Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q3
Valid From
September 24, 2025
Valid Until
March 23, 2026
47 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8E:82:6C:FC:A5:A4:5B:C9:C3:36:9A:41:F7:45:52:94:BE:B4:7F:6B:B7:A7:A8:F9:70:12:4B:59:A4:9C:3D:3B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000; includeSubdomains; preload
Content-Security-Policy
Basic
default-src; script-src; style-src; +10 more
default-src 'self' https://cdn.jsdelivr.net https://*.console.glassboxsaas.com https://*.report.gbss.io; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.appsflyer.com https://maps.googleapis.com https://places.googleapis.com https://cdn.segment.com https://ze.delivery https://repo.incognia.com https://*.google.com https://*.gstatic.com https://*.google.com.br https://*.google-analytics.com https://*.googletagmanager.com https://optanon.blob.core.windows.net https://connect.facebook.net https://code.jquery.com https://cdn.cookielaw.org https://analytics.tiktok.com https://*.hotjar.com https://*.tailtarget.com https://pixel.mathtag.com https://web-sdk-cdn.singular.net https://*.clearsale.com.br https://cdn.jsdelivr.net https://www.googleadservices.com https://*.clarity.ms https://*.ze.delivery https://www.google.com/ads/ga-audiences https://cdn.gbqofs.com https://*.console.glassboxsaas.com https://lantern.roeyecdn.com https://www.dwin1.com https://*.report.gbss.io https://*.awin1.com https://the.sciencebehindecommerce.com https://*.split.io; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://optanon.blob.core.windows.net https://www.googletagmanager.com https://cdn.cookielaw.org https://*.onetrust.com; img-src 'self' blob: data: https://*.bing.com courier-images-web.imgix.net courier-images-frontrelease.imgix.net courier-images-prod.imgix.net https://*.google-analytics.com https://*.googleapis.com https://ads.scorecardresearch.com https://eb2.3lift.com https://t.mookie1.com https://analytics.twitter.com https://us-u.openx.net https://id5-sync.com https://match.sharethrough.com https://analytics.twitter.com https://image2.pubmatic.com https://x.bidswitch.net https://odr.mookie1.com https://loadus.exelator.com https://contextual.media.net https://maps.googleapis.com https://places.googleapis.com https://www.facebook.com https://*.clearsale.com.br https://www.google.com https://www.google.com.br https://*.tailtarget.com https://*.singular.net https://*.hotjar.com https://*.incognia.com https://*.typeform.com https://*.doubleclick.net https://*.tiktok.com https://*.onetrust.com https://*.gstatic.com https://*.mathtag.com https://*.googleadservices.com https://*.facebook.net https://*.amazoncognito.com https://*.google.com https://*.ze.delivery https://img.saveur-biere.com https://content.hotjar.io https://translate.google.com https://adservice.google.com https://tags.w55c.net https://tags.bluekai.com https://dsum-sec.casalemedia.com https://idsync.rlcdn.com https://*.stickyadstv.com https://*.akgn.com https://www.googletagmanager.com https://ups.analytics.yahoo.com https://pixel.rubiconproject.com https://aa.agkn.com https://ce.lijit.com https://c.clarity.ms https://*.awin1.com https://www.awin1.com https://*.tapad.com; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; form-action 'self' https://www.facebook.com; frame-ancestors 'self' https://www.typeform.com; frame-src 'self' https://form.typeform.com https://*.doubleclick.net https://www.typeform.com https://*.google.com https://www.facebook.com https://www.googletagmanager.com https://zecompensa.ze.delivery https://*.awin1.com https://www.awin1.com https://zecompensa.ze.delivery; upgrade-insecure-requests ; connect-src 'self' https://api.pagar.me https://*.onelink.me https://*.google-analytics.com https://www.facebook.com https://*.google.com https://maps.googleapis.com https://places.googleapis.com https://*.clarity.ms https://*.split.io https://auth.split.io https://api.split.io https://*.ze.delivery https://api.club.zedelivery.in https://*.incognia.com https://*.icg-in.com wss://*.icg-in.com wss://*.incognia.com wss://ws.hotjar.com https://cdn.segment.com https://api.segment.io https://*.segment.com https://*.segment.io https://cdn.cookielaw.org https://*.onetrust.com https://analytics.google.com https://*.hotjar.com https://*.hotjar.io https://cognito-idp.us-west-2.amazonaws.com https://cdn.jsdelivr.net https://*.clearsale.com.br https://*.dynamsoft.com https://*.zedelivery.in https://*.gbqofs.io https://sdk-api-v1.singular.net https://*.gstatic.com https://ze-auth-service-consumer-prod.auth.us-west-2.amazoncognito.com https://ze-auth-service-consumer-frontrelease.auth.us-west-2.amazoncognito.com https://www.google.com/ads/ga-audiences https://*.console.glassboxsaas.com https://*.report.gbss.io https://*.googleadservices.com https://www.google.com.br https://www.dwin1.com https://www.awin1.com https://*.doubleclick.net https://*.appsflyer.com https://*.imgix.net https://*.googleapis.com https://*.tiktok.com;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
ch-ua-model=("https://sdk-api-v1.singular.net"), ch-ua-platform-version=("https://sdk-api-v1.singular.net"), ch-ua-full-version-list=("https://sdk-api-v1.singular.net"), attribution-reporting=(), browsing-topics=(), otp-credentials=(), accelerometer=(self "https://zecompensa.ze.delivery"),attribution-reporting=(self "https://zecompensa.ze.delivery"),autoplay=(self "https://zecompensa.ze.delivery"),bluetooth=(self "https://zecompensa.ze.delivery"),browsing-topics=(self "https://zecompensa.ze.delivery"),camera=(self "https://zecompensa.ze.delivery"),compute-pressure=(self "https://zecompensa.ze.delivery"),display-capture=(self "https://zecompensa.ze.delivery"),encrypted-media=(self "https://zecompensa.ze.delivery"),fullscreen=(self "https://zecompensa.ze.delivery"),gamepad=(self "https://zecompensa.ze.delivery"),geolocation=(self "https://zecompensa.ze.delivery"),gyroscope=(self "https://zecompensa.ze.delivery"),hid=(self "https://zecompensa.ze.delivery"),identity-credentials-get=(self "https://zecompensa.ze.delivery"),idle-detection=(self "https://zecompensa.ze.delivery"),local-fonts=(self "https://zecompensa.ze.delivery"),magnetometer=(self "https://zecompensa.ze.delivery"),microphone=(self "https://zecompensa.ze.delivery"),midi=(self "https://zecompensa.ze.delivery"),otp-credentials=(self "https://zecompensa.ze.delivery"),payment=(self "https://zecompensa.ze.delivery"),picture-in-picture=(self "https://zecompensa.ze.delivery"),publickey-credentials-create=(self "https://zecompensa.ze.delivery"),publickey-credentials-get=(self "https://zecompensa.ze.delivery"),screen-wake-lock=(self "https://zecompensa.ze.delivery"),serial=(self "https://zecompensa.ze.delivery"),storage-access=(self "https://zecompensa.ze.delivery"),usb=(self "https://zecompensa.ze.delivery"),web-share=(self "https://zecompensa.ze.delivery"),window-management=(self "https://zecompensa.ze.delivery"),xr-spatial-tracking=(self "https://zecompensa.ze.delivery")
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
72 domains
ze.codes
*.ze.codes
*.ab-inbev.com
*.staging.hoppy.ab-inbev.com
abiboardvideoportal.com
*.abiboardvideoportal.com
abinbev.cl
*.abinbev.cl
*.abmarketing.com
abmartechportal.com
*.abmartechportal.com
*.bavaria.co
becker.cl
*.becker.cl
*.api.beertech.com
*.oneportal.beertech.com
assets.beesbank.com.br
*.brewbox360.com
*.budweiser.com
prc.busch.com
cantaritos.com
*.cantaritos.com
cbn.bo
*.cbn.bo
*.ccc.es
cervezacorona.mx
*.cervezacorona.mx
*.cbn.com.bo
canchita.com.py
*.canchita.com.py
cervepar.com.py
*.cervepar.com.py
cervezapatagonia.com.py
*.cervezapatagonia.com.py
pilsen.com.py
*.pilsen.com.py
*.corona.com
drinklajarra.com
*.drinklajarra.com
imperva.com
konabigwave.com
*.konabigwave.com
kwak.be
*.kwak.be
labattpub.com
*.labattpub.com
mikeshardglobal.com
*.mikeshardglobal.com
montejo.com
*.montejo.com
mybeerrebate.com
*.mybeerrebate.com
*.cosmosdb.uat.mybees-platform.dev
*.cosmosdb2.uat.mybees-platform.dev
*.mybees.be
nutrlqc.com
*.nutrlqc.com
nutrlvodka.com
*.nutrlvodka.com
papt2.com
*.papt2.com
reignoftitans.gg
*.reignoftitans.gg
*.techmaz.mx
tempocraftgin.com
*.tempocraftgin.com
trackyourbud.com
www.trackyourbud.com
*.dev.ze.delivery
*.ze.delivery
*.club.zedelivery.in
*.zedelivery.in
Other domains in certificate