3jd.top
tranquilwarmth.com
*.tranquilwarmth.com
volchitsasec.info
*.volchitsasec.info
Other domains in certificate