SSL Certificate Analysis for atmestore.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=atmestore.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 30, 2026

Valid Until

July 29, 2026 59 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

6F:D1:70:40:26:6A:46:CF:9A:35:2B:E4:B4:4A:2A:48:6F:19:50:46:40:71:1C:8D:9E:12:61:91:86:F0:8A:00

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

atmestore.com *.atmestore.com *.9namo.atmestore.com *.saoseo.atmestore.com *.seona.atmestore.com

Other domains in certificate

*.admin.axw.it *.api.axw.it *.app.axw.it axw.it *.axw.it *.board.axw.it *.dashboard.axw.it *.hostmaster.axw.it *.metric.axw.it *.metrics.axw.it *.reporting.axw.it *.staging.axw.it *.status.axw.it *.superset.axw.it *.supersets.axw.it *.visual.axw.it

doeda-boz.xyz *.doeda-boz.xyz *.random.doeda-boz.xyz *.saudi.doeda-boz.xyz

*.a.doplans.info *.dn0c3y.doplans.info doplans.info *.doplans.info *.test.doplans.info

*.cpanel.glick.co glick.co *.glick.co *.mail.glick.co *.webmail.glick.co

globalgriefpandemic.click *.globalgriefpandemic.click *.qfhtxt.globalgriefpandemic.click

hertzberg.org *.hertzberg.org *.hostmaster.hertzberg.org

hiro877.com *.hiro877.com

isco.live *.isco.live *.ww38.isco.live

*.4419c50d-2fcd-4832-9802-9425e9c8c795.keyantennas.com *.7d4f8abb-8b82-454d-9141-de472f81552e.keyantennas.com *.a.keyantennas.com *.admin.keyantennas.com *.api.keyantennas.com *.app.keyantennas.com *.cloud.keyantennas.com *.demo.keyantennas.com keyantennas.com *.keyantennas.com *.postmaster.keyantennas.com *.rd.keyantennas.com *.rds.keyantennas.com *.rdweb.keyantennas.com *.remote.keyantennas.com *.test.keyantennas.com *.vansdjtwastoknbpostmaster.keyantennas.com *.vpn.keyantennas.com *.zxnoahuj.keyantennas.com

legendemedia.com *.legendemedia.com

*.4xze1w.mnie.exchange *.admin.mnie.exchange *.dev.mnie.exchange mnie.exchange *.mnie.exchange

poajaupsee.com *.poajaupsee.com

*.m.soxscc.info *.random.soxscc.info soxscc.info *.soxscc.info *.ww25.soxscc.info

vpnolympus88.live *.vpnolympus88.live

*.dev.zapple.com *.learn.zapple.com *.ls.zapple.com *.support.zapple.com *.weather-map2.zapple.com *.www.zapple.com zapple.com *.zapple.com