HTTPSWatch (Canada)

HTTPSWatch tracks the HTTPS support of prominent websites. Click to show details about a site’s HTTPS support. See the About page for more information.

Newspapers

0/3/0
National Post (www.nationalpost.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set but the max-age is less than 30 days.
  • HTTP site redirects to HTTPS.
Tell National Post they should improve their HTTPS support:
The Globe and Mail (www.theglobeandmail.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set but the max-age is less than 30 days.
  • HTTP site redirects to HTTPS.
Tell The Globe and Mail they should improve their HTTPS support:
Toronto Star (www.thestar.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Toronto Star they should improve their HTTPS support:

News

1/4/0
CBC Canadian News (www.cbc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell CBC Canadian News they should improve their HTTPS support:
CTV News (www.ctvnews.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell CTV News they should improve their HTTPS support:
Global News (globalnews.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set but the max-age is less than 30 days.
  • HTTP site redirects to HTTPS.
Tell Global News they should improve their HTTPS support:
Metro News (metronews.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Metro News they should improve their HTTPS support:
CBC/Radio-Canada (www.cbc.radio-canada.ca) Bad
  • Certificate hostname verification fails.
Tell CBC/Radio-Canada they should improve their HTTPS support:

Airlines

1/2/2
Air Canada (www.aircanada.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Air Canada they should improve their HTTPS support:
WestJet (www.westjet.com) Good
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank WestJet for providing high quality HTTPS:
Porter (www.flyporter.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Porter they should improve their HTTPS support:
Sunwing (www.sunwing.ca) Bad
Tell Sunwing they should improve their HTTPS support:
Swoop (www.flyswoop.com) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Swoop for providing high quality HTTPS:

Media Organizations

1/0/0
Radio-Canada (ici.radio-canada.ca ) Bad
  • DNS lookup failed.
Tell Radio-Canada they should improve their HTTPS support:

Banks

4/8/2
Royal Canadian Mint (www.mint.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set but the max-age is less than 30 days.
  • The HTTP site times out.
Tell Royal Canadian Mint they should improve their HTTPS support:
TD Canada Trust (easyweb.td.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell TD Canada Trust they should improve their HTTPS support:
RBC Royal Bank (www.rbcroyalbank.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell RBC Royal Bank they should improve their HTTPS support:
Canadian Imperial Bank of Commerce (www.cibc.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Canadian Imperial Bank of Commerce they should improve their HTTPS support:
Scotiabank (www2.scotiaonline.scotiabank.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Scotiabank they should improve their HTTPS support:
Bank of Canada (www.bankofcanada.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Bank of Canada they should improve their HTTPS support:
Business Development Bank of Canada (www.bdc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Tell Business Development Bank of Canada they should improve their HTTPS support:
Canada Deposit Insurance Corporation (www.cdic.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTML page loaded over HTTPS has mixed content.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell Canada Deposit Insurance Corporation they should improve their HTTPS support:
Canada Mortgage and Housing Corporation (www.cmhc-schl.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Canada Mortgage and Housing Corporation they should improve their HTTPS support:
Competition Bureau Canada (www.competitionbureau.gc.ca) Bad
  • Certificate hostname verification fails.
Bank of Montreal (bmo.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Bank of Montreal they should improve their HTTPS support:
Simplii Financial (simplii.com) Bad
  • connect() to port 443 times out.
Tell Simplii Financial they should improve their HTTPS support:
Tangerine (www.tangerine.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Tangerine for providing high quality HTTPS:
HSBC Bank Canada (hsbc.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank HSBC Bank Canada for providing high quality HTTPS:

Travel

1/2/1
Travel.gc.ca (travel.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Travel.gc.ca they should improve their HTTPS support:
Canadian Tourism Commission (www.canada.travel) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Presto Card (www.prestocard.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Presto Card for providing high quality HTTPS:
Canadian Tourism Commission (en-corporate.canada.travel) Bad
  • Nothing is listening on port 443.
Tell Canadian Tourism Commission they should improve their HTTPS support:

Universities/College

3/12/7
Queen's University (www.queensu.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Queen's University they should improve their HTTPS support:
Brock University (www.brocku.ca) Bad
Tell Brock University they should improve their HTTPS support:
Laurentian University (laurentian.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Laurentian University they should improve their HTTPS support:
Trent University (www.trentu.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Trent University they should improve their HTTPS support:
University Of Toronto (www.utoronto.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank University Of Toronto for providing high quality HTTPS:
University of Windsor (www.uwindsor.ca) Bad
  • A verified TLS connection can be established. (SSL Labs report)
  • The HTTPS site redirects to HTTP.
Tell University of Windsor they should improve their HTTPS support:
Canadian Police College (www.cpc-ccp.gc.ca) Bad
  • Nothing is listening on port 443.
Royal Military College of Canada (www.rmc.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Royal Military College of Canada for providing high quality HTTPS:
University of British Columbia (www.ubc.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank University of British Columbia for providing high quality HTTPS:
Simon Fraser University (www.sfu.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Simon Fraser University they should improve their HTTPS support:
University of Alberta (www.ualberta.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank University of Alberta for providing high quality HTTPS:
University of Calgary (www.ucalgary.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell University of Calgary they should improve their HTTPS support:
University of Saskatchewan (www.usask.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell University of Saskatchewan they should improve their HTTPS support:
University of Manitoba (www.umanitoba.ca) Mediocre
  • A verified TLS connection can be established. (SSL Labs report)
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell University of Manitoba they should improve their HTTPS support:
University of Waterloo (uwaterloo.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank University of Waterloo for providing high quality HTTPS:
York University (www.yorku.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell York University they should improve their HTTPS support:
McGill University (www.mcgill.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell McGill University they should improve their HTTPS support:
Université de Montréal (www.umontreal.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Université de Montréal they should improve their HTTPS support:
Université du Québec à Montréal (UQAM) (uqam.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Université du Québec à Montréal (UQAM) for providing high quality HTTPS:
Université Laval (www.ulaval.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell Université Laval they should improve their HTTPS support:
Dalhousie University (www.dal.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Dalhousie University for providing high quality HTTPS:
Memorial University of Newfoundland (www.mun.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Memorial University of Newfoundland they should improve their HTTPS support:

Government & Public Sector

17/12/2
Elections Canada (elections.ca) Bad
  • connect() to port 443 times out.
Tell Elections Canada they should improve their HTTPS support:
Statistics Canada (www.statcan.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Statistics Canada they should improve their HTTPS support:
Canada Revenue Agency (www.cra-arc.gc.ca) Bad
  • connect() to port 443 times out.
Tell Canada Revenue Agency they should improve their HTTPS support:
Aboriginal Business Canada (www.aadnc-aandc.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site doesn’t redirect to HTTPS.
Canadian Security Intelligence Service (www.csis-scrs.gc.ca) Bad
  • A TLS-related error (UNKNOWN_PROTOCOL) occurs when trying to connect.
Tell Canadian Security Intelligence Service they should improve their HTTPS support:
Canada Agricultural Review Tribunal (cart-crac.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Canada Agricultural Review Tribunal they should improve their HTTPS support:
Courts Administration Service (www.cas-satj.gc.ca) Bad
  • connect() returns with error ECONNRESET.
Federal Economic Development Initiative for Northern Ontario (FedNor) (fednor.gc.ca) Bad
  • Certificate hostname verification fails.
Tell Federal Economic Development Initiative for Northern Ontario (FedNor) they should improve their HTTPS support:
Commissioner of Lobbying of Canada (lobbycanada.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Commissioner of Lobbying of Canada they should improve their HTTPS support:
Patented Medicine Prices Review Board Canada (pmprb-cepmb.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell Patented Medicine Prices Review Board Canada they should improve their HTTPS support:
Canadian Pari-Mutuel Agency (www.agr.gc.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is C.
  • The HTTPS site redirects to HTTP.
Tell Canadian Pari-Mutuel Agency they should improve their HTTPS support:
Canadian Centre for Occupational Health and Safety (www.ccohs.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Canadian Centre for Occupational Health and Safety for providing high quality HTTPS:
Canadian Intellectual Property Office (www.ic.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell Canadian Intellectual Property Office they should improve their HTTPS support:
Defence Construction Canada (www.dcc-cdc.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Tell Defence Construction Canada they should improve their HTTPS support:
Canada Centre for Inland Waters (www.ec.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Tell Canada Centre for Inland Waters they should improve their HTTPS support:
Export Development Canada (www.edc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Export Development Canada they should improve their HTTPS support:
Health Canada (www.healthycanadians.gc.ca) Bad
  • Nothing is listening on port 443.
Tell Health Canada they should improve their HTTPS support:
Nuclear Safety Commission (www.nuclearsafety.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell Nuclear Safety Commission they should improve their HTTPS support:
Canadian Nuclear Safety Commission (cnsc-ccsn.gc.ca) Bad
  • Certificate hostname verification fails.
Tell Canadian Nuclear Safety Commission they should improve their HTTPS support:
Taxpayers' Ombudsman (www.oto-boc.gc.ca) Bad
  • Certificate hostname verification fails.
Parliament of Canada (www.parl.gc.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is B.
  • The HTTPS site returns an error status (404) on request.
Passport Canada (www.passport.gc.ca) Bad
  • connect() to port 443 times out.
Tell Passport Canada they should improve their HTTPS support:
Indian Oil and Gas Canada (www.pgic-iogc.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site doesn’t redirect to HTTPS.
Laurentian Pilotage Authority Canada (www.pilotagestlaurent.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Canadian Polar Commission (www.polarcom.gc.ca) Bad
  • Certificate hostname verification fails.
Federal Bridge Corporation (www.pontscanadabridges.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is A.
  • The HTML page loaded over HTTPS has mixed content.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Pacific Pilotage Authority Canada (www.ppa.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Privacy Commissioner (www.priv.gc.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Public Sector Integrity Commissioner (www.psic.gc.ca) Bad
  • Certificate hostname verification fails.
Canada Firearms Centre (www.rcmp-grc.gc.ca) Bad
  • Nothing is listening on port 443.
Communications Security Establishment (www.cse-cst.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.

Tech Companies

2/7/2
Rogers Communications (www.rogers.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Rogers Communications they should improve their HTTPS support:
Bell Canada (www.bell.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Bell Canada for providing high quality HTTPS:
Telus (www.telus.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set but the max-age is less than 30 days.
  • HTTP site redirects to HTTPS.
Tell Telus they should improve their HTTPS support:
Tek Savvy (teksavvy.com) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Tek Savvy they should improve their HTTPS support:
Industrial Technologies Office (www.ic.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Infrastructure Canada (www.infrastructure.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Shaw Communications (www.shaw.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Shaw Communications they should improve their HTTPS support:
Vidéotron (www.videotron.com) Bad
  • A verified TLS connection can be established. SSL Labs grade is A-.
  • The HTTPS site redirects to HTTP.
Tell Vidéotron they should improve their HTTPS support:
Bell MTS (www.bellmts.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Bell MTS they should improve their HTTPS support:
Bell Aliant (bellaliant.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Bell Aliant for providing high quality HTTPS:
Distributel (www.distributel.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Distributel they should improve their HTTPS support:

Canadian Museum

2/7/0
Canadian Museum of Contemporary Photography (cmcp.gallery.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Canadian Museum for Human Rights (humanrights.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Canadian Museum of Nature (nature.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Currency Museum (www.bankofcanadamuseum.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Canadian Museum of History (www.historymuseum.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Virtual Museum of Canada (www.virtualmuseum.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is C.
  • The HTTPS site redirects to HTTP.
Canadian War Museum (www.warmuseum.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Historic Sites and Monuments Board of Canada (www.pc.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is B.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Historic Sites and Monuments Board of Canada they should improve their HTTPS support:
Canadian Museum of Immigration at Pier 21 (www.pier21.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Tell Canadian Museum of Immigration at Pier 21 they should improve their HTTPS support:

Canadian Services

7/5/4
Canada (www.canada.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Canada for providing high quality HTTPS:
Canada Post (www.canadapost.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Canada Post for providing high quality HTTPS:
Canadian Northern Economic Development Agency (www.cannor.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site doesn’t redirect to HTTPS.
Copyright Board Canada (www.cb-cda.gc.ca) Bad
  • Certificate not trusted by Mozilla cert store.
Canadian Air Transport Security Authority (www.catsa.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is A.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site redirects to HTTPS.
Canadian Conservation Institute (www.cci-icc.gc.ca) Bad
  • Certificate hostname verification fails.
Canadian International Trade Tribunal (www.citt.gc.ca) Bad
  • connect() to port 443 times out.
Tell Canadian International Trade Tribunal they should improve their HTTPS support:
Canadian Judicial Council (www.cjc-ccm.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell Canadian Judicial Council they should improve their HTTPS support:
Communications Research Centre Canada (www.crc.gc.ca) Bad
  • Certificate hostname verification fails.
Tell Communications Research Centre Canada they should improve their HTTPS support:
Canadian Race Relations Foundation (www.crr.ca) Bad
  • A verified TLS connection can be established. SSL Labs grade is B.
  • The HTTPS site redirects to HTTP.
Tell Canadian Race Relations Foundation they should improve their HTTPS support:
Farm Credit Canada (www.fcc-fac.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is A+.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Farm Credit Canada for providing high quality HTTPS:
Foreign Affairs, Trade and Development (www.international.gc.ca) Good
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is set with a long max-age directive.
  • HTTP site redirects to HTTPS.
Thank Foreign Affairs, Trade and Development for providing high quality HTTPS:
Standards Council of Canada (www.scc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell Standards Council of Canada they should improve their HTTPS support:
Canadian Trade Commissioner Service (www.tradecommissioner.gc.ca) Mediocre
  • A verified TLS connection can be established. SSL Labs grade is C.
  • A page can be successfully fetched over HTTPS.
  • Strict-Transport-Security header is not set.
  • HTTP site doesn’t redirect to HTTPS.
Tell Canadian Trade Commissioner Service they should improve their HTTPS support:
Canadian Anti-Fraud Centre (www.antifraudcentre.ca) Bad
  • Nothing is listening on port 443.
Tell Canadian Anti-Fraud Centre they should improve their HTTPS support:
Immigration, Refugees and Citizenship Canada (www.cic.gc.ca) Bad
  • connect() to port 443 times out.