Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=cutitout.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 09, 2026
Valid Until
May 10, 2026
83 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C1:0E:E0:94:BD:73:D3:78:BD:83:00:52:09:59:32:83:E4:43:64:70:4A:51:F3:86:65:89:18:58:F2:BD:0D:6B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
cutitout.it
*.cutitout.it
*.dashboard.cutitout.it
*.7bfc7108-9d2b-4839-9d9e-d78811a6745b.91bt.live
91bt.live
*.91bt.live
alkol.it
*.alkol.it
*.mx.alkol.it
arx-metals.ca
*.arx-metals.ca
*.pop.arx-metals.ca
babylone.ai
*.babylone.ai
*.dashboard-preview.babylone.ai
*.dwh-stream.babylone.ai
*.m.babylone.ai
*.report-sandbox.babylone.ai
*.superset-ci.babylone.ai
*.wordpress.babylone.ai
*.zshxnklu.babylone.ai
chillen.it
*.chillen.it
*.webdisk.chillen.it
coincredit.it
*.coincredit.it
*.dev.coincredit.it
*.dev.heartbreak.it
heartbreak.it
*.heartbreak.it
*.25.ipoloans.com
ipoloans.com
*.ipoloans.com
*.remote.ipoloans.com
*.vpn.ipoloans.com
*.wildcard.ipoloans.com
*.ww16.ipoloans.com
*.ww25.ipoloans.com
*.ww38.ipoloans.com
*.api.mariettasquare.net
*.app.mariettasquare.net
mariettasquare.net
*.mariettasquare.net
*.ftp.meshworth.com
meshworth.com
*.meshworth.com
*.anzhuo.motchillzzz.com
*.en.motchillzzz.com
*.image.motchillzzz.com
motchillzzz.com
*.motchillzzz.com
*.secure.motchillzzz.com
*.analytics.muzzo.it
muzzo.it
*.muzzo.it
*.hostmaster.osz.us
osz.us
*.osz.us
*.auth.ovhcoud.com
ovhcoud.com
*.ovhcoud.com
*.startup.ovhcoud.com
*.ww25.ovhcoud.com
*.ww38.ovhcoud.com
*.biovet.pharma.us
*.camber.pharma.us
*.comune.pharma.us
*.mail.pharma.us
*.mx.pharma.us
pharma.us
*.pharma.us
*.prod.pharma.us
*.pop.portalgogonews.com
portalgogonews.com
*.portalgogonews.com
*.helpdesk.predictinvest.com
predictinvest.com
*.predictinvest.com
*.sitemap.predictinvest.com
*.ww16.predictinvest.com
*.ww25.predictinvest.com
*.ww38.predictinvest.com
*.me7q1.romarch.top
romarch.top
*.romarch.top
*.analytic.sospirolo.com
*.argo.sospirolo.com
sospirolo.com
*.sospirolo.com
Other domains in certificate