DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=oceanpark3.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 13, 2026
Valid Until
April 13, 2026 83 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
36:21:31:73:97:8B:B2:93:F5:53:5E:EC:AE:43:94:99:78:CE:26:05:97:9B:C6:26:0A:A1:1A:92:5B:98:5F:DE
Alternative Names
89 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains
aqdx59.com *.aqdx59.com *.vip.aqdx59.com *.ww25.aqdx59.com *.xyzvip.aqdx59.com

Other domains in certificate

940mm.live *.940mm.live
arashi4.click *.arashi4.click *.bdshimail.arashi4.click *.cpanel.arashi4.click *.webdisk.arashi4.click *.www.arashi4.click
bitcoinger.xyz *.bitcoinger.xyz *.d.bitcoinger.xyz *.dashboard.bitcoinger.xyz *.dev.bitcoinger.xyz *.m.bitcoinger.xyz *.mail.bitcoinger.xyz *.sitemap.bitcoinger.xyz *.superset.bitcoinger.xyz *.ww25.bitcoinger.xyz *.ww38.bitcoinger.xyz
cobralia.com *.cobralia.com *.nat.cobralia.com *.ww1.cobralia.com *.ww25.cobralia.com
dominium.group *.dominium.group *.ww25.dominium.group
dooltrack.com *.dooltrack.com *.ww25.dooltrack.com
*.5g.evergreensite.xyz evergreensite.xyz *.evergreensite.xyz *.ww25.evergreensite.xyz
extempify.org *.extempify.org *.ww25.extempify.org
*.autodiscover.fanoos.studio *.dns1.fanoos.studio fanoos.studio *.fanoos.studio *.smtp.fanoos.studio
habituary.co *.habituary.co *.ww25.habituary.co *.ww38.habituary.co
haciendoviajes.com *.haciendoviajes.com
*.admin.mrandmrsbaolondon.com *.email.mrandmrsbaolondon.com *.imap.mrandmrsbaolondon.com *.m.mrandmrsbaolondon.com mrandmrsbaolondon.com *.mrandmrsbaolondon.com *.random.mrandmrsbaolondon.com *.test.mrandmrsbaolondon.com *.wildcard.mrandmrsbaolondon.com *.ww1.mrandmrsbaolondon.com *.ww25.mrandmrsbaolondon.com
*.api.musicdownloads.zone *.app.musicdownloads.zone musicdownloads.zone *.musicdownloads.zone *.ww25.musicdownloads.zone *.www.musicdownloads.zone
oceanpark3.com *.oceanpark3.com *.ww25.oceanpark3.com
*.mx.psjhchoosewell.org psjhchoosewell.org *.psjhchoosewell.org *.random.psjhchoosewell.org *.ww25.psjhchoosewell.org
recent-locate.info *.recent-locate.info *.ww38.recent-locate.info
*.bi.thedatingdiary.blog *.random.thedatingdiary.blog thedatingdiary.blog *.thedatingdiary.blog *.ww25.thedatingdiary.blog
*.ww25.wwettans.co wwettans.co *.wwettans.co