SSL Certificate Analysis for www.dimensiondata.com - Security Grade & TLS Configuration

Open Cached · just now

89/100 SECURITY SCORE

Certificate Information

Subject

C=GB, L=London, O=NTT Ltd, CN=dimensiondata.com

Issuer

C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1

Valid From

October 20, 2025

Valid Until

October 20, 2026 298 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

CE:3D:A6:FB:05:4D:87:24:97:58:F7:DF:0B:33:F5:57:A1:8D:D4:12:A2:EE:AF:AE:FD:56:87:C3:F4:D6:37:04

Alternative Names

2 domains

Security Configuration

TLS Protocols

TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Basic

default-src; img-src; style-src; +9 more

default-src 'self' https://*.nttdata.com https://www.googletagmanager.com *.demandbase.com *.company-target.com https://maps.googleapis.com https://asc.cpp32.com/ https://u.api.emtana.com/ https://racecenter.letour.fr https://unpkg.com/web-vitals/dist/web-vitals.iife.js https://s1329636.t.eloqua.com https://www.google.com https://www.google.ca https://www.google.ie https://www.google.lt https://www.google.nl https://www.google.co.jp https://*.fls.doubleclick.net https://www.google.com https://resources.digital-cloud.medallia.eu https://*.licdn.com https://s7.addthis.com https://vars.hotjar.com/ https://connect.facebook.net/ https://www.facebook.com/ *.crazyegg.com https://youtube.com https://www.youtube.com https://youtu.be https://i.ytimg.com/vi_webp/PfZzvGGRaOM/mqdefault.webp https://bat.bing.com/; img-src 'self' blob: data: https://*.nttdata.com https://c.clarity.ms/ https://segments.company-target.com/ https://bat.bing.com/ https://id.rlcdn.com/ https://*.emtana.com/ https://portal.webolytics.com/ https://admin.bound360.com/images/logos/bound-logo-full.png https://px4.ads.linkedin.com https://ad.doubleclick.net https://www.google.be https://pbs.twimg.com https://*.analytics.google.com https://*.google.com https://*.brightfunnel.com https://q.quora.com https://alb.reddit.com https://www.marketing-town.com https://assets.getsmartcontent.com https://www.google.co.in https://www.google.com.hk https://www.google.com.* https://www.google.ca https://www.google.ie https://www.google.lt https://www.google.nl https://maps.gstatic.com https://maps.googleapis.com https://www.google.de https://www.google.it https://pixel.tapad.com https://decibel-49-adswizz.attribution.adswizz.com https://www.google.co.uk https://attribution.decibelads.com https://reverseads.matomo.cloud https://tracking.connect.services.global.ntt https://fonts.gstatic.com https://cdn.cookielaw.org https://analytics.twitter.com https://analytics.google.com https://match.adsrvr.org https://*.leady.com/ https://resources.digital-cloud.medallia.eu https://j.mrpdata.net https://857338121.privacysandbox.googleadservices.com https://720787047.privacysandbox.googleadservices.com https://apt.techtarget.com https://620993155.privacysandbox.googleadservices.com https://p.adsymptotic.com/ *.crazyegg.com https://www.google.co.za https://*.kampyle.com https://vars.hotjar.com https://pubads.g.doubleclick.net https://script.hotjar.com http://script.hotjar.com https://www.googletagmanager.com https://www.google.com https://www.google.com.pa https://googleads.g.doubleclick.net https://www.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com https://t.co/ https://px.ads.linkedin.com/ https://connect.facebook.net/ https://www.facebook.com/ https://www.linkedin.com/ https://s2190102.t.eloqua.com/ https://storage.googleapis.com/ https://*.akstat.io; style-src 'unsafe-inline' 'unsafe-eval' 'self' *.crazyegg.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com; font-src 'self' https://fonts.gstatic.com data: http://script.hotjar.com https://script.hotjar.com; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors https://cm.prod.services.global.ntt https://vars.hotjar.com https://bid.g.doubleclick.net https://*.crazyegg.com; script-src 'nonce-NTU0MTQ0OTdub25jZS1yYW5kb20=' 'unsafe-inline' 'unsafe-eval' 'self' blob: https://scripts.clarity.ms/ https://www.clarity.ms/tag/uet/ https://bat.bing.com/ https://s.company-target.com id.rlcdn.com/ *.demandbase.com *.company-target.com/ *.api.company-target.com/ api.company-target.com/ https://tag.demandbase.com/ https://mc-ee2ba50e-a42e-4710-b41c-b435-cd-blue.azurewebsites.net/ https://v6.demo.eid.emtana.com/ https://u.api.emtana.com/ https://u.api.emtana.com/ https://asc.cpp32.com/ https://usc.cpp32.com/ https://*.emtana.com/ https://*.adobe.io https://*.go-mpulse.net https://portal.webolytics.com https://secure.intelligentdata52.com https://a.quora.com https://unpkg.com/[email protected]/dist/web-vitals.attribution.iife.js https://*.brightfunnel.com https://*.analytics.google.com https://*.google.com https://www.redditstatic.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.js https://maps.googleapis.com https://www.google.co.in https://www.google.co.nz https://www.google.com.pa https://www.google.de https://www.google.it https://cdn.matomo.cloud https://s.getsmartcontent.com https://cdn.getsmartcontent.com https://attribution.decibelads.com https://tracking.connect.services.global.ntt https://snippet.ramblechat.com https://munchkin.brightfunnel.com https://analytics.google.com https://*.leady.com/ https://www.gstatic.com https://trk.techtarget.com https://visitor.reactful.com https://*.crazyegg.com https://script.crazyegg.com https://connect.facebook.net/ https://cdn.cookielaw.org/ https://secure.east2pony.com/ https://protect-eu.mimecast.com/ https://www.google.co.za/ https://*.addthisedge.com https://z.moatads.com https://*.addthis.com https://script.hotjar.com http://script.hotjar.com http://static.hotjar.com https://static.hotjar.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://analytics.twitter.com https://static.ads-twitter.com https://resources.digital-cloud.medallia.eu https://nebula-cdn.kampyle.com https://img03.en25.com https://script.crazyegg.com https://www.youtube.com www.googleadservices.com https://pubads.g.doubleclick.net https://snap.licdn.com https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/min/tiny-slider.js https://geolocation.onetrust.com https://acrobatservices.adobe.com; connect-src 'self' data: https://*.nttdata.com https://*.clarity.ms/collect https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/ https://analytics-fe.digital-cloud.medallia.eu/api/web/events https://pixel-config.reddit.com/pixels/t2_tnaabiqd/config *.demandbase.com *.company-target.com https://mapsresources-pa.googleapis.com https://*.t.eloqua.com https://*.adobe.io https://*.go-mpulse.net https://portal.webolytics.com https://px.ads.linkedin.com https://*.brightfunnel.com https://*.analytics.google.com https://*.google.com https://ibc-flow.techtarget.com https://cdn.linkedin.oribi.io https://udc-neb.kampyle.com https://www.google.com.pa https://s.getsmartcontent.com https://www.gstatic.com https://maps.googleapis.com https://maps.googleapis.com/maps/api/mapsjs/mapConfigs https://reverseads.matomo.cloud wss://a1kkx7muourfsi-ats.iot.us-east-1.amazonaws.com https://realtime.ramblechat.com https://idx.liadm.com/ https://geolocation.onetrust.com/ https://api.brightfunnel.com https://analytics.google.com https://*.leady.com/ https://tracking.reactful.com https://resources.digital-cloud.medallia.eu https://visitor.reactful.com *.crazyegg.com https://www.facebook.com/ https://connect.facebook.net/ https://cdn.cookielaw.org/ https://stats.g.doubleclick.net/ https://www.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com https://script.crazyegg.com/* https://api-public.addthis.com https://*.addthis.com https://privacyportal-de.onetrust.com/ https://*.akstat.io https://*.akamaihd.net https://acrobatservices.adobe.com; object-src blob: ; frame-src 'self' gyde365-qualify-nttdata-crm.azurewebsites.net gyde365-qualify-nttdata-fscm.azurewebsites.net https://www.googletagmanager.com/ https://s.company-target.com/ https://connect.services.global.ntt https://racecenter.letour.fr https://block.opendns.com https://td.doubleclick.net https://ssp2.gin.ntt.net https://www.google.com.pa https://10155546.fls.doubleclick.net https://resources.digital-cloud.medallia.eu https://extraordinary-platypus-f5e0bb.netlify.app https://nttbdttour.netlify.app/ https://cm.prod.services.global.ntt https://www.youtube.com https://www.google.com https://youtu.be https://*.adobe.com blob: https://acrobatservices.adobe.com/83efcaed-65c5-4afb-8249-50a20c1a472a; child-src 'self' blob:

X-Frame-Options

Excellent

deny

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

2 domains

dimensiondata.com www.dimensiondata.com