Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=wealthhaven.co.zw
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 16, 2025
Valid Until
March 16, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A8:5C:36:4F:44:E1:3A:03:D7:F9:25:7D:B3:9B:A6:F9:6D:AC:F8:71:5D:40:44:D1:14:EA:5C:99:F5:09:2E:11
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
solsticeaircharter.com
dazzlerocks.12traits.com
zip.aaacify.com
verifypay.algo-oasis.com
altorrelieve.com
acme.anagonbu.com
barbershopdenim.me
befergon.com
chaleesmin.school
chingyu.site
manga.cleverdog.me
admin.hynt.co.in
magicpass.co.kr
wealthhaven.co.zw
www.tintlab.com.ng
basnetbinaya.com.np
links.imepay.com.np
www.cookingstartups.com
eureciclo.eco.br
business-preprod.esyms-dev.com
everpuri.com
label.fashionsuite.com
flypromociones.com
a0fk.foodle.su
fstack.app
firebase.gento.dev
godigitalgroup.net
graeme-model.art
www.greasygerbil.com
www.grupojadz.com
mitsuhou.id.vn
justwell.indiandevelopers.org
inkoplist.app
www.inthewild.es
hashtag.jawab.app
jobelee.com
www.kohrendering.com
award.kosenjin.org
auth.kurobi.app
switchboard.leader.dev
app.logist.com.au
maklab.com.ar
mastertecheducational.com
melinebeauty.com
morphosis.app
www.mortgagemathcalc.com
www.mottalamounier.com.br
mp360.app
traffic.mppfa.org
order.nazeerfoods.com
ndhbr.de
mailing.nemus.app
neos-app.com
noahloke.com
www.noblemenmotors.com
tripletile.oneupitsolution.com
link.mm.org.tr
www.oscarpersson.dev
pantherls.com
comicstore.pixiv.net
www.platora.app
go.playpoint.app
poyohealth.com
car-repair.pukky-it.com
vote.qeiicentre.london
qubit.no
redbrogdon.com
www.reverseyoutubeplaylist.com
www.rjkol.com
roaming.menu
www.seatsync.io
center.sel.vn
press.shavenstuff.com
sherringtoncentre.org
signs-vegas.com
login.simon-lindner.de
app.simpsonify.com
sparkli.ch
www.starfire.dev
stepanklein.cz
admin.subscription.app
auth.tanoto.ai
www.tbmuzeum.hu
theshibascroll.xyz
www.tivvit.eu
productie.toegang.org
www.tournero.app
webappt2.gamification-dev.unomok.com
firebase-sso.app.vector.ai
flamengo.vitoresende.dev
www.vqpass.com
wargabut.id
www.weatheranalitica.com
www.webglobalautomations.com
quiz.weladee.com
gm.weserve.tw
www.wikivideo.eu
woodtoheat.com
docs.yepmile.com
driverapp.zuplog.com
Other domains in certificate