Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
CN=nfx.halfbrick.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 26, 2025
Valid Until
March 26, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FE:21:95:33:07:76:85:E2:60:2E:02:8F:58:0D:99:E0:95:D7:CF:08:83:3D:42:97:D5:52:74:FA:FF:64:6B:60
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
euman.in
www.abilsoft.us
igameads-dev.adssets.com
kinderopvang.appdashboard.nl
beseen.studio
eatm.bharathepay.com
blackmammoth.ph
cashulu.com
announcements.funxon.co.in
prajwol-shrestha.com.np
sso.curtin.edu.au.cooperate.with.ctwd.com.au
d360.in
www.datamediator.co.uk
dhresen.de
differenttraffic.com
www.elegantearwraps.com
www.estudez.com.br
beta.eventify.com.mx
forecash.io
click-link.forteens.cc
ecomer.framax.co
ggimpiantiecostruzionisrl.it
www.globaledgeuk.com
pay.goodcash.co
nfx.halfbrick.com
profile.harshaljoshi.in
hartjenstein.one
politica-privacidade.hipcomerp.com.br
media2.hishine.co
booking.houseof42.org
hypiens.com
chien03.id.vn
www.infolineemat.it
www.silentzone.infy.uk
invite.jackalopeapp.com
www.dev-portal-restricted.jayurewards.com
www.kajjagalleriesinternational.com
konekt-school.com
laugh.games
lovecodecampus.kr
loriko.lviv.ua
estabelecimentos.menuflash.com.br
calendar.mojoule.com
g.mrynot.com
mundomagicodaycare.com
dev.links.mychamberapp.com
connect.nablasol.net
www.navitrips.com
ndtechs.top
connectors.novelintegrations.com.au
backup.octopuspms.com
admin.olaonibus.com.br
oneindiadroptaxi.com
meal.counsenuth.or.tz
www.schools.portodesignbiennale.pt
links-perf.pymx7.com
questions-naturalisation.app
radar-t.com
checkout.rapidpay.pk
atrio.rcd.cool
revolutionary.gg
www.robot93.com
rx7method.com
sanjanapatil.com
okinawa-ku.scc-service.net
lexiconquest.schoolbase.org
auth.sewashita.net
www.sharjeelsidd.com
testsite.siriusobservatory.com
cms.sld.de
app-live-score.smartcricket.com
feature.smash.pet
stalwarttime.com
time.steplix.com
app.stoniqapp.com
create.storyy.co
tajao.es
www.tapiasasociados.com
testmydoc.com
link.thecup.me
app.thepuneet.com
thevrglab.com
www.thomasouvlatzidiko.gr
pro.traksos.com
www.truepipe.ai
link-beta-tmp.trytrue.com
links-dev.mobiletoll-ext.np.tu-aws.com
mt-nuxt.uehatsu.info
vathius.com
register.verishealth.com
www.veritypublishing.com
home.vmay.com
waando.com
moments.wapchita.com
webuymacon.com
www.withatwistmobilebar.com
royaldonuts.yeahblend.com
skytable.stagmob.yodelit.co
dashboard.yuzu-hr.com
watch.zainafzal.com
Other domains in certificate