Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=everlight.it
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 02, 2026
Valid Until
July 01, 2026
49 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DE:DC:43:F0:DA:92:1B:1C:20:CD:FC:9C:2F:5C:D8:6D:E8:68:C9:FF:C8:EC:10:F8:17:7B:4B:F5:1F:B8:A3:21
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
everlight.it
*.everlight.it
*.aut.everlight.it
*.correu.everlight.it
*.dashboard.everlight.it
*.hostmaster.everlight.it
*.ogrencieposta.everlight.it
*.rdweb.everlight.it
889558.com
*.889558.com
*.www.889558.com
aboshi.xyz
*.aboshi.xyz
*.sitemap.aboshi.xyz
adly.it
*.adly.it
*.chart.adly.it
*.dashboards.adly.it
*.fullyfatisfied.adly.it
*.hostmaster.adly.it
ag86667.com
*.ag86667.com
*.rustore.ag86667.com
alowaisnet.org
*.alowaisnet.org
aplusbackflowtesting.com
*.aplusbackflowtesting.com
*.wildcard.aplusbackflowtesting.com
appys7.xyz
*.appys7.xyz
*.kwid9.appys7.xyz
*.sbd1u.appys7.xyz
*.svzzq.appys7.xyz
*.www.appys7.xyz
*.y04uw.appys7.xyz
*.zl1z8.appys7.xyz
chantsformeditation.com
*.chantsformeditation.com
countryparty.it
*.countryparty.it
evershopr.com
*.evershopr.com
freshfreshseafoodbaltimore.com
*.freshfreshseafoodbaltimore.com
*.random.freshfreshseafoodbaltimore.com
*.ww7.freshfreshseafoodbaltimore.com
garagedoorrepairmilwaukee.com
*.garagedoorrepairmilwaukee.com
*.mx.garagedoorrepairmilwaukee.com
*.analytic.immobiliareumbra.com
immobiliareumbra.com
*.immobiliareumbra.com
*.sandbox.immobiliareumbra.com
*.staging.immobiliareumbra.com
itaobao.co
*.itaobao.co
lezike.cn
*.lezike.cn
*.paycenter.lezike.cn
*.bi.lostlands.it
lostlands.it
*.lostlands.it
*.mx.lostlands.it
*.remote.lostlands.it
*.report.lostlands.it
*.reporting.lostlands.it
*.redash.rueilmalmaison.it
*.reports.rueilmalmaison.it
rueilmalmaison.it
*.rueilmalmaison.it
ruin.com.au
*.ruin.com.au
*.ww25.ruin.com.au
*.hostmaster.solutionvpn.pro
solutionvpn.pro
*.solutionvpn.pro
*.barclays.stinky.space
*.equity.stinky.space
*.pay.stinky.space
*.rbs.stinky.space
stinky.space
*.stinky.space
*.www.stinky.space
theartisancafe.co.uk
*.theartisancafe.co.uk
unleaded.au
*.unleaded.au
vintagebridaljewellery.co.uk
*.vintagebridaljewellery.co.uk
Other domains in certificate