SSL Certificate Analysis for easy.gr - Security Grade & TLS Configuration

Open Cached · just now

85/100 SECURITY SCORE

Certificate Information

Subject

UNKNOWN={:asn1_OPENTYPE, <<19, 2, 71, 82>>}, UNKNOWN={:asn1_OPENTYPE, "\f\aAttikí"}, UNKNOWN={:asn1_OPENTYPE, <<19, 6, 65, 116, 104, 101, 110, 115>>}, UNKNOWN={:asn1_OPENTYPE, <<12, 20, 80, 114, 105, 118, 97, 116, 101, 32, 79, 114, 103, 97, 110, 105, 122, 97, 116, 105, 111, 110>>}, UNKNOWN=004284901000, C=GR, L=NEA IONIA, O=EUROPLANET O.E., CN=www.easy.gr

Issuer

C=NL, O=PerfectSSL, CN=PerfectSSL

Valid From

December 23, 2025

Valid Until

December 19, 2026 340 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B3:73:CE:84:0C:C1:48:16:E4:86:A4:60:D1:41:82:E9:23:A6:77:69:B7:98:25:82:09:1C:BB:99:45:2B:21:BF

Alternative Names

2 domains

Security Configuration

TLS Protocols

TLS 1.0 TLS 1.1 TLS 1.2

Forward Secrecy

Limited (Check cipher configuration)

Warnings

• TLS 1.3 is not supported (recommended)
• TLS 1.1 is deprecated and should be disabled
• TLS 1.0 is deprecated and should be disabled

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Basic

default-src; script-src; style-src; +4 more

default-src 'self' easy.gr *.easy.gr *.cookiebot.com *.tawk.to *.paypal.com googleads.g.doubleclick.net stats.g.doubleclick.net *.google.com *.youtube.com;script-src 'self' *.paypal.com *.paypalobjects.com *.braintreegateway.com easy.gr *.easy.gr *.youtube.com 'unsafe-inline' https://pagead2.googlesyndication.com 'unsafe-eval' *.googleusercontent.com *.gstatic.com tippedjs.com fancyapps.com ajax.googleapis.com fonts.googleapis.com *.googleapis.com *.gstatic.com tagmanager.google.com www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com googleadservices.com *.tawk.to cdn.jsdelivr.net *.facebook.com *.facebook.net *.cookiebot.com *.doubleclick.net *.google.com googleads.g.doubleclick.net stats.g.doubleclick.net *.googlesyndication.com *.google.com *.google.gr *.youtube.com *.unpkg.com ;style-src 'self' easy.gr *.easy.gr 'unsafe-inline' ajax.googleapis.com fonts.googleapis.com *.googleapis.com *.gstatic.com tagmanager.google.com www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com googleadservices.com *.tawk.to fonts.googleapis.com cdn.jsdelivr.net *.facebook.com *.facebook.net *.cookiebot.com *.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net;img-src 'self' blob: data: easy.gr *.easy.gr 'unsafe-inline' https://quickchart.io ajax.googleapis.com fonts.googleapis.com *.googleapis.com *.gstatic.com tagmanager.google.com www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com googleadservices.com *.tawk.to cdn.jsdelivr.net tawk.link s3.amazonaws.com *.facebook.com *.facebook.net *.cookiebot.com *.doubleclick.net *.google.com cdn.jsdelivr.net *.google.gr *.google.nl *.paypalobjects.com *.paypal.com googleads.g.doubleclick.net stats.g.doubleclick.net *.googlesyndication.com ;font-src 'self' easy.gr *.easy.gr 'unsafe-inline' ajax.googleapis.com fonts.googleapis.com *.googleapis.com *.gstatic.com tagmanager.google.com www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com googleadservices.com *.tawk.to fonts.gstatic.com *.facebook.com *.facebook.net *.cookiebot.com *.paypalobjects.com stats.g.doubleclick.net ;connect-src 'self' easy.gr *.easy.gr 'unsafe-inline' *.tawk.to wss://*.tawk.to *.lottiefiles.com fonts.googleapis.com *.googleapis.com *.gstatic.com tagmanager.google.com www.googletagmanager.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com googleadservices.com *.tawk.to *.facebook.com *.facebook.net *.cookiebot.com *.doubleclick.net *.google.com *.paypal.com googleads.g.doubleclick.net stats.g.doubleclick.net google.com *.youtube.com *.googlesyndication.com ; frame-src 'self' easy.gr *.easy.gr 'unsafe-inline' *.paypal.com *.paypalobjects.com *.googletagmanager.com *.doubleclick.net *.cookiebot.com *.tawk.to ;

X-Frame-Options

Good

sameorigin

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

geolocation=self

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Improve CSP by adding more specific directives and removing 'unsafe-inline'

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

2 domains

easy.gr www.easy.gr