Open
Cached
·
just now
83/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2026 Q1
Valid From
March 29, 2026
Valid Until
June 27, 2026
48 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
46:D4:A6:46:D0:BD:F7:07:E4:E0:81:77:40:EA:62:25:AB:BF:7C:33:7F:9B:72:FD:E3:3B:EA:71:63:37:C9:9A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
148 domains
api-preview.rbcpayplan.com
api.rbcpayplan.com
connect-preview.rbcpayplan.com
connect.rbcpayplan.com
integrations-preview.rbcpayplan.com
integrations.rbcpayplan.com
members-preview.rbcpayplan.com
members.rbcpayplan.com
shopify-preview.rbcpayplan.com
shopify.rbcpayplan.com
brand-api-az.adcsep.com
brand-sdk-az.adcsep.com
brands-az.adcsep.com
apiuat.alldata.net
axes.alldata.net
axes2.alldata.net
entapi-sit.alldata.net
entapi-uat.alldata.net
entapi.alldata.net
retailuat.alldata.net
cer.alliancedata.com
internalanalytics-sit.alliancedata.com
internalanalytics-uat.alliancedata.com
internalanalytics.alliancedata.com
partneranalytics-nonprd.alliancedata.com
partneranalytics.alliancedata.com
www.alliancedata.com
alliancedatacardservices.com
www.alliancedatacardservices.com
breadfinancial.com
*.breadfinancial.com
breadmobileapp.breadfinancial.com
cbc.breadfinancial.com
dev-breadmobileapp.breadfinancial.com
dev.breadfinancial.com
frictionlesssit.breadfinancial.com
frictionlessuat.breadfinancial.com
partneranalytics-dev.breadfinancial.com
partneranalytics-nonprd.breadfinancial.com
partneranalytics-preprd.breadfinancial.com
partneranalytics-preprod.breadfinancial.com
partneranalytics-temp.breadfinancial.com
partneranalytics.breadfinancial.com
payments-dev.breadfinancial.com
payments-stg.breadfinancial.com
payments.breadfinancial.com
preview-breadmobileapp.breadfinancial.com
preview.breadfinancial.com
qa-breadmobileapp.breadfinancial.com
qa.breadfinancial.com
uat-breadmobileapp.breadfinancial.com
uat.breadfinancial.com
www.breadfinancial.com
*.breadfinancial.net
cer.breadfinancial.net
internalanalytics-preprod.breadfinancial.net
internalanalytics-sit.breadfinancial.net
internalanalytics-uat.breadfinancial.net
leadercenter.breadfinancial.net
noname-cus.breadfinancial.net
noname-eus2.breadfinancial.net
nonamedev.breadfinancial.net
nonamenonprd.breadfinancial.net
api-dev.platform.breadpayments.com
api-preview.platform.breadpayments.com
api-qa.platform.breadpayments.com
api-sandbox.platform.breadpayments.com
api.platform.breadpayments.com
breadloan-preview.platform.breadpayments.com
breadloan.breadpayments.com
breadpayments.com
*.breadpayments.com
checkout-qa.breadpayments.com
connect-preview.breadpayments.com
connect-preview.rbc.breadpayments.com
connect.breadpayments.com
integrations-dev.platform.breadpayments.com
integrations-preview.platform.breadpayments.com
integrations-qa.platform.breadpayments.com
integrations.platform.breadpayments.com
members-dev.platform.breadpayments.com
members-preview.platform.breadpayments.com
members-preview.rbc.breadpayments.com
members-qa.platform.breadpayments.com
members-sandbox.platform.breadpayments.com
merchants-dev.platform.breadpayments.com
merchants-loadtest.platform.breadpayments.com
merchants-preview.platform.breadpayments.com
merchants-preview.rbc.breadpayments.com
merchants-qa.platform.breadpayments.com
merchants-sandbox.platform.breadpayments.com
merchants.platform.breadpayments.com
merchants.rbc.breadpayments.com
storefront.platform.breadpayments.com
www-dev.breadpayments.com
www-stg.breadpayments.com
www.breadpayments.com
comenity.com
www.comenity.com
ac-content.comenity.net
acquire1.comenity.net
acquire1sit.comenity.net
acquire1stage.comenity.net
acquire1uat.comenity.net
c.comenity.net
cgw.comenity.net
cgwuat.comenity.net
*.comenity.net
csit.comenity.net
cuat.comenity.net
d.comenity.net
dev-ac-content.comenity.net
dev-eds-content.comenity.net
dev-welcome.comenity.net
duat.comenity.net
eds-content.comenity.net
mlsconfig.comenity.net
mlsconfigstage.comenity.net
mlsconfiguat.comenity.net
preview-ac-content.comenity.net
preview-eds-content.comenity.net
preview-welcome.comenity.net
qa-welcome.comenity.net
uat-ac-content.comenity.net
uat-eds-content.comenity.net
uat-welcome.comenity.net
uat.comenity.net
vs-sso.comenity.net
welcome.comenity.net
whiplash.comenity.net
comenitybusinesscenter.com
uat.comenitybusinesscenter.com
www.comenitybusinesscenter.com
imperva.com
brand-api-staging.kmsmep.com
brand-api.kmsmep.com
brand-sdk-staging.kmsmep.com
brand-sdk.kmsmep.com
brands-staging.kmsmep.com
brands.kmsmep.com
knowmoresellmore.com
www.knowmoresellmore.com
dev.nflextrapoints.com
nflextrapoints.com
preview.nflextrapoints.com
qa.nflextrapoints.com
uat.nflextrapoints.com
www.nflextrapoints.com
Other domains in certificate