Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=xporen.com
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
May 30, 2026
Valid Until
August 28, 2026
83 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BB:1D:45:3E:F2:C3:EC:2C:96:2F:4E:F9:72:2E:ED:AE:0A:CF:83:6B:7C:DB:40:96:61:9A:41:69:6F:8E:86:73
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
quantumaisupport.com
*.quantumaisupport.com
*.api.quantumaisupport.com
*.app.quantumaisupport.com
*.backup.quantumaisupport.com
*.bc7ddd64-cccd-4a2d-9a1b-9987b0dd15d8.quantumaisupport.com
*.dashboard.quantumaisupport.com
*.dev.quantumaisupport.com
*.jfhdqstg.quantumaisupport.com
*.mail.quantumaisupport.com
*.mailer.quantumaisupport.com
*.marketing.quantumaisupport.com
*.new.quantumaisupport.com
*.qa.quantumaisupport.com
*.staging.quantumaisupport.com
*.stg.quantumaisupport.com
*.v2.quantumaisupport.com
*.16dc24e2-d20a-40f6-9516-317d7319cbb2.boostme.click
*.576c02fe-352d-4af2-b9cb-94459ec0545d.boostme.click
*.7olw5y.boostme.click
*.api.boostme.click
*.backup.boostme.click
boostme.click
*.boostme.click
*.dashboard.boostme.click
*.demo.boostme.click
*.mail.boostme.click
*.mailer.boostme.click
*.marketing.boostme.click
*.members.boostme.click
*.new.boostme.click
*.qa.boostme.click
*.rxqklgmu.boostme.click
*.secure.boostme.click
*.staging.boostme.click
*.stg.boostme.click
*.test.boostme.click
*.v1.boostme.click
*.v2.boostme.click
*.web.boostme.click
*.649e4517-e138-4512-9734-c879e8544c9f.toaken.app
*.api.toaken.app
*.backup.toaken.app
*.bvapei83m8r.toaken.app
*.dashboard.toaken.app
*.dev.toaken.app
*.gjjnzbackup.toaken.app
*.i83m8r.toaken.app
*.iezobqta.toaken.app
*.mail.toaken.app
*.mailer.toaken.app
*.marketing.toaken.app
*.news.toaken.app
*.qa.toaken.app
*.secure.toaken.app
*.staging.toaken.app
*.stg.toaken.app
toaken.app
*.toaken.app
*.uat.toaken.app
*.v1.toaken.app
*.v2.toaken.app
*.web.toaken.app
*.39a0c22e-cc61-4fcd-8dca-26e89936189f.vanillamaga.org
*.admin.vanillamaga.org
*.api.vanillamaga.org
*.app.vanillamaga.org
*.assets.vanillamaga.org
*.backup.vanillamaga.org
*.dashboard.vanillamaga.org
*.demo.vanillamaga.org
*.dev.vanillamaga.org
*.mail.vanillamaga.org
*.mailer.vanillamaga.org
*.marketing.vanillamaga.org
*.qa.vanillamaga.org
*.secure.vanillamaga.org
*.staging.vanillamaga.org
*.stg.vanillamaga.org
*.test.vanillamaga.org
*.uat.vanillamaga.org
*.v2.vanillamaga.org
vanillamaga.org
*.vanillamaga.org
*.web.vanillamaga.org
*.random.xporen.com
*.seehergag.xporen.com
*.ww25.xporen.com
xporen.com
*.xporen.com
Other domains in certificate