HTTPS, SSL & Security Report for sync.koalastuff.net

This report summarizes how well sync.koalastuff.net is configured for secure web delivery. It covers HTTPS availability, HTTP→HTTPS redirects, TLS/SSL certificate validity, security headers, HTTP/2 and HTTP/3 support, and mixed content. Use it to quickly spot configuration gaps and improve your site's security and trust.

Partially secureScore80/100Last checked: 10 Jul 2026 at 07:40 UTC
HTTPS

Enabled

HTTP → HTTPS

N/A

TLS

B+ · 1.2, 1.3

Security headers

6/6

Detailed checks

HTTPS availability

The site is reachable over HTTPS.

Why it matters: HTTPS encrypts traffic and protects user data.

HTTP to HTTPS redirect

HTTP port 80 is not responding, so there is no HTTP listener to redirect. Modern browsers upgrade to HTTPS automatically.

Note: Port 80 may be firewalled or intentionally closed. Opening it with a 301 to HTTPS ensures visitors who type http:// are redirected rather than getting a connection error.

TLS & CertificateB+

ValidYes
IssuerC=US, O=Let's Encrypt, CN=E7
Expires2026-08-14
Days until expiry35 days

Why it matters: A valid, non-expired certificate ensures encryption is trusted by browsers.

To improve your grade

  • Port 80 is closed, so visitors typing http:// get a connection error instead of an automatic redirect. Open port 80 with a 301 to HTTPS to recover the redirect points.
  • Reach 85+ points for A- (currently 80).

Monitor this domain

We'll check SSL grade, HTTPS, redirects, and security headers automatically. Email only when something changes.

Start monitoring — freeOne-click account with Google, GitHub, or email. No password.

Free: 1 domain, weekly. Plans from €7/mo — daily checks, up to 50 domains, history & white-label PDF.

Grade breakdown2 things to improve for a higher grade →
80/100 pts
HTTPS Connection
+25/25
HTTP to HTTPS Redirect
+0/20
Valid SSL Certificate
+20/20
Certificate Not Expiring Soon
+10/10
Short Redirect Chain
+5/5
HSTS Enabled
+5/5
Security Headers
+5/5
Modern TLS (no 1.0/1.1)
+10/10

To improve your grade

  • Port 80 is closed, so visitors typing http:// get a connection error instead of an automatic redirect. Open port 80 with a 301 to HTTPS to recover the redirect points.
  • Reach 85+ points for A- (currently 80).

Security headers6/6

  • HSTS
  • CSP
  • X-Frame-Options
  • X-Content-Type-Options
  • Referrer-Policy
  • Permissions-Policy

Score: 6 of 6 headers present. For the grade factor (5 pts), 4+ headers and Content-Security-Policy (CSP) are both required.

HSTS (HTTP Strict Transport Security)Preload ready

  • EnabledYes
  • Max-Age365 days
  • PreloadYes
  • On HSTS preload listNo
Submit or verify on hstspreload.org

Why it matters: HSTS tells browsers to use only HTTPS for this site. Preload allows inclusion in browsers’ built-in HSTS lists.

We check Chromium’s built-in list. hstspreload.org checks eligibility for submission (HSTS header, redirect chain). Results may differ for domains that are preloaded but no longer meet current eligibility rules.

HTTP/3 (QUIC)

Advertised (not negotiated)

Alt-Svc: h3=":443"; ma=2592000

Advertised via Alt-Svc, but an active HTTP/3 request fell back (server did not serve h3 on UDP 443).

DNS Security

CAA: Not set · DNSSEC: Validated · HTTPS record: Not setExpand
CAANot set
DNSSEC
Validated
HTTPS Record
Not set

No HTTPS record. Browsers discover protocols via connection — an HTTPS record speeds this up. Learn more →

No CAA records. Any CA can issue certificates. Consider adding CAA to restrict issuance.

Redirect chain

When you visit the site over HTTP, the server may send you through one or more redirects until you land on the final HTTPS URL. Shorter chains are faster and better for SEO.

  1. 1.http://sync.koalastuff.net

Recommendations for sync.koalastuff.net

Based on this scan, here are the 3 next steps that would most improve security and SEO for sync.koalastuff.net.

  1. Set up an HTTP → HTTPS redirect

    High impact

    sync.koalastuff.net does not redirect plain HTTP requests to HTTPS. Visitors (and search engines) landing on the HTTP version get an insecure page, and you may be splitting SEO signals between two versions of the site. A single 301 redirect fixes both.

  2. Consider HSTS preload

    Nice to have

    HSTS is enabled for sync.koalastuff.net but the domain is not on the browser preload list, so the very first visit can still go over HTTP. Preloading closes that gap — but read the requirements first, removal is slow.

  3. Add a CAA DNS record

    Nice to have

    sync.koalastuff.net has no CAA record, so any certificate authority can issue certificates for it. A CAA record limits issuance to the CAs you actually use — a cheap defense against mis-issuance.

Show this badge on your site

Let your visitors know your SSL setup is verified. The badge always shows your current grade and links to this report. Paste the snippet into your site footer:

SSL grade badge for sync.koalastuff.net← live preview, updates automatically
<a href="https://httpsornot.com/report/sync.koalastuff.net?utm_source=badge" target="_blank" rel="noopener">
  <img src="https://httpsornot.com/badge/sync.koalastuff.net.svg" alt="SSL grade for sync.koalastuff.net — checked by HTTPS Checker" height="20" loading="lazy" />
</a>

Domain owner? If you want this report removed or made private, contact us.