This report summarizes how well ressourcen.fm is configured for secure web delivery. It covers HTTPS availability, HTTP→HTTPS redirects, TLS/SSL certificate validity, security headers, HTTP/2 and HTTP/3 support, and mixed content. Use it to quickly spot configuration gaps and improve your site's security and trust.
Enabled
Yes
A- · 1.2, 1.3
4/6
The site is reachable over HTTPS.
Why it matters: HTTPS encrypts traffic and protects user data.
Requests to HTTP are redirected to HTTPS.
| Valid | Yes |
| Issuer | C=US, O=Let's Encrypt, CN=R13 |
| Expires | 2026-05-10 |
| Days until expiry | 64 days |
Why it matters: A valid, non-expired certificate ensures encryption is trusted by browsers.
To improve your grade
Requires 4 of 6 headers and Content-Security-Policy (CSP).
To improve your grade
Score: 4 of 6 headers present. For the grade factor (5 pts), 4+ headers and Content-Security-Policy (CSP) are both required.
Why it matters: HSTS tells browsers to use only HTTPS for this site. Preload allows inclusion in browsers’ built-in HSTS lists.
We check Chromium’s built-in list. hstspreload.org checks eligibility for submission (HSTS header, redirect chain). Results may differ for domains that are preloaded but no longer meet current eligibility rules.
Not advertised
The server does not advertise HTTP/3 (QUIC) via the Alt-Svc header.
No CAA records. Any CA can issue certificates. Consider adding CAA to restrict issuance.
None detected
No HTTP resources were detected on the HTTPS page.
When you visit the site over HTTP, the server may send you through one or more redirects until you land on the final HTTPS URL. Shorter chains are faster and better for SEO.
Domain owner? If you want this report removed or made private, contact us.