Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4
Valid From
December 17, 2025
Valid Until
June 15, 2026
173 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FD:79:29:1F:DD:01:2C:0C:9B:33:5E:DC:25:32:BC:E0:BB:9A:BF:26:7B:08:EC:F0:76:87:4A:B3:28:20:1A:C2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Good
default-src; connect-src; base-uri; +12 more
default-src 'self' *.piwik.pro *.hotjar.com *.sendinblue.com sibautomation.com wss://ws8.hotjar.com wss://ws12.hotjar.com bid.g.doubleclick.net ipmeta.io *.datocms.com vc.hotjar.io store.pwc.de store.pwc.nl pwc.nl firebaseinstallations.googleapis.com cdn.cookielaw.org stats.g.doubleclick.net www.google-analytics.com *.google-analytics.com in-automate.sendinblue.com k.clarity.ms store.stage.pwc.de cdn.linkedin.oribi.io wss://ws.hotjar.com content.hotjar.io *.clarity.ms r.clarity.ms in-automate.brevo.com *.onetrust.com dpm.demdex.net assets.adobedtm.com plausible.io *.office.com app.getodin.ai cdn.getodin.ai cloud.email.pwc.com;connect-src 'self' https: https://px.ads.linkedin.com https://metrics.hotjar.io wss://ws.hotjar.com https://app.getodin.ai https://cdn.getodin.ai;base-uri 'self';script-src-attr 'nonce-d182f134-1ae1-45a6-a330-bcd0db873c4a' 'self' 'strict-dynamic' https: assets.adobedtm.com;script-src 'nonce-d182f134-1ae1-45a6-a330-bcd0db873c4a' 'self' 'strict-dynamic' https: https://*.piwik.pro https://googleads.g.doubleclick.net https://ipmeta.io/plugin.js https://www.googleadservices.com https://geolocation.onetrust.com https://ajax.googleapis.com https://snap.licdn.com https://*.en25.com/i/livevalidation_standalone.compressed.js https://cdn.cookielaw.org https://connect.facebook.net https://www.gstatic.com https://500009425.collect.igodigital.com/collect.js https://static.hotjar.com https://www.google-analytics.com *.google-analytics.com https://script.hotjar.com https://www.googletagmanager.com https://store.pwc.de/_Incapsula_Resource https://store.stage.pwc.de/_Incapsula_Resource https://www.youtube.com https://sibautomation.com https://www.clarity.ms https://sc.lfeeder.com https://in-automate.brevo.com https://r.clarity.ms https://cdn.linkedin.oribi.io https://assets.adobedtm.com https://plausible.io/js/plausible.js https://www.office.com https://app.getodin.ai https://cdn.getodin.ai;script-src-elem 'strict-dynamic' 'nonce-d182f134-1ae1-45a6-a330-bcd0db873c4a' 'self' https://*.piwik.pro static.hotjar.com https://sibautomation.com https://snap.licdn.com https://sc.lfeeder.com https://www.clarity.ms https://in-automate.brevo.com https://r.clarity.ms https://script.hotjar.com https://cdn.linkedin.oribi.io https://www.googletagmanager.com https://cdn.cookielaw.org https://bat.bing.com https://assets.adobedtm.com https://plausible.io https://*.office.com https://app.getodin.ai https://cdn.getodin.ai;style-src 'self' 'unsafe-inline' https:;media-src 'self' streaming.pwc.de https:;font-src 'self' https: data:;img-src 'self' https: www.datocms-assets.com *.piwik.pro www.google.com www.google.ch www.google.fr www.google.de www.google.pl px.ads.linkedin.com streaming.pwc.de www.pwc.com www.facebook.com googleads.g.doubleclick.net www.googletagmanager.com www.google-analytics.com *.google-analytics.com tr-rc.lfeeder.com data: *.office.com app.getodin.ai cdn.getodin.ai pwc.nl store.pwc.nl cloud.email.pwc.com;frame-src 'self' https://js.stripe.com https://cloud.uk.info.pwc.com https://marvelapp.com https://www.facebook.com https://10000792.fls.doubleclick.net https://www.youtube.com https://www.google.com https://www.youtube-nocookie.com https://www.googletagmanager.com https://vars.hotjar.com https://sibautomation.com https://app.powerbi.com https://docs.google.com https://td.doubleclick.net https://pwcglsc.demdex.net https://*.office.com https://app.getodin.ai https://cdn.getodin.ai https://cloud.email.pwc.com;frame-ancestors 'self' https: https://app.emlen.io https://discover.store.pwc.de/ https://*.office.com https://app.getodin.ai https://cdn.getodin.ai https://cloud.email.pwc.com;form-action 'self';object-src 'none';upgrade-insecure-requests
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
151 domains
*.pwc.nl
store.pwc.nl
*.interactiveriskmanagement.pwc.nl
*.1851.pwc.com
*.bvsas.sk
caresummit.nl
*.caresummit.nl
*.aw.navigatetax.pwc.co.in
*.cia.az.navigatetax.pwc.co.in
*.uat.cia.az.navigatetax.pwc.co.in
*.compliance.1851.pwc.com
*.gq324e.ctd-poc.com
*.devcfs.com
*.prd.devcfs.com
*.preprod.devcfs.com
*.easydita.com
*.heromotocorp.biz
imperva.com
*.pwc.or.ke
transparency-reporting-portal-qa.pfizer.com
transparency-reporting-portal-stg.pfizer.com
*.pwc-tls.it
*.fundinginsights.pwc.at
*.pwc.at
staging.knowledgesourceexplorer.pwc.at
*.pwc.be
*.stage.pwc.be
*.transformationdelivery.pwc.co.nz
*.api.stg.pwc.co.uk
*.dealstechnology.pwc.co.uk
*.dev.pwc.co.uk
*.internal.pwc.co.uk
*.pwc.co.uk
*.stage.assessmenthub.pwc.co.uk
*.uat2-equityrewardanalytics.pwc.co.uk
*.pwc.co.za
*.aiavatar.innovationcatalog.pwc.com
*.alpha-perf.pwc.com
*.alternative.co.pwc.com
*.api.insightsengine.transparencyinsights.pwc.com
*.assembly.pwc.com
*.auto-qa.pwc.com
*.backend.mer.pwc.com
*.blob.sightline.pwc.com
*.ca.pwc.com
*.confirmation.in.pwc.com
*.connectedsolutions.pwc.com
*.customerhub.pwc.com
*.cyberconcierge.jp.pwc.com
*.dev.pwc.com
*.east.int.ngc.pwc.com
*.east.intg.ngc.pwc.com
*.east.ngc.pwc.com
*.east.perf.ngc.pwc.com
*.east.stg-validation.pwc.com
*.east.stg.ngc.pwc.com
*.east.stg.pwc.com
*.east.tst.ngc.pwc.com
*.employeeclaimsportal.pwc.com
*.erie.innovationcatalog.pwc.com
*.eu.indirecttaxedge.pwc.com
*.eu.stg.indirecttaxedge.pwc.com
*.expro.mer.pwc.com
*.globalpayrollplatform.ksa.pwc.com
identity.virtualspaces.pwc.com
*.in.pwc.com
*.info.pwc.com
*.insights.pwc.com
*.insightsengine.transparencyinsights.pwc.com
*.insurancefraud.pwc.com
*.int.ngc.pwc.com
*.intg.ngc.pwc.com
*.jp.pwc.com
*.ksa.taxautomate.pwc.com
*.lower-pwclabs.pwc.com
*.ngc.pwc.com
*.onlinepayrollreports.ph.pwc.com
*.peopleconnect.admin.mer.pwc.com
*.perf.ngc.pwc.com
*.performplus.pwc.com
*.projectlifecycleadmin.jp.pwc.com
*.pwc.com
*.reports.transferpricing.pwc.com
*.riskdetect.insurancefraud.pwc.com
*.sg.pwc.com
*.stage.pwc.com
*.staging.pwc.com
*.statelifecycletool.pwc.com
*.stg-validation.pwc.com
*.stg.ngc.pwc.com
*.stg.pwc.com
*.stg.py.pwc.com
*.transparencyinsights.pwc.com
*.tst.ngc.pwc.com
*.uat2-equityrewardanalytics.pwc.com
*.west.intg.ngc.pwc.com
*.west.ngc.pwc.com
*.west.perf.ngc.pwc.com
*.west.stg.ngc.pwc.com
*.west.tst.ngc.pwc.com
*.za.datamodellingplatform.africa.pwc.com
*.za.pwc.com
pwc.com.ar
*.pwc.com.ar
*.pwc.com.au
*.apps.pwc.com.br
*.quickassign.stg.apps.pwc.com.br
*.voting.apps.pwc.com.br
backend.knowledgeintegrationassistant.pwc.de
funding-program-management.pwc.de
lucanet.pwc.de
pwc.ee
*.pwc.ee
*.pwc.es
*.pwc.fi
*.staging.pwc.fi
*.r-assessment.pwc.fr
*.pwc.ie
*.uat2-equityrewardanalytics.pwc.ie
*.pwc.in
*.docsweb.pwc.it
*.pwc.it
*.pwc.kr
*.pwc.my
*.taxestimatestracker.pwc.my
*.admin-dev.pwc.pe
*.admin.pwc.pe
*.pwcinternal.pwc.pe
*.de.hrtoolkit.pwc.pl
*.enova365.tts.pwc.pl
*.hrportal.tts.pwc.pl
*.hrtoolkit.pwc.pl
*.piapl.tts.pwc.pl
*.pwc.pl
*.ssb02.tts.pwc.pl
*.taxolite.pwc.pl
*.tts.pwc.pl
*.pwc.pt
*.stage.pwc.se
*.pwc.tw
*.dev.pwcinternal.co.uk
*.hybridworkingdeclaration.dev.pwcinternal.co.uk
*.hybridworkingdeclaration.pwcinternal.co.uk
*.hybridworkingdeclaration.stage.pwcinternal.co.uk
*.stage.pwcinternal.co.uk
pwclegalservices.ee
*.pwclegalservices.ee
*.samil.com
*.terraininsights.net
theessentialadvantage.com
*.theessentialadvantage.com
Other domains in certificate