Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.tranzita.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 03, 2026
Valid Until
May 04, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BA:97:1A:88:E5:77:1A:32:E8:F2:A8:16:92:3E:C6:83:44:43:8A:40:CC:8B:EB:9F:E3:52:2E:77:85:2E:CD:9C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
humaniti.mx
bnqfireplaces-cert.3dcloud.io
www.adiktiv.ca
adpollo.io
www.aelora.nl
mta-sts.aldhahirfarms.com
www.arternative.net
baecher.info
my.browndiamondstech.com
www.chancellorpoopypants.com
lsc.changyuan.me
checklistinspectorpro.com
member.chessleague.cc
churn.today
www.bizzlab.co.in
www.coolcatresort.com
www.cromptonadapters.com
jukebox.d-cot.com
deandreamatias.com
gist.diegosanchez.rocks
digitalfreight.company
dmap.no
www.ebea.info
link.edlusion.com
console.equiwatt.com
eshar-app.com
fahrschule-wasserburg.de
www.familyday.org
firsteven.com
fitstarapps.com
www.florian-meinhart.com
gezondesportlucht.be
gratiasystems.com
demo.hotelbooki.com
cdr.ingelan.cl
wedding.j1n.uk
jellylabs.co.uk
bonnenboek.kennemerzwemclub.nl
kibigo.it
ex.kimbi.cz
gameslib.kimc.ms
teclab-dev.klarway.com
kspdplus.kr
webinar.ladystartup.com
www.leesyumcha.com
help.linkila.com
lovemultifamily.com
papaya-admin.m1studio.co
mabore.fr
manar.dev
www.maxxus.pt
tmo.mcafee.com
www.mentoraonline.com
bva.tools.metrogov.site
mniyk.com
www.notaryejournal.com
www.numedsystems.com
www.ondernemers.chat
pancake.onepug.com.br
psoat.org.tw
dmg.ovenfo.com
www.parasol.ink
www.paulamonteiropersonal.com.br
app.paymytable.com
www.pihapuunkaatoturku.fi
dev-christian.pixelteam.io
dev-kdramachat.pixelteam.io
poraqui.pt
archivos.proferonald.com
www.rakeshmistry.ca
rdsic.in
ucsancarlos.rflex.io
robototo.co
www.robototo.co
salvatgia.cat
app.screenclip.com
www.sitwech.com
skorganicfarm.in
soliditynapratica.com
www.speedknot.com
mail.spree.co.jp
stoicmind.fr
store4up.com
www.tattvadynamics.com
www.taxable.ch
www.tranzita.com
www.info.tsunagicom.com
dashboard.tutorme.com
doc.usemason.com
countdown.vamsiambati.com
verve27.com
meeting.vilnek.in
waiterprofast-table.waiterpro.com
www.wallentsoftware.com
www.wealthstream.uk
js.withorbit.com
zarristours.com
zicott.com
zolotom.com
paylink-uat.zonbayar.com
Other domains in certificate