DNS Gurus
Cached · just now
28 Headers

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
microphone=(), camera=self, fullscreen=self, geolocation=*, payment=self
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Add Content-Security-Policy header to prevent XSS attacks

Performance Headers

3 headers
Accept-Ranges
Performance
bytes
Connection
Performance
close
Vary
Performance
Accept-Encoding

Caching Headers

4 headers
Cache-Control
Caching
no-cache
Etag
Caching
W/"d78-19bdae9ebd0"
Last-Modified
Caching
Tue, 20 Jan 2026 10:18:42 GMT
Pragma
Caching
no-cache

Content Headers

2 headers
Content-Length
Content
3448
Content-Type
Content
text/html; charset=UTF-8

Server Headers

0 headers
No server headers found

CORS Headers

3 headers
Access-Control-Allow-Credentials
Cors
true
Access-Control-Allow-Origin
Cors
*
Access-Control-Expose-Headers
Cors
totalItems

Cookies Headers

0 headers
No cookies headers found

Other Headers

7 headers
Content-Security-Policy-Report-Only
Other
default-src 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca blob: data:;img-src 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca blob: data:;frame-src 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca blob: data:;connect-src 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca blob: data:;object-src 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca blob: data:;script-src 'unsafe-inline' 'unsafe-eval' 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca blob: data:;script-src-elem 'unsafe-inline' 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca;script-src-attr 'unsafe-inline' 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca;frame-ancestors null 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca;form-action 'self' *.google.de *.google.com *.googleapis.com googletagmanager.com *.googletagmanager.com *.g.doubleclick.net *.gstatic.com *.analytics.google.com *.google-analytics.com *.fleetster.de *.fleetster.net *.fleetster.us *.fleetster.ca *.ingest.sentry.io *.sentry.io *.stripe.com intercom-sheets.com *.intercom.io *.intercomassets.eu *.intercomassets.com js.intercomcdn.com *.intercomcdn.com *.intercomcdn.eu *.intercom-attachments.eu *.intercom-attachments.com *.cookiebot.com *.sanity.io ipg-online.com wss://*.intercom.io wss://*.fleetster.de wss://*.fleetster.net wss://*.fleetster.us wss://*.fleetster.ca;report-uri https://app.wheesy.de/csp-violation-report;base-uri 'self';font-src 'self' https: data:;style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Date
Other
Wed, 04 Feb 2026 05:13:03 GMT
Origin-Agent-Cluster
Other
?1
Report-To
Other
{"group":"csp-violation-report","max_age":10886400,"endpoints":[{"url":"https://app.wheesy.de/csp-violation-report"}],"include_subdomains":true}
X-Dns-Prefetch-Control
Other
off
X-Download-Options
Other
noopen
X-Permitted-Cross-Domain-Policies
Other
none

Recommendations

Enable compression (gzip/brotli) to improve performance