SSL Certificate Analysis for esgrealestatetool.de.pwc.com - Security Grade & TLS Configuration | DNS Gurus

Open Cached · just now

89/100 SECURITY SCORE

Certificate Information

Subject

CN=imperva.com

Issuer

C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4

Valid From

November 20, 2025

Valid Until

May 19, 2026 157 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D4:F0:F4:9A:33:25:0D:68:26:74:46:B7:FB:60:21:54:C1:16:86:CA:CF:FD:E3:90:AE:1C:A7:3B:4B:DC:5F:32

Alternative Names

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer

Permissions-Policy

Missing

Not configured

Recommendations

• Add Content-Security-Policy header to prevent XSS attacks
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

151 domains

*.pwc.com *.0.pwc.com *.apac.pwc.com *.au.pwc.com *.automateddocumentredaction.pwc.com *.aws.pwc.com *.businesscentral.pwc.com *.ca.pwc.com *.datakit.pwc.com *.dev-equityrewardanalytics.pwc.com *.dev.pwc.com *.emea.pwc.com *.ensemble-dev.pwc.com *.enterprisecontrol.pwc.com *.equityrewardanalytics.pwc.com *.gcdm-dev.pwc.com *.hu.pwc.com *.ifrs17software.pwc.com *.in.pwc.com *.indirecttaxedge.pwc.com *.innovationcatalog.pwc.com *.innovationnexus-stg.pwc.com *.insights.pwc.com *.mer.pwc.com *.ngc.pwc.com *.pensionview.pwc.com *.perf.pwc.com *.performplus.pwc.com *.ph.pwc.com *.prismapps-dev.pwc.com *.sa.pwc.com *.servicedirect.pwc.com *.stage-equityrewardanalytics.pwc.com *.staging.pwc.com *.stg-worksmartly.pwc.com *.support.pwc.com *.techno.pwc.com *.test-equityrewardanalytics.pwc.com *.test.pwc.com *.uat-equityrewardanalytics.pwc.com *.uk.pwc.com *.worksmartly.pwc.com esgrealestatetool.de.pwc.com *.api.in.pwc.com *.apijob.in.pwc.com *.authapi.uk.pwc.com *.blob.sightline.pwc.com *.clientapi.uk.pwc.com *.continuousanalytics.za.pwc.com *.cyberconcierge.jp.pwc.com *.digitaltraceability.jp.pwc.com *.east.ngc.pwc.com *.einvoicing.pl.pwc.com *.growthcentre-dev.proedge.pwc.com *.insights.stage.pwc.com *.ksa.businesscentral.pwc.com *.lite.east.pwc.com *.lite.west.pwc.com *.prod-adm.proedge.pwc.com *.prod.proedge.pwc.com *.realtimedebtmanagement.hu.pwc.com *.stage.bookkeepingconnect.pwc.com *.staging.ie.pwc.com *.staticapi.uk.pwc.com *.surveyapi.uk.pwc.com *.uat.pensionview.pwc.com *.west.ngc.pwc.com *.admin.cyberconcierge.jp.pwc.com *.api.in.test.pwc.com *.demo3.digitaltraceability.jp.pwc.com *.engine.calculator.ca.pwc.com *.engine.reports.ca.pwc.com *.labassistance.sport.jp.pwc.com *.peopleconnect.service.mer.pwc.com *.productivitysuite.authapi.uk.pwc.com *.productivitysuite.clientapi.uk.pwc.com *.productivitysuite.staticapi.uk.pwc.com *.productivitysuite.surveyapi.uk.pwc.com *.us.stg.reports.transferpricing.pwc.com

Other domains in certificate

benchmarkmbo.nl *.benchmarkmbo.nl

cardiffinnovationinvestment.com *.cardiffinnovationinvestment.com

pwclegal.com.cy *.pwclegal.com.cy

*.pwc.com.tr

*.abc.devcfs.com

*.ibrows.ch

imperva.com

lineadedenuncias.com *.lineadedenuncias.com

*.pensionlive.com

*.propertymalta.org

*.ds.digitalsuite.pwc-tls.it

*.pwc.at *.remoteworkassistant.pwc.at

*.pwc.be

*.pwc.ch *.staging.pwc.ch

*.pwc.co.nz

*.activityanalyser.pwc.co.uk *.assessmenthub.pwc.co.uk *.ccep.productemissionsforecaster.pwc.co.uk *.datathread.pwc.co.uk *.dealstechnology.pwc.co.uk *.employeeclaimsportal.pwc.co.uk *.pwc.co.uk *.stage.pwc.co.uk

*.datamodelling.pwc.com.au *.pwc.com.au

*.stg.apps.pwc.com.br *.voting-stg.apps.pwc.com.br

agate-ccpcloud-stage.pwc.de agate-ccpcloud.pwc.de ccpcloud.pwc.de closedgenaichat.stg.pwc.de gba.codemelter.pwc.de metus.sandbox.pwc.de

*.accessrisks.pwc.fi *.api.insights.accessrisks.pwc.fi *.insights.accessrisks.pwc.fi *.pwc.fi

*.pwc.fr

*.pwc.ie *.stage-equityrewardanalytics.pwc.ie *.test-equityrewardanalytics.pwc.ie

*.complianceinsights.pwc.in *.integratededucation.pwc.in *.prod.pwc.in *.pwc.in *.stg.integratededucation.pwc.in

*.pwc.it

*.automatedriskinsights.pwc.nl *.pwc.nl

*.pwc.pe

*.calendar.pwc.pl *.esgattitude.stage.pwc.pl *.hrportal.tts.pwc.pl *.hrtoolkit17.pwc.pl *.odoo.azerbaijan.pwc.pl *.payroll.calendar.pwc.pl *.pwc.pl

*.pwc.tw

pwccharitablefoundation.org *.pwccharitablefoundation.org

reviewofstatutoryaccounts.be *.reviewofstatutoryaccounts.be

linkakademie-dc-central-test.stromnetzdc.com *.stromnetzdc.com

*.talnet.nl

*.terraininsights.net