IM Observatory

IM Observatory client report for gmail.com

Test started 2021-06-30 22:50:05 UTC .

Show server to server result | Permalink to this report |

Score

xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

alt1.xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

alt2.xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

alt3.xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

alt4.xmpp.l.google.com:5222
Certificate score:
100
Key exchange score:
90
Protocol score:
95
Cipher score:
60
Grade:

B

Show all 5 SRV targets

General

xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt1.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt2.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt3.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

alt4.xmpp.l.google.com:5222
StartTLS
REQUIRED

SASL

Pre-TLS
X-GOOGLE-TOKEN
X-OAUTH2
Post-TLS
PLAIN
X-GOOGLE-TOKEN
X-OAUTH2

Show all 5 SRV targets

DNS

SRV records _xmpp-client._tcp.gmail.com NO DNSSEC

Priority Weight Port Server
5 0 5222 xmpp.l.google.com
20 0 5222 alt1.xmpp.l.google.com
20 0 5222 alt2.xmpp.l.google.com
20 0 5222 alt3.xmpp.l.google.com
20 0 5222 alt4.xmpp.l.google.com

TLSA records

_5222._tcp.xmpp.l.google.com NO DNSSEC

_5222._tcp.alt1.xmpp.l.google.com NO DNSSEC

_5222._tcp.alt2.xmpp.l.google.com NO DNSSEC

_5222._tcp.alt3.xmpp.l.google.com NO DNSSEC

_5222._tcp.alt4.xmpp.l.google.com NO DNSSEC

Show all 5 SRV targets

TLS

xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2021-05-31 02:59:43 UTC
Valid to
2021-08-23 02:59:42 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
Valid for gmail.com
YES
77:92:E9:19:59:81:5A:DE:4A:5D:95:3E:80:C0:CF:D2:27:E4:04:CF
Subject Alternative Names
DNSName
gmail.com Matches
DNSName
*.gmail.com

#1 GTS CA 1O1

Subject
commonName
GTS CA 1O1
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

GlobalSign

Subject
commonName
GlobalSign
organizationalUnitName
GlobalSign Root CA - R2
organizationName
GlobalSign
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-12-15 08:00:00 UTC
Valid to
2021-12-15 08:00:00 UTC
CRL
http://crl.globalsign.net/root-r2.crl
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

alt1.xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2021-05-31 02:59:43 UTC
Valid to
2021-08-23 02:59:42 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
77:92:E9:19:59:81:5A:DE:4A:5D:95:3E:80:C0:CF:D2:27:E4:04:CF
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com

#1 GTS CA 1O1

Subject
commonName
GTS CA 1O1
countryName
US
organizationName
Google Trust Services
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-06-15 00:00:42 UTC
Valid to
2021-12-15 00:00:42 UTC
CRL
http://crl.pki.goog/gsr2/gsr2.crl
OCSP
http://ocsp.pki.goog/gsr2
DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

GlobalSign

Subject
commonName
GlobalSign
organizationalUnitName
GlobalSign Root CA - R2
organizationName
GlobalSign
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-12-15 08:00:00 UTC
Valid to
2021-12-15 08:00:00 UTC
CRL
http://crl.globalsign.net/root-r2.crl
75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

alt2.xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2021-05-31 02:59:51 UTC
Valid to
2021-08-23 02:59:50 UTC
CRL
http://crls.pki.goog/gts1c3/fVJxbV-Ktmk.crl
OCSP
http://ocsp.pki.goog/gts1c3
C7:57:13:64:2E:EC:64:2C:F2:1C:45:27:36:0C:26:77:05:DD:41:2E
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com

#1 GTS CA 1C3

Subject
commonName
GTS CA 1C3
countryName
US
organizationName
Google Trust Services LLC
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-08-13 00:00:42 UTC
Valid to
2027-09-30 00:00:42 UTC
CRL
http://crl.pki.goog/gtsr1/gtsr1.crl
OCSP
http://ocsp.pki.goog/gtsr1
1E:7E:F6:47:CB:A1:50:28:1C:60:89:72:57:10:28:78:C4:BD:8C:DC

#2 GTS Root R1

Subject
commonName
GTS Root R1
countryName
US
organizationName
Google Trust Services LLC
Details
Signature algorithm
sha256WithRSAEncryption
Public key
4096 bit RSA
Valid from
2020-06-19 00:00:42 UTC
Valid to
2028-01-28 00:00:42 UTC
CRL
http://crl.pki.goog/gsr1/gsr1.crl
OCSP
http://ocsp.pki.goog/gsr1
08:74:54:87:E8:91:C1:9E:30:78:C1:F2:A0:7E:45:29:50:EF:36:F6

GlobalSign Root CA

Subject
commonName
GlobalSign Root CA
countryName
BE
organizationalUnitName
Root CA
organizationName
GlobalSign nv-sa
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
1998-09-01 12:00:00 UTC
Valid to
2028-01-28 12:00:00 UTC 
B1:BC:96:8B:D4:F4:9D:62:2A:A8:9A:81:F2:15:01:52:A4:1D:82:9C

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

alt3.xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2021-05-31 02:59:43 UTC
Valid to
2021-08-23 02:59:42 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
77:92:E9:19:59:81:5A:DE:4A:5D:95:3E:80:C0:CF:D2:27:E4:04:CF
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

alt4.xmpp.l.google.com:5222

Certificates

#0 gmail.com

Subject
commonName
gmail.com
countryName
US
localityName
Mountain View
organizationName
Google LLC
stateOrProvinceName
California
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2021-05-31 02:59:43 UTC
Valid to
2021-08-23 02:59:42 UTC
CRL
http://crl.pki.goog/GTS1O1core.crl
OCSP
http://ocsp.pki.goog/gts1o1core
77:92:E9:19:59:81:5A:DE:4A:5D:95:3E:80:C0:CF:D2:27:E4:04:CF
Subject Alternative Names
DNSName
gmail.com
DNSName
*.gmail.com

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
AES128-GCM-SHA256 (0x9c) 128 No -
AES256-GCM-SHA384 (0x9d) 256 No -
AES128-SHA (0x2f) 128 No -
AES256-SHA (0x35) 256 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

Show all 5 SRV targets

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=gmail.com&amp;type=client'><img src='https://xmpp.net/badge.php?domain=gmail.com' alt='xmpp.net score' /></a>

Some rights reserved.