Open
Cached
·
just now
89/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4
Valid From
December 12, 2025
Valid Until
June 10, 2026
114 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B5:A9:D4:B9:5E:93:31:81:9D:2C:C2:CA:8E:6F:A3:98:6C:D6:41:FC:B0:63:19:42:3A:7B:15:A5:1A:21:92:64
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
default-src; script-src; connect-src; +3 more
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
56 domains
servicehealth-aa.sabre.com
api.platform.sabre.com
safair-api-cert-stg1.ezycommerce.sabre.com
safair-api-cert.ezypayment.sabre.com
safair-ext-api-cert-stg1.ezycommerce.sabre.com
stl.platform.sabre.com
webam.ix.sabre.com
airline.api.platform.sabre.com
da-demo.avro.cert.sabre.com
g3.avro.cert.sabre.com
gf.avro.cert.sabre.com
pm.avro.cert.sabre.com
va.avro.cert.sabre.com
webpmp.am.ix.sabre.com
webpmp.id.ri.sabre.com
aa.airline.api.platform.sabre.com
webqa.am.ix.cert.sabre.com
webqa.id.ri.cert.sabre.com
checkin-cert.aircambodia.com
checkin-stage.aircambodia.com
booking-cert.airserbia.com
booking.airserbia.com
checkin.airserbia.com
dc-cert-checkin.airserbia.com
dc-cert.airserbia.com
dc-checkin.airserbia.com
dc.airserbia.com
dx-cert-checkin.airserbia.com
dx-stage-checkin.airserbia.com
faitaccomplienterprises.com
www.faitaccomplienterprises.com
reservations.fortekochi.in
hotel.reservations.hardrock.com
booking.hommage-hotels.com
imperva.com
reservations.kumarakomlakeresort.in
naturesbest.co.uk
www.naturesbest.co.uk
oilnom.com
www.oilnom.com
pticket.com
www.pticket.com
sal.appota.radixxhost.com
sal.dcs.radixxhost.com
sal.res.radixxhost.com
*.secureco.co
shopholidays.de
www.shopholidays.de
specialoccasionevents.com
www.specialoccasionevents.com
*.synxis.com
reservations.tembobarcelona.com
reservations.thepaulbangalore.in
w88live.com
*.w88live.com
israirairlines.webguruetravel.com
Other domains in certificate