seoweb.freedomfinance.co.uk

Score 94/100

Web site information

Website image seoweb.freedomfinance.co.uk
IP Address
CDN
Amazon Cloudfront
Tag Managers
Google Tag Manager
JavaScript Frameworks
Lo-dash
CMS
WordPress
Cache Tools
WordPress Super Cache
Programming Languages
PHP

SEO data

title
Compare Personal Loans & Secured Deals | Freedom Finance
viewport
width=device-width, initial-scale=1, minimum-scale=1
robots
index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1
description
Looking for a secured or personal loan? At Freedom Finance we search & compare deals from over 40 leading UK lenders to help you find the right deal.
twitter:card
summary_large_image
twitter:site
@_freedomfinance
twitter:label1
Est. reading time
twitter:data1
5 minutes
generator
WordPress 5.8.2
msapplication-TileImage
https://seoweb.freedomfinance.co.uk/wp-content/uploads/2021/10/cropped-favicon-270x270.png

Web site external calls

widget.trustpilot.com
cdn.getblueshift.com
www.googletagmanager.com
bat.bing.com
www.googleadservices.com
connect.facebook.net
www.google-analytics.com
cdnjs.cloudflare.com
client.crisp.chat
googleads.g.doubleclick.net
stats.g.doubleclick.net
www.google.com
fonts.googleapis.com
www.facebook.com
fonts.gstatic.com
client.relay.crisp.chat

Protocols

SSLv2
not offered
SSLv3
not offered
TLS 1.0
not offered
TLS 1.1
is not offered
TLS 1.2
offered
TLS 1.3
offered with final
ALPN HTTP2
h2
ALPN
http/1.1

Vulnerabilities

heartbleed
not vulnerable, no heartbeat extension
CCS
not vulnerable
ticketbleed
not vulnerable
ROBOT
not vulnerable
SSL renegotiation
not vulnerable
SSL client renegotiation
likely not vulnerable (timed out)
CRIME TLS
not vulnerable
BREACH
potentially VULNERABLE, uses gzip HTTP compression - only supplied '/' tested
POODLE SSL
not vulnerable
fallback SCSV
no protocol below TLS 1.2 offered
SWEET32
not vulnerable
FREAK
not vulnerable
DROWN
not vulnerable to DROWN on this host and port
DROWN
Make sure you don't use this certificate elsewhere with SSLv2 enabled services, see https://censys.io/ipv4?q=0DC455FCA745C0A10B9B98A821F9FAC11A916041CBCEAC91E7CFB303AA91F890
LOGJAM
not vulnerable, no DH EXPORT ciphers,
LOGJAM-common primes
no DH key
BEAST
not vulnerable, no SSL3 or TLS1
LUCKY13
potentially vulnerable, uses TLS CBC ciphers
RC4
not vulnerable

Header Responses

Status code
200 OK ('/')
Clock skew
-1 seconds from localtime
HSTS time
365 days (=31536000 seconds) > 15465600 seconds
HSTS subdomains
includes subdomains
HSTS preload
domain is NOT marked for preloading
HPKP
No support for HTTP Public Key Pinning
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Content-Security-Policy
connect-src 'self' *.sessioncam.com *.google-analytics.com *.doubleclick.net *.trustpilot.com *.visualwebsiteoptimizer.com *.permutive.com *.adnxs.com *.botique.ai wss://*.crisp.chat *.crisp.chat *.nr-data.net *.getblueshift.com *.cookieyes.com; font-src 'self' data: *.bootstrapcdn.com *.gstatic.com *.amazonaws.com *.crisp.chat; img-src 'self' data: *.googletagmanager.com *.googleapis.com *.google-analytics.com *.adalyser.com *.visualwebsiteoptimizer.com *.doubleclick.net *.sessioncam.com *.gstatic.com *.glassdoor.co.uk *.facebook.com *.freedomfinance.co.uk *.google.co.uk *.google.com *.bing.com *.adnxs.com *.crisp.chat cdn-cookieyes.com; style-src 'self' 'unsafe-inline' *.fonts.net *.googleapis.com *.jquery.com *.bootstrapcdn.com *.google.com *.cloudflare.com *.crisp.chat *.vwo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.googleapis.com *.jquery.com *.bootstrapcdn.com *.trustpilot.com *.google-analytics.com *.visualwebsiteoptimizer.com *.pcapredict.com *.cloudfront.net *.sessioncam.com *.googletagmanager.com *.google.com *.facebook.net *.cloudflare.com *.freedomfinance.co.uk *.bing.com *.permutive.com *.exelator.com *.adnxs.com *.botique.ai *.crisp.chat *.vwo.com *.googleadservices.com *.crwdcntrl.net *.newrelic.com *.nr-data.net *.doubleclick.net *.affec.tv *.sub2tech.com *.rfihub.net *.rfihub.com *.adalyser.com *.getblueshift.com cdn-cookieyes.com;
Referrer-Policy
Referrer-Policy: no-referrer-when-downgrade

Server Defaults

TLS extensions
'server name/#0' 'EC point formats/#11' 'renegotiation info/#65281' 'session ticket/#35' 'supported versions/#43' 'key share/#51' 'status request/#5' 'application layer protocol negotiation/#16'
TLS session ticket
valid for 86400 seconds only (<daily)
SSL sessionID support
yes
Session Ticket Resumption
supported
Session ID Resumption
not supported
TLS timestamp
random
Signature algorithm
SHA256 with RSA
Key size
2048 bits
Key usage
Digital Signature, Key Encipherment
Extended key usage
cert_ext_keyusage
Serial number
065AE54441EB25C7850E6F07D17C7826
Fingerprint SHA1
159075CF0CC41FC144CFBCB671B5D94FB684C6AB
Fingerprint SHA256
0DC455FCA745C0A10B9B98A821F9FAC11A916041CBCEAC91E7CFB303AA91F890
Certificate details
-----BEGIN CERTIFICATE----- MIIFlDCCBHygAwIBAgIQBlrlREHrJceFDm8H0Xx4JjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTAyMDUwMDAwMDBaFw0yMjAzMDYy MzU5NTlaMB8xHTAbBgNVBAMTFGZyZWVkb21maW5hbmNlLmNvLnVrMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcYHig7zmh5nfzJzERCV/+Y5O2EyF0W5 rEeMnNSk1PyjdqF3reoa5JPngmuYna+8erQ7LRZBw6BGLt0+VGsmR+R87Bwktkrx o8PaBIzSbNpbFxu6M5juYAamQ1i5bNnp7CFtFLjpkkhZG38CCK6szleSrHMIpozL zFnMWVVNWIlH+AfXd4uQAiYwNVUAoNBcb19AVb4gpPiLLx/Br72Yo0KLvmj13hzA FR1MdpQF7lcbPWUluO6FhdPWbD0dsINQe5p/SxzNgwe8Foy7FnFkJ8tEpzTqza/M yYS4SwaEHMZe/dqqXYzCxAiiAV6VB59Z4zlbywozY8oQqVcq73l/rQIDAQABo4IC ozCCAp8wHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYE FG6f8rZoMNttzbnY+JFtRDyStx1dME4GA1UdEQRHMEWCFGZyZWVkb21maW5hbmNl LmNvLnVrghVsb2Fucy5tb25leWV4cGVydC5jb22CFiouZnJlZWRvbWZpbmFuY2Uu Y28udWswDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRy dXN0LmNvbS9zY2ExYi5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYIKwYBBQUH AQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVz dC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3Qu Y29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMIIBBQYKKwYBBAHWeQIEAgSB9gSB 8wDxAHYARqVV63X6kSAwtaKJafTzfREsQXS+/Um4havy/HD+bUcAAAF3b+PSZAAA BAMARzBFAiBd+r0qt7MZ9C4v8rvPpmaV7vrxrB4vZVtMfsVUW56NWQIhAJwbJ63R GQPTA7ZGtlVxeibTzJC33ahphwKWiU6m1Yy5AHcAIkVFB1lVJFaWP6Ev8fdthuAj JmOtwEt/XcaDXG7iDwIAAAF3b+PSSgAABAMASDBGAiEA9iCWmYlCADqCXt9qIWDo asMGK7b9VdCamwFsSRsPCeYCIQDoZaLJDt7Px5lJxerdEhtPtcf/qu38BMkP7DI3 2zu7DTANBgkqhkiG9w0BAQsFAAOCAQEAfcQ7dnhJwm1FTCPTWx0ATkDR4q4zu8c5 otMjpDUkRJ6588fxGV3FHbT8KL6p5WdwKhp7WCsZbp5cAiQI5p8kBP6YVN+DeVy5 HtYm4f7sTvmCflJVANrOnh3jNWr6SQc0ux1k3BH8zD5O6IUjVksfjyPS4fJnGhcJ S7jHlICFBygIxoXzvNdrcM29+OtVgkOC4UjAWLhm0InzslGdE6DseiP4vB3gfkH2 IGHBlbfrHspTkRTMKBmhUGyA8U7NRwQmHxyKCiNm/21septqQ09GVMz7z7U1TBmM hJ8Jxj2WNAv6F+N1ftQyiNnuelhNNgQIWZaSXV3mBXfRqshysWVDfw== -----END CERTIFICATE-----
Common names
freedomfinance.co.uk
Service Name Indication
request w/o SNI didn't succeed
SubjectAlternative Name
freedomfinance.co.uk loans.moneyexpert.com *.freedomfinance.co.uk
Certificate authority issuers
Amazon (Amazon from US)
Certificate trusted
Ok via SAN wildcard (SNI mandatory)
Certificate chain trusted
passed.
Is certificate Extended Validation
no
Days before expiry
95 >= 60 days
Valid from
2021-02-05 01:00
Valid until
2022-03-07 00:59
Chain
4
CRL distribution points
http://crl.sca1b.amazontrust.com/sca1b.crl
Online Certificate Status Protocol URL
http://ocsp.sca1b.amazontrust.com
OCSP stapling
not offered
cert mustStapleExtension
--
DNS CAArecord
--
certificate transparency
yes (certificate extension)

Server Preferences

order
server
Which protocol negotiated
Default protocol TLS1.3
negotiated
TLS13-AES-128-GCM-SHA256, 253 bit ECDH (X25519)
order TLSv1 2
ECDHE-RSA-AES128-GCM-SHA256

Perfect Forward Secrecy

PFS
offered
PFS s
ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384
ECDHE curves
prime256v1 secp384r1

Ciphers

ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(0xc030)
ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
(0xc028)
AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
(0x9d)
ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(0xc02f)
ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
(0xc027)
AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
(0x9c)
AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
(0x3c)

Browser Simulations

Android 2.3.7
No connection
Android 4.1.1
No connection
Android 4.3
No connection
Android 4.4.2
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 5.0.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 6.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Android 7.0
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Chrome 51
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Chrome 57
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Firefox 47
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Firefox 53
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows XP Internet Explorer 6
No connection
Windows Vista Internet Explorer 7
No connection
Windows XP Internet Explorer 8
No connection
Windows 7 Internet Explorer 8
No connection
Windows 7 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-SHA256
Windows 8.1 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-SHA256
Windows 8.1 update Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-SHA256
Windows 10 Internet Explorer 11
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows 10 Edge 13
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows Phone 10 Edge 13
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows 7 Opera 17
TLSv1.2 ECDHE-RSA-AES128-SHA256
MacOSX 10.6.8 Safari 5.1.9
No connection
iOS 7 Safari 7
TLSv1.2 ECDHE-RSA-AES128-SHA256
MacOSX 10.11 Safari 9
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
MacOSX 10.12 Safari 10
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
iOS 9 App Transport Security 9
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
Windows 7 Tor 7.0.9
No connection
Java 6 update 45
No connection
Java 7 update 25
No connection
Java 8 update 31
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
OpenSSL 1.1.1
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
OpenSSL 1.0.2e
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256