SSL Certificate Analysis for api.wogoman.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=woolfork.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 13, 2026

Valid Until

May 14, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

91:DB:02:69:62:55:A4:4B:66:A9:02:78:AF:A6:B9:94:AA:0B:9D:71:4E:35:14:03:9E:6E:39:1D:BC:4D:1D:D5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

wogoman.com *.wogoman.com *.api.wogoman.com *.dev.wogoman.com *.mail.wogoman.com *.sitemap.wogoman.com *.test.wogoman.com *.vpn.wogoman.com *.ww16.wogoman.com *.ww38.wogoman.com *.ww5.wogoman.com

Other domains in certificate

3536.my *.3536.my *.ftp.3536.my *.pop.3536.my *.webdisk.3536.my *.webmail.3536.my *.whm.3536.my *.www.3536.my

agennwild.vip *.agennwild.vip *.api.agennwild.vip *.shop.agennwild.vip *.store.agennwild.vip

*.crm.luckyloos.com *.dev.luckyloos.com luckyloos.com *.luckyloos.com *.webdisk.luckyloos.com

*.hostmaster.midwestmemory.com *.mail.midwestmemory.com midwestmemory.com *.midwestmemory.com *.webdisk.midwestmemory.com

motorcycleclub.au *.motorcycleclub.au

*.go.opencommercepath.click opencommercepath.click *.opencommercepath.click

*.api.pekanbaru.co *.backup.pekanbaru.co *.beta.pekanbaru.co *.bisnis.pekanbaru.co *.blog.pekanbaru.co *.com.pekanbaru.co *.cpanel.pekanbaru.co *.crm.pekanbaru.co *.kuliner.pekanbaru.co pekanbaru.co *.pekanbaru.co *.rdp.pekanbaru.co *.rdweb.pekanbaru.co *.souvenir.pekanbaru.co *.vdi.pekanbaru.co *.virtualstudent.pekanbaru.co *.vpn.pekanbaru.co *.vpnssl.pekanbaru.co *.webdisk.pekanbaru.co

*.api.pikeys.com *.comms.pikeys.com *.for.pikeys.com *.hostmaster.pikeys.com pikeys.com *.pikeys.com *.rdp.pikeys.com *.sitemaps.pikeys.com *.ww16.pikeys.com *.ww25.pikeys.com *.www.pikeys.com

*.co.sbsbd.com *.com.sbsbd.com sbsbd.com *.sbsbd.com

tipstosuccess.club *.tipstosuccess.club *.webdisk.tipstosuccess.club

*.imap4.wenow.it wenow.it *.wenow.it

*.alpha.winchesterfarmersmarket.com winchesterfarmersmarket.com *.winchesterfarmersmarket.com

*.blog.woolfork.com *.sitemap.woolfork.com *.sitemaps.woolfork.com woolfork.com *.woolfork.com *.wp.woolfork.com *.ww1.woolfork.com *.ww25.woolfork.com