IM Observatory

IM Observatory client report for gmail.com

Test started 2020-07-10 14:12:48 UTC .

Show server to server result | Permalink to this report |

Score

xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

alt1.xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

alt2.xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

alt3.xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

alt4.xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

Show all 5 SRV targets

General

xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt1.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt2.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt3.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt4.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

Show all 5 SRV targets

DNS

SRV records _xmpp-client._tcp.gmail.com NO DNSSEC

Priority Weight Port Server
5 0 5222 xmpp.l.google.com
20 0 5222 alt1.xmpp.l.google.com
20 0 5222 alt2.xmpp.l.google.com
20 0 5222 alt3.xmpp.l.google.com
20 0 5222 alt4.xmpp.l.google.com

TLSA records

_5222._tcp.xmpp.l.google.com NO DNSSEC

_5222._tcp.alt1.xmpp.l.google.com NO DNSSEC

_5222._tcp.alt2.xmpp.l.google.com NO DNSSEC

_5222._tcp.alt3.xmpp.l.google.com NO DNSSEC

_5222._tcp.alt4.xmpp.l.google.com NO DNSSEC

Show all 5 SRV targets

TLS

xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-06-17 14:15:24 UTC
Valid to
2020-09-09 14:15:24 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
Valid for gmail.com
YES
7F:5E:BB:28:76:CB:57:FE:D9:CC:46:B5:41:F9:34:60:83:8E:99:B3
Subject Alternative Names
DNSName
gmail.com Matches
DNSName
*.gmail.com

#1 GTS CA 1O1

Subject
commonName
GTS CA 1O1
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

GlobalSign

Subject
commonName
GlobalSign
organizationalUnitName
GlobalSign Root CA - R2
organizationName
GlobalSign
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-12-15 08:00:00 UTC
Valid to
2021-12-15 08:00:00 UTC
CRL
http://crl.globalsign.net/root-r2.crl
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

alt1.xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-06-17 14:15:24 UTC
Valid to
2020-09-09 14:15:24 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
7F:5E:BB:28:76:CB:57:FE:D9:CC:46:B5:41:F9:34:60:83:8E:99:B3
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com

#1 GTS CA 1O1

Subject
commonName
GTS CA 1O1
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

GlobalSign

Subject
commonName
GlobalSign
organizationalUnitName
GlobalSign Root CA - R2
organizationName
GlobalSign
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-12-15 08:00:00 UTC
Valid to
2021-12-15 08:00:00 UTC
CRL
http://crl.globalsign.net/root-r2.crl
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

alt2.xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-06-17 14:15:24 UTC
Valid to
2020-09-09 14:15:24 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
7F:5E:BB:28:76:CB:57:FE:D9:CC:46:B5:41:F9:34:60:83:8E:99:B3
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com

#1 GTS CA 1O1

Subject
commonName
GTS CA 1O1
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

GlobalSign

Subject
commonName
GlobalSign
organizationalUnitName
GlobalSign Root CA - R2
organizationName
GlobalSign
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-12-15 08:00:00 UTC
Valid to
2021-12-15 08:00:00 UTC
CRL
http://crl.globalsign.net/root-r2.crl
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

alt3.xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-06-17 14:15:24 UTC
Valid to
2020-09-09 14:15:24 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
7F:5E:BB:28:76:CB:57:FE:D9:CC:46:B5:41:F9:34:60:83:8E:99:B3
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com

#1 GTS CA 1O1

Subject
commonName
GTS CA 1O1
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

alt4.xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-06-17 14:15:24 UTC
Valid to
2020-09-09 14:15:24 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
7F:5E:BB:28:76:CB:57:FE:D9:CC:46:B5:41:F9:34:60:83:8E:99:B3
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

Show all 5 SRV targets

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=gmail.com&amp;type=client'><img src='https://xmpp.net/badge.php?domain=gmail.com' alt='xmpp.net score' /></a>

Some rights reserved.