SSL Certificate Analysis for bandieincentivi.digitalsuite.pwc-tls.it - Security Grade & TLS Configuration | DNS Gurus

Open Cached · just now

80/100 SECURITY SCORE

Certificate Information

Subject

CN=imperva.com

Issuer

C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3

Valid From

August 07, 2025

Valid Until

February 03, 2026 46 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

F1:12:F4:25:39:6F:97:0E:AF:34:15:25:B8:8F:44:80:9F:DE:74:F4:39:1A:27:B8:03:45:B1:B6:2F:C9:A8:EC

Alternative Names

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

151 domains

*.digitalsuite.pwc-tls.it *.bandieincentivi.digitalsuite.pwc-tls.it *.ds.digitalsuite.pwc-tls.it *.preprod3.digitalsuite.pwc-tls.it

Other domains in certificate

actsolution.net *.actsolution.net

agnesblustconsulting.ch *.agnesblustconsulting.ch

agnesblustconsulting.com *.agnesblustconsulting.com

cabreraandcompany.com *.cabreraandcompany.com

*.asp2.aw.navigatetax.pwc.co.in *.asp2.az.navigatetax.pwc.co.in *.aw.navigatetax.pwc.co.in *.az.navigatetax.pwc.co.in *.ms.einvoice.az.navigatetax.pwc.co.in *.navigatetax.pwc.co.in *.pp.einvoice.aw.navigatetax.pwc.co.in *.walmart.einvoice.az.navigatetax.pwc.co.in

*.pwcacademy.com.mt

*.pwc.com.tr

*.devcfs.com

*.ethicshelpcenter.com

*.etikmerkezi.com

imperva.com

*.mydisclosure.com

*.prudence-pwc.com

pwc-events.cz *.pwc-events.cz

*.pwc.at

*.mytaxlocator.pwc.be *.pwc.be

*.chat-dev.pwc.co.uk *.pwc.co.uk *.stage.pwc.co.uk

*.admin.legalregulatoryradar.pwc.com *.admin.proedge.pwc.com *.api.assessment.transparencyinsights.pwc.com *.api.intellectualproperty.tracking.pwc.com *.api.research.transparencyinsights.pwc.com *.assessment.transparencyinsights.pwc.com *.au.stg.edge.itx.pwc.com beacon.knowledge-stg.pwc.com *.bff.datacollection.transferpricing.pwc.com *.bigidlab.hosting.pwc.com *.bookkeepingconnect.pwc.com *.ca.pwc.com *.cft.pwc.com *.config.enterprisecontrol.pwc.com *.config.qa.enterprisecontrol.pwc.com *.connect-qa.pwc.com *.connect.pwc.com *.cryptorewards.pwc.com *.data.datahub.transferpricing.pwc.com *.datacollection.transferpricing.pwc.com *.datahub.transferpricing.pwc.com *.dev.asiapacific.pwc.com *.dev.cft.pwc.com *.dev.cryptorewards.pwc.com *.dev.pwc.com *.development.id.pwc.com *.development.kr.pwc.com *.development.sg.pwc.com *.development.th.pwc.com *.development.vn.pwc.com *.ec-analytics-xpmh.preview.pwc.com *.einvoicing.pl.pwc.com *.engagementcenter.pwc.com *.eu.indirecttaxedge.pwc.com *.exchange.proedge.pwc.com *.home.datahub.transferpricing.pwc.com *.ifrs17software.pwc.com *.insights.pwc.com *.intellectualproperty.tracking.pwc.com *.legalregulatoryradar.pwc.com *.mediaoutlook.pwc.com *.meerkat.hosting.pwc.com *.mx.pwc.com *.nga-stage.pwc.com *.perform.pwc.com *.performplus.pwc.com *.products.pwc.com *.proposal.pwc.com *.pwc.com *.py.pwc.com *.research.transparencyinsights.pwc.com *.rs.pwc.com *.saratoga.pwc.com *.share.proedge.pwc.com *.sk.pwc.com *.smartbudgetdr.pwc.com *.smartbusinessinsightsuite.pwc.com *.sre.proedge.pwc.com *.stage.apphub.pwc.com *.stage.proedge.pwc.com *.staging.pwc.com *.staging.sk.pwc.com *.stg65.pwc.com *.strategyand.pwc.com *.test.pwc.com *.th.pwc.com *.tracking.pwc.com *.transactionanalyser.transferpricing.pwc.com *.transferpricing.pwc.com *.transparencyinsights.pwc.com *.us.pwc.com *.view.datahub.transferpricing.pwc.com *.vn.pwc.com

*.cft.pwc.com.au *.dev.cft.pwc.com.au *.proximitybeacons.pwc.com.au *.pwc.com.au

*.apps.pwc.com.br

store.pwc.de transferpricingdatahub.staging.pwc.de

*.pwc.es

*.pwc.fr *.stage.hycs.pwc.fr

*.dev.pwc.ie *.equityrewardanalytics.pwc.ie *.pwc.ie *.staging.pwc.ie

*.complianceinsights.pwc.in *.investorsrelationshub.pwc.in *.pwc.in

*.tax.pwc.mx

*.demo.pwc.nl *.enhancedcloseprocedures.pwc.nl *.pwc.nl

pwc.pe *.pwc.pe *.rest-stg.pwc.pe

*.kmd.taxreliefvalidation.pwc.pl *.locationstrategy.test3.pwc.pl *.tts.pwc.pl

pwc.uy *.pwc.uy

*.pwcdigitallab.com

pwchk.com *.pwchk.com

strategyand.com *.strategyand.com

mobisvc-test.vialto.com *.mymobilityhq-dr.vialto.com *.mymobilityhq-qa.vialto.com *.mymobilityhq-stage.vialto.com *.mymobilityhq-test.vialto.com *.mymobilityhq.vialto.com taxplusweb.vialto.com *.vialto.com