1. [JA3 Fingerprint](https://scrapfly.io/web-scraping-tools/ja3-fingerprint)
2. [ Cipher Suites ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/cipher-suites "Browse all TLS Cipher Suites")
3. TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA
 
   [  Browse All Cipher Suites ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/cipher-suites) 

 # TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA

 TLS 1.0, TLS 1.1, TLS 1.2 | WEAK - Multiple Vulnerabilities Not Recommended

 

### Cipher Suite Details



Cipher Suite Name

`TLS_RSA_WITH_AES_128_CBC_SHA`

 

Hex Value

`0x002F`

 

Decimal Code

`47`

 

TLS Version

TLS 1.0, TLS 1.1, TLS 1.2

 

Security Level

WEAK - Multiple Vulnerabilities

 

Recommended

  No 

 

 

 

### What is TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA?



TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA is one of the oldest widely supported cipher suites, using static RSA key exchange, AES-128 in CBC mode, and SHA-1 for HMAC. This cipher suite suffers from multiple serious vulnerabilities: 1) No forward secrecy (static RSA), 2) CBC mode is vulnerable to padding oracle attacks (POODLE, Lucky 13, BEAST), 3) SHA-1 is cryptographically broken for collision resistance. This cipher suite is deprecated and should NEVER be used. It remains in browsers only for compatibility with ancient servers (pre-2008). PCI-DSS explicitly prohibits CBC cipher suites.



 

### Role in JA3 Fingerprinting



The **TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA** cipher suite is part of the TLS Client Hello that JA3 analyzes. Cipher suite order and selection are key indicators of browser type and version.

**JA3 Format:** `TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS`

Different browsers prioritize different cipher suites (Chrome prefers ChaCha20 on mobile, Firefox prioritizes AES-GCM, etc.), making cipher suite ordering a reliable fingerprint.

 

 

 

### Test Your Cipher Suites



 [  View Your JA3 Fingerprint ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) 

See which cipher suites your browser advertises, including TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA.

 

### Technical References



- [RFC 5246 - Cipher Suite Specification ](https://datatracker.ietf.org/doc/html/rfc5246)
- [ciphersuite.info - TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA ](https://ciphersuite.info/cs/TLS_RSA_WITH_AES_128_CBC_SHA/)
- [IANA TLS Cipher Suites Registry ](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4)