HTTPS Readiness test

Input

Check here if your site complies with the HTTPS best practices

Domain analysis: cytotec.logdown.com

  • No redirect to https - Best practice is to use HTTPS always/everywhere
  • IP addresses: 52.21.227.162, 54.237.159.171, 3.226.182.14, 23.22.5.68
  • Certificate details

  • This wildcard SSL Certificate was created for *.logdown.com and is also valid for cytotec.logdown.com
  • Certificate issued by Let's Encrypt, of type R3 (auto renewal)
  • Certificate start date: Aug 12 07:44:42 2022 GMT
  • Certificate expiration: Nov 10 07:44:41 2022 GMT (in 40 days)
  • Certificate validity period: 90 days (probably automated renewal)
  • Encryption algorithm: TLSv1.3 / TLS_AES_128_GCM_SHA256
  • More certificate details?
  • SSL Labs: get more detailed HTTPS report
  • Mozilla Observatory: get more detailed HTTPS report
  • HTTPS Headers

  • Missing HTTP header content-security-policy - create at least a minimal one
  • Missing HTTP header strict-transport-security (HSTS)
  • HTTP header x-xss-protection is OK - cross-scripting protection
  • HTTP header x-frame-options is OK - iframe clickjacking protection
  • For a GDPR-focused review of your domain, use Churlie GDPR Checkup
  • Content details

  • Mixed content: this page uses insecure content from cytotec.logdown.com, www.hamatata.com, email.fuelsinstitute.org, implode-explode.com, www.eastsiderealty.com.au, deals.shiningbazar.com, webmail.marathoner.com, www.piano-p.com, www.astrocorner.de, www.google.co.mz, c.ypcdn.com, www.nanpuu.jp, www.dot-blank.com, roanokevalleyredcross.org, www.sousei-ikoma.com, baseballpodcasts.net, www.nakayama-dr.jp, www.masekaihatsu.com, www.niwasoujin.co.jp, www.avona.org, iframe.eac.com.au, www.castlebar.ie, w-ecolife.com, www.technoplus.ru, www.marathonguide.com, clients1.google.mn, www.hoshikuzuclub.jp, notoprinting.xsrv.jp, i.imgur.com, cdn-theme.logdown.io, logdown.com, mathjax.logdown.io
  • How to get https for your site

    References