Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4
Valid From
November 20, 2025
Valid Until
May 19, 2026
165 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7D:1B:5C:CE:91:D9:1B:4D:77:6F:9C:90:D8:FC:62:D7:F8:74:B9:90:0A:4B:50:7A:70:90:B6:44:03:C0:4C:22
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Strong
default-src; script-src; style-src; +8 more
default-src 'self' https://*.sharepoint.com:* https://*.microsoft.com:* https://amcdn.msftauth.net https://*.live.com https://*.pwc.com https://*.pwcinternal.com https://*.azurewebsites.net host.api.internal:* localhost:*;script-src 'self' https://*.sharepoint.com:* https://*.microsoft.com:* https://amcdn.msftauth.net https://*.live.com https://*.pwc.com https://*.pwcinternal.com https://*.azurewebsites.net host.api.internal:* localhost:* https://cdn.cookielaw.org https://*.onetrust.com 'nonce-RnC2xIfsizodKgC5KKykPvCrkODNBLAoNnfXQh7XdjyO5waiSiyH6BpJjApubZbgf6i/16nS+Lb/m5h4ySuXU04xGH4Sqmo5sbdQMJmsPc5iWT6Gw0lVQ+OBq+v6WkoSOdWE9L0hp0DdZWgC95vBfM+NqVQbRvGaUh9chxFeHyE=' 'strict-dynamic';style-src 'self' https://*.sharepoint.com:* https://*.microsoft.com:* https://amcdn.msftauth.net https://*.live.com https://*.pwc.com https://*.pwcinternal.com https://*.azurewebsites.net host.api.internal:* localhost:* https://cdn.cookielaw.org https://*.onetrust.com 'nonce-RnC2xIfsizodKgC5KKykPvCrkODNBLAoNnfXQh7XdjyO5waiSiyH6BpJjApubZbgf6i/16nS+Lb/m5h4ySuXU04xGH4Sqmo5sbdQMJmsPc5iWT6Gw0lVQ+OBq+v6WkoSOdWE9L0hp0DdZWgC95vBfM+NqVQbRvGaUh9chxFeHyE=';form-action 'self' https://*.pwc.com https://*.pwcinternal.com https://*.azurewebsites.net host.api.internal:* localhost:* https://*.sharepoint.com:* https://*.microsoft.com:* https://amcdn.msftauth.net https://*.live.com https://cdn.cookielaw.org https://*.onetrust.com;font-src 'self' https://*.pwc.com https://*.pwcinternal.com https://*.azurewebsites.net host.api.internal:* localhost:* https://*.sharepoint.com:* https://*.microsoft.com:* https://amcdn.msftauth.net https://*.live.com https://cdn.cookielaw.org https://*.onetrust.com https://fonts.gstatic.com;img-src 'self' https://cdn.cookielaw.org https://*.onetrust.com data:;connect-src 'self' wss://*.pwc.com:* https://*.pwc.com https://*.pwcinternal.com wss://*.azurewebsites.net:* https://*.azurewebsites.net https://*.live.com https://dc.services.visualstudio.com ws://host.api.internal:* host.api.internal:* localhost:* https://cdn.cookielaw.org https://*.onetrust.com wss://*.signalr.net:* https://*.signalr.net:*;frame-src 'self' https://*.sharepoint.com:* https://*.microsoft.com:* https://amcdn.msftauth.net https://*.live.com https://*.pwc.com https://*.pwcinternal.com https://*.azurewebsites.net host.api.internal:* localhost:*;frame-ancestors 'self' https://*.sharepoint.com:* https://*.microsoft.com:* https://amcdn.msftauth.net https://*.live.com https://*.pwc.com https://*.pwcinternal.com https://*.azurewebsites.net host.api.internal:* localhost:* https://cdn.cookielaw.org https://*.onetrust.com;base-uri 'self';treat-as-public-address
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
151 domains
*.pwc.com
*.1940.pwc.com
*.analyticsfoundation.pwc.com
*.ca.pwc.com
*.creativeops.pwc.com
*.dms.pwc.com
*.enterprisecontrol.pwc.com
*.ext.pwc.com
*.hk.pwc.com
*.ifrs17software.pwc.com
*.innovationnexus-stg.pwc.com
*.knowledge-central-stg.pwc.com
*.knowledge.pwc.com
*.kz.pwc.com
*.leaderinsights.pwc.com
*.me.pwc.com
*.nga.pwc.com
*.ngc.pwc.com
*.performplus.pwc.com
*.presen.pwc.com
*.prespl.pwc.com
*.products.pwc.com
*.projectperspectives-dev.pwc.com
*.projectperspectives-stg.pwc.com
*.projectperspectives.pwc.com
*.proposal.pwc.com
*.ro.pwc.com
*.stage-sonar-wst.pwc.com
*.uat.pwc.com
*.workforcesolutions.pwc.com
*.za.pwc.com
*.api.proedge.pwc.com
*.blob.sightline.pwc.com
*.compliance.presen.pwc.com
*.compliance.prespl.pwc.com
*.datamodellingplatform.africa.pwc.com
*.ec-mfiles.jp.pwc.com
*.npsre.proedge.pwc.com
*.npsrehor.proedge.pwc.com
*.prv.proedge.pwc.com
*.rc.products.pwc.com
*.rcstage.products.pwc.com
*.sandbox-adm.proedge.pwc.com
*.sandbox.proedge.pwc.com
*.stg.proedge.pwc.com
*.uat.pensionview.pwc.com
*.dev.reports.transferpricing.pwc.com
*.eu.datamodellingplatform.africa.pwc.com
*.stg.reports.transferpricing.pwc.com
*.demo.webapi.digitaltraceability.jp.pwc.com
*.us.dev.reports.transferpricing.pwc.com
*.us.stg.reports.transferpricing.pwc.com
*.word.reportingsuite.transferpricing.dev365.pwc.com
001.shareholderhub.pwc.de
cabreraandcompany.com
*.cabreraandcompany.com
*.aws.navigatetax.pwc.co.in
*.dev.einvoice.aw.navigatetax.pwc.co.in
*.gbi-aws.pwc.co.in
*.gsp.gbi-aws.pwc.co.in
*.gq324e.ctd-poc.com
*.grant-manager.com
grantmanager.ca
*.grantmanager.ca
*.illuminate-data.org.uk
imperva.com
*.outcome-plus.com
*.pwc-linkia.com
*.digitalsuite.pwc-tls.it
*.pwc.at
*.pwc.be
*.businesslogicplatform.pwc.ch
*.chat-dev.pwc.co.uk
*.clientidentificationportal.dev.pwc.co.uk
*.datathread.pwc.co.uk
*.devtaxclarity.pwc.co.uk
*.internal.pwc.co.uk
*.pwc.co.uk
*.questionnairecloud.pwc.co.uk
*.solutionhubtelephony.internal.pwc.co.uk
*.stage.ariasmbc.pwc.co.uk
*.dev.documentanalysis.pwc.com.au
*.documentanalysis.pwc.com.au
*.notify.pwc.com.au
pwc.com.au
*.pwc.com.au
*.partnersaffairs-stg.apps.pwc.com.br
api.auditreportreader.pwc.de
api.auditreportreaderstage.pwc.de
app.auditreportreader.pwc.de
app.auditreportreaderstage.pwc.de
apps-ccp-stage.pwc.de
apps-ccp-stage1.pwc.de
apps-ccp.pwc.de
auditreportreader.pwc.de
auditreportreaderstage.pwc.de
ccp-reports.pwc.de
ccp-stage-reports.pwc.de
ccp-stage.pwc.de
ccp-stage1.pwc.de
ccp.pwc.de
digitallyenabledreporting-stage.pwc.de
enforcementassistant.pwc.de
gds-stage.pwc.de
gds.pwc.de
legalentityhub.pwc.de
*.legalentityhub.pwc.de
legalentityhubstage.pwc.de
*.legalentityhubstage.pwc.de
office-ccp.pwc.de
pathwaystoparistransformationtool.pwc.de
peergroupinsights.pwc.de
propertytaxapp.pwc.de
pruefbehoerde-dev.pwc.de
pruefbehoerde.pwc.de
*.pwc.de
smartidverification.pwc.de
sts.ccp-stage.pwc.de
sts.ccp.pwc.de
swb.pwc.de
tas-api-stage.pwc.de
tas-stage.pwc.de
*.pwc.dk
*.pwc.es
*.pwc.eu
*.buildinginfo.pwc.fi
*.pwc.fi
*.staging.pwc.fi
*.pwc.fr
*.climateassessment.pwc.in
*.complianceinsights.pwc.in
*.pwc.in
*.vendorandproductevaluationtool.pwc.in
*.digitaldocumentplatform.pwc.it
*.pwc.it
*.pwc.kz
*.stage.pwc.kz
*.demo.pwc.nl
*.interactiveriskmanagement.pwc.nl
*.azerbaijan.hrtoolkit.pwc.pl
*.dev.pwc.pl
*.geh.hrtoolkit.pwc.pl
*.hrtoolkit.pwc.pl
*.pwc.pl
*.taxolite.pwc.pl
*.taxreliefvalidation.pwc.pl
*.tts.pwc.pl
*.pwc.se
*.pwcfts.com
*.pwcmalta.com
*.terraininsights.net
Other domains in certificate