HTTP Headers Analysis for https://goodto.com

Detected Technologies from Headers

See all in URL Inspect 1

Varnish

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Weak

frame-ancestors Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Significantly strengthen CSP directives
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

Accept-Encoding, X-FTR-kiosq-user-status, X-FTR-kiosq-server-side-user-status, X-FTR-kiosq-server-side-entitlements, X-Country-Code, X-FTR-ABTest-Group

accept-ranges: bytes
connection: close
vary: Accept-Encoding, X-FTR-kiosq-user-status, X-FTR-kiosq-server-side-user-status, X-FTR-kiosq-server-side-entitlements, X-Country-Code, X-FTR-ABTest-Group

Caching Headers

Age

Caching

36109

Cache-Control

Caching

no-store,private

Last-Modified

Caching

Thu, 19 Feb 2026 15:35:20 GMT

age: 36109
cache-control: no-store,private
last-modified: Thu, 19 Feb 2026 15:35:20 GMT

Content Headers

Content-Length

Content

675414

Content-Type

Content

text/html; charset=utf-8

content-length: 675414
content-type: text/html; charset=utf-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: FTR_Country_Code=US; path=/; domain=www.goodto.com
FTR_Cache_Status=HIT-CLUSTER; path=/; domain=www.goodto.com

Other Headers

Alt-Svc

Other

h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

Date

Other

Fri, 20 Feb 2026 01:37:10 GMT

Via

Other

1.1 varnish, 1.1 varnish

X-Age

Other

2893

X-Cache

Other

HIT-CLUSTER

X-Cache-Hits

Other

9, 0

X-Country-Code

Other

US

X-Country-Code-Real

Other

US

X-Ftr-Backend

Other

varnish-leopard

X-Ftr-Backend-Server

Other

leopard3

X-Ftr-Balancer

Other

vanilla-mochi-http-haproxy-prod-1

X-Ftr-Cache-Status

Other

MISS HIT

X-Ftr-Request-Id

Other

6e77d120-7ec6-43a1-af7d-2af7d3933af9, 00000000000000000000FFFF9D344529:6756_00000000000000000000FFFFB9711932:01BB_69973907_1295AB:16E93C

X-Served-By

Other

cache-lon4241-LON, cache-ewr-kewr1740048-EWR

X-Timer

Other

S1771551431.944112,VS0,VE1

Xkey

Other

goodto-platform-progressive, goodto-curatedlist-66CSkmWJqGyjP9o7z4gopn, goodto-page-homepage, goodto-page-homepage-non-connected, goodto-region-US, goodto-flexi-page-guid-default_page_layout_home_legacy_progressive, goodto-flexi-controller-FlexiPageLayout:index, goodto-flexi-site-guid-goodto_en_gb, goodto-flexi-layout-home, goodto-flexi-route-custom_route_1613655266, goodto-version-1552688, goodto-server-phpfpm-66454d9c6-g2h8v, goodto-hawkwidgets-master-64beb7f8

alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date: Fri, 20 Feb 2026 01:37:10 GMT
via: 1.1 varnish, 1.1 varnish
x-age: 2893
x-cache: HIT-CLUSTER
x-cache-hits: 9, 0
x-country-code: US
x-country-code-real: US
x-ftr-backend: varnish-leopard
x-ftr-backend-server: leopard3
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-ftr-cache-status: MISS HIT
x-ftr-request-id: 6e77d120-7ec6-43a1-af7d-2af7d3933af9, 00000000000000000000FFFF9D344529:6756_00000000000000000000FFFFB9711932:01BB_69973907_1295AB:16E93C
x-served-by: cache-lon4241-LON, cache-ewr-kewr1740048-EWR
x-timer: S1771551431.944112,VS0,VE1
xkey: goodto-platform-progressive, goodto-curatedlist-66CSkmWJqGyjP9o7z4gopn, goodto-page-homepage, goodto-page-homepage-non-connected, goodto-region-US, goodto-flexi-page-guid-default_page_layout_home_legacy_progressive, goodto-flexi-controller-FlexiPageLayout:index, goodto-flexi-site-guid-goodto_en_gb, goodto-flexi-layout-home, goodto-flexi-route-custom_route_1613655266, goodto-version-1552688, goodto-server-phpfpm-66454d9c6-g2h8v, goodto-hawkwidgets-master-64beb7f8

Recommendations

Enable compression (gzip/brotli) to improve performance