Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=imperva.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign Atlas R3 DV TLS CA 2025 Q4
Valid From
November 13, 2025
Valid Until
May 12, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
27:C7:45:88:53:55:B1:4A:CC:29:4F:D3:17:DD:68:67:D5:CC:49:E0:78:DA:C7:55:3C:D9:D3:11:44:88:2B:7C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
142 domains
commandcenter-ngp.sabre.com
hotelbookeragencyadmin.sabre.com
hotelbookerreports.sabre.com
hotelbookerssl.sabre.com
ords-cert.sabre.com
pccwf8cert1csi.sabre.com
pccwf8cert1dcc.sabre.com
pccwf8cert1sis.sabre.com
pccwf8cert2.sabre.com
pccwf8cert2csi.sabre.com
pccwf8cert2dcc.sabre.com
pccwf8cert2sis.sabre.com
pcpwf8prod1.sabre.com
pcpwf8prod1csi.sabre.com
pcpwf8prod1dcc.sabre.com
pcpwf8prod1sis.sabre.com
pricinganalyzer.sabre.com
prism.sabre.com
prismdata.sabre.com
prismdirect.sabre.com
sabrereporting.sabre.com
webkey.sabre.com
wolverine-res-api-s2-tc1-cert.sabre.com
wolverine-res-api-s2-ut1-cert.sabre.com
wolverine-res-callcenter-s2-tc1-cert.sabre.com
wolverine-res-callcenter-s2-tc2-cert.sabre.com
wolverine-res-callcenter-s2-ut1-cert.sabre.com
api.hotelbooker.sabre.com
cm-akasa.cert.sabre.com
cmamq-akasa.cert.sabre.com
csi.prism.sabre.com
csi1.prism.sabre.com
csi2.prism.sabre.com
csm.prism.sabre.com
csm1.prism.sabre.com
csm2.prism.sabre.com
files.developer.sabre.com
id-cert.ezypayment.sabre.com
id.ezypayment.sabre.com
ipe-pmt.int.sabre.com
nokair-api-cert.ezypayment.sabre.com
nokair-api.ezypayment.sabre.com
nokair-ext-api-cert.ezycommerce.sabre.com
nokair-ext-api.ezycommerce.sabre.com
tokiair-api-cert.ezypayment.sabre.com
tokiair-api.ezypayment.sabre.com
tokiair-ext-api-cert.ezycommerce.sabre.com
tokiair-ext-api.ezycommerce.sabre.com
viewership-okta.cert.sabre.com
opscomm.saa.cert.sabre.com
ou.avro.cert.sabre.com
webpmp.bg.ri.sabre.com
webpmp.k6.ri.sabre.com
webpmp.ux.ix.sabre.com
ol-ro-c1.avro.cert.aws.sabre.com
ol-ro.avro.cert.aws.sabre.com
webpmp.am.ri.cert.sabre.com
webpmp.k6.ri.cert.sabre.com
webpmp.ux.ix.cert.sabre.com
webpmp.ws.ix.cert.sabre.com
webqa.ws.ix.cert.sabre.com
webtest.ws.ix.cert.sabre.com
sv.avfo.as.dev.asc.sabre.com
webhacert.avix.ix-ha.prod.asc.sabre.com
webhadev.avix.ix-ha.prod.asc.sabre.com
webhaprod.avix.ix-ha.prod.asc.sabre.com
webuxcert.avix.ix-ux.prod.asc.sabre.com
webuxprod.avix.ix-ux.prod.asc.sabre.com
www.ux01.euw3.cert.planning-optimization.sabre.com
www.vs01.euw3.cert.planning-optimization.sabre.com
www.w601.euw3.cert.planning-optimization.sabre.com
reservations.aves-arosa.ch
reservations.banyantree.com
reservations.bardessono.com
reservations.casacipriani.com
reservations.cinnamonhotels.com
apigw.gamad.co.il
book-chicago.emilyhotel.com
reservations.galleriapark.com
www.cert.getthere.com
reservations.hampshire-hotels.com
reservations.historicinnsofannapolis.com
reservations.hotelalhambrapalace.com
myreservations.hotelauteuilgeneva.com
myreservations.hoteledelweissgeneva.com
myreservations.hoteljadegeneva.com
myreservations.hotelkiplinggeneva.com
myreservations.hotelnvygeneva.com
myreservations.hotelroyalgeneva.com
reservations.hotelyountville.com
imperva.com
reservations.lacuestainn.com
reservations.lakewayresortandspa.com
reservations.lepavillon.com
reservations.magnoliahotels.com
myreservations.manotel.com
reservations.melrosehoteldc.com
reservations.miramonteresort.com
reservations.oneoceanresort.com
reservations.pierhouse.com
www.prism-grp.com
arj.app.radixxhost.com
arj.appota.radixxhost.com
arj.dcs.radixxhost.com
arj.res.radixxhost.com
bma.res.radixxhost.com
rar.app.radixxhost.com
rar.appota.radixxhost.com
rar.dcs.radixxhost.com
rar.res.radixxhost.com
arjappota.radixxuat.com
arjappuat.radixxuat.com
arjdcsuat.radixxuat.com
arjresuat.radixxuat.com
tokappota.radixxuat.com
tokappuat.radixxuat.com
tokdcsuat.radixxuat.com
tokresuat.radixxuat.com
sabrereporting.dev.aws.sabrenow.com
reservations.silversmithchicagohotel.com
be-cms-api-c1.synxis.com
be-cms-api-p1.synxis.com
edgeapi-c1.synxis.com
edgeapi-p1.synxis.com
google-c1.synxis.com
image-resizer-c1.synxis.com
image-resizer-p1.synxis.com
infrasvcs-c1.synxis.com
payments-c1.synxis.com
services-c1.synxis.com
voiceagent-c1.synxis.com
reservations.theashtonhotel.com
reservations.thechurchillhotel.com
reservations.theeddygolden.com
reservations.thefifthavenuehotel.com
reservations.thejouledallas.com
reservations.towncountry.com
tcpx-tfh.tripcase.com
reservations.unicohotelrivieramaya.com
reservations.viceroyhotelsandresorts.com
reservations.worldquestorlando.com
reservations.zmr.com
Other domains in certificate