Open
Cached
·
just now
92/100
SECURITY SCORE
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4
Valid From
December 17, 2025
Valid Until
June 15, 2026
171 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7F:D2:D6:CC:FC:95:18:06:3C:02:A1:B4:D4:1E:FD:E3:71:FB:82:F5:29:89:52:ED:88:11:DA:16:DE:AB:95:40
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000 ; includeSubDomains ; preload
Content-Security-Policy
Strong
default-src; connect-src; style-src; +2 more
default-src 'self';connect-src https://www.myworkdiary.it;style-src 'self' ;script-src 'self'; object-src 'none'
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
97 domains
api.myworkdiary.it
access-check.ca
www.access-check.ca
attestationrdt-attestdbi.be
www.attestationrdt-attestdbi.be
belgianfundreporting.be
www.belgianfundreporting.be
dev.eagledream.com
eagledream.com
www.eagledream.com
imperva.com
api.italiancfctool.it
italiancfctool.it
*.italiancfctool.it
myselfservice.gr
www.myselfservice.gr
partnerhub-webhooks-stg.partnertaxhub.com
partnerhub-webhooks.partnertaxhub.com
*.api.connectedriskengine.pwc.com
api.development.modeledge.pwc.com
api.portal.modeledge.pwc.com
api.qa.modeledge.pwc.com
clicknplay.lan.pwc.com
*.clicknplay.lan.pwc.com
connect-stage.pwc.com
*.dev.pwc.com
development.modeledge.pwc.com
digitalmaker-stg-ca.pwc.com
*.exceladdin-eu-sandbox.pwc.com
gstcheck-stg.pwc.com
*.hana-1.prod.ei.hosting.pwc.com
portal.modeledge.pwc.com
*.pwc.com
qa.modeledge.pwc.com
statelifecycletool.pwc.com
suntrust.gstcheck-stg.pwc.com
hrandpayrollservices001.pwc.kz
stg.taxpackagesupport.com
thenewequation.org
*.thenewequation.org
api-immigration-stage.vialto.com
api-immigration.vialto.com
aspire-chat-stage.vialto.com
aspire-smartsearch.vialto.com
aspire-stage.vialto.com
aspire.vialto.com
contingentwork-api.vialto.com
contingentwork.vialto.com
dev-myatlas-bo-api.vialto.com
dev-myatlas-fo-api.vialto.com
dev-myatlas.vialto.com
e42-prod.vialto.com
e42-test.vialto.com
forms.vialto.com
horizon-ch-stage.vialto.com
horizon-ch.vialto.com
immigration-stage.vialto.com
immigration.vialto.com
itm.vialto.com
m-files-athena.vialto.com
maintenance-stage.vialto.com
map-stg.vialto.com
mft4u.vialto.com
mobileapi-stage.vialto.com
mundo-stage.vialto.com
mundo.vialto.com
myaos-apis-dev.vialto.com
myaos-apis-stg.vialto.com
myaos-dev.vialto.com
myatlas-fo-api.vialto.com
*.mymobilityhq-dr.vialto.com
*.mymobilityhq-qa.vialto.com
*.mymobilityhq-stage.vialto.com
*.mymobilityhq.vialto.com
pegasus-stage-api.vialto.com
qa.stbt.vialto.com
qamytrips.vialto.com
remotework-stage.vialto.com
remotework.vialto.com
socialsecurity-dev.vialto.com
socialsecurity-stg.vialto.com
socialsecurity.vialto.com
spoten.vialto.com
ssta-backend.vialto.com
stage-backend-ssta.vialto.com
stg-myatlas-bo-api.vialto.com
stg-myatlas-fo-api.vialto.com
stgmytrips.vialto.com
taxplusweb.vialto.com
test-myatlas-bo-api.vialto.com
test-myatlas-fo-api.vialto.com
test-myatlas.vialto.com
testapp.vialto.com
uat-myatlas-bo-api.vialto.com
uat-myatlas-fo-api.vialto.com
uat-myatlas.vialto.com
*.vialto.com
Other domains in certificate