This site can't be accessed using a TLS protocol newer than TLSv1.0. TLSv1.0 is considered insecure. Sites which don't support TLSv1.2 or newer are expected to become inaccessible in modern browsers during March 2020.
|Site title||California Tax Service Center|
|Description||Partnership of tax agencies including Board of Equalization, California Department of Tax and Fee Administration, Employment Development Department, Franchise Tax Board, and Internal Revenue Service|
|Date first seen||November 2001|
|Netcraft Risk Rating||0/10|
|Netblock Owner||California Technology Agency|
|IP address||184.108.40.206 (VirusTotal)|
|IPv6 address||Not Present|
|Top Level Domain||Govermental entities (.gov)|
|DNS Security Extensions||unknown|
|0.0.0.0-255.255.255.255||N/A||IANA-BLK||The whole IPv4 address space|
|↳ 220.127.116.11-18.104.22.168||United States||NET134||Various Registries (Maintained by ARIN)|
|↳ 22.214.171.124-126.96.36.199||United States||134-186-0-0||California Technology Agency|
|↳ 188.8.131.52||United States||134-186-0-0||California Technology Agency|
Last Reboot (0 days ago)
Note: Uptime - the time since last reboot is explained in the FAQ
|Plotted Value||No. samples||Max||Latest|
|Windows Server 2008||84||84.84||0.83|
|90-day Moving average||137||57.73||20.62|
|Organisation||State of California|
|Organisational unit||Employment Development Department|
|Subject Alternative Name||taxes.ca.gov, www.taxes.ca.gov|
|Validity period||From Jun 25 2020 to Jun 18 2022 (23 months, 3 weeks, 2 days)|
|Public key algorithm||rsaEncryption|
|Public key length||2048|
|Perfect Forward Secrecy||No|
|Next Protocol Negotiation||Not Present|
|Supported TLS Extensions||RFC4366 status request, unknown, RFC5746 renegotiation info|
|Issuing organisation||Sectigo Limited|
|Issuer common name||Sectigo RSA Organization Validation Secure Server CA|
|Issuer unit||Not Present|
|Issuer state||Greater Manchester|
|Certificate Revocation Lists||
|Public Key Hash||0d730d45d37227dd7c2b694de1a5b6534ed02c5358c446311c1b0a0b24597b6f|
|OCSP servers||http://ocsp.sectigo.com - 99.70% uptime in the past 24 hours
|OCSP stapling response||Certificate valid|
|OCSP data generated||Jul 1 07:29:00 2020 GMT|
|OCSP data expires||Jul 8 07:29:00 2020 GMT|
Signed Certificate Timestamps (SCTs)
|Certificate||Google Xenon 2022
|Certificate||Let's Encrypt Oak 2022
This site does not support the SSL version 3 protocol.
The site did not offer the Heartbeat TLS extension prior to the Heartbleed disclosure, and so was not exploitable.
This test does not exploit the Heartbleed vulnerability but uses information from conventional HTTPS requests. More information about Heartbleed detection.
SSL Certificate Chain
|Common name||USERTrust RSA Certification Authority|
|Organisational unit||Not Present|
|Organisation||The USERTRUST Network|
|Validity period||From 2010-02-01 to 2038-01-18|
|Common name||Sectigo RSA Organization Validation Secure Server CA|
|Organisational unit||Not Present|
|Validity period||From 2018-11-02 to 2030-12-31|
|Netblock owner||IP address||OS||Web server||Last seen|
|California Technology Agency P.O. Box 1810 Rancho Cordova CA US 95741-1810||184.108.40.206||Windows Server 2008||Microsoft-IIS/7.0||28-Jun-2020|
Sender Policy Framework
A host's Sender Policy Framework (SPF) describes who can send mail on its behalf. This is done by publishing an SPF record containing a series of rules. Each rule consists of a qualifier followed by a specification of which domains to apply this qualifier to. For more information please see open-spf.org.
Warning: It appears that this host does not have an SPF record. There may be an SPF record on ca.gov: Check the site report.
Setting up an SPF record helps prevent the delivery of forged emails from your domain. Please note that an SPF record will only protect the domain it is added to and not any mail-enabled subdomains. It is recommended to add an SPF record to any subdomain with an MX record.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a mechanism for domain owners to indicate how mail purporting to originate from their domain should be authenticated. It builds on SPF and DKIM, providing a method to set policy and to give reporting of failures. For more information please see dmarc.org.
This host does not have a DMARC record. There may be a DMARC record on the site report for ca.gov: Check the site report.
Site Technology (fetched 34 days ago)
Client-Side Scripting Frameworks
Frameworks or libraries allow for easier development of applications by providing an Application Program Interface (API) or a methodology to follow whilst developing.
A web search engine is a software that is designed to search for information on the World Wide Web or on a specific site.
Any software or site builder that aids web development.
Web analytics is the measurement, collection, analysis and reporting of internet data for purposes of understanding and optimizing web usage.
A character encoding system consists of a code that pairs each character from a given repertoire with something else such as a bit pattern, sequence of natural numbers, octets, or electrical pulses in order to facilitate the transmission of data (generally numbers or text) through telecommunication networks or for data storage.
Web Browser Targeting
Web browser targeting enables software applications to make use of specific functions of the browser as well as optimizing the application for specific browser versions.
A Document Type Declaration, or DOCTYPE, is an instruction that associates a particular SGML or XML document (for example, a webpage) with a Document Type Definition (DTD).
HTML5 is a markup language for structuring and presenting content for the World Wide Web and a core technology of the Internet. It is the fifth revision of the HTML standard.
Cascading Style Sheets (CSS) is a style sheet language used for describing the presentation semantics (the look and formatting) of a document written in a markup language (such as XHTML).