SSL Report:
www.weller-tools.com
(3.229.63.219)
Assessed on: Tue, 20 Jan 2026 10:50:48 UTC
| Clear cache
Summary
0
20
40
60
80
100
Certificate
Protocol Support
Key Exchange
Cipher Strength
Visit our documentation page
for more information, configuration guides, and books. Known issues are documented
here.
This site works only in browsers with SNI support.
This server supports TLS 1.3. MORE INFO »
HTTP Strict Transport Security (HSTS) with long duration deployed on this server.
MORE INFO »
Certificate #1: RSA 2048 bits (SHA256withRSA)
|
Server Key and Certificate #1
|
|
| Subject |
weller-tools.com
Fingerprint SHA256: 97a506571757103a6f6806448160a62e30dba8e9b871a8f1ef477f7b47861414 Pin SHA256: rFBTQCSxKTmQjOx3xwEwAvWGeSBmguq/8xUtPJz0YEs= |
| Common names | weller-tools.com |
| Alternative names | weller-tools.com www.weller-tools.com old.www.weller-tools.com prod.www.weller-tools.com stage.www.weller-tools.com dev.www.weller-tools.com ki-assistent.weller-tools.com stage.ki-assistent.weller-tools.com |
| Serial Number | 0bb64b44fce5e467d07ed29a229d1f31 |
| Valid from | Wed, 21 May 2025 00:00:00 UTC |
| Valid until | Thu, 26 Feb 2026 23:59:59 UTC (expires in 1 month and 6 days) |
| Key | RSA 2048 bits (e 65537) |
| Weak key (Debian) | No |
| Issuer | Thawte TLS RSA CA G1
AIA: http://cacerts.thawte.com/ThawteTLSRSACAG1.crt |
| Signature algorithm | SHA256withRSA |
| Extended Validation | No |
| Certificate Transparency | Yes (certificate) |
| OCSP Must Staple | No |
| Revocation information |
CRL, OCSP CRL: http://cdp.thawte.com/ThawteTLSRSACAG1.crl OCSP: http://status.thawte.com |
| Revocation status | Good (not revoked) |
| DNS CAA | No (more info) |
| Trusted | Yes
Mozilla Apple Android Java Windows |
Certification Paths |
Certificate #2: RSA 2048 bits (SHA256withRSA)
No SNI
|
Certification Paths |
Configuration
| Protocols | |
| TLS 1.3 | Yes |
| TLS 1.2 | Yes* |
| TLS 1.1 | No |
| TLS 1.0 | No |
| SSL 3 | No |
| SSL 2 | No |
| (*) Experimental: Server negotiated using No-SNI | |
| Cipher Suites | ||
|
# TLS 1.3 (suites in server-preferred order)
|
||
TLS_AES_256_GCM_SHA384 (0x1302)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256 | |
TLS_CHACHA20_POLY1305_SHA256 (0x1303)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256 | |
TLS_AES_128_GCM_SHA256 (0x1301)
ECDH x25519 (eq. 3072 bits RSA) FS
|
128 | |
|
# TLS 1.2 (suites in server-preferred order)
|
||
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
ECDH x25519 (eq. 3072 bits RSA) FS
|
128 | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
ECDH x25519 (eq. 3072 bits RSA) FS
WEAK
|
128 | |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
ECDH x25519 (eq. 3072 bits RSA) FS
|
256 | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
ECDH x25519 (eq. 3072 bits RSA) FS
WEAK
|
256 | |
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)
WEAK
|
128 | |
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)
WEAK
|
128 | |
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)
WEAK
|
256 | |
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)
WEAK
|
256 | |
| Handshake Simulation | |||
| Android 4.4.2 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Android 5.0.0 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Android 6.0 | RSA 2048 (SHA256) | TLS 1.2 > http/1.1 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Android 7.0 | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Android 8.0 | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Android 8.1 | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH x25519 FS |
| Android 9.0 | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH x25519 FS |
| BingPreview Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Chrome 49 / XP SP3 | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Chrome 69 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Chrome 70 / Win 10 | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH x25519 FS |
| Chrome 80 / Win 10 R | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH x25519 FS |
| Firefox 31.3.0 ESR / Win 7 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Firefox 47 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Firefox 49 / XP SP3 | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Firefox 62 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Firefox 73 / Win 10 R | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH x25519 FS |
| Googlebot Feb 2018 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| IE 11 / Win 7 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| IE 11 / Win 8.1 R | RSA 2048 (SHA256) | TLS 1.2 > http/1.1 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| IE 11 / Win Phone 8.1 R | RSA 2048 (SHA256) | TLS 1.2 > http/1.1 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| IE 11 / Win Phone 8.1 Update R | RSA 2048 (SHA256) | TLS 1.2 > http/1.1 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| IE 11 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Edge 15 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Edge 16 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Edge 18 / Win 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| Edge 13 / Win Phone 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Java 8u161 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Java 11.0.3 | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH secp256r1 FS |
| Java 12.0.1 | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH secp256r1 FS |
| OpenSSL 1.0.1l R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| OpenSSL 1.0.2s R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| OpenSSL 1.1.0k R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 FS |
| OpenSSL 1.1.1c R | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH x25519 FS |
| Safari 6 / iOS 6.0.1 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| Safari 7 / iOS 7.1 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| Safari 7 / OS X 10.9 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| Safari 8 / iOS 8.4 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| Safari 8 / OS X 10.10 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH secp256r1 FS |
| Safari 9 / iOS 9 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Safari 9 / OS X 10.11 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Safari 10 / iOS 10 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Safari 10 / OS X 10.12 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Safari 12.1.2 / MacOS 10.14.6 Beta R | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH x25519 FS |
| Safari 12.1.1 / iOS 12.3.1 R | - | TLS 1.3 | TLS_AES_256_GCM_SHA384 ECDH x25519 FS |
| Apple ATS 9 / iOS 9 R | RSA 2048 (SHA256) | TLS 1.2 > h2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| Yahoo Slurp Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
| YandexBot Jan 2015 | RSA 2048 (SHA256) | TLS 1.2 | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH secp256r1 FS |
|
# Not simulated clients (Protocol mismatch)
|
|||
| Android 2.3.7 No SNI 2 |
Protocol mismatch (not simulated) |
||
| Android 4.0.4 |
Protocol mismatch (not simulated) |
||
| Android 4.1.1 |
Protocol mismatch (not simulated) |
||
| Android 4.2.2 |
Protocol mismatch (not simulated) |
||
| Android 4.3 |
Protocol mismatch (not simulated) |
||
| Baidu Jan 2015 |
Protocol mismatch (not simulated) |
||
| IE 6 / XP No FS 1 No SNI 2 |
Protocol mismatch (not simulated) |
||
| IE 7 / Vista |
Protocol mismatch (not simulated) |
||
| IE 8 / XP No FS 1 No SNI 2 |
Protocol mismatch (not simulated) |
||
| IE 8-10 / Win 7 R |
Protocol mismatch (not simulated) |
||
| IE 10 / Win Phone 8.0 |
Protocol mismatch (not simulated) |
||
| Java 6u45 No SNI 2 |
Protocol mismatch (not simulated) |
||
| Java 7u25 |
Protocol mismatch (not simulated) |
||
| OpenSSL 0.9.8y |
Protocol mismatch (not simulated) |
||
| Safari 5.1.9 / OS X 10.6.8 |
Protocol mismatch (not simulated) |
||
| Safari 6.0.4 / OS X 10.8.4 R |
Protocol mismatch (not simulated) |
||
| (1) Clients that do not support Forward Secrecy (FS) are excluded when determining support for it. | |||
| (2) No support for virtual SSL hosting (SNI). Connects to the default site if the server uses SNI. | |||
| (3) Only first connection attempt simulated. Browsers sometimes retry with a lower protocol version. | |||
| (R) Denotes a reference browser or client, with which we expect better effective security. | |||
| (All) We use defaults, but some platforms do not use their best protocols and features (e.g., Java 6 & 7, older IE). | |||
| (All) Certificate trust is not checked in handshake simulation, we only perform TLS handshake. | |||
| Protocol Details | |
| Secure Renegotiation | Supported |
| Secure Client-Initiated Renegotiation | No |
| Insecure Client-Initiated Renegotiation | No |
| BEAST attack | Mitigated server-side (more info) |
| POODLE (SSLv3) | No, SSL 3 not supported (more info) |
| POODLE (TLS) | No (more info) |
| Zombie POODLE | No (more info)
TLS 1.2 : 0xc027
|
| GOLDENDOODLE | No (more info)
TLS 1.2 : 0xc027
|
| OpenSSL 0-Length | No (more info)
TLS 1.2 : 0xc027
|
| Sleeping POODLE | No (more info)
TLS 1.2 : 0xc027
|
| Downgrade attack prevention | Yes, TLS_FALLBACK_SCSV supported (more info) |
| SSL/TLS compression | No |
| RC4 | No |
| Heartbeat (extension) | No |
| Heartbleed (vulnerability) | No (more info) |
| Ticketbleed (vulnerability) | No (more info) |
| OpenSSL CCS vuln. (CVE-2014-0224) | No (more info) |
| OpenSSL Padding Oracle vuln. (CVE-2016-2107) |
No (more info) |
| ROBOT (vulnerability) | No (more info) |
| Forward Secrecy | Yes (with most browsers) ROBUST (more info) |
| ALPN | Yes h2 http/1.1 |
| NPN | No |
| Session resumption (caching) | Yes |
| Session resumption (tickets) | Yes |
| OCSP stapling | No |
| Strict Transport Security (HSTS) | Yes
max-age=31536000; includeSubDomains |
| HSTS Preloading | Not in: Chrome Edge Firefox IE |
| Public Key Pinning (HPKP) | No (more info) |
| Public Key Pinning Report-Only | No |
| Public Key Pinning (Static) | No (more info) |
| Long handshake intolerance | No |
| TLS extension intolerance | No |
| TLS version intolerance | No |
| Incorrect SNI alerts | No |
| Uses common DH primes | No, DHE suites not supported |
| DH public server param (Ys) reuse | No, DHE suites not supported |
| ECDH public server param reuse | No |
| Supported Named Groups | x25519, secp256r1, x448, secp521r1, secp384r1 (server preferred order) |
| SSL 2 handshake compatibility | No |
| 0-RTT enabled | No |
|
HTTP Requests
|
|
1 https://www.weller-tools.com/
(HTTP/1.1 301 Moved Permanently)
| 1 | |
| Server | nginx | |
| Date | Tue, 20 Jan 2026 10:49:20 GMT | |
| Content-Type | text/html; charset=utf-8 | |
| Content-Length | 382 | |
| Connection | close | |
| X-Drupal-Route-Normalizer | 1 | |
| Content-language | en | |
| X-Content-Type-Options | nosniff | |
| X-Frame-Options | SAMEORIGIN | |
| Expires | Sun, 19 Nov 1978 05:00:00 GMT | |
| Cache-Control | max-age=2764800, public | |
| X-Generator | Drupal 11 (https://www.drupal.org) | |
| Surrogate-Key | kel2 c6h2 e2hr vedn 222j | |
| Content-Security-Policy | default-src 'self' *.google.com *.google-analytics.com *.doubleclick.net cookiehub.net *.cookiehub.net *.facebook.com *.facebook.net polyfill.io *.newrelic.com *.linkedin.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' cookiehub.net *.cookiehub.net *.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.licdn.com *.facebook.net *.doubleclick.net polyfill.io *.facebook.com *.facebook.net *.plyr.io *.vimeo.com *.youtube.com *.hsforms.net *.hsforms.com js.hs-scripts.com js.hs-banner.com js.hs-analytics.net js.hscollectedforms.net unpkg.com *.usercentrics.eu *.newrelic.com *.linkedin.com *.googleapis.com ki-assistent.weller-tools.com; style-src 'self' 'unsafe-inline' cookiehub.net *.cookiehub.net *.facebook.com *.facebook.net *.plyr.io *.vimeo.com *.youtube.com projects.codeaware.at *.linkedin.com *.googleapis.com ki-assistent.weller-tools.com; img-src * 'self' data: https:; frame-src 'self' *.youtube.com *.youtu.be *.youtube-nocookie.com *.vimeo.com *.doubleclick.net *.facebook.com *.facebook.net forms.hsforms.com *.usercentrics.eu *.newrelic.com *.linkedin.com *.googleapis.com; font-src 'self' data: *.gstatic.com *.googleusercontent.com projects.codeaware.at *.googleapis.com; connect-src 'self' *.google.com *.google-analytics.com *.doubleclick.net cookiehub.net *.cookiehub.net *.facebook.com *.facebook.net *.plyr.io *.vimeo.io *.youtube.com noembed.com forms.hsforms.com forms.hubspot.com polyfill.io *.usercentrics.eu *.hscollectedforms.net *.newrelic.com *.nr-data.net *.linkedin.com *.googleapis.com ki-assistent.weller-tools.com; report-uri /report-csp-violation | |
| X-XSS-Protection | 1; mode=block | |
| Strict-Transport-Security | max-age=31536000; includeSubDomains | |
| X-Drupal-Cache | HIT | |
| Location | https://www.weller-tools.com/us/en | |
| Last-Modified | Mon, 12 Jan 2026 07:37:04 GMT | |
| ETag | "1768203424" | |
| X-Request-ID | v-80f11582-efa0-11f0-af6c-f319707b82e5 | |
| X-AH-Environment | prod | |
| X-Geo-Country | US | |
| Vary | Cookie,X-Geo-Country | |
| Age | 692851 | |
| Via | varnish | |
| X-Cache | HIT | |
| X-Cache-Hits | 20164 | |
|
2 https://www.weller-tools.com/us/en
(HTTP/1.1 200 OK)
| 2 | |
| Server | nginx | |
| Date | Tue, 20 Jan 2026 10:49:20 GMT | |
| Content-Type | text/html; charset=UTF-8 | |
| Content-Length | 432182 | |
| Connection | close | |
| Cache-Control | max-age=2764800, public | |
| X-Drupal-Dynamic-Cache | HIT | |
| Content-language | en | |
| X-Content-Type-Options | nosniff | |
| X-Frame-Options | SAMEORIGIN | |
| Expires | Sun, 19 Nov 1978 05:00:00 GMT | |
| X-Generator | Drupal 11 (https://www.drupal.org) | |
| Surrogate-Key | abcb uuvm 9j6g u066 vg9s 8hmd hpea cs14 okvl f8c6 pj0e hn5k r5bk jgeh mmkt ntqt nrde v060 b45u c6h2 11v7 4509 18th ghq9 gc5i f6de 5m6a mngn rt5r ms12 ihrb lsc7 dt9k 97re b733 3ip7 7fkf jtsh 8ipn 3hbf rera 2aij aivu j43i 4fd4 3d1q d88q gob0 o67n ri7a t5bj irif ig5l ecl2 iil1 o4qj ag0p jb18 87ql 4j6l 6nt1 caqm 87ou evpj rbc2 mkhr vagb jm2v ckmh s0d4 13pe tqgv cao0 mlrq c898 ntqf kcqp qoho vev4 0da9 jkee m9b2 ilqu gcj3 kipu 0kjq ggol jnoq scke 0ijh 8ea7 fve9 ndfk 42fu 9qv3 8mgm 770s 2rfj uu27 oqk7 a9hd c9mo ks0t o91g tqkp jp94 3hlq vpal 71pg bckq dqgv 74if 9dk2 6l1k 08l2 rpob 680v e13m q440 qjar d3mm 7uev uv8s crr4 krmb 78c0 2td0 6mbk 217v 7r5r s869 m3rr 83th 5eam shk1 7g9k j5rn eafn u7lf 4hsf 0h8o bou2 2sg0 fura oheb dm2p rekd ki0r oqb1 56pd 0h45 tc8j 4l6o bj8f p5bg lojl e2hr a3ih 6fbr j93n hn0j 8qr5 ddog 112r vc04 ota1 sj9h 2j76 gakb qv2b i8m2 fpus 1300 rt6k s5o3 jbqo mom2 1glv d5pp o83i cotp ib0a egg2 nfac cu5n ofr4 50uo f5lt bq3u r1mu 2re4 9bsf 2boh hc99 b6go ubk7 2ndc sm0p mvrb 9krr looa iq7l arjm lngi t2l4 jnpf 6jcu 1a56 vdgm j95k n6c8 em8c ctgv kel2 vedn an3d 3fkq 7ur7 it3u 222j | |
| Content-Security-Policy | default-src 'self' *.google.com *.google-analytics.com *.doubleclick.net cookiehub.net *.cookiehub.net *.facebook.com *.facebook.net polyfill.io *.newrelic.com *.linkedin.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' cookiehub.net *.cookiehub.net *.google.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.licdn.com *.facebook.net *.doubleclick.net polyfill.io *.facebook.com *.facebook.net *.plyr.io *.vimeo.com *.youtube.com *.hsforms.net *.hsforms.com js.hs-scripts.com js.hs-banner.com js.hs-analytics.net js.hscollectedforms.net unpkg.com *.usercentrics.eu *.newrelic.com *.linkedin.com *.googleapis.com ki-assistent.weller-tools.com; style-src 'self' 'unsafe-inline' cookiehub.net *.cookiehub.net *.facebook.com *.facebook.net *.plyr.io *.vimeo.com *.youtube.com projects.codeaware.at *.linkedin.com *.googleapis.com ki-assistent.weller-tools.com; img-src * 'self' data: https:; frame-src 'self' *.youtube.com *.youtu.be *.youtube-nocookie.com *.vimeo.com *.doubleclick.net *.facebook.com *.facebook.net forms.hsforms.com *.usercentrics.eu *.newrelic.com *.linkedin.com *.googleapis.com; font-src 'self' data: *.gstatic.com *.googleusercontent.com projects.codeaware.at *.googleapis.com; connect-src 'self' *.google.com *.google-analytics.com *.doubleclick.net cookiehub.net *.cookiehub.net *.facebook.com *.facebook.net *.plyr.io *.vimeo.io *.youtube.com noembed.com forms.hsforms.com forms.hubspot.com polyfill.io *.usercentrics.eu *.hscollectedforms.net *.newrelic.com *.nr-data.net *.linkedin.com *.googleapis.com ki-assistent.weller-tools.com; report-uri /report-csp-violation | |
| X-XSS-Protection | 1; mode=block | |
| Strict-Transport-Security | max-age=31536000; includeSubDomains | |
| X-Drupal-Cache | HIT | |
| Last-Modified | Mon, 12 Jan 2026 09:47:10 GMT | |
| X-Request-ID | v-80fba114-efa0-11f0-ba77-8bfad51bb72c | |
| X-AH-Environment | prod | |
| X-Geo-Country | US | |
| Vary | Cookie,Accept-Encoding,X-Geo-Country | |
| Age | 692852 | |
| ETag | W/"1768211230-gzip" | |
| Via | varnish | |
| X-Cache | HIT | |
| X-Cache-Hits | 23467 | |
| Accept-Ranges | bytes | |
| Miscellaneous | |
| Test date | Tue, 20 Jan 2026 10:49:13 UTC |
| Test duration | 95.365 seconds |
| HTTP status code | 200 |
| HTTP server signature | nginx |
| Server hostname | ec2-3-229-63-219.compute-1.amazonaws.com |
SSL Report v2.4.1