The content, sender and recipients
The open message β subject, body, From and To β recorded on screen as a video, not a still.
How to Β· Proof of receipt
How to prove you received an email (Gmail)
A screenshot of an email proves almost nothing β it can be edited in seconds and says nothing about who really sent it or whether you are even looking at genuine Gmail. Instead, record the message inside a certified browser session. The result shows the content, the sender and the recipients, the email's DKIM digital signature, and β through the signed network log β proof that it was served by Google's real Gmail servers. The whole recording is timestamped and signed, so it cannot be tampered with.
DKIMSender verified
HARReal Gmail servers
RFC 3161Tamper-evident
Why a screenshot of an email is not proof.
To stand up against a denial, evidence has to answer four questions a screenshot cannot.
β
It can be edited in secondsSender, date, recipients and body are all just pixels β trivial to alter in any image editor.
β
It does not prove the sender is genuineA screenshot never shows the cryptographic signature that ties the message to the sender's domain.
β
It does not prove it is really GmailThe image could be a mocked-up page or a phishing look-alike β there is no record of where the content came from.
β
It does not prove you actually received itA still frame shows no inbox context, no recipients, and no live interaction.
What a certified recording proves.
Four independent pillars, captured live and sealed into one signed package.
A genuine sender (DKIM)
Gmail's "Show details" reveals mailed-by and signed-by β the DKIM signature proving the email was really signed by the sender's domain, not spoofed.
Really Gmail, not an imposter
The signed network log shows the page was served by Google's real Gmail servers over TLS β not a doctored page. How HAR files work β
Tamper-evident recording
The whole video is hashed, signed, and stamped with a qualified RFC 3161 timestamp β so the recording itself cannot be altered afterwards.
How to prove you received an email in five steps.
Optimized for Gmail β the same steps work for most webmail.
1
Start a recorded browser sessionGo to /certificates/new and choose Browser Session. A clean, isolated browser opens in the cloud β nothing to install.
2
Log in to your Gmail (or other mailbox)Sign in inside the private session. Your credentials stay within the isolated browser and are destroyed when the session ends.
3
Open the email you want to prove you receivedShow the subject, the sender, the recipients (To / Cc) and the full body on screen.
4
Open the sender's "Show details"Click the βΎ under the sender's name. Gmail displays mailed-by and signed-by β the DKIM signature that proves the email is digitally signed and genuinely from that sender. (For the full technical headers, "Show original" works too.)
5
Finish and certifyEnd the session. The video, the HAR network log, a signed PDF and a qualified timestamp are bundled into one package you can download or share by secret link.
How the HAR file proves it was really Gmail.
The strongest answer to "that page could be fake" is the network log β and it is signed along with the video.
π
Every request is recordedA HAR file logs the full request/response chain the browser made during the session β the hosts it contacted, over TLS, with timing.
π
The hosts are Google's real serversThe log shows the message was served by
mail.google.com / google.com β not a local mock-up or a phishing clone on an imposter server.β
It is part of the signed evidenceThe HAR is bundled, hashed and timestamped with the video, so it independently corroborates that the email was viewed inside genuine Gmail β and cannot be edited after the fact.
The result: indisputable, shareable proof.
βΆ
A recording you can share with anyoneSend a lawyer, an insurer, or the opposing party a secret link to the video β no need to hand over the raw file.
β
Content, sender, recipients and authenticity in one placeThe message, its DKIM signature, and the proof it was on real Gmail are all captured together, live.
π
Signed so the video itself cannot be tampered withA qualified timestamp and signature seal the recording β making it legally usable proof that you received that email, from that sender, with that content.
Proof-of-receipt questions.
Isn't a screenshot of the email enough to prove I received it?
No. A screenshot is a static image that can be edited in seconds β the sender, date, recipients, or body can all be changed, and it shows nothing about whether the message is genuine or which server it came from. A recorded browser session captures the live email together with its DKIM signature and a network log (HAR) proving it was served by Google's real Gmail servers, then signs and timestamps the whole recording so it cannot be altered afterwards.
What does Gmail's "Show details" (mailed-by / signed-by) prove?
When you expand the sender details in Gmail, it shows mailed-by and signed-by lines. signed-by is the DKIM digital signature: the message was cryptographically signed by the sending domain, so it genuinely originated from that sender and was not spoofed or forged. Recording this on screen captures that the email is authenticated, not just that it exists.
How does the HAR file prove it was really Gmail and not a fake page?
The HAR file is a complete log of every network request the controlled browser made during the session. It shows the page was served by Google's real Gmail servers (mail.google.com / google.com) over TLS β not a doctored local page or a phishing look-alike. Because the HAR is part of the signed, timestamped package, it independently corroborates that the email was viewed inside genuine Gmail. Learn more about HAR files β
Can the video recording itself be tampered with afterwards?
No. When the session ends, the video and HAR are hashed, signed, and stamped with a qualified RFC 3161 timestamp. Any later change to the file breaks the hash and invalidates the signature, so the recording is tamper-evident from the moment it was certified.
Does this work for Outlook, Proton, or other mailboxes?
Yes. The method is the same for any webmail: record the session, open the message, and expose the sender's signature/details view. Gmail is the most straightforward because "Show details" and "Show original" clearly display the DKIM signature, but the approach applies to other providers too.
Is this legal advice?
No. This service creates technical evidence artifacts. Legal admissibility depends on jurisdiction and circumstances. Consult qualified legal counsel for advice specific to your situation.
Prove you received that email.
Start a Browser Session, open the message in Gmail, and capture the content, the sender, the signature, and the proof it's real β in one signed recording.