Open
Cached
·
just now
85/100
SECURITY SCORE
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4
Valid From
December 16, 2025
Valid Until
June 14, 2026
176 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DA:8C:E2:4E:76:59:E5:64:74:6D:2A:2A:67:FA:49:02:D9:41:8B:AD:8C:E2:67:F8:38:B6:FB:19:0E:B6:45:2A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Good
default-src; style-src; frame-src; +2 more
default-src 'self' data: blob: stg.essentials.transferpricing.pwc.com stg.identity.transferpricing.pwc.com stg.reportingsuite.transferpricing.pwc.com reportingsuite.transferpricing.pwc.com tpi.pwcinternal.com tpi-stg.pwcinternal.com login-stg.pwc.com login-stg.pwcinternal.com login.pwc.com dc.services.visualstudio.com; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-RPi6qkZFJreHgYBe3yjPOjai7ouMAknFLPlgUZFW0vE=' 'sha256-R3PuhrOQcvVsMiQURwTTFtp4yWhdKVPE9Kw5x4qP0kE=' 'sha256-KGlQ2/0pOli8Z/KZbjyw6TdwFCOHWwjaxUd6zX3E1rw=' 'sha256-BSQBnFbMcI3Va0Fvxp2n2DmSubVX7gCJP69gqxbKkBQ=' 'sha256-SmSNjobIkBILzA7MZxkWDc5rVR8DinCzhR6mmZmOI3A=' 'sha256-AxV899TmSOju5BFfShEKvPeyKuxmvTbc1sFp7a+gSHY=' 'sha256-95A+bHpuyItNVG+fsP+BqEFZfWHO11BlMHg8SEcYl24=' 'sha256-hWkC9Cxr16xod+LYvYTyTecvzy6g0R364S9MpfSkKHU=' 'sha256-/lXNXWRTvRx1QM5MfevNc0yGVnLxD92WQldG38oh04k=' 'sha256-KPnrTsVdmsQWUxtWmGcRrru87M28z10WMt5YLLX1xwM=' 'sha256-y4ApDNEI6jOxYk+NAdQikSG+IHkdMh5NUUI1N0hHp/4=' 'sha256-S6z1fdJ2CvMSHbhZ4E2KgkEViZh21TmOA5pwYCkcUNA=' 'sha256-StpIoD4mRLsd6l+dhtiqNTTxbEvBKcz/O1Y24o4ICAA=' 'sha256-Hs5JMzEGHFbAUrPORzBORYQjnzhBz0BCsrAA2HPfcZI=' 'sha256-hBwLf1G1zgqrIkALAGXPRY3dJfnDDcmKtcO4MI8hA6c=' 'sha256-kSHw3nRoLIj/Bgjc7vwSJFI80kkKsbZOFl04UpJoI6E=' 'sha256-0Hml6reBuNkD6WjZCAjDAmiynY1a38LqUGFMmMIDNcE=' 'sha256-YMfR1fzvNkwW8ldr9D9oniEBTN8bGOmSSoNODogR2zY=' 'sha256-HYSUN8YvoWcBzINkT9kVZOboNhq4kqp7qhV9O3mf3Ds=' 'sha256-WYhK35QvNjpRhrME89uGnqX1d5a+lbtJjuAXk/8e4os=' 'sha256-6HtrjxvE3U8hTG5BT+xLiiaoKhwSn4z3F0WwMPTW5c8=' 'sha256-v+nu3/1WVjFAtcEbVAuaQ/LM1f9aGq4/R1pMBmlrHR8=' 'sha256-iMuY56wGfdInxuLEkfHUb+W/aUS/luzNYmd9e5+BEaQ=' 'sha256-qdCRoZdyDtrkj8b+i8HKFvLX2G5Z2e6PT/qfpm06YoE=' 'sha256-powvk+SB13BxYIGLl6uFoOTpG7iJHg5L1HAYOh772U4=' 'sha256-HuqmzeLxIwJcnfrJ5QgNqUUISmrMnrBpadBGE5Wx+jo=' 'sha256-acxYi/gTs6YEIzBuLf2iNJfz5H8syIiZta/qihrUF5Q=' 'sha256-Js+lWW7pADP/ip/7tgibT+wJLbNsjhEGr+iSxkGk+Mc=' 'sha256-ue9MoYxX6rmuaoYAZd3JioK4rzU3oeqPY96c9es6+GE=' 'sha256-ohUqtquDg9y2GFv6uHd0N3+rBaFtTikax7mlqulHkGk=' 'sha256-UFVl3EWJUkDE2jVW+bg02ryz1WyGfdkIAeIvOait0jQ=' 'sha256-W+b4lHEpYmzvM2oZNUM0LSGI7b0whv5Mg+6E78jUDiw=' 'sha256-KgWNJOmn4Oi27ovtORhDtlPgC7kWZzbrwuMGZEk+ilM=' 'sha256-p7PVb3j3AnS4BsubP/WdqrEfKcRI+KnfUMy2Q9+TFmg=' 'sha256-0vUW22lLhmdUTT/dUOphlBuOYaHGQDH9tHs3De3H9R4=' 'sha256-nJGl58laEfLV/4xUbIE3zhrbXOX0DSO/TMlHvPIRQpQ=' 'sha256-fxmIdYwubRq5JGHrHduS6QHQU+IUdQjqLuwGiNi2+cg=' 'sha256-45T2C7l9Cu/wXSVCXfR0uCMbb5KEZCBPCXDZ3U9M9qg=' 'sha256-ol5bUqKE/nuA1mNRtDvMb4TZbq2/51SP+qERy0potqA=' 'sha256-bgVIOGTqaVAq4Ql/siNoGnt6HpldB5PoY+Kydi/CrmU=' 'sha256-xVUzgaU67H8iXYLftbqZlKkRieHq+L3wFoRjTh5ZMeU=' 'sha256-4l0q5Fi08/ZUlUwIBY6yYGfeV6c2EXi0wtnw7RuhXaA='; frame-src 'self' *.pwc.com *.pwcinternal.com; frame-ancestors 'self' *.pwc.com *.pwcinternal.com; report-uri /api/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
151 domains
*.pwc.com
*.apphub.pwc.com
*.assettelemetrystaging.pwc.com
*.ca.pwc.com
*.companydataportal.pwc.com
*.connect-qa.pwc.com
*.connect-stage.pwc.com
*.connect.pwc.com
*.cryptorewards.pwc.com
*.dynamictestingsox.pwc.com
*.ia.pwc.com
*.in.pwc.com
*.innovationcatalog.pwc.com
*.itxgbl.pwc.com
*.lan.pwc.com
*.mer.pwc.com
*.my.pwc.com
*.performplus.pwc.com
*.ph.pwc.com
*.pilot.pwc.com
*.products.pwc.com
*.proposal.pwc.com
*.stage.pwc.com
*.stg.pwc.com
*.taxsummaries-tp.pwc.com
*.test.pwc.com
*.transferpricing.pwc.com
apps.mymobilityhq-dr.pwc.com
apps.mymobilityhq-test.pwc.com
au-api.connect-stage.pwc.com
au.connect-stage.pwc.com
central.connect-stage.pwc.com
central.connect.pwc.com
che-api.connect-stage.pwc.com
che-api.connect.pwc.com
che.connect-stage.pwc.com
che.connect.pwc.com
east.connect-stage.pwc.com
east.connect.pwc.com
essentials.transferpricing.pwc.com
ghc.connect-stage.pwc.com
ghc.connect.pwc.com
ghe.connect-stage.pwc.com
ghe.connect.pwc.com
ghw.connect-stage.pwc.com
ghw.connect.pwc.com
learnerapi-3.learninglab.pwc.com
search.companydataportal.pwc.com
staging.cryptorewards.pwc.com
stg-learnerapi-3.learninglab.pwc.com
stg-tenantapi-3.learninglab.pwc.com
stg-uk.learninglab.pwc.com
tenantapi-3.learninglab.pwc.com
uk.learninglab.pwc.com
west-cloud.connect.pwc.com
west.connect-stage.pwc.com
west.connect.pwc.com
*.api.engagementhub.pwc.com
*.cdn.engagementhub.pwc.com
*.intg.ngc.pwc.com
*.leadyou.co.pwc.com
*.qa.connectedriskengine.pwc.com
*.riskinterceptor.jp.pwc.com
*.stage.nextgencloud.pwc.com
*.staging.my.pwc.com
*.stg.ngc.pwc.com
api.staging.cryptorewards.pwc.com
stg.essentials.transferpricing.pwc.com
stg.search.companydataportal.pwc.com
*.api.qa.connectedriskengine.pwc.com
*.test.edge.itx.pwc.com
*.web.qa.connectedriskengine.pwc.com
*.hana-avtr.prod.ei.hosting.pwc.com
*.001.ibrows.ch
*.einvoice.az.navigatetax.pwc.co.in
ms.einvoice.az.navigatetax.pwc.co.in
*.ms.einvoice.az.navigatetax.pwc.co.in
navigatetax.pwc.co.in
*.pwc.co.in
*.pwc.com.ph
*.pwc.com.uy
esbesopmarket.ie
www.esbesopmarket.ie
*.gestiongrip.com
ideationcenter.com
www.ideationcenter.com
imperva.com
independentroundupsettlementprogram.com
*.independentroundupsettlementprogram.com
lineaetica.pe
www.lineaetica.pe
pwc-spark.com
uat.pwc-spark.com
www.pwc-spark.com
*.pwc-tls.it
*.pwc.at
*.pwc.be
*.pwc.ch
*.uat.pwc.co.nz
*.dealstechnology.pwc.co.uk
*.dev.pwc.co.uk
*.internal.pwc.co.uk
*.pwc.co.uk
*.stage.ariasmbc.pwc.co.uk
*.stage.pwc.co.uk
*.stg.pwc.co.uk
api.datacapture.pwc.com.au
api.dev.datacapture.pwc.com.au
api.perspectives.pwc.com.au
*.api.pwc.com.au
api.sense-dev.pwc.com.au
*.cft.pwc.com.au
contacttracing.pwc.com.au
datacapture.pwc.com.au
*.datakit.pwc.com.au
*.dev.cft.pwc.com.au
dev.datacapture.pwc.com.au
int.datacapture.pwc.com.au
int.dev.datacapture.pwc.com.au
mobile.perspectives.pwc.com.au
mobile.sense-dev.pwc.com.au
perspectives-stg.pwc.com.au
perspectives.pwc.com.au
*.protect.pwc.com.au
pulse.pwc.com.au
*.pwc.com.au
sense-dev.pwc.com.au
*.integration-platform.apps.pwc.com.br
*.rotacaodefundos.pwc.com.br
*.integratededucation.pwc.in
pwc.in
*.pwc.in
*.stage.hycs.pwc.in
*.pwc.it
*.stage.hycs.pwc.it
*.pwc.mx
*.tax.pwc.mx
pwc.nl
*.pwc.nl
*.helpdesk.pwc.pl
*.hrportal.tts.pwc.pl
*.ssb01.tts.pwc.pl
*.digitalmaker.pwchk.com
pwchk.com
*.pwchk.com
*.pwcipower.com
regionalfutureofwork.com
www.regionalfutureofwork.com
stgesbesopmarket.ie
www.stgesbesopmarket.ie
*.talneta.nl
Other domains in certificate