HTTP Headers Analysis for https://www.konduto.com

Detected Technologies from Headers

See all in URL Inspect 2

Envoy

Liferay

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000; include subdomains

Content-Security-Policy

Weak

object-src; base-uri; frame-ancestors; +1 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Present

nosniff, nosniff

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Present

geolocation=(self), camera=(), microphone=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Significantly strengthen CSP directives

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

connection: close
transfer-encoding: chunked

Caching Headers

Cache-Control

Caching

private, no-cache, no-store, must-revalidate

Expires

Caching

Thu, 01 Jan 1970 00:00:00 GMT

Pragma

Caching

no-cache

cache-control: private, no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html;charset=UTF-8

content-type: text/html;charset=UTF-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: JSESSIONID=DF281E59B94976706206EB8D1948E72F; Path=/; HttpOnly; Secure
COOKIE_SUPPORT=true; Max-Age=31536000; Expires=Mon, 03 May 2027 01:59:36 GMT; Path=/; Secure; HttpOnly
GUEST_LANGUAGE_ID=pt_PT; Max-Age=31536000; Expires=Mon, 03 May 2027 01:59:36 GMT; Path=/; Secure; HttpOnly; Secure
TS01f33f6e=012e444bb0ddbe830a193a3fa3ae6aceb05a5d7f0ec302302467720f09f217e87ff752b33b0e17eaeb6e2cac61a0357f073e128c29e52e06aa8bcb1fd1f84340d0b892b24b07d964d09800b417c9dc44352a4f2c04162cb472efba7ba9e8a57478c019c95c; Path=/; Domain=.equifax.com.br
GCLB=COex5p3K3dzzAhAD; path=/; HttpOnly; expires=Sun, 03-May-2026 02:00:06 GMT

Other Headers

Alt-Svc

Other

h3=":443"; ma=2592000

Date

Other

Sun, 03 May 2026 01:59:36 GMT

Feature-Policy

Other

vibrate 'self'; sync-xhr 'self' *.equifax.com

Liferay-Portal

Other

Liferay Digital Experience Platform

Via

Other

1.1 google

X-Envoy-Upstream-Service-Time

Other

91

alt-svc: h3=":443"; ma=2592000
date: Sun, 03 May 2026 01:59:36 GMT
feature-policy: vibrate 'self'; sync-xhr 'self' *.equifax.com
liferay-portal: Liferay Digital Experience Platform
via: 1.1 google
x-envoy-upstream-service-time: 91

Recommendations

Enable compression (gzip/brotli) to improve performance