← Back to Assessments

1e.com

TLS Security Assessment Details

Compare Scans Download PDF
85
STRONG

[ cyphers ] score

TLS Validated by [ cyphers ] scout
CYP-C5D32D
FEB 2026

Harden your TLS Now

This endpoint has 2 findings that can be resolved (+15 pts). Choose how you want to proceed.

This is my server Get a free TLS certificate, generate a hardened server config, and verify your score improvement. Launch Remediation Wizard
I'm connecting to it Use a Cyphers proxy or SDK integration to connect safely with enforced TLS best practices on your side. View Safe Connection Tools

Connect Safely via Cyphers Proxy

[cyphers] Endpoint Tools allow you to connect safely to a server even though it will allow for insecure connections. Your connection will be secure regardless of the server's security posture.

N8N Cyphers Node
Drop-in workflow node. Routes HTTP requests through Cyphers proxy with enforced TLS 1.2+ and certificate pinning.
Install Node
Claude Proxy MCP
MCP server for Claude Code / Claude Desktop. Proxies all tool-initiated HTTP calls through a TLS-validated tunnel.
Configure MCP
OpenAI SDK Toolkit
Python / TypeScript wrapper. Patches the OpenAI SDK transport layer to enforce strict TLS validation on every API call.
View SDK Docs

These proxies don't modify the remote server — they enforce TLS best practices on your side of the connection. Traffic is routed through the Cyphers proxy network which negotiates the strongest available cipher suite and rejects connections that fall below your configured threshold.

Certificate

Subject 1e.com
Issuer E7
Valid From 26/01/2026
Valid Until 26/04/2026
Days Remaining 73
Key ECDSA 256-bit
OCSP Stapling No
SCT Yes

Compliance Status

PCI-DSS 4.2.1
1 failure(s)
NDcPP FCS_TLS_EXT.1
Passed
HIPAA
Passed

Supported Cipher Suites

20 ciphers across 2 protocols — 5 insecure
TLS1.3 3 ciphers
TLS_AES_128_GCM_SHA256 STRONG
TLS_AES_256_GCM_SHA384 STRONG
TLS_CHACHA20_POLY1305_SHA256 STRONG
TLS1.2 17 ciphers 5 insecure
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ACCEPTABLE
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ACCEPTABLE
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA ACCEPTABLE
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 ACCEPTABLE
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ACCEPTABLE
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ACCEPTABLE
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ACCEPTABLE
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 ACCEPTABLE
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ACCEPTABLE
TLS_RSA_WITH_AES_128_GCM_SHA256 INSECURE
TLS_RSA_WITH_AES_128_CBC_SHA INSECURE
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ACCEPTABLE
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ACCEPTABLE
TLS_RSA_WITH_AES_256_GCM_SHA384 INSECURE
TLS_RSA_WITH_AES_256_CBC_SHA INSECURE
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ACCEPTABLE
TLS_RSA_WITH_AES_128_CBC_SHA256 INSECURE

Protocols

2 of 4 supported
TLS 1.0 Disabled
TLS 1.1 Disabled
TLS 1.2 Enabled OK
TLS 1.3 Enabled GOOD

Findings

0 Critical
0 Major
1 Minor
3 Info
Headers
HSTS MINOR
-10 pts
HTTP Strict Transport Security (HSTS) header is not set
PCI-DSS 2.2.7
Observed: Strict-Transport-Security header missing
Expected: HSTS header with max-age >= 31536000
Remediation: Add HSTS header. For nginx: add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
References: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
WHY THIS MATTERS
First-time visitors can be intercepted via man-in-the-middle attacks. Critical for authentication endpoints where credentials are transmitted.
Loading fix...
Protocol
TLS 1.3 Support INFO
TLS 1.3 is supported
Certificate
Certificate Validity INFO
Certificate is valid for 73 more days
! OCSP Stapling INFO
-5 pts
OCSP stapling is not enabled
Observed: No OCSP response in TLS handshake
Expected: OCSP stapling enabled for faster revocation checks
Remediation: Enable OCSP stapling. For nginx: ssl_stapling on; ssl_stapling_verify on;
References: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling
WHY THIS MATTERS
Performance optimization that reduces latency for certificate revocation checks. Not a security vulnerability, but improves user experience.
Loading fix...
Risk Summary

This endpoint has 2 findings that affect connection security. When connecting to 1e.com, these risks apply to your client:

  • OCSP Stapling (-5 pts)
  • HSTS (-10 pts)
Recommended Profile

Based on the current score (85), we recommend the Strong hardening profile for your client-side tools:

Strong
Balanced security and compatibility
TLS 1.2+ • Intermediate ciphers • Soft-fail revocation
Get Config View Tools

Score History

Scan History

Scan ID Score Tier Findings Time
sc_4d5be33c8611 85/100 Strong [] 0 2/12/2026, 1:44:03 AM
sc_6641442d9b47 85/100 Strong [] 0 2/12/2026, 1:35:51 AM