|Description||Gmail is email that's intuitive, efficient and useful. 15 GB of storage, less spam and mobile access.|
|Date first seen||January 2013|
|Netcraft Risk Rating||0/10|
|Netblock Owner||Google LLC|
|IP address||184.108.40.206 (VirusTotal)|
|Organisation||Google LLC, United States|
|Top Level Domain||Commercial entities (.com)|
|DNS Security Extensions||unknown|
|0.0.0.0-255.255.255.255||N/A||IANA-BLK||The whole IPv4 address space|
|↳ 220.127.116.11-18.104.22.168||United States||NET74||American Registry for Internet Numbers|
|↳ 22.214.171.124-126.96.36.199||United States||Google LLC|
|↳ 188.8.131.52||United States||Google LLC|
|::/0||N/A||ROOT||Root inet6num object|
|↳ 2a00::/11||European Union||EU-ZZ-2A00||RIPE NCC|
|↳ 2a00::/12||Netherlands||EU-ZZ-2A00||RIPE Network Coordination Centre|
|↳ 2a00:1450:4000::/37||Ireland||IE-GOOGLE-2a00-1450-4000-1||EU metro frontend|
|↳ 2a00:1450:400b:c01:0:0:0:11||Ireland||IE-GOOGLE-2a00-1450-4000-1||EU metro frontend|
|Organisational unit||Not Present|
|Subject Alternative Name||gmail.com, *.gmail.com|
|Validity period||From Jun 17 2020 to Sep 9 2020 (2 months, 3 weeks, 1 day)|
|Public key algorithm||id-ecPublicKey|
|Public key length||256|
|Perfect Forward Secrecy||Yes|
|Next Protocol Negotiation||grpc-exp,h2,http/1.1|
|Supported TLS Extensions||unknown, RFC5746 renegotiation info, RFC4492 EC point formats, RFC5077 session ticket, Next Protocol Negotiation|
|Issuing organisation||Google Trust Services|
|Issuer common name||GTS CA 1O1|
|Issuer unit||Not Present|
|Issuer location||Not Present|
|Issuer state||Not Present|
|Certificate Revocation Lists||
|Public Key Hash||73e75cfe147f4b3ce46752450ba2da43c824623632d71786b34254821c5bf2e4|
|OCSP stapling response||No response received|
Signed Certificate Timestamps (SCTs)
|Certificate||Let's Encrypt Oak 2020
|Certificate||Google Argon 2020
This site does not support the SSL version 3 protocol.
The site offered the Heartbeat TLS extension prior to the Heartbleed disclosure, but is using a new certificate and no longer offers Heartbeat.
This test does not exploit the Heartbleed vulnerability but uses information from conventional HTTPS requests. More information about Heartbleed detection.
SSL Certificate Chain
|Organisational unit||GlobalSign Root CA - R2|
|Validity period||From 2006-12-15 to 2021-12-15|
|Common name||GTS CA 1O1|
|Organisational unit||Not Present|
|Organisation||Google Trust Services|
|Validity period||From 2017-06-15 to 2021-12-15|
Sender Policy Framework
A host's Sender Policy Framework (SPF) describes who can send mail on its behalf. This is done by publishing an SPF record containing a series of rules. Each rule consists of a qualifier followed by a specification of which domains to apply this qualifier to. For more information please see open-spf.org.
Modifiers extend the functionality of SPF records. The most common one is the redirect which indicates another host contains the SPF record being searched for.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a mechanism for domain owners to indicate how mail purporting to originate from their domain should be authenticated. It builds on SPF and DKIM, providing a method to set policy and to give reporting of failures. For more information please see dmarc.org.
Raw DMARC record:
v=DMARC1; p=none; sp=quarantine; rua=mailto:firstname.lastname@example.org
|p=none||Requested handling policy||None: no specific action to be taken regarding delivery of messages.|
|sp=quarantine||Requested handling policy for subdomains||Quarantine: emails that fail the DMARC mechanism check should be treated by Mail Receivers as suspicious. Depending on the capabilities of the Mail Receiver, this can mean "place into spam folder", "scrutinize with additional intensity", and/or "flag as suspicious".|
|rua=mailto:email@example.com||Reporting URI(s) for aggregate firstname.lastname@example.org|
Site Technology (fetched 5 days ago)
Includes all the main technologies that Netcraft detects as running on the server such as PHP.
Client-Side Scripting Frameworks
Frameworks or libraries allow for easier development of applications by providing an Application Program Interface (API) or a methodology to follow whilst developing.
Web analytics is the measurement, collection, analysis and reporting of internet data for purposes of understanding and optimizing web usage.
A character encoding system consists of a code that pairs each character from a given repertoire with something else such as a bit pattern, sequence of natural numbers, octets, or electrical pulses in order to facilitate the transmission of data (generally numbers or text) through telecommunication networks or for data storage.
HTTP compression is a capability that can be built into web servers and web clients to make better use of available bandwidth, and provide greater transmission speeds between both.
Web Browser Targeting
Web browser targeting enables software applications to make use of specific functions of the browser as well as optimizing the application for specific browser versions.
Technology Description Popular sites using this technology X-Content-Type-Options Browser MIME type sniffing is disabled www.googleadservices.com, www.linkedin.com, www.amazon.com X-Frame-Options Deny Prevents the web page being embedded in a frame www.mozilla.org, www.t-online.de, www.virustotal.com Strict Transport Security Web security policy mechanism whereby a web server declares that complying user agents are to interact with it using only secure HTTP connections teams.microsoft.com, t.co, medium.com X-XSS-Protection Disabled Cross-site scripting protection is disabled www.googletagmanager.com, www.foxnews.com, discord.com X-Frame-Options Same Origin Do not allow this site to be rendered within an iframe accounts.google.com, disqus.com, vars.hotjar.com Strict-Transport-Security (including subdomains) No description www.imdb.com, login.microsoftonline.com, login.salesforce.com Content Security Policy Report Detect, mitigate and report attacks in the browser www.bol.com, www.pinterest.com, www.icloud.com X-XSS-Protection Block Block pages on which cross-site scripting is detected discordapp.com Content Security Policy Detect and mitigate attacks in the browser opus.analytics.yahoo.com, yandex.ru, dtm.advertising.com
A Document Type Declaration, or DOCTYPE, is an instruction that associates a particular SGML or XML document (for example, a webpage) with a Document Type Definition (DTD).
HTML5 is a markup language for structuring and presenting content for the World Wide Web and a core technology of the Internet. It is the fifth revision of the HTML standard.
Technology Description Popular sites using this technology Viewport meta tag HTML5 tag usually used for mobile optimization
Cascading Style Sheets (CSS) is a style sheet language used for describing the presentation semantics (the look and formatting) of a document written in a markup language (such as XHTML).