Some sites are jumping between grades daily

[nukeador]

We are actively using the API to scan all Spanish official sites, and since we are analyzing the history of the sites we have observed that some of them are changing their grades daily for no apparent reason. I'm reporting here in case this is an Observatory bug.

Some sites on which we have seen this behavior:

https://observatory.mozilla.org/analyze/lapobladelduc.es (jumping from C- to D-)
https://observatory.mozilla.org/analyze/muvim.es (from D- to F)
https://observatory.mozilla.org/analyze/sanidad.castillalamancha.es (from D- to F)
https://observatory.mozilla.org/analyze/www.juntadeandalucia.es (from D to F)
https://observatory.mozilla.org/analyze/www.uva.es (from D- to C-)

Cheers.

[floatingatoll]

I checked the first site, and the results are alternating based on a single score outcome: Redirection, either +0 or -20, with the -20 being:

"Redirects, but the final destination is not an HTTPS URL".

I haven't yet found the site doing the right thing, as currently it's doing the wrong thing — redirecting http:// to http://, and serving HTTP requests in response to http://www without trying to https it — but I notice that the response from the redirect target has X-Proxy-Cache: HIT headers. If there are proxies or load balancers involved for these sites, it would be useful to know if the origin servers are all responding equivalently to the following commands:

% curl -v http://lapobladelduc.es
% curl -v https://lapobladelduc.es
% curl -v http://www.lapobladelduc.es
% curl -v https://www.lapobladelduc.es

Based on my review of what this domain is returning right now at each of those URLs, D- is the correct score, with the Redirect -20 penalty accurately reflecting that https:// is never invoked at any point in the redirect chain.