HTTPS Readiness test

Input

Check here if your site complies with the HTTPS best practices

Domain analysis: twitter.com

  • Always redirect to same domain https://twitter.com (BEST PRACTICE!)
  • IP addresses: 104.244.42.65, 104.244.42.129, 104.244.42.193, 104.244.42.1
  • Certificate details

  • Certificate validity period: 1 year(s) > 1 year -- will be refixed by Apple Safari browsers
  • This SSL Certificate was created especially for twitter.com
  • Certificate issued by DigiCert Inc, of type DigiCert TLS RSA SHA256 2020 CA1
  • Certificate start date: Dec 25 00:00:00 2022 GMT
  • Certificate expiration: Dec 25 23:59:59 2023 GMT (in 279 days)
  • Encryption algorithm: TLSv1.3 / TLS_AES_256_GCM_SHA384
  • More certificate details?
  • SSL Labs: get more detailed HTTPS report
  • Mozilla Observatory: get more detailed HTTPS report
  • HTTPS Headers

  • Missing HTTP header x-xss-protection - should be 1; mode=block
  • HTTP header x-frame-options is OK - iframe clickjacking protection
  • HTTP header content-security-policy is OK - cross-scripting protection
  • HTTP header strict-transport-security (HSTS) is OK (243 months valid)
  • For a GDPR-focused review of your domain, use Churlie GDPR Checkup
  • Content details

  • No mixed content: no http files used in the https page
  • How to get https for your site

    References