SSL Certificate Analysis for admin.farmy.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=astoundingsmaple.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 04, 2026

Valid Until

September 02, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

61:05:05:AC:A0:B1:7A:E4:C6:BF:9C:32:0E:7E:F3:B8:6F:08:DB:1C:9C:C6:BC:90:0E:83:A5:21:DA:94:55:2C

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

farmy.it *.farmy.it *.admin.farmy.it *.backend.farmy.it *.mx.farmy.it *.staging.farmy.it

Other domains in certificate

3-9nft.io *.3-9nft.io *.api.3-9nft.io *.demo.3-9nft.io *.download.3-9nft.io *.hostmaster.3-9nft.io *.mail.3-9nft.io *.phpmyadmin.3-9nft.io *.service.3-9nft.io *.ssh.3-9nft.io

astoundingsmaple.com *.astoundingsmaple.com *.ifug4c.astoundingsmaple.com

bodycount.ai *.bodycount.ai

*.api.booksupermarket.com *.app.booksupermarket.com *.bfqxrdemo.booksupermarket.com *.bi.booksupermarket.com booksupermarket.com *.booksupermarket.com *.staging.booksupermarket.com *.superset.booksupermarket.com *.workflow.booksupermarket.com

chihomeessentials.com *.chihomeessentials.com

df-pymnt.com *.df-pymnt.com

*.admin.digitalpromotions.shop *.api.digitalpromotions.shop *.app.digitalpromotions.shop *.assets.digitalpromotions.shop *.c0500bcc-69d9-46cc-92ca-e1182eff8c92.digitalpromotions.shop *.dev.digitalpromotions.shop digitalpromotions.shop *.digitalpromotions.shop *.mail.digitalpromotions.shop *.members.digitalpromotions.shop *.rustore.digitalpromotions.shop *.staging.digitalpromotions.shop *.test.digitalpromotions.shop

*.delivery.foodontherun.com.au foodontherun.com.au *.foodontherun.com.au *.millionhits.foodontherun.com.au *.order.foodontherun.com.au *.orders.foodontherun.com.au

*.hoticebarandgrill.mobile.co.uk *.id.mobile.co.uk *.instantemail-t.mobile.co.uk *.instantemailt.mobile.co.uk *.jordan.mobile.co.uk *.learnlibrary.mobile.co.uk *.lyca.mobile.co.uk mobile.co.uk *.mobile.co.uk *.myid.mobile.co.uk *.pennys.mobile.co.uk *.sky.mobile.co.uk *.t.mobile.co.uk *.tiki-casino.mobile.co.uk *.virgin.mobile.co.uk *.ww25.mobile.co.uk

*.hrka1.smellbrush.xyz *.ques8.smellbrush.xyz smellbrush.xyz *.smellbrush.xyz *.yhue2.smellbrush.xyz

speedydelivery.au *.speedydelivery.au

*.a.ssurant.com *.mobileclaims.ssurant.com *.model.ssurant.com *.ssp.ssurant.com ssurant.com *.ssurant.com

*.api.td88.bike *.app.td88.bike *.dev.td88.bike *.ed31f3e4-1c7c-4601-8ab3-920c7e5ed480.td88.bike td88.bike *.td88.bike *.w6r1fd.td88.bike