SSL Report: www.cbs-bank.sy (185.216.132.122)
Assessed on:  Mon, 13 Oct 2025 09:44:49 UTC | Clear cache

Due to a recently discovered bug in Apple's code, your browser is exposed to MITM attacks. Click here for more information.

Summary
Overall Rating
B
0
20
40
60
80
100
Certificate
 
Protocol Support
 
Key Exchange
 
Cipher Strength
 

Visit our documentation page for more information, configuration guides, and books. Known issues are documented here.
This server supports TLS 1.0 and TLS 1.1. Grade capped to B. MORE INFO »
This server supports TLS 1.3.  MORE INFO »
HTTP Strict Transport Security (HSTS) with long duration deployed on this server.  MORE INFO »
Certificate #1: RSA 2048 bits (SHA256withRSA)
Server Key and Certificate #1
Subject *.cbs-bank.sy
Fingerprint SHA256: 8fc1fa68ae80456ecd1bf1e7dc7358e618b11ef7a6af4f6cceaf206dae524b1f
Pin SHA256: iED3gXMqsGQAu8E7bq43BzxipLkq/cdjGeLmUthdcZs=
Common names *.cbs-bank.sy
Alternative names cbs-bank.sy *.cbs-bank.sy
Serial Number 750ab4c1d6c261aac22ba1c31b67bc15
Valid from Wed, 26 Mar 2025 10:16:02 UTC
Valid until Thu, 26 Mar 2026 10:16:02 UTC (expires in 5 months and 12 days)
Key RSA 2048 bits (e 65537)
Weak key (Debian) No
Issuer Actalis Domain Validation Server CA G3
AIA: http://cacert.actalis.it/certs/actalis-autdvg3
Signature algorithm SHA256withRSA
Extended Validation No
Certificate Transparency Yes (certificate)
OCSP Must Staple No
Revocation information CRL, OCSP
CRL: http://crl06.actalis.it/Repository/AUTHDV-G3/getLastCRL
OCSP: http://ocsp06.actalis.it/VA/AUTHDV-G3
Revocation status Good (not revoked)
CRL ERROR: IOException occurred
DNS CAA No (more info)
Trusted Yes
Mozilla  Apple  Android  Java  Windows 


Additional Certificates (if supplied)
Certificates provided 2 (3814 bytes)
Chain issues None
#2
Subject Actalis Domain Validation Server CA G3
Fingerprint SHA256: 3450b6d38290c3ca5d7bb38b71495bbf72c6d0c44dba292245f9bca9843a9fff
Pin SHA256: hiyjWqnkYADYC0yxNwbD5MAi01UNWZQ5v2vsDd0s9Uo=
Valid until Sun, 22 Sep 2030 11:22:02 UTC (expires in 4 years and 11 months)
Key RSA 4096 bits (e 65537)
Issuer Actalis Authentication Root CA
Signature algorithm SHA256withRSA


Certification Paths
Path #1: Trusted
1 Sent by server *.cbs-bank.sy
Fingerprint SHA256: 8fc1fa68ae80456ecd1bf1e7dc7358e618b11ef7a6af4f6cceaf206dae524b1f
Pin SHA256: iED3gXMqsGQAu8E7bq43BzxipLkq/cdjGeLmUthdcZs=

RSA 2048 bits (e 65537) / SHA256withRSA
CRL ERROR: IOException occurred
2 Sent by server Actalis Domain Validation Server CA G3
Fingerprint SHA256: 3450b6d38290c3ca5d7bb38b71495bbf72c6d0c44dba292245f9bca9843a9fff
Pin SHA256: hiyjWqnkYADYC0yxNwbD5MAi01UNWZQ5v2vsDd0s9Uo=

RSA 4096 bits (e 65537) / SHA256withRSA
3 In trust store Actalis Authentication Root CA   Self-signed
Fingerprint SHA256: 55926084ec963a64b96e2abe01ce0ba86a64fbfebcc7aab5afc155b37fd76066
Pin SHA256: JdSRPPWHCXQU0p0m9sGxlCzW1k6vRdD8+BUmrbqW0yQ=

RSA 4096 bits (e 65537) / SHA256withRSA
Path #1: Trusted
1 Sent by server *.cbs-bank.sy
Fingerprint SHA256: 8fc1fa68ae80456ecd1bf1e7dc7358e618b11ef7a6af4f6cceaf206dae524b1f
Pin SHA256: iED3gXMqsGQAu8E7bq43BzxipLkq/cdjGeLmUthdcZs=

RSA 2048 bits (e 65537) / SHA256withRSA
CRL ERROR: IOException occurred
2 Sent by server Actalis Domain Validation Server CA G3
Fingerprint SHA256: 3450b6d38290c3ca5d7bb38b71495bbf72c6d0c44dba292245f9bca9843a9fff
Pin SHA256: hiyjWqnkYADYC0yxNwbD5MAi01UNWZQ5v2vsDd0s9Uo=

RSA 4096 bits (e 65537) / SHA256withRSA
3 In trust store Actalis Authentication Root CA   Self-signed
Fingerprint SHA256: 55926084ec963a64b96e2abe01ce0ba86a64fbfebcc7aab5afc155b37fd76066
Pin SHA256: JdSRPPWHCXQU0p0m9sGxlCzW1k6vRdD8+BUmrbqW0yQ=

RSA 4096 bits (e 65537) / SHA256withRSA
Path #1: Trusted
1 Sent by server *.cbs-bank.sy
Fingerprint SHA256: 8fc1fa68ae80456ecd1bf1e7dc7358e618b11ef7a6af4f6cceaf206dae524b1f
Pin SHA256: iED3gXMqsGQAu8E7bq43BzxipLkq/cdjGeLmUthdcZs=

RSA 2048 bits (e 65537) / SHA256withRSA
CRL ERROR: IOException occurred
2 Sent by server Actalis Domain Validation Server CA G3
Fingerprint SHA256: 3450b6d38290c3ca5d7bb38b71495bbf72c6d0c44dba292245f9bca9843a9fff
Pin SHA256: hiyjWqnkYADYC0yxNwbD5MAi01UNWZQ5v2vsDd0s9Uo=

RSA 4096 bits (e 65537) / SHA256withRSA
3 In trust store Actalis Authentication Root CA   Self-signed
Fingerprint SHA256: 55926084ec963a64b96e2abe01ce0ba86a64fbfebcc7aab5afc155b37fd76066
Pin SHA256: JdSRPPWHCXQU0p0m9sGxlCzW1k6vRdD8+BUmrbqW0yQ=

RSA 4096 bits (e 65537) / SHA256withRSA
Path #1: Trusted
1 Sent by server *.cbs-bank.sy
Fingerprint SHA256: 8fc1fa68ae80456ecd1bf1e7dc7358e618b11ef7a6af4f6cceaf206dae524b1f
Pin SHA256: iED3gXMqsGQAu8E7bq43BzxipLkq/cdjGeLmUthdcZs=

RSA 2048 bits (e 65537) / SHA256withRSA
CRL ERROR: IOException occurred
2 Sent by server Actalis Domain Validation Server CA G3
Fingerprint SHA256: 3450b6d38290c3ca5d7bb38b71495bbf72c6d0c44dba292245f9bca9843a9fff
Pin SHA256: hiyjWqnkYADYC0yxNwbD5MAi01UNWZQ5v2vsDd0s9Uo=

RSA 4096 bits (e 65537) / SHA256withRSA
3 In trust store Actalis Authentication Root CA   Self-signed
Fingerprint SHA256: 55926084ec963a64b96e2abe01ce0ba86a64fbfebcc7aab5afc155b37fd76066
Pin SHA256: JdSRPPWHCXQU0p0m9sGxlCzW1k6vRdD8+BUmrbqW0yQ=

RSA 4096 bits (e 65537) / SHA256withRSA
Path #1: Trusted
1 Sent by server *.cbs-bank.sy
Fingerprint SHA256: 8fc1fa68ae80456ecd1bf1e7dc7358e618b11ef7a6af4f6cceaf206dae524b1f
Pin SHA256: iED3gXMqsGQAu8E7bq43BzxipLkq/cdjGeLmUthdcZs=

RSA 2048 bits (e 65537) / SHA256withRSA
CRL ERROR: IOException occurred
2 Sent by server Actalis Domain Validation Server CA G3
Fingerprint SHA256: 3450b6d38290c3ca5d7bb38b71495bbf72c6d0c44dba292245f9bca9843a9fff
Pin SHA256: hiyjWqnkYADYC0yxNwbD5MAi01UNWZQ5v2vsDd0s9Uo=

RSA 4096 bits (e 65537) / SHA256withRSA
3 In trust store Actalis Authentication Root CA   Self-signed
Fingerprint SHA256: 55926084ec963a64b96e2abe01ce0ba86a64fbfebcc7aab5afc155b37fd76066
Pin SHA256: JdSRPPWHCXQU0p0m9sGxlCzW1k6vRdD8+BUmrbqW0yQ=

RSA 4096 bits (e 65537) / SHA256withRSA

Click here to expand

Configuration
Protocols
TLS 1.3 Yes
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3 No
SSL 2 No


Cipher Suites
# TLS 1.3 (suites in server-preferred order)
TLS_AES_256_GCM_SHA384 (0x1302)   ECDH x25519 (eq. 3072 bits RSA)   FS 256
TLS_CHACHA20_POLY1305_SHA256 (0x1303)   ECDH x25519 (eq. 3072 bits RSA)   FS 256
TLS_AES_128_GCM_SHA256 (0x1301)   ECDH x25519 (eq. 3072 bits RSA)   FS 128
TLS_AES_128_CCM_SHA256 (0x1304)   ECDH x25519 (eq. 3072 bits RSA)   FS 128
# TLS 1.2 (suites in server-preferred order)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH x25519 (eq. 3072 bits RSA)   FS 256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)   ECDH x25519 (eq. 3072 bits RSA)   FS 256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH x25519 (eq. 3072 bits RSA)   FS 128
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK 128
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)   WEAK 256
TLS_RSA_WITH_AES_256_CCM (0xc09d)   WEAK 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)   WEAK 128
TLS_RSA_WITH_AES_128_CCM (0xc09c)   WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)   WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)   WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)   WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)   WEAK 128
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f)   DH 2048 bits   FS 256
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xccaa)   DH 2048 bits   FS 256
TLS_DHE_RSA_WITH_AES_256_CCM (0xc09f)   DH 2048 bits   FS 256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e)   DH 2048 bits   FS 128
TLS_DHE_RSA_WITH_AES_128_CCM (0xc09e)   DH 2048 bits   FS 128
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b)   DH 2048 bits   FS   WEAK 256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67)   DH 2048 bits   FS   WEAK 128
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   DH 2048 bits   FS   WEAK 256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)   DH 2048 bits   FS   WEAK 128
# TLS 1.1 (suites in server-preferred order)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)   WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)   WEAK 128
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   DH 2048 bits   FS   WEAK 256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)   DH 2048 bits   FS   WEAK 128
# TLS 1.0 (suites in server-preferred order)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)   ECDH x25519 (eq. 3072 bits RSA)   FS   WEAK 128
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)   WEAK 256
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)   WEAK 128
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   DH 2048 bits   FS   WEAK 256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)   DH 2048 bits   FS   WEAK 128


Handshake Simulation
Android 2.3.7   No SNI 2 RSA 2048 (SHA256)   TLS 1.0 TLS_RSA_WITH_AES_128_CBC_SHA  No FS
Android 4.0.4 RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
Android 4.1.1 RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
Android 4.2.2 RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
Android 4.3 RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
Android 4.4.2 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Android 5.0.0 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS
Android 6.0 RSA 2048 (SHA256)   TLS 1.2 > http/1.1   TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS
Android 7.0 RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
Android 8.0 RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
Android 8.1 -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH x25519  FS
Android 9.0 -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH x25519  FS
Baidu Jan 2015 RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
BingPreview Jan 2015 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Chrome 49 / XP SP3 RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   ECDH secp256r1  FS
Chrome 69 / Win 7  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
Chrome 70 / Win 10 -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH x25519  FS
Chrome 80 / Win 10  R -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH x25519  FS
Firefox 31.3.0 ESR / Win 7 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   ECDH secp256r1  FS
Firefox 47 / Win 7  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256   ECDH secp256r1  FS
Firefox 49 / XP SP3 RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Firefox 62 / Win 7  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
Firefox 73 / Win 10  R -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH x25519  FS
Googlebot Feb 2018 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
IE 7 / Vista RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
IE 8 / XP   No FS 1   No SNI 2 Server sent fatal alert: handshake_failure
IE 8-10 / Win 7  R RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
IE 11 / Win 7  R RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
IE 11 / Win 8.1  R RSA 2048 (SHA256)   TLS 1.2 > http/1.1   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
IE 10 / Win Phone 8.0 RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
IE 11 / Win Phone 8.1  R RSA 2048 (SHA256)   TLS 1.2 > http/1.1   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
IE 11 / Win Phone 8.1 Update  R RSA 2048 (SHA256)   TLS 1.2 > http/1.1   TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
IE 11 / Win 10  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Edge 15 / Win 10  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
Edge 16 / Win 10  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
Edge 18 / Win 10  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
Edge 13 / Win Phone 10  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Java 6u45   No SNI 2 RSA 2048 (SHA256)   TLS 1.0 TLS_RSA_WITH_AES_128_CBC_SHA  No FS
Java 7u25 RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA   ECDH secp256r1  FS
Java 8u161 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Java 11.0.3 -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH secp256r1  FS
Java 12.0.1 -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH secp256r1  FS
OpenSSL 0.9.8y RSA 2048 (SHA256)   TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA  No FS
OpenSSL 1.0.1l  R RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
OpenSSL 1.0.2s  R RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
OpenSSL 1.1.0k  R RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH x25519  FS
OpenSSL 1.1.1c  R -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH x25519  FS
Safari 5.1.9 / OS X 10.6.8 RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
Safari 6 / iOS 6.0.1 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
Safari 6.0.4 / OS X 10.8.4  R RSA 2048 (SHA256)   TLS 1.0 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA   ECDH secp256r1  FS
Safari 7 / iOS 7.1  R RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
Safari 7 / OS X 10.9  R RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
Safari 8 / iOS 8.4  R RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
Safari 8 / OS X 10.10  R RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   ECDH secp256r1  FS
Safari 9 / iOS 9  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 9 / OS X 10.11  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 10 / iOS 10  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 10 / OS X 10.12  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Safari 12.1.2 / MacOS 10.14.6 Beta  R -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH x25519  FS
Safari 12.1.1 / iOS 12.3.1  R -   TLS 1.3 TLS_AES_256_GCM_SHA384   ECDH x25519  FS
Apple ATS 9 / iOS 9  R RSA 2048 (SHA256)   TLS 1.2 > h2   TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
Yahoo Slurp Jan 2015 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
YandexBot Jan 2015 RSA 2048 (SHA256)   TLS 1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   ECDH secp256r1  FS
# Not simulated clients (Protocol mismatch)
IE 6 / XP   No FS 1   No SNI 2 Protocol mismatch (not simulated)

Click here to expand

(1) Clients that do not support Forward Secrecy (FS) are excluded when determining support for it.
(2) No support for virtual SSL hosting (SNI). Connects to the default site if the server uses SNI.
(3) Only first connection attempt simulated. Browsers sometimes retry with a lower protocol version.
(R) Denotes a reference browser or client, with which we expect better effective security.
(All) We use defaults, but some platforms do not use their best protocols and features (e.g., Java 6 & 7, older IE).
(All) Certificate trust is not checked in handshake simulation, we only perform TLS handshake.


Protocol Details
Secure Renegotiation Supported
Secure Client-Initiated Renegotiation No
Insecure Client-Initiated Renegotiation No
BEAST attack Not mitigated server-side (more info)   TLS 1.0: 0xc014
POODLE (SSLv3) No, SSL 3 not supported (more info)
POODLE (TLS) No (more info)
Zombie POODLE No (more info)   TLS 1.2 : 0xc027
GOLDENDOODLE No (more info)   TLS 1.2 : 0xc027
OpenSSL 0-Length No (more info)   TLS 1.2 : 0xc027
Sleeping POODLE No (more info)   TLS 1.2 : 0xc027
Downgrade attack prevention Yes, TLS_FALLBACK_SCSV supported (more info)
SSL/TLS compression No
RC4 No
Heartbeat (extension) No
Heartbleed (vulnerability) No (more info)
Ticketbleed (vulnerability) No (more info)
OpenSSL CCS vuln. (CVE-2014-0224) No (more info)
OpenSSL Padding Oracle vuln.
(CVE-2016-2107)
No (more info)
ROBOT (vulnerability) No (more info)
Forward Secrecy With modern browsers (more info)
ALPN Yes   h2 http/1.1
NPN No
Session resumption (caching) Yes
Session resumption (tickets) Yes
OCSP stapling No
Strict Transport Security (HSTS) Yes
max-age=15768000
HSTS Preloading Not in: Chrome  Edge  Firefox  IE 
Public Key Pinning (HPKP) No (more info)
Public Key Pinning Report-Only No
Public Key Pinning (Static) No (more info)
Long handshake intolerance No
TLS extension intolerance No
TLS version intolerance No
Incorrect SNI alerts No
Uses common DH primes No
DH public server param (Ys) reuse No
ECDH public server param reuse No
Supported Named Groups x25519, secp256r1, x448, secp521r1, secp384r1 (server preferred order)
SSL 2 handshake compatibility Yes
0-RTT enabled No


HTTP Requests
1 https://www.cbs-bank.sy/  (HTTP/1.1 200 OK)
1
Date Mon, 13 Oct 2025 09:31:31 GMT
Server Apache
X-Frame-Options SAMEORIGIN
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Powered-By PHP/7.3.20
Cache-Control max-age=21600, public
X-Drupal-Dynamic-Cache HIT
Link <https://www.cbs-bank.sy/en/home-en>; rel="alternate"; hreflang="en"
Link <https://www.cbs-bank.sy/ar/home-ar>; rel="alternate"; hreflang="ar"
Link <https://www.cbs-bank.sy/ar/home-ar>; rel="canonical"
Link <https://www.cbs-bank.sy/ar/node/35>; rel="shortlink"
X-UA-Compatible IE=edge
Content-language ar
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Drupal-Cache-Tags block_content:11 block_content:13 block_content:15 block_content:18 block_content:8 block_content_view block_view config:block.block.aboutcbs config:block.block.administration config:block.block.atslbna config:block.block.contactblock config:block.block.copyrightarabic config:block.block.footerlinksarabic config:block.block.footerlinksenglish config:block.block.gavias_amon_advrightheader config:block.block.gavias_amon_breadcrumbs config:block.block.gavias_amon_contactinfo config:block.block.gavias_amon_content config:block.block.gavias_amon_copyright config:block.block.gavias_amon_gaviasblockbuideraboutus config:block.block.gavias_amon_gaviasblockbuiderhome1 config:block.block.gavias_amon_gaviasblockbuiderhome2 config:block.block.gavias_amon_gaviasblockbuiderhome3 config:block.block.gavias_amon_gaviasblockbuiderourteam config:block.block.gavias_amon_gaviasblockbuiderpricing config:block.block.gavias_amon_gaviasblockbuiderservice config:block.block.gavias_amon_help config:block.block.gavias_amon_local_actions config:block.block.gavias_amon_local_tasks config:block.block.gavias_amon_mainnavigation config:block.block.gavias_amon_messages config:block.block.gavias_amon_searchform config:block.block.gavias_amon_sitebranding config:block.block.gavias_amon_sociallinksfooter config:block.block.gavias_amon_views_block__banner_block_1 config:block.block.gavias_amon_views_block__banner_block_2 config:block.block.gavias_amon_views_block__post_other_block_2 config:block.block.gavias_amon_views_block__post_other_block_5 config:block.block.gavias_amon_views_block__post_other_block_7 config:block.block.gavias_amon_views_block__post_other_block_9 config:block.block.gaviasblockbuiderannualreportar config:block.block.gaviasblockbuiderannualreporten config:block.block.gaviasblockbuiderarabichome config:block.block.gaviasblockbuideratmsandbranchesmenublock config:block.block.gaviasblockbuiderbankoverviewarabic config:block.block.gaviasblockbuiderbankoverviewenglish config:block.block.gaviasblockbuiderboardofdirectorsarabic config:block.block.gaviasblockbuiderboardofdirectorsenglish config:block.block.gaviasblockbuiderbranchesatmstabspagear config:block.block.gaviasblockbuiderbranchesatmstabspageen config:block.block.gaviasblockbuidercalenderarabic config:block.block.gaviasblockbuidercalenderenglish config:block.block.gaviasblockbuidercloneatmsandbranchesmenublockenglish config:block.block.gaviasblockbuidercommissionsar config:block.block.gaviasblockbuidercommissionsen config:block.block.gaviasblockbuidercontactus config:block.block.gaviasblockbuiderfacilitation_page_arabic config:block.block.gaviasblockbuiderfacilitation_page_english config:block.block.gaviasblockbuiderfaqarabic config:block.block.gaviasblockbuiderfaqenglish config:block.block.gaviasblockbuiderinterestarabicpage config:block.block.gaviasblockbuiderinterestenglishpage config:block.block.gaviasblockbuideroldquestionnaires config:block.block.gaviasblockbuideroldquestionnairesenglish config:block.block.gaviasblockbuiderquestionnaire1 config:block.block.gaviasblockbuiderquestionnaire1english config:block.block.gaviasblockbuiderquestionnaire2 config:block.block.gaviasblockbuiderquestionnaire2english config:block.block.gaviasblockbuiderquestionnaire3 config:block.block.gaviasblockbuiderquestionnaire3english config:block.block.gaviasblockbuiderservices_page_arabic config:block.block.gaviasblockbuiderservices_page_english config:block.block.gaviassliderlayeriarabicsliderlayermain config:block.block.gaviassliderlayersliderlayermain config:block.block.languageswitcher config:block.block.mainnavigationarabic config:block.block.mlwmatalatsal config:block.block.nalmsrf config:block.block.primaryadminactions config:block.block.quicktabs_branches_atms_tabs_ar config:block.block.quicktabs_branches_atms_tabs_en config:block.block.quicktabsinterestar config:block.block.quicktabsinteresten config:block.block.searchform_2 config:block.block.searchform_3 config:block.block.sitemaparabic config:block.block.sitemapenglish config:block.block.sociallinksfooterarabic config:block.block.topbar config:block.block.views_block__about_pages_carousel_block_1 config:block.block.views_block__about_pages_footer_block_1 config:block.block.views_block__ads_carousel_block_1 config:block.block.views_block__annual_report_view_block_1 config:block.block.views_block__atms_tab_atm_block config:block.block.views_block__branches_atms_tabs_branch_block config:block.block.views_block__calender_block_1 config:block.block.views_block__commissions_view_block_1 config:block.block.views_block__contact_map_block_1 config:block.block.views_block__contact_us_map_block_1 config:block.block.views_block__facilitation_page_block_1 config:block.block.views_block__facilitation_page_block_facility_front_page config:block.block.views_block__facility_sidebar_block_1 config:block.block.views_block__facility_sidebar_block_2 config:block.block.views_block__faq_page_block_1 config:block.block.views_block__geolocation_citymap__block_1 config:block.block.views_block__news_list_block_1 config:block.block.views_block__news_list_block_2 config:block.block.views_block__old_questionnaires_block_1 config:block.block.views_block__polls_sidebar_block_1 config:block.block.views_block__post_other_block_1 config:block.block.views_block__prices_marquee_block_1 config:block.block.views_block__questionnaires_sidebar_block_1 config:block.block.views_block__service_list_footer_block_1 config:block.block.views_block__services_block_1 config:block.block.views_block__services_block_front_page config:block.block.views_block__services_sidebar_block_1 config:block.block.views_block__services_sidebar_block_2 config:block.block.views_block__services_types_block_1 config:block.block.views_block__services_types_block_2 config:block.block.views_block__services_types_block_2_2 config:block.block.views_block__services_types_block_3 config:block.block.views_block__services_types_block_3_2 config:block.block.views_block__services_types_block_4 config:block_list config:color.theme.gavias_amon config:field.storage.node.body config:field.storage.node.field_ads_image config:field.storage.node.field_buy config:field.storage.node.field_facility_cover_image config:field.storage.node.field_geolocation_demo_single config:field.storage.node.field_icon config:field.storage.node.field_leaflet_location config:field.storage.node.field_page_cover config:field.storage.node.field_page_description config:field.storage.node.field_price_change config:field.storage.node.field_sale config:field.storage.node.field_service_icon config:field.storage.node.field_service_icon_hover config:filter.format.basic_html config:filter.format.full_html config:filter.format.restricted_html config:image.style.eve config:image.style.geolocation_demo_marker_icon_size config:image.style.normal_size config:image.style.thumbnail config:search.settings config:system.menu.main-navigation-arabic config:system.site config:user.role.anonymous config:views.view.about_pages_carousel config:views.view.about_pages_footer config:views.view.ads_carousel config:views.view.facilitation_page config:views.view.geolocation_citymap_ config:views.view.news_list config:views.view.prices_marquee config:views.view.services file:372 file:481 file:482 file:483 file:484 file:485 file:486 file:490 file:491 file:492 file:493 file:494 file:495 file:501 file:502 file:503 file:595 file:596 file:602 file:603 file:617 file:621 http_response local_task node:100 node:101 node:102 node:104 node:1044 node:1159 node:1212 node:1213 node:1304 node:1359 node:1366 node:1368 node:1369 node:1372 node:1373 node:1374 node:1375 node:1376 node:1377 node:245 node:246 node:247 node:248 node:249 node:252 node:253 node:254 node:255 node:256 node:257 node:266 node:300 node:302 node:325 node:326 node:329 node:330 node:331 node:332 node:35 node:389 node:390 node:391 node:392 node:393 node:394 node:395 node:396 node:398 node:399 node:400 node:401 node:402 node:403 node:404 node:405 node:406 node:407 node:408 node:409 node:410 node:411 node:412 node:413 node:414 node:415 node:416 node:417 node:418 node:419 node:420 node:421 node:422 node:423 node:424 node:425 node:426 node:427 node:428 node:429 node:430 node:431 node:432 node:433 node:434 node:435 node:436 node:437 node:438 node:439 node:441 node:442 node:443 node:444 node:445 node:446 node:447 node:448 node:449 node:450 node:451 node:452 node:454 node:455 node:457 node:458 node:459 node:460 node:461 node:462 node:463 node:661 node:690 node:708 node:709 node:710 node:711 node:712 node:713 node:714 node:716 node:717 node:718 node:720 node:721 node:722 node:732 node:796 node:81 node:89 node:92 node:95 node:96 node:97 node:98 node:99 node_list node_view rendered slick:slick-views-prices-marquee-block-1-1.0 slick:slick-views-prices-marquee-block-1-1.14 slick:slick-views-prices-marquee-block-1-1.21 user:0 user:1
X-Drupal-Cache-Contexts languages route theme timezone url.path url.query_args:_wrapper_format url.site user
Expires Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified Thu, 02 Oct 2025 06:03:34 GMT
ETag "1759385014"
Vary Cookie,Accept-Encoding,User-Agent
X-Generator Drupal 8 (https://www.drupal.org)
X-Drupal-Cache HIT
X-XSS-Protection 1; mode=block
Custom-Header-Name web01
Connection close
Transfer-Encoding chunked
Content-Type text/html; charset=UTF-8
Strict-Transport-Security max-age=15768000


Miscellaneous
Test date Mon, 13 Oct 2025 09:41:42 UTC
Test duration 186.806 seconds
HTTP status code 200
HTTP server signature Apache
Server hostname -


SSL Report v2.4.1