SSL Certificate Analysis for app.resign.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=play.movie

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 04, 2026

Valid Until

May 05, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

14:5C:54:99:CF:54:6A:54:6B:11:57:C2:00:CF:8F:78:A8:1A:69:3D:16:4C:D6:EB:16:E4:85:4E:4B:CE:D2:2F

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

resign.it *.resign.it

Other domains in certificate

play-victory-sphere.xyz *.play-victory-sphere.xyz

play-zephyr-trail.xyz *.play-zephyr-trail.xyz

play.movie *.play.movie

pohon8-blue.com *.pohon8-blue.com

poppix.bet *.poppix.bet

pottytrain.blog *.pottytrain.blog

powerbag.it *.powerbag.it

powers.it *.powers.it

ppk24.top *.ppk24.top

practicaldiyprojects.xyz *.practicaldiyprojects.xyz

predict.it *.predict.it

prediksisemar-air.xyz *.prediksisemar-air.xyz

prestitistarfin.it *.prestitistarfin.it

previews.it *.previews.it

primetradex.org *.primetradex.org

priprilod.com *.priprilod.com

professionalagent.it *.professionalagent.it

profid.it *.profid.it

projecthelp.org *.projecthelp.org

pyreneances.com *.pyreneances.com

qeleva.com *.qeleva.com

quickfitnessfix.run *.quickfitnessfix.run

quisque.it *.quisque.it

quote-calcio.it *.quote-calcio.it

r1kky4y.shop *.r1kky4y.shop

racegoddess.com *.racegoddess.com

rapisarda.it *.rapisarda.it

rav75.top *.rav75.top

realestateinformations.com *.realestateinformations.com

realidad.it *.realidad.it

recehglobal.info *.recehglobal.info

recinzioniinalluminio.it *.recinzioniinalluminio.it

redcouch.it *.redcouch.it

redeem99.com *.redeem99.com

redlinestrategy.com *.redlinestrategy.com

refis.io *.refis.io

represents.it *.represents.it

residenzaprivata.it *.residenzaprivata.it

restare.it *.restare.it

richiestadanni.it *.richiestadanni.it

rickard.it *.rickard.it

roms4all.com *.roms4all.com

rorangenet-634.top *.rorangenet-634.top

rubixevents.com *.rubixevents.com