SSL Certificate Analysis for connectedsolutions.pwc.com - Security Grade & TLS Configuration | DNS Gurus

Open Cached · just now

89/100 SECURITY SCORE

Certificate Information

Subject

CN=imperva.com

Issuer

C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3

Valid From

September 02, 2025

Valid Until

March 01, 2026 86 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A3:1A:2A:E2:44:DF:4A:5A:5F:48:4B:E0:70:B7:17:6B:BE:AF:B3:0D:3A:B8:8C:DA:34:40:A3:D3:AE:1E:15:08

Alternative Names

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000;include SubDomains

Content-Security-Policy

Basic

script-src; object-src

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

151 domains

*.pwc.com prudence-pwc.com *.prudence-pwc.com astro-demo.pwc.com cft-ca.pwc.com connect-aura.pwc.com connect-hotfix.pwc.com connect-qacurrent.pwc.com connectedsolutions.pwc.com datalink.pwc.com digitalmaker-ca.pwc.com gstcheck.pwc.com hq-qa.pwc.com mdm.pwc.com modeledge.pwc.com mymobilityhq-test2.pwc.com perform.pwc.com signalgraph.pwc.com statelifecycletool.pwc.com *.airtaxplatinum.pwc.com *.apphub.pwc.com *.at.pwc.com *.ca.pwc.com *.cashflowcoach.pwc.com *.cft-ca-stg.pwc.com *.cft-ca.pwc.com *.co.pwc.com *.connectedriskengine.pwc.com *.enterprisecontrol.pwc.com *.events.pwc.com *.exceladdin-us.pwc.com *.hosting.pwc.com *.ifrs17software.pwc.com *.ith.pwc.com *.lan.pwc.com *.mer.pwc.com *.ph.pwc.com *.phtaxcalendar.pwc.com *.prod.pwc.com *.products.pwc.com *.proedge.pwc.com *.smartbusinessinsightsuite.pwc.com *.transparencyinsights.pwc.com *.uk.pwc.com *.us.pwc.com *.viewpoint-stg.pwc.com *.viewpoint.pwc.com *.workforceorchestrator.pwc.com *.za.pwc.com api.modeledge.pwc.com apps.mymobilityhq-prod2.pwc.com apps.mymobilityhq-qa2.pwc.com apps.mymobilityhq.pwc.com author.hq-qa.pwc.com beta.taxsummaries.pwc.com bo.stgsuite.pwc.com cdn.digitalmaker-stg-ca.pwc.com eng1.cft-ca.pwc.com eng2.cft-ca.pwc.com entsearch.digitalmaker-stg-ca.pwc.com fortisbc.cft-ca.pwc.com gfl.cft-ca.pwc.com login.digitalmaker-stg-ca.pwc.com master.digitalmaker-stg-ca.pwc.com my.airtaxplatinum.pwc.com performance.modeledge.pwc.com qa.connectedsolutions.pwc.com registration-stage.autocontacttracing.pwc.com registration.autocontacttracing.pwc.com reviews.cft-ca.pwc.com staging.modeledge.pwc.com telus.cft-ca.pwc.com *.auth.api.pwc.com *.dev.insightsofficer.pwc.com *.growthcentre.proedge.pwc.com *.insights-tpt.vt.pwc.com *.learn.proedge.pwc.com *.ppecse-survey.ca.pwc.com *.proposalbank.jp.pwc.com *.qa.connectedriskengine.pwc.com *.rapidreads-api.ph.pwc.com *.stage.insightsofficer.pwc.com *.stage.proedge.pwc.com *.stageapps.lan.pwc.com *.staging.connectedriskengine.pwc.com *.test.insightsofficer.pwc.com *.test.projectslate.pwc.com *.tst.ngc.pwc.com *.web.connectedriskengine.pwc.com api.learn.proedge.pwc.com api.staging.modeledge.pwc.com hook-jx.learn.proedge.pwc.com kibana-jx.learn.proedge.pwc.com staging.intelligentbusinessanalytics.jp.pwc.com stg.search.companydataportal.pwc.com test.me.events.pwc.com vdi-api.learn.proedge.pwc.com *.api.staging.connectedriskengine.pwc.com *.api.taxdocumentrepository.ke.pwc.com *.east.tst.ngc.pwc.com *.jenkins.qa.pearl.pwc.com *.web.staging.connectedriskengine.pwc.com *.west.tst.ngc.pwc.com

Other domains in certificate

access-check.ca www.access-check.ca

pension.davispolk.com

*.devcfs.com *.stg.devcfs.com

*.esrtoolkit.com

*.gestiongrip.com

globalvatonline.com www.globalvatonline.com

imperva.com

italiancfctool.it *.italiancfctool.it

myworkdiary.it www.myworkdiary.it

partnertaxhub.com www.partnertaxhub.com

*.app.polpharmabiologics.com

*.bally.fe.digitalsuite.pwc-tls.it *.jimmychoo.fe.digitalsuite.pwc-tls.it *.sanlorenzo.fe.digitalsuite.pwc-tls.it *.snaitech.fe.digitalsuite.pwc-tls.it

*.pwc.be

*.stage.hycs.pwc.ch

*.pwc.cl

*.internal.pwc.co.uk *.pwc.co.uk

*.cft.pwc.com.au v1.pulse.pwc.com.au

*.apps.pwc.com.br

pwc.dk *.pwc.dk

*.pwc.in

api.findyourway.pwc.it *.evolicensing.pwc.it *.findyourway.pwc.it *.pwc.it

*.pwc.lu

*.tax.pwc.mx

*.internal.pwc.my

*.pwc.nl

*.clientconnector.pwc.pl *.mcc.tts.pwc.pl

*.cfoinsight.pwc.tw *.cloudcounselsolutions.pwc.tw

taxpackagesupport.com www.taxpackagesupport.com

thenewequation.org *.thenewequation.org