Check DNS, Urls + Redirects, Certificates and Content of your Website



I

Content problems - mixed content, missing files etc.

Checked:
29.08.2019 06:00:29


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
chase.com
A
159.53.42.11
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
yes
1
0

A
159.53.44.60
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
yes
1
0

A
159.53.84.126
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
yes
1
0

A
159.53.85.137
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
yes
1
0

A
159.53.113.168
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
yes
1
0

A
159.53.116.62
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
yes
1
0

A
159.53.224.21
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
yes
1
0

AAAA

yes


www.chase.com
CNAME
wwwbcchase.gslb.bankone.com
yes
1
0

A
159.53.113.168
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
yes


www.chase.com
A
159.53.85.137
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
no


wwwbcchase.gslb.bankone.com
A
159.53.85.137
New York/United States (US) - JPMorgan Chase & Co.
No Hostname found
no



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 59944, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.09.2019, 00:00:00 +, Signature-Inception: 20.08.2019, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



2 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 10.09.2019, 20:00:00 +, Signature-Inception: 28.08.2019, 19:00:00 +, KeyTag 59944, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 59944 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 17708, Flags 256



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 04.09.2019, 18:25:33 +, Signature-Inception: 20.08.2019, 18:20:33 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: chase.com
chase.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "aio6vo95t5i4gcbf1mi36cggdhs2rdq0" between the hashed NSEC3-owner "aio63ujqhdh3qpuiaipuvos1cjtd3ubn" and the hashed NextOwner "aio7ae6hjs1e4voe33qq2f3q8v9hs0e1". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner aio63ujqhdh3qpuiaipuvos1cjtd3ubn.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 03.09.2019, 05:12:46 +, Signature-Inception: 27.08.2019, 04:02:46 +, KeyTag 17708, Signer-Name: com



0 DNSKEY RR found




Zone: www.chase.com
www.chase.com
0 DS RR in the parent zone found

Zone: (root)
(root)
1 DS RR published



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 59944, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.09.2019, 00:00:00 +, Signature-Inception: 20.08.2019, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



2 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 10.09.2019, 20:00:00 +, Signature-Inception: 28.08.2019, 19:00:00 +, KeyTag 59944, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 59944 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 17708, Flags 256



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 04.09.2019, 18:25:33 +, Signature-Inception: 20.08.2019, 18:20:33 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: bankone.com
bankone.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "va10d1nnhkkbn86n5d48d79fguipaqk9" between the hashed NSEC3-owner "va0voriidemhbbdoifhljg6onl8ifn51" and the hashed NextOwner "va131nfcfl9kmkukh5isfb5j8sbbfps0". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner va0voriidemhbbdoifhljg6onl8ifn51.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 03.09.2019, 05:06:52 +, Signature-Inception: 27.08.2019, 03:56:52 +, KeyTag 17708, Signer-Name: com



0 DNSKEY RR found




Zone: gslb.bankone.com
gslb.bankone.com
0 DS RR in the parent zone found



0 DNSKEY RR found




Zone: wwwbcchase.gslb.bankone.com
wwwbcchase.gslb.bankone.com
0 DS RR in the parent zone found



0 DNSKEY RR found




3. Name Servers

DomainNameserverNS-IP
chase.com
  ns05.jpmorganchase.com
159.53.110.152
New York/United States (US) - JPMorgan Chase & Co.


  ns06.jpmorganchase.com
159.53.110.153
New York/United States (US) - JPMorgan Chase & Co.


  ns1.jpmorganchase.com
159.53.46.53
New York/United States (US) - JPMorgan Chase & Co.


  ns1.p59.dynect.net / proxy-121-defra.hivecast-121-defra.as15135.net
208.78.70.59
Chicago/Illinois/United States (US) - Oracle Corporation


 
2001:500:90:1::59
Centreville/Virginia/United States (US) - Oracle Corporation


  ns2.jpmorganchase.com
159.53.78.53
New York/United States (US) - JPMorgan Chase & Co.


  ns2.p59.dynect.net / proxy-330-nlams2.hivecast-330-nlams2.as15135.net
204.13.250.59
Chicago/Illinois/United States (US) - Oracle Corporation


  ns3.p59.dynect.net / proxy-134-defra.hivecast-134-defra.as15135.net
208.78.71.59
Chicago/Illinois/United States (US) - Oracle Corporation


 
2001:500:94:1::59
Centreville/Virginia/United States (US) - Oracle Corporation


  ns4.p59.dynect.net / proxy-134-defra.hivecast-134-defra.as15135.net
204.13.251.59
Washington/District of Columbia/United States (US) - Oracle Corporation

com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net


wwwbcchase.gslb.bankone.com
  dbws1adcx204.jpmorganchase.com
159.53.78.221
New York/United States (US) - JPMorgan Chase & Co.

gslb.bankone.com
  dbes1adcx204.jpmorganchase.com


  dbws1adcx204.jpmorganchase.com


  dcss1adcx204.jpmorganchase.com


  drds1adcx204.jpmorganchase.com

bankone.com
  ns05.jpmorganchase.com


  ns06.jpmorganchase.com


  ns1.jpmorganchase.com


  ns1.p59.dynect.net / proxy-122-defra.hivecast-122-defra.as15135.net


  ns2.jpmorganchase.com


  ns2.p59.dynect.net / proxy-345-nlams2.hivecast-345-nlams2.as15135.net


  ns3.p59.dynect.net / proxy-113-defra.hivecast-113-defra.as15135.net


  ns4.p59.dynect.net / proxy-122-defra.hivecast-122-defra.as15135.net

com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net


4. SOA-Entries


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1567051209
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:8


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1567051224
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:5


Domain:chase.com
Zone-Name:
Primary:ns1.jpmorganchase.com
Mail:hostmaster.jpmchase.com
Serial:583035559
Refresh:10800
Retry:1800
Expire:1209600
TTL:3600
num Entries:10



Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1567051239
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:11


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1567051254
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:2


Domain:bankone.com
Zone-Name:
Primary:ns1.jpmorganchase.com
Mail:hostmaster.jpmchase.com
Serial:583035548
Refresh:10800
Retry:1800
Expire:1209600
TTL:3600
num Entries:8


Domain:gslb.bankone.com
Zone-Name:
Primary:dbws1adcx204.jpmorganchase.com
Mail:hostmaster.jpmchase.com
Serial:1722
Refresh:10800
Retry:3600
Expire:604800
TTL:60
num Entries:4


Domain:wwwbcchase.gslb.bankone.com
Zone-Name:
Primary:dbws1adcx204.jpmorganchase.com
Mail:hostmaster.jpmchase.com
Serial:1722
Refresh:10800
Retry:3600
Expire:604800
TTL:60
num Entries:1


5. Screenshots

Startaddress: https://www.chase.com, address used: https://www.chase.com/, Screenshot created 2022-08-05 21:36:27 +00:0

Mobil (412px x 732px)

377 milliseconds

Screenshot mobile - https://www.chase.com/
Mobil + Landscape (732px x 412px)

397 milliseconds

Screenshot mobile landscape - https://www.chase.com/
Screen (1280px x 1680px)

2285 milliseconds

Screenshot Desktop - https://www.chase.com/

Mobile- and other Chrome-Checks

widthheight
visual Viewport396732
content Size3965246

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://chase.com/
159.53.42.11
301
https://www.chase.com/
0.237
E
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/
159.53.44.60
301
https://www.chase.com/
0.223
E
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/
159.53.84.126
301
https://www.chase.com/
0.230
E
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/
159.53.85.137
301
https://www.chase.com/
0.230
E
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/
159.53.113.168
301
https://www.chase.com/
0.250
E
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/
159.53.116.62
301
https://www.chase.com/
0.254
E
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/
159.53.224.21
301
https://www.chase.com/
0.347
E
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• http://www.chase.com/
159.53.85.137
301
https://www.chase.com/
0.227
A
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• http://www.chase.com/
159.53.113.168
301
https://www.chase.com/
0.250
A
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• https://chase.com/
159.53.42.11
301
https://www.chase.com/
3.887
B
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• https://chase.com/
159.53.44.60
301
https://www.chase.com/
3.820
B
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• https://chase.com/
159.53.84.126
301
https://www.chase.com/
3.817
B
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• https://chase.com/
159.53.85.137
301
https://www.chase.com/
3.803
B
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• https://chase.com/
159.53.113.168
301
https://www.chase.com/
4.097
B
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• https://chase.com/
159.53.116.62
301
https://www.chase.com/
3.903
B
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• https://chase.com/
159.53.224.21
301
https://www.chase.com/
4.230
B
Location: https://www.chase.com/
Server: BigIP
Connection: close
Content-Length: 0

• https://www.chase.com/
159.53.85.137
200

4.090
I
Date: Thu, 29 Aug 2019 04:03:38 GMT
Server:
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block
Last-Modified: Thu, 29 Aug 2019 01:31:12 GMT
Accept-Ranges: bytes
Content-Length: 70612
Cache-Control: max-age=3600,s-maxage=3600
Access-Control-Allow-Origin: *
X-Content-Security-Policy: frame-ancestors 'none'
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Proxy-Connection: Keep-Alive
Connection: close
Age: 34

• https://www.chase.com/
159.53.113.168
200

4.313
I
Date: Thu, 29 Aug 2019 04:03:38 GMT
Server:
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block
Last-Modified: Thu, 29 Aug 2019 01:26:36 GMT
Accept-Ranges: bytes
Content-Length: 70612
Cache-Control: max-age=3600,s-maxage=3600
Access-Control-Allow-Origin: *
X-Content-Security-Policy: frame-ancestors 'none'
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Proxy-Connection: Keep-Alive
Connection: close
Age: 29

• http://chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.42.11
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.236
E
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.44.60
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.226
E
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.84.126
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.227
E
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.85.137
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.226
E
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.113.168
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.257
E
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.116.62
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.256
E
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• http://chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.224.21
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.343
E
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• http://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.85.137
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.227
A
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• http://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
159.53.113.168
301
https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.254
A
Visible Content:
Location: https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: close
Content-Length: 0

• https://www.chase.com/resources/404.html

301
https://www.chase.com/digital/resources/oops.html
3.720
A
Visible Content:
Date: Thu, 29 Aug 2019 04:04:30 GMT
Server:
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block
Location: https://www.chase.com/digital/resources/oops.html
Content-Length: 0
Cache-Control: max-age=300,s-maxage=300
Access-Control-Allow-Origin: *
X-Content-Security-Policy: frame-ancestors 'none'
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html;charset=utf-8
Proxy-Connection: Keep-Alive
Connection: close
Age: 0

• https://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

302
https://www.chase.com/index.html.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
3.947
A
Visible Content:
Date: Thu, 29 Aug 2019 04:04:22 GMT
Server:
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block
Location: /index.html.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Cache-Control: max-age=300,s-maxage=300
Access-Control-Allow-Origin: *
X-Content-Security-Policy: frame-ancestors 'none'
Content-Security-Policy: frame-ancestors 'none'
Content-Length: 0
Content-Type: text/plain; charset=UTF-8
Proxy-Connection: Keep-Alive
Connection: close

• https://www.chase.com/index.html.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

302
https://www.chase.com/resources/404.html
3.673
A
Visible Content:
Date: Thu, 29 Aug 2019 04:04:26 GMT
Server:
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block
Location: https://www.chase.com/resources/404.html
Content-Length: 0
Cache-Control: max-age=300,s-maxage=300
Access-Control-Allow-Origin: *
X-Content-Security-Policy: frame-ancestors 'none'
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/plain; charset=UTF-8
Proxy-Connection: Keep-Alive
Connection: close

• https://www.chase.com/digital/resources/oops.html

200

4.127

Visible Content:
Date: Thu, 29 Aug 2019 04:02:05 GMT
Server:
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
x-xss-protection: 1; mode=block
Last-Modified: Thu, 29 Aug 2019 02:11:01 GMT
Accept-Ranges: bytes
Content-Length: 57809
Cache-Control: max-age=300,s-maxage=300
Access-Control-Allow-Origin: *
X-Content-Security-Policy: frame-ancestors 'none'
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/html; charset=UTF-8
Proxy-Connection: Keep-Alive
Connection: close
Age: 149

7. Comments


1. General Results, most used to calculate the result

Aname "chase.com" is domain, public suffix is "com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services"
AGood: All ip addresses are public addresses
AGood: No asked Authoritative Name Server had a timeout
Ahttps://www.chase.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
https://www.chase.com/index.html.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Correct redirect https to https
Ahttps://www.chase.com/index.html.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
https://www.chase.com/resources/404.html
Correct redirect https to https
Ahttps://www.chase.com/resources/404.html
301
https://www.chase.com/digital/resources/oops.html
Correct redirect https to https
AGood: destination is https
AGood: one preferred version: www is preferred
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Ahttp://www.chase.com/ 159.53.85.137
301
https://www.chase.com/
Correct redirect http - https with the same domain name
Ahttp://www.chase.com/ 159.53.113.168
301
https://www.chase.com/
Correct redirect http - https with the same domain name
Bhttps://chase.com/ 159.53.42.11
301

Missing HSTS-Header
Bhttps://chase.com/ 159.53.44.60
301

Missing HSTS-Header
Bhttps://chase.com/ 159.53.84.126
301

Missing HSTS-Header
Bhttps://chase.com/ 159.53.85.137
301

Missing HSTS-Header
Bhttps://chase.com/ 159.53.113.168
301

Missing HSTS-Header
Bhttps://chase.com/ 159.53.116.62
301

Missing HSTS-Header
Bhttps://chase.com/ 159.53.224.21
301

Missing HSTS-Header
Ehttp://chase.com/ 159.53.42.11
301
https://www.chase.com/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://chase.com/ 159.53.44.60
301
https://www.chase.com/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://chase.com/ 159.53.84.126
301
https://www.chase.com/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://chase.com/ 159.53.85.137
301
https://www.chase.com/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://chase.com/ 159.53.113.168
301
https://www.chase.com/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://chase.com/ 159.53.116.62
301
https://www.chase.com/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://chase.com/ 159.53.224.21
301
https://www.chase.com/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ihttps://www.chase.com/ 159.53.113.168
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.
Ihttps://www.chase.com/ 159.53.85.137
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.
Ihttps://www.chase.com/digital/resources/oops.html
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.

2. DNS- and NameServer - Checks

AInfo: Nameserver mit different domain names found. May be a problem with DNS-Updates
AGood: Nameserver supports TCP connections: 10 good Nameserver
AGood: Nameserver supports Echo Capitalization: 10 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 10 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 10 good Nameserver
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

https://www.chase.com/digital/resources/oops.html
200

Warning: Not existing ACME-file, but Server sends 200, not 404 or redirect. May be a problem creating a Letsencrypt certificate. Checking /.well-known/acme-challenge/random-filename - a http status 404 - Not Found - is expected. If your server sends content and a http status 200, the validation file (87 bytes, token, dot and the hash of the public part of the account key) may be invisible, so Letsencrypt can't validate your domain. If it is an application that sends this content, perhaps create an exception, so /.well-known/acme-challenge sends raw files. Or create a redirect to another domain and / or port 443, but your Letsencrypt client must support such a solution. Certbot: Use webroot as authenticator - https://certbot.eff.org/docs/using.html Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
AInfo: Different Server-Headers found
ADuration: 503847 milliseconds, 503.847 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
chase.com
159.53.42.11
443
ok
Tls12
ECDH Ephermal
384
Aes128
128
Sha256
error checking OCSP stapling
ok
chase.com
159.53.42.11
443
ok
Tls12

ECDH Ephermal
384
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


chase.com
159.53.44.60
443
ok
Tls12
ECDH Ephermal
384
Aes128
128
Sha256
error checking OCSP stapling
ok

chase.com
159.53.44.60
443
ok
Tls12

ECDH Ephermal
384
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


chase.com
159.53.84.126
443
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

chase.com
159.53.84.126
443
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


chase.com
159.53.85.137
443
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

chase.com
159.53.85.137
443
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


chase.com
159.53.113.168
443
ok
Tls12
ECDH Ephermal
384
Aes128
128
Sha256
error checking OCSP stapling
ok

chase.com
159.53.113.168
443
ok
Tls12

ECDH Ephermal
384
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


chase.com
159.53.116.62
443
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

chase.com
159.53.116.62
443
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


chase.com
159.53.224.21
443
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

chase.com
159.53.224.21
443
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


www.chase.com
159.53.85.137
443
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

www.chase.com
159.53.85.137
443
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


www.chase.com
159.53.113.168
443
ok
Tls12
ECDH Ephermal
384
Aes128
128
Sha256
error checking OCSP stapling
ok

www.chase.com
159.53.113.168
443
ok
Tls12

ECDH Ephermal
384
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


www.chase.com
www.chase.com
443
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

www.chase.com
www.chase.com
443
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.chase.com, O=JPMorgan Chase and Co., L=New York, C=US, serialNumber=691011

2CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US

3CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


9. Certificates

1.
1.
CN=www.chase.com, SERIALNUMBER=691011, OID.2.5.4.15=Private Organization, O=JPMorgan Chase and Co., OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, L=New York, S=New York, C=US
21.03.2019
21.03.2020
922 days expired
www.chase.com, chase.com - 2 entries
1.
1.
CN=www.chase.com, SERIALNUMBER=691011, OID.2.5.4.15=Private Organization, O=JPMorgan Chase and Co., OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, L=New York, S=New York, C=US
21.03.2019

21.03.2020
922 days expired
www.chase.com, chase.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00FD7B5051F00BAD6E0000000054CF9708
Thumbprint:3F0C33DBAEBE054076BC642C17A096C16AAB65AF
SHA256 / Certificate:v1YSTWHtiasPCj1YThaLnGPGa+xuW/NB1URqpiJM0CM=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8a23d8e53bf25012a6c460a63e26c70370cc92079b0a060d4407fd0863753e5a
SHA256 hex / Subject Public Key Information (SPKI):8a23d8e53bf25012a6c460a63e26c70370cc92079b0a060d4407fd0863753e5a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)


2.
CN=www.chase.com, SERIALNUMBER=691011, OID.2.5.4.15=Private Organization, O=JPMorgan Chase and Co., OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, L=New York, S=New York, C=US
21.03.2019
21.03.2020
922 days expired
www.chase.com, chase.com - 2 entries

2.
CN=www.chase.com, SERIALNUMBER=691011, OID.2.5.4.15=Private Organization, O=JPMorgan Chase and Co., OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US, L=New York, S=New York, C=US
21.03.2019

21.03.2020
922 days expired
www.chase.com, chase.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00FD7B5051F00BAD6E0000000054CF9708
Thumbprint:3F0C33DBAEBE054076BC642C17A096C16AAB65AF
SHA256 / Certificate:v1YSTWHtiasPCj1YThaLnGPGa+xuW/NB1URqpiJM0CM=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8a23d8e53bf25012a6c460a63e26c70370cc92079b0a060d4407fd0863753e5a
SHA256 hex / Subject Public Key Information (SPKI):8a23d8e53bf25012a6c460a63e26c70370cc92079b0a060d4407fd0863753e5a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)


3.
CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
15.12.2014
15.10.2030
expires in 2938 days


3.
CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
15.12.2014

15.10.2030
expires in 2938 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:61A1E7D20000000051D366A6
Thumbprint:CC136695639065FAB47074D28C55314C66077E90
SHA256 / Certificate:dcWz8B/R9RosRHq3x4XXLmn6nEcsCFcefq3zuOq65ww=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):5586701a2264ab734da356112364468924c8d66a93586f330dc45fd7f28037a2
SHA256 hex / Subject Public Key Information (SPKI):5586701a2264ab734da356112364468924c8d66a93586f330dc45fd7f28037a2
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)


4.
CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
15.12.2014
15.10.2030
expires in 2938 days


4.
CN=Entrust Certification Authority - L1M, OU="(c) 2014 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
15.12.2014

15.10.2030
expires in 2938 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:61A1E7D20000000051D366A6
Thumbprint:CC136695639065FAB47074D28C55314C66077E90
SHA256 / Certificate:dcWz8B/R9RosRHq3x4XXLmn6nEcsCFcefq3zuOq65ww=
SHA256 hex / Cert (DANE * 0 1):75c5b3f01fd1f51a2c447ab7c785d72e69fa9c472c08571e7eadf3b8eabae70c
SHA256 hex / PublicKey (DANE * 1 1):5586701a2264ab734da356112364468924c8d66a93586f330dc45fd7f28037a2
SHA256 hex / Subject Public Key Information (SPKI):5586701a2264ab734da356112364468924c8d66a93586f330dc45fd7f28037a2
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Client Authentication (1.3.6.1.5.5.7.3.2), Server Authentication (1.3.6.1.5.5.7.3.1)


5.
CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
07.07.2009
07.12.2030
expires in 2991 days


5.
CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
07.07.2009

07.12.2030
expires in 2991 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:4A538C28
Thumbprint:8CF427FD790C3AD166068DE81E57EFBB932272D4
SHA256 / Certificate:Q99XdLA+f+9f5A2TGnvt8bsua0JzjE5tOEEQPTqn8zk=
SHA256 hex / Cert (DANE * 0 1):43df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f339
SHA256 hex / PublicKey (DANE * 1 1):76ee8590374c715437bbca6bba6028eadde2dc6dbbb8c3f610e851f11d1ab7f5
SHA256 hex / Subject Public Key Information (SPKI):76ee8590374c715437bbca6bba6028eadde2dc6dbbb8c3f610e851f11d1ab7f5
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



6.
CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
22.09.2014
23.09.2024
expires in 725 days


6.
CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
22.09.2014

23.09.2024
expires in 725 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:51D34044
Thumbprint:9E1A0C35E714B69792D090B2CC4BBA45833C3015
SHA256 / Certificate:axQ8IAXVU5zCLqtfdy2yqf6HRn/v+gf88Kn30oJ0yno=
SHA256 hex / Cert (DANE * 0 1):6b143c2005d5539cc22eab5f772db2a9fe87467feffa07fcf0a9f7d28274ca7a
SHA256 hex / PublicKey (DANE * 1 1):76ee8590374c715437bbca6bba6028eadde2dc6dbbb8c3f610e851f11d1ab7f5
SHA256 hex / Subject Public Key Information (SPKI):76ee8590374c715437bbca6bba6028eadde2dc6dbbb8c3f610e851f11d1ab7f5
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


7.
CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
27.11.2006
27.11.2026
expires in 1520 days


7.
CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
27.11.2006

27.11.2026
expires in 1520 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:456B5054
Thumbprint:B31EB1B740E36C8402DADC37D44DF5D4674952F9
SHA256 / Certificate:c8F2Q08bxtWt9FsOducnKHyN5XYWwebmFBorLLx9jkw=
SHA256 hex / Cert (DANE * 0 1):73c176434f1bc6d5adf45b0e76e727287c8de57616c1e6e6141a2b2cbc7d8e4c
SHA256 hex / PublicKey (DANE * 1 1):6dbfae00d37b9cd73f8fb47de65917af00e0dddf42dbceac20c17c0275ee2095
SHA256 hex / Subject Public Key Information (SPKI):6dbfae00d37b9cd73f8fb47de65917af00e0dddf42dbceac20c17c0275ee2095
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found


2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Small Code Update - wait one minute


11. Html-Content - Entries

Summary

No data found or small Code-update

Details

Small Code Update - wait one minute


12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

No NameServer - IP address informations found. The feature is new (2020-05-07), so recheck this domain.


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
wwwbcchase.gslb.bankone.com
0

no CAA entry found
1
0
gslb.bankone.com
0

no CAA entry found
1
0
www.chase.com



1
0
bankone.com
0

no CAA entry found
1
0
chase.com
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0

0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
chase.com
facebook-domain-verification=vfe3eq2579x3hyeix7vo7csi6vse7b
ok
1
0
chase.com
v=spf1 a:spf.jpmchase.com ip4:207.162.228.0/24 ip4:207.162.229.0/24 ip4:207.162.225.0/24 ip4:196.37.232.50 ip4:159.53.46.0/24 ip4:159.53.36.0/24 ip4:159.53.110.0/24 ip4:159.53.78.0/24 include:tpo.chase.com -all
ok
1
0
chase.com
webexdomainverification.11D70=c087ea5b-b6b4-4fb0-8a4c-0f5a5b6ec953
ok
1
0
chase.com
webexdomainverification.EP9E=2b6081b5-d501-46a9-adac-ff6ba1dbae2a
ok
1
0
www.chase.com


1
0
_acme-challenge.chase.com

Name Error - The domain name does not exist
1
0
wwwbcchase.gslb.bankone.com

ok
1
0
_acme-challenge.www.chase.com

Name Error - The domain name does not exist
1
0
_acme-challenge.chase.com.chase.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.chase.com.chase.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.chase.com.www.chase.com

Name Error - The domain name does not exist
1
0
_acme-challenge.wwwbcchase.gslb.bankone.com

Name Error - The domain name does not exist
1
0
_acme-challenge.wwwbcchase.gslb.bankone.com.wwwbcchase.gslb.bankone.com

Name Error - The domain name does not exist
1
0


15. DomainService - Entries (SSHFP Check is new - 2022-09-24, may be incomplete, alpha, some results are required)

No DomainServiceEntries entries found



16. Cipher Suites

No Ciphers found


17. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.



Permalink: https://check-your-website.server-daten.de/?i=6ed31c26-e59a-4d2e-8c11-40027833bf43


Last Result: https://check-your-website.server-daten.de/?q=chase.com - 2022-08-05 21:14:31


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=chase.com" target="_blank">Check this Site: chase.com</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro