SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Hostname Mismatch - certificate is issued for *.squarespace.com, squarespace.com, *.campaign-preferences.com, campaign-preferences.com, *.sqsp.net, sqsp.net, *.sqspcdn.com, static1.1.sqspcdn.com, static2.1.sqspcdn.com, not for anabelle.cool
Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Weak
require-trusted-types-for
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Significantly strengthen CSP directives
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
Performance Headers
4 headers
Accept-Ranges
Performance
none
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Sec-CH-Viewport-Width, Sec-CH-DPR,Accept-Encoding
Caching Headers
3 headers
Cache-Control
Caching
no-cache, no-store, max-age=0, must-revalidate
Expires
Caching
Mon, 01 Jan 1990 00:00:00 GMT
Pragma
Caching
no-cache
Content Headers
1 headers
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
Server
Server
ESF
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
__Secure-ROLLOUT_TOKEN=CJ6oz-j-2IGMRxCcgpvyxbaRAxicgpvyxbaRAw%3D%3D; Domain=youtube.com; Expires=Tue, 09-Jun-2026 22:07:18 GMT; Path=/; Secure; HttpOnly; SameSite=none; Partitioned
Other Headers
8 headers
Accept-Ch
Other
Sec-CH-Viewport-Width, Sec-CH-DPR
Alt-Svc
Other
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date
Other
Thu, 11 Dec 2025 22:07:18 GMT
Document-Policy
Other
include-js-call-stacks-in-crash-reports
Origin-Trial
Other
AiDEBptUfVeO93q48VdVMe/ubupazdAl8AaHP+NBzdnW8quUcHdzJUyGSfrmtpKJu7EOvwRp9ug2rEo3XU+WMAMAAAB2eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJEZXZpY2VCb3VuZFNlc3Npb25DcmVkZW50aWFsczIiLCJleHBpcnkiOjE3NzQzMTA0MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
P3p
Other
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Report-To
Other
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
Reporting-Endpoints
Other
default="/web-reports?context=eJwNz21MlXUcxvFuvmV47sM5575_vztMnTnC9cIOAwa2VtTUeWKuo6wpkwfHkwcfphB0zhE2anPLzI21WnoKqWbrgSZKrVrLEMlyY-okAlGnYM1yjaQsnUgTtf-Lz5vrenNdvj2zqu5ts7KLG6wvXm6yKh9rtlb89JLVHolbU5_GrUO9cSs6mrAmFyatiqyk9e5o0tr6S4v1QWhdWsvcdWm95T7q633c7PDx75iPlms-KhbbjKy0mVxls6XS5psum94vbcb_sPmn2k9Bws9ESQZ9HRnUXM7g8TUBPjscoGQgwFvG33cCLCkKkowFsZNB9u0OkvdOkPQPg2SeDNKXHSK9OoTPGO4MMXYrxHpxqC50aDfeW-swXuUQ3ejQ1ubwqrHsDYdnUg79BxwWdjvM63GQMw7zJxwuTzsEZrtciLjcW-nS9YJLtMLlqTaXO-0ubsrlh36XokGXp4ddFp1zybvikjnlkv6gcMYWVs0VovOE7kcEyRKWZwtdOUK4UEisFqaNznKTVwi-RuFt41KToM3CTmPpLqFsr_DcJ8KxbiHtoHDCOPKVUPutUP2dcHrAdKeEs0NC5LzQahRfFBZdFe5eE_ZcFwpuCP3_CU23hRkjZ0YovV_Br-wIKCWZSmqB8vASJfGEcjSinDX-NKyo8ryRtUF5P6Yc2KTUxpWZhHKkVVm2Syl9U5lKKWs7lFeMo8bOTqVnv1L8kTJoDBsjHyvbu5TbRk-3svegMudrZaJXKetTKvuVgu-ViHHrmFL3ozJ-XBkYUCaN0pNmr7F8UNltHB4yG39Wro4or48q5eeUbReUBWNK5q_K578p639XnCvK0HWl6IZSc1M5dNd8uc_j2Qc8pm2PGb_H0gyPNQGPxUGP-SGPMtdjxUMej87xWG3sM1x_emrHXydmhc6_tv-UlRVubUzEE7WxnO2x2nB9c2NDPBxr2BCua94c31xXs7UqPze_MC8_Lzcn98mqF3P_BxfU9aM"
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 757ms