Open
Cached
·
just now
88/100
SECURITY SCORE
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4
Valid From
November 20, 2025
Valid Until
May 19, 2026
167 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7D:1B:5C:CE:91:D9:1B:4D:77:6F:9C:90:D8:FC:62:D7:F8:74:B9:90:0A:4B:50:7A:70:90:B6:44:03:C0:4C:22
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=2592000
Content-Security-Policy
Good
default-src; form-action; frame-ancestors; +5 more
default-src 'self';form-action 'self';frame-ancestors 'self';frame-src 'self' https://app.powerbi.com/;img-src 'self';object-src 'none';script-src 'self';style-src 'self' 'unsafe-inline';
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
151 domains
*.pwc.com
*.1940.pwc.com
*.analyticsfoundation.pwc.com
*.ca.pwc.com
*.creativeops.pwc.com
*.dms.pwc.com
*.enterprisecontrol.pwc.com
*.ext.pwc.com
*.hk.pwc.com
*.ifrs17software.pwc.com
*.innovationnexus-stg.pwc.com
*.knowledge-central-stg.pwc.com
*.knowledge.pwc.com
*.kz.pwc.com
*.leaderinsights.pwc.com
*.me.pwc.com
*.nga.pwc.com
*.ngc.pwc.com
*.performplus.pwc.com
*.presen.pwc.com
*.prespl.pwc.com
*.products.pwc.com
*.projectperspectives-dev.pwc.com
*.projectperspectives-stg.pwc.com
*.projectperspectives.pwc.com
*.proposal.pwc.com
*.ro.pwc.com
*.stage-sonar-wst.pwc.com
*.uat.pwc.com
*.workforcesolutions.pwc.com
*.za.pwc.com
*.api.proedge.pwc.com
*.blob.sightline.pwc.com
*.compliance.presen.pwc.com
*.compliance.prespl.pwc.com
*.datamodellingplatform.africa.pwc.com
*.ec-mfiles.jp.pwc.com
*.npsre.proedge.pwc.com
*.npsrehor.proedge.pwc.com
*.prv.proedge.pwc.com
*.rc.products.pwc.com
*.rcstage.products.pwc.com
*.sandbox-adm.proedge.pwc.com
*.sandbox.proedge.pwc.com
*.stg.proedge.pwc.com
*.uat.pensionview.pwc.com
*.dev.reports.transferpricing.pwc.com
*.eu.datamodellingplatform.africa.pwc.com
*.stg.reports.transferpricing.pwc.com
*.demo.webapi.digitaltraceability.jp.pwc.com
*.us.dev.reports.transferpricing.pwc.com
*.us.stg.reports.transferpricing.pwc.com
*.word.reportingsuite.transferpricing.dev365.pwc.com
001.shareholderhub.pwc.de
cabreraandcompany.com
*.cabreraandcompany.com
*.aws.navigatetax.pwc.co.in
*.dev.einvoice.aw.navigatetax.pwc.co.in
*.gbi-aws.pwc.co.in
*.gsp.gbi-aws.pwc.co.in
*.gq324e.ctd-poc.com
*.grant-manager.com
grantmanager.ca
*.grantmanager.ca
*.illuminate-data.org.uk
imperva.com
*.outcome-plus.com
*.pwc-linkia.com
*.digitalsuite.pwc-tls.it
*.pwc.at
*.pwc.be
*.businesslogicplatform.pwc.ch
*.chat-dev.pwc.co.uk
*.clientidentificationportal.dev.pwc.co.uk
*.datathread.pwc.co.uk
*.devtaxclarity.pwc.co.uk
*.internal.pwc.co.uk
*.pwc.co.uk
*.questionnairecloud.pwc.co.uk
*.solutionhubtelephony.internal.pwc.co.uk
*.stage.ariasmbc.pwc.co.uk
*.dev.documentanalysis.pwc.com.au
*.documentanalysis.pwc.com.au
*.notify.pwc.com.au
pwc.com.au
*.pwc.com.au
*.partnersaffairs-stg.apps.pwc.com.br
api.auditreportreader.pwc.de
api.auditreportreaderstage.pwc.de
app.auditreportreader.pwc.de
app.auditreportreaderstage.pwc.de
apps-ccp-stage.pwc.de
apps-ccp-stage1.pwc.de
apps-ccp.pwc.de
auditreportreader.pwc.de
auditreportreaderstage.pwc.de
ccp-reports.pwc.de
ccp-stage-reports.pwc.de
ccp-stage.pwc.de
ccp-stage1.pwc.de
ccp.pwc.de
digitallyenabledreporting-stage.pwc.de
enforcementassistant.pwc.de
gds-stage.pwc.de
gds.pwc.de
legalentityhub.pwc.de
*.legalentityhub.pwc.de
legalentityhubstage.pwc.de
*.legalentityhubstage.pwc.de
office-ccp.pwc.de
pathwaystoparistransformationtool.pwc.de
peergroupinsights.pwc.de
propertytaxapp.pwc.de
pruefbehoerde-dev.pwc.de
pruefbehoerde.pwc.de
*.pwc.de
smartidverification.pwc.de
sts.ccp-stage.pwc.de
sts.ccp.pwc.de
swb.pwc.de
tas-api-stage.pwc.de
tas-stage.pwc.de
*.pwc.dk
*.pwc.es
*.pwc.eu
*.buildinginfo.pwc.fi
*.pwc.fi
*.staging.pwc.fi
*.pwc.fr
*.climateassessment.pwc.in
*.complianceinsights.pwc.in
*.pwc.in
*.vendorandproductevaluationtool.pwc.in
*.digitaldocumentplatform.pwc.it
*.pwc.it
*.pwc.kz
*.stage.pwc.kz
*.demo.pwc.nl
*.interactiveriskmanagement.pwc.nl
*.azerbaijan.hrtoolkit.pwc.pl
*.dev.pwc.pl
*.geh.hrtoolkit.pwc.pl
*.hrtoolkit.pwc.pl
*.pwc.pl
*.taxolite.pwc.pl
*.taxreliefvalidation.pwc.pl
*.tts.pwc.pl
*.pwc.se
*.pwcfts.com
*.pwcmalta.com
*.terraininsights.net
Other domains in certificate