76/100 SECURITY SCORE

Certificate Information

Subject
CN=foxybeds.co.uk
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 28, 2025
Valid Until
March 28, 2026 32 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
78:ED:1E:DC:50:87:A4:3C:5A:81:EC:2F:CE:78:B7:01:19:0C:26:5B:2D:32:A6:31:4F:DF:2C:F6:8C:C4:46:51
Alternative Names

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
birthcheck.com *.birthcheck.com *.152.birthcheck.com *.about.birthcheck.com *.app1.birthcheck.com *.archive.birthcheck.com *.box.birthcheck.com *.comune.birthcheck.com *.demo.birthcheck.com *.ea.birthcheck.com *.fj.birthcheck.com *.mailer.birthcheck.com *.photos.birthcheck.com *.ro.birthcheck.com *.sports.birthcheck.com *.static.birthcheck.com *.users.birthcheck.com *.web01.birthcheck.com

Other domains in certificate

ambetterealth.com *.ambetterealth.com *.backend.ambetterealth.com *.elastic.ambetterealth.com *.msk.ambetterealth.com *.sitemap.ambetterealth.com *.sms.ambetterealth.com
*.2.choicedoctor.com *.beta.choicedoctor.com choicedoctor.com *.choicedoctor.com *.dev.choicedoctor.com *.media.choicedoctor.com *.shenjidadhop.choicedoctor.com *.shms1.choicedoctor.com *.static.choicedoctor.com
fatcatremovals.co.uk *.fatcatremovals.co.uk *.removalpackaginguk.fatcatremovals.co.uk *.ww25.fatcatremovals.co.uk
fixmyrideessex.co.uk *.fixmyrideessex.co.uk *.ww25.fixmyrideessex.co.uk
*.a2.flowstreams.cx *.archive.flowstreams.cx *.cloud.flowstreams.cx *.de.flowstreams.cx *.eu-panel.flowstreams.cx *.eu01-panel.flowstreams.cx *.eu02-panel.flowstreams.cx *.eu02.flowstreams.cx *.eu03.flowstreams.cx *.eu05-panel.flowstreams.cx flowstreams.cx *.flowstreams.cx *.ft-hetzner.flowstreams.cx *.new.flowstreams.cx *.status.flowstreams.cx *.ww25.flowstreams.cx *.ww38.flowstreams.cx *.www.flowstreams.cx
foxybeds.co.uk *.foxybeds.co.uk *.ww25.foxybeds.co.uk
*.files.fwmhcomics.xyz fwmhcomics.xyz *.fwmhcomics.xyz
garthcaravanstorage.co.uk *.garthcaravanstorage.co.uk *.random.garthcaravanstorage.co.uk *.ww25.garthcaravanstorage.co.uk
gbjoinerylincoln.co.uk *.gbjoinerylincoln.co.uk *.ww25.gbjoinerylincoln.co.uk
name-revise-internet.info *.name-revise-internet.info *.ww38.name-revise-internet.info
networkingsansar.com *.networkingsansar.com *.ww25.networkingsansar.com
*.client.thepanther.io thepanther.io *.thepanther.io *.webtrader.thepanther.io *.ww25.thepanther.io
*.live.tripplestream.xyz *.pop.tripplestream.xyz tripplestream.xyz *.tripplestream.xyz *.ww25.tripplestream.xyz *.ww38.tripplestream.xyz *.www.tripplestream.xyz