IM Observatory client report for gmail.com

Test started 2018-06-17 00:33:16 UTC .

Show server to server result | Permalink to this report | Retest

xmpp.l.google.com:5222
alt1.xmpp.l.google.com:5222
alt2.xmpp.l.google.com:5222
alt3.xmpp.l.google.com:5222

Show all 4 SRV targets

xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt1.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt2.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt3.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

Show all 4 SRV targets

SRV records _xmpp-client._tcp.gmail.com NO DNSSEC

Priority Weight Port Server
5 0 5222 xmpp.l.google.com
20 0 5222 alt1.xmpp.l.google.com
20 0 5222 alt2.xmpp.l.google.com
20 0 5222 alt3.xmpp.l.google.com

TLSA records

Show all 4 SRV targets

Certificates

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-05-23 10:10:52 UTC
Valid to
2018-08-15 09:09:00 UTC
CRL
http://crl.pki.goog/GTSGIAG3.crl
OCSP
http://ocsp.pki.goog/GTSGIAG3
Valid for gmail.com
YES
72:AE:0D:ED:FF:7C:76:76:69:BC:D9:AC:4F:B6:1C:F7:29:C9:10:AD
Subject Alternative Names
DNSName
gmail.com Matches
DNSName
*.gmail.com
Subject
commonName
Google Internet Authority G3
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18
Subject
commonName
GlobalSign
organizationalUnitName
GlobalSign Root CA - R2
organizationName
GlobalSign
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-12-15 08:00:00 UTC
Valid to
2021-12-15 08:00:00 UTC
CRL
http://crl.globalsign.net/root-r2.crl
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

Certificates

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-05-23 10:10:52 UTC
Valid to
2018-08-15 09:09:00 UTC
CRL
http://crl.pki.goog/GTSGIAG3.crl
OCSP
http://ocsp.pki.goog/GTSGIAG3
72:AE:0D:ED:FF:7C:76:76:69:BC:D9:AC:4F:B6:1C:F7:29:C9:10:AD
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com
Subject
commonName
Google Internet Authority G3
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18
Subject
commonName
GlobalSign
organizationalUnitName
GlobalSign Root CA - R2
organizationName
GlobalSign
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-12-15 08:00:00 UTC
Valid to
2021-12-15 08:00:00 UTC
CRL
http://crl.globalsign.net/root-r2.crl
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

Certificates

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-05-23 10:10:52 UTC
Valid to
2018-08-15 09:09:00 UTC
CRL
http://crl.pki.goog/GTSGIAG3.crl
OCSP
http://ocsp.pki.goog/GTSGIAG3
72:AE:0D:ED:FF:7C:76:76:69:BC:D9:AC:4F:B6:1C:F7:29:C9:10:AD
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com
Subject
commonName
Google Internet Authority G3
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18
Subject
commonName
GlobalSign
organizationalUnitName
GlobalSign Root CA - R2
organizationName
GlobalSign
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-12-15 08:00:00 UTC
Valid to
2021-12-15 08:00:00 UTC
CRL
http://crl.globalsign.net/root-r2.crl
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

Certificates

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-05-23 10:10:52 UTC
Valid to
2018-08-15 09:09:00 UTC
CRL
http://crl.pki.goog/GTSGIAG3.crl
OCSP
http://ocsp.pki.goog/GTSGIAG3
72:AE:0D:ED:FF:7C:76:76:69:BC:D9:AC:4F:B6:1C:F7:29:C9:10:AD
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com
Subject
commonName
Google Internet Authority G3
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

Show all 4 SRV targets

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=gmail.com&amp;type=client'><img src='https://xmpp.net/badge.php?domain=gmail.com' alt='xmpp.net score' /></a>