About
"About" tools
Development blog
Contact
History
Privacy Statement
Terms & Conditions
How to use the tools
Calculator
"Calculator" tools
Acceleration calculator
Battery calculator
Distance calculator
EV mileage calculator
Exponential growth
Fuel Cost calculator
Natural Gas calculator
Gladwell's 10000 hours
Speed converter
Frequency Calculator
Electrical power
Wavelength Calculator
Mortgage loan calculator
Code
"Code" tools
Bash boilerplate
Color
"Color" tools
CMYK conversion
HTML Color list
RGB conversion
Websafe Color list
Data
"Data" tools
Bandwidth convert
Download calculator
Data size calculator
Music
"Music" tools
Beats-per-minute
Audio delay
Music Frequency
Song length
Music Scale
Tap your tempo
Photo
"Photo" tools
Aspect ratio
Composition Calculator
Depth-of-Field Calculator
DPI calculator
Image filesize calculator
Light calculator (EV)
Megapixel calculator
Megapixel Aspects
Video
"Video" tools
Audio file size calculator
Common bitrates
DCP file size
Foot-Lambert Calculator
Screen size
Video bitrate
Frame rate convert
Video file size calculator
Web
"Web" tools
Content Security Policy
Redirection check
Security Policy Framework check
HTTPS config check
HTML char map
Emoji char map
HTML encoder
SEO Performance
HTTPS Readiness test
Input
Check here if your site complies with the HTTPS best practices
Domain
Check domain!
Domain analysis: timeoff.management
Always redirect to same domain https://timeoff.management (BEST PRACTICE!)
IP address:
167.99.89.184
Certificate details
This SSL Certificate was created especially for
timeoff.management
Certificate issued by
Let's Encrypt
, of type
R3
(auto renewal)
Certificate start date:
Jan 28 18:36:51 2023 GMT
Certificate expiration:
Apr 28 18:36:50 2023 GMT
(in 31 days)
Certificate validity period:
90 days
(probably automated renewal)
Encryption algorithm:
TLSv1.3
/ TLS_AES_256_GCM_SHA384
More certificate details?
SSL Labs:
get more detailed HTTPS report
Mozilla Observatory:
get more detailed HTTPS report
HTTPS Headers
Missing HTTP header x-xss-protection -
should be
1; mode=block
Missing HTTP header x-frame-options -
should be
SAMEORIGIN
Missing HTTP header content-security-policy -
create at least a minimal one
Missing HTTP header strict-transport-security (
HSTS
)
For a GDPR-focused review of your domain, use
Churlie GDPR Checkup
Content details
No mixed content: no http files used in the https page
How to get https for your site
Let’s Encrypt is a free, automated, and open Certificate Authority.
Example:
cloudfleet.io
,
scotthelme.co.uk
Cloudflare One-Click SSL
(also on the
Free Plan
)
Example:
toolstud.io
Paid certificates: Verisign, GeoTrust, Comodo, DigiCert, Thawte, Globalsign
Example:
www.amazon.com
,
www.mozilla.org
,
twitter.com
References
Google Chrome
and/or
Search
will punish your website for insecure content and practices. In short, every site should be
https://
, and should send every visitor of their
http://
site to the secure one.
Google Chrome: Our plan to label HTTP sites as non-secure is taking place in gradual steps
Data Security Action Plan, step 1: Implement strict encryption measures on all network traffic
BuiltWith: SSL by Default Usage Statistics
Analysis of the Alexa Top 1M sites: HTTPS, HSTS, CSP
