Took the liberty to use 
's own CFSSL to scan https://pages.dev, and well…
Can you expand on what you’re trying to show or illustrate here? It’s not very clear currently. Are there specific issues you’re pointing at?
Sure!
CFSSL is a nice Cloudflare (CF!) tool to automatically scan a number of relevant SSL(!) properties.
Out of curiosity I used it to scan https://pages.dev. What came up was largely clean, except for the one issue posted above.
TLS sessions resumption is a mechanism to speed up initial page loads for recurring visitors, which is a very handy thing to have.
I simply pointed out that for pages.dev TLS sessions resumption does not seem to work reliably.
I have no idea if CF even still implements this or if the tool works anymore. This seems to happen for any Cloudflare property. I checked cloudflare.com, dash.cloudflare.com, workers.dev and r2.dev, they all apparently do not support session resumption.
Does not seem related to Pages just general CF/SSL thing.
1 Like