SSL Certificate Analysis for 11wns.com - Security Grade & TLS Configuration

Open Cached · just now

79/100 SECURITY SCORE

Certificate Information

Subject

CN=selfclimbing.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 05, 2026

Valid Until

May 06, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

46:35:4E:A8:53:0D:C9:6D:13:F4:13:A3:5E:C5:FA:8F:0C:8A:9A:0F:F7:BE:4F:DD:7D:D3:23:C0:DA:60:8B:2C

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

11wns.com *.11wns.com

Other domains in certificate

*.api.bobil.com bobil.com *.bobil.com *.host.bobil.com

*.b5hyr.cakarcakmazcakancakmak.cfd *.blog.cakarcakmazcakancakmak.cfd cakarcakmazcakancakmak.cfd *.cakarcakmazcakancakmak.cfd *.i51qg.cakarcakmazcakancakmak.cfd *.ptjzzdev.cakarcakmazcakancakmak.cfd *.qdiek.cakarcakmazcakancakmak.cfd

cognitive.art *.cognitive.art *.sitemaps.cognitive.art

escortgidsistanbul.xyz *.escortgidsistanbul.xyz *.mail.escortgidsistanbul.xyz *.mpvrqzrhj5cq.escortgidsistanbul.xyz *.random.escortgidsistanbul.xyz *.ww25.escortgidsistanbul.xyz *.ww38.escortgidsistanbul.xyz

*.1.fanchavip.com *.a.fanchavip.com *.ai.fanchavip.com *.b.fanchavip.com *.bi.fanchavip.com *.by.fanchavip.com *.ci.fanchavip.com *.di.fanchavip.com *.e.fanchavip.com *.ei.fanchavip.com *.f.fanchavip.com fanchavip.com *.fanchavip.com *.fi.fanchavip.com *.g.fanchavip.com *.h.fanchavip.com *.i.fanchavip.com *.j.fanchavip.com *.n.fanchavip.com *.nfc.fanchavip.com *.ww38.fanchavip.com

impmail.com *.impmail.com *.wildcard.impmail.com

*.blog.lapublicist.com lapublicist.com *.lapublicist.com *.sitemap.lapublicist.com

*.amazon.maglietta.com *.backup.maglietta.com *.blog.maglietta.com maglietta.com *.maglietta.com

*.blog.mozmar.com mozmar.com *.mozmar.com

*.backup.mytholmroyd.com *.blog.mytholmroyd.com mytholmroyd.com *.mytholmroyd.com *.ww16.mytholmroyd.com

*.backup.mytvonline.com *.blog.mytvonline.com mytvonline.com *.mytvonline.com *.ww1.mytvonline.com

*.3g.onlinemusicstreams-d.site *.api-dev.onlinemusicstreams-d.site *.api.onlinemusicstreams-d.site *.home.onlinemusicstreams-d.site *.mail.onlinemusicstreams-d.site onlinemusicstreams-d.site *.onlinemusicstreams-d.site *.pay.onlinemusicstreams-d.site *.webmail.onlinemusicstreams-d.site *.wss.onlinemusicstreams-d.site *.www.onlinemusicstreams-d.site *.zoom.onlinemusicstreams-d.site

*.client.selfclimbing.com selfclimbing.com *.selfclimbing.com

*.qbexcsecure.singlepeoplemeet.com singlepeoplemeet.com *.singlepeoplemeet.com

*.qa.surediet.com surediet.com *.surediet.com