In a new post at the Oh Dear blog, there's a good explanation how HSTS improves security.

HSTS stands for HTTP Strict Transport Security. It's a mechanisme that allows a website to signal that it should only be reached via HTTPS - the encrypted HTTP - instead of the plain text HyperText Transfer Protocol.

https://ohdear.app/blog/were-a-featured-app-domain-on-googles-registry