SSL Certificate Analysis for api.teapon.lat - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=xmedia.click

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 19, 2026

Valid Until

August 17, 2026 59 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2D:40:D4:A1:C7:26:51:01:45:01:D2:58:14:1E:E8:12:A9:F2:C9:A9:0A:71:BF:21:DE:28:6C:A9:07:D8:FE:4D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

teapon.lat *.teapon.lat *.backup.teapon.lat *.dev.teapon.lat *.hufdzv2.teapon.lat *.mail.teapon.lat *.mailer.teapon.lat *.qa.teapon.lat *.rdrblv1.teapon.lat *.uat.teapon.lat *.v1.teapon.lat

Other domains in certificate

dacniknewsio.click *.dacniknewsio.click *.qa.dacniknewsio.click

*.1.eztongshop.cn *.162.eztongshop.cn *.48.eztongshop.cn *.acc.eztongshop.cn *.adam.eztongshop.cn *.aem.eztongshop.cn *.ah.eztongshop.cn *.ahgzaappfile.eztongshop.cn *.avatar.eztongshop.cn *.blade.eztongshop.cn *.bp.eztongshop.cn *.ctjhpic.eztongshop.cn *.drljvackej.eztongshop.cn eztongshop.cn *.eztongshop.cn *.fe99c98c.eztongshop.cn *.ffffffffffff.eztongshop.cn *.hostmaster.eztongshop.cn *.kqkfistatic.eztongshop.cn *.ppwvadmin.eztongshop.cn *.qr.eztongshop.cn *.zwhlubgm.eztongshop.cn

*.access.meheritage.com *.anyconnect.meheritage.com *.apps.meheritage.com meheritage.com *.meheritage.com *.ww38.meheritage.com

*.agh.redtube.buzz *.aging.redtube.buzz *.analytic.redtube.buzz *.analytics.redtube.buzz *.app.redtube.buzz *.aptoumkj.redtube.buzz *.auth.redtube.buzz *.bembed.redtube.buzz *.bi.redtube.buzz *.comwww.redtube.buzz *.dash.redtube.buzz *.data-integration.redtube.buzz *.dbb56.redtube.buzz *.de.redtube.buzz *.dev.redtube.buzz *.doh1.redtube.buzz *.embed.redtube.buzz *.en.redtube.buzz *.event.redtube.buzz *.explorer.redtube.buzz *.fr.redtube.buzz *.htmlwww.redtube.buzz *.itqybns.redtube.buzz *.jp.redtube.buzz *.pl.redtube.buzz *.press.redtube.buzz *.preview.redtube.buzz *.prod.redtube.buzz *.production.redtube.buzz *.pt-br.redtube.buzz *.qa-insight.redtube.buzz *.qdodrtdiejs.redtube.buzz redtube.buzz *.redtube.buzz *.report.redtube.buzz *.ru.redtube.buzz *.site.redtube.buzz *.sso.redtube.buzz *.stats.redtube.buzz *.superset.redtube.buzz *.uat.redtube.buzz *.ww12.redtube.buzz *.yjmihru.redtube.buzz *.yrmbtollsgzzzz.redtube.buzz *.zzzz.redtube.buzz

*.ww38.xmedia.click xmedia.click *.xmedia.click