Open
Cached
·
just now
27
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; base-uri; object-src; +11 more
default-src 'self' info.datavail.com resources.datavail.com; base-uri 'self'; object-src 'none'; frame-ancestors 'self' info.datavail.com resources.datavail.com datavail.pathfactory.com; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' cdn.pathfactory.com cdn-app.pathfactory.com *.wistia.com fast.wistia.net info.datavail.com resources.datavail.com pi.pardot.com go.pardot.com cdn.livechatinc.com api.livechatinc.com assets.listenlayer.com collect.listenlayer.com bat.bing.com cdn.callrail.com www.clickcease.com monitor.clickcease.com ws.zoominfo.com www.googleadservices.com googleads.g.doubleclick.net www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.google.com www.recaptcha.net www.gstatic.com; script-src-elem 'self' data: 'unsafe-inline' *.callrail.com browser.sentry-cdn.com cdn.pathfactory.com cdn-app.pathfactory.com track.pathfactory.com *.wistia.com fast.wistia.net info.datavail.com resources.datavail.com pi.pardot.com go.pardot.com yoast.com cdn.livechatinc.com api.livechatinc.com assets.listenlayer.com collect.listenlayer.com bat.bing.com cdn.callrail.com www.clickcease.com monitor.clickcease.com ws.zoominfo.com www.googleadservices.com googleads.g.doubleclick.net www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.google.com www.recaptcha.net www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com fast.wistia.net cdn.pathfactory.com cdn-app.pathfactory.com info.datavail.com resources.datavail.com; img-src 'self' data: datavail2018st.wpengine.com info.datavail.com resources.datavail.com cdn.pathfactory.com track.pathfactory.com cdn.livechatinc.com googleads.g.doubleclick.net www.googlesyndication.com embedwistia-a.akamaihd.net *.wistia.com www.google-analytics.com www.googletagmanager.com maps.googleapis.com secure.gravatar.com bat.bing.com www.google.com www.gstatic.com; font-src 'self' data: fast.wistia.com fast.wistia.net cdn-app.pathfactory.com cdn.pathfactory.com fonts.gstatic.com info.datavail.com resources.datavail.com; connect-src 'self' data: fg8vvsvnieiv3ej16jby.litix.io *.wistia.com *.listenlayer.com www.cloudflare.com browser.sentry-cdn.com fast.wistia.net my.yoast.com license.flyingpress.com vitals.flyingpress.com info.datavail.com resources.datavail.com googleads.g.doubleclick.net www.google.com www.recaptcha.net jukebox.pathfactory.com spcollector.pathfactory.com track.pathfactory.com cdn-app.pathfactory.com yoast.com assets.listenlayer.com collect.listenlayer.com static.listenlayer.com cloud-v2.listenlayer.com services.listenlayer.com ws.zoominfo.com embedwistia-a.akamaihd.net fast.wistia.com cdn.livechatinc.com api.livechatinc.com stats.g.doubleclick.net js.callrail.com cdn.callrail.com www.google-analytics.com analytics.google.com monitor.clickcease.com bat.bing.com www.googletagmanager.com; media-src blob: 'self' info.datavail.com resources.datavail.com cdn.pathfactory.com cdn.livechatinc.com www.googleapis.com embedwistia-a.akamaihd.net fast.wistia.com fast.wistia.net; frame-src 'self' *.listenlayer.com info.datavail.com resources.datavail.com datavail.pathfactory.com cdn.pathfactory.com assets.listenlayer.com cdn.livechatinc.com secure.livechatinc.com fast.wistia.net www.googletagmanager.com www.google.com www.recaptcha.net bid.g.doubleclick.net www.googlesyndication.com; worker-src 'self' blob: embedwistia-a.akamaihd.net fast.wistia.com; form-action 'self' info.datavail.com resources.datavail.com;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding,Cookie
Caching Headers
2 headers
Cache-Control
Caching
max-age=600, must-revalidate
Last-Modified
Caching
Tue, 20 Jan 2026 18:10:52 GMT
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
2 headers
Server
Server
cloudflare
X-Powered-By
Server
WP Engine
CORS Headers
1 headers
Access-Control-Allow-Methods
Cors
GET, POST, OPTIONS
Cookies Headers
1 headers
Set-Cookie
Cookies
__cf_bm=6UbY8X3bjUxwnRXtI8gcApBR03cfjHd3KB70u2QFkUw-1769010509-1.0.1.1-8ljB3HPmAsGBWnQ_xoSGUw_f6a7guJuOlnZgucd8hVu62ZvTfQoxDOTHsCExq25OPo4nvKX4uyP7t2jmKYMtBCCYRVRd.3hGmH544CnxgfQ; path=/; expires=Wed, 21-Jan-26 16:18:29 GMT; domain=.www.datavail.com; HttpOnly; Secure; SameSite=None
Other Headers
11 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cdn-Cache-Control
Other
max-age=2592000
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9c17f4c60db56f9d-IAD
Date
Other
Wed, 21 Jan 2026 15:48:29 GMT
Status
Other
304 Not Modified
X-Cache
Other
HIT: 10
X-Cache-Group
Other
normal
X-Cacheable
Other
SHORT
X-Flying-Press-Cache
Other
HIT
X-Flying-Press-Source
Other
PHP
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology