What is this?
HSTS preload is the browser's "memorize this domain as HTTPS-only forever" mechanism:
Chrome, Firefox, Safari and Edge ship a baked-in list of domains that must never be loaded
over HTTP - even before any handshake. To get onto the list you submit your domain at hstspreload.org; the site checks four hard requirements automatically and rejects everything else.
This tool runs the same four checks (HTTPS reachable, HSTS header with max-age >= 1 year, includeSubDomains, preload, and a HTTP → HTTPS redirect on port 80) plus a verdict, so you can fix the gaps before
submitting.
When do I need it?
Use before submitting to hstspreload.org, after a TLS cert or CDN migration that might have dropped the HSTS header, or as a periodic sanity check that the HTTP-to-HTTPS redirect on port 80 is still wired up. Removal from the preload list is a months-long process - getting the configuration right before submission saves a lot of pain.