Check DNS, Urls + Redirects, Certificates and Content of your Website




D

Wrong redirect http ⇒ http

Checked:
01.09.2024 08:53:57


Older results


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
blackrock.com
A
69.52.2.199
New York/United States (US) - BlackRock Financial Management, Inc.
No Hostname found
yes
1
0

A
69.52.13.199
New York/United States (US) - BlackRock Financial Management, Inc.
No Hostname found
yes
1
0

AAAA

yes


www.blackrock.com
CNAME
blackrock.com.edgekey.net
yes
1
0

CNAME
e5442.a.akamaiedge.net
yes


www.blackrock.com
A
104.79.33.16
Berlin/Land Berlin/Germany (DE) - Akamai Technologies, Inc.
No Hostname found
no


*.blackrock.com
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20038, Flags 256



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 20.09.2024, 00:00:00 +, Signature-Inception: 30.08.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=



1 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 13.09.2024, 17:00:00 +, Signature-Inception: 31.08.2024, 16:00:00 +, KeyTag 20038, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20038 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 13, KeyTag 19718, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 13, KeyTag 59354, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 09.09.2024, 14:02:35 +, Signature-Inception: 25.08.2024, 13:57:35 +, KeyTag 19718, Signer-Name: com



Status: Good - Algorithmus 13 and DNSKEY with KeyTag 19718 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest "isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: blackrock.com
blackrock.com
1 DS RR in the parent zone found



DS with Algorithm 13, KeyTag 37972, DigestType 2 and Digest Hy4ZARpJTXqF+YifSgoaCSAK8VqWvHJ6HpF/g6Ul1Lk=



1 RRSIG RR to validate DS RR found



RRSIG-Owner blackrock.com., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 05.09.2024, 01:16:06 +, Signature-Inception: 29.08.2024, 00:06:06 +, KeyTag 59354, Signer-Name: com



Status: Good - Algorithmus 13 and DNSKEY with KeyTag 59354 used to validate the DS RRSet in the parent zone



4 DNSKEY RR found



Public Key with Algorithm 13, KeyTag 7210, Flags 256



Public Key with Algorithm 13, KeyTag 30508, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 13, KeyTag 37972, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 13, KeyTag 42542, Flags 256



2 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner blackrock.com., Algorithm: 13, 2 Labels, original TTL: 7200 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 30508, Signer-Name: blackrock.com



RRSIG-Owner blackrock.com., Algorithm: 13, 2 Labels, original TTL: 7200 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 37972, Signer-Name: blackrock.com



Status: Good - Algorithmus 13 and DNSKEY with KeyTag 30508 used to validate the DNSKEY RRSet



Status: Good - Algorithmus 13 and DNSKEY with KeyTag 37972 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 37972, DigestType 2 and Digest "Hy4ZARpJTXqF+YifSgoaCSAK8VqWvHJ6HpF/g6Ul1Lk=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



RRSIG Type 1 validates the A - Result: 69.52.2.199 69.52.13.199
Validated: RRSIG-Owner blackrock.com., Algorithm: 13, 2 Labels, original TTL: 300 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com



RRSIG Type 16 validates the TXT - Result: MS=ms38828697 ZOOM_verify_FsOJw095SMyypVXs8wlBQQ ZOOM_verify_u51YW9QoScOHBUzIhbDgtg 0f1815be-65d1-4cbf-9fda-f331702621b5 18E2-B4A1-A780-E9D8-DE27-00BD-E084-6F52 2FE6-F3BB-EDF8-C58F-D2A4-8035-EDCF-AFB0 docusign=a2dbcd74-2a86-49de-b3f6-0c5d794d9f70 docusign=b627a610-c752-4e1d-8de5-13f584944729 amazonses:1HI9lAXiWsijpz4JNXwXz2gQaHC2wXzskAqDUj3RTg8= v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all miro-verification=eceb7135b08ca0b6c70bfa3efeb5d7a66f1ea1bb mongodb-site-verification=ocUum2f1wfuEq7KWecCMvS3K0fWQLjaP facebook-domain-verification=jgst7ahvoqwagulxzu7zstebenl0nh smartsheet-site-validation=DhO08aWdiKQgWHj44tKwLySIpkgYcV7V 5c6b3a4f931e1cee133989872555093bf795d13585b18b9815abae5b154b34b2 google-site-verification=z1Aw-cih_E2FKOWotfSW8RUFHKmTIfB1VXHbV_J6bM8 h1-domain-verification=ktpxEvEwdQXJNsQuFywMvSrzMVyqLQXdXK4LzzPHBeUwK6Sa intersight=162938a7f29649663d27ccf1b81d58259224c4820fdd02fa3612e95c123f8ce7 duo_sso_verification=4Rjlata2GmnHS66E9wbFXjZGtssVPUzUaV5XE4YjDS726aDgVMQOkbZTdmUwjG9m duo_sso_verification=JnQQBWIliQ5FriK2DOPrGg16cJoZiSOfSLUCv02CQtvxU8NXyRChuWaXLem8RizK QKhkBUJSEzOyADjEzY5RtC49rqKCWcl+c1NvPPP3l0+9gSO+nqR+Np2Zs2cpzzvf7BLyScIteZHHljt5j4EuSQ== drift-domain-verification=f5a2bbc86ce9fdecab7db01d6dc30ec356433bbc94c69811bf448b99fa661526 atlassian-domain-verification=382cypeoFrrqy4R9MkRopItq5Cbixu5CS3S0UGcjZHHS6Rf6Lq/NICGahGifaMk5 atlassian-domain-verification=VDrpZs9FnE3/l/dJxRC+0mkjndLafqB2r3l/ztET32a5TZyDfavvWoxVWw+OeokX postman-domain-verification=1f2166c59f809215f1f2302acee74f2135a8be53fced04f4e9739de6ac7af54be6894cefd27d71d81a9ebae32bf278430985e561d1ab1a216838267a847a3925
Validated: RRSIG-Owner blackrock.com., Algorithm: 13, 2 Labels, original TTL: 300 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com



CNAME-Query sends a valid NSEC3 RR as result with the hashed query name "us521v87m15i7ijhicvstpmc3jraptel" equal the hashed NSEC3-owner "us521v87m15i7ijhicvstpmc3jraptel" and the hashed NextOwner "utbht4428j1r3a1hp7cbg27rqcjdjr4l". So the zone confirmes the not-existence of that CNAME RR, but the existence of that query name (minimal one RR with that name exists).
Bitmap: A, NS, SOA, MX, TXT, NAPTR, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner us521v87m15i7ijhicvstpmc3jraptel.blackrock.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com



Status: Good. NoData-Proof required and found.



AAAA-Query sends a valid NSEC3 RR as result with the hashed query name "us521v87m15i7ijhicvstpmc3jraptel" equal the hashed NSEC3-owner "us521v87m15i7ijhicvstpmc3jraptel" and the hashed NextOwner "utbht4428j1r3a1hp7cbg27rqcjdjr4l". So the zone confirmes the not-existence of that AAAA RR, but the existence of that query name (minimal one RR with that name exists).
Bitmap: A, NS, SOA, MX, TXT, NAPTR, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner us521v87m15i7ijhicvstpmc3jraptel.blackrock.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com



Status: Good. NoData-Proof required and found.



TLSA-Query (_443._tcp.blackrock.com) sends a valid NSEC3 RR as result with the hashed owner name "p3h70o2r2lu7u9ak97f64lh0vjl1ubq7" (unhashed: _tcp.blackrock.com). So that's the Closest Encloser of the query name.
Bitmap: No Bitmap? Validated: RRSIG-Owner p3h70o2r2lu7u9ak97f64lh0vjl1ubq7.blackrock.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com



Status: Good. NXDomain-Proof required and found.



TLSA-Query (_443._tcp.blackrock.com) sends a valid NSEC3 RR as result with the hashed query name "r8am8ua1hhjgpc80p60can1ovk4p4bck" between the hashed NSEC3-owner "r7aj9mai3db4ruigr86cq1va24bqphal" and the hashed NextOwner "ra9rim77qhit8n9vu7dpjsggsimcqahq". So the zone confirmes the not-existence of that TLSA RR.
Bitmap: CNAME, RRSIG Validated: RRSIG-Owner r7aj9mai3db4ruigr86cq1va24bqphal.blackrock.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com



Status: Good. NXDomain-Proof required and found.



TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Wildcard expansion of the ClosestEncloser "avhb98kb099ghltega5vrf5dif4in69s" (unhashed: *._tcp.blackrock.com) with the owner "av2p0nhmvp6ui1qc7eprno9rp8el6tdk" and the NextOwner "avtvceugj82oe6ifcqpe9av579ulb507". So that NSEC3 confirms the not-existence of the Wildcard expansion.
Bitmap: CNAME, RRSIG Validated: RRSIG-Owner av2p0nhmvp6ui1qc7eprno9rp8el6tdk.blackrock.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com



Status: Good. NXDomain-Proof required and found.



CAA-Query sends a valid NSEC3 RR as result with the hashed query name "us521v87m15i7ijhicvstpmc3jraptel" equal the hashed NSEC3-owner "us521v87m15i7ijhicvstpmc3jraptel" and the hashed NextOwner "utbht4428j1r3a1hp7cbg27rqcjdjr4l". So the zone confirmes the not-existence of that CAA RR, but the existence of that query name (minimal one RR with that name exists).
Bitmap: A, NS, SOA, MX, TXT, NAPTR, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner us521v87m15i7ijhicvstpmc3jraptel.blackrock.com., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com



Status: Good. NoData-Proof required and found.

Zone: www.blackrock.com
www.blackrock.com
0 DS RR in the parent zone found



RRSIG Type 5 validates the CNAME - Result: blackrock.com.edgekey.net
Validated: RRSIG-Owner www.blackrock.com., Algorithm: 13, 3 Labels, original TTL: 300 sec, Signature-expiration: 03.09.2024, 15:37:44 +, Signature-Inception: 31.08.2024, 14:37:44 +, KeyTag 42542, Signer-Name: blackrock.com

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20038, Flags 256



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 20.09.2024, 00:00:00 +, Signature-Inception: 30.08.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: net
net
1 DS RR in the parent zone found



DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=



1 RRSIG RR to validate DS RR found



RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 13.09.2024, 17:00:00 +, Signature-Inception: 31.08.2024, 16:00:00 +, KeyTag 20038, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20038 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 13, KeyTag 37331, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 13, KeyTag 42924, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner net., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 09.09.2024, 14:10:35 +, Signature-Inception: 25.08.2024, 14:05:35 +, KeyTag 37331, Signer-Name: net



Status: Good - Algorithmus 13 and DNSKEY with KeyTag 37331 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest "LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: edgekey.net
edgekey.net
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "2a0amkj9v4j641a6apq195g5diut3cbc" between the hashed NSEC3-owner "2a0963gvltddogkcji3eujginncdime3" and the hashed NextOwner "2a0dj5vpi8s7nqvoi1idabi5tt0jc7g7". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner 2a0963gvltddogkcji3eujginncdime3.net., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 05.09.2024, 03:05:18 +, Signature-Inception: 29.08.2024, 01:55:18 +, KeyTag 42924, Signer-Name: net



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "a1rt98bs5qgc9nfi51s9hci47uljg6jh" as Owner. That's the Hash of "net" with the NextHashedOwnerName "a1rtlnpgulogn7b9a62shje1u3ttp8dr". So that domain name is the Closest Encloser of "edgekey.net". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner a1rt98bs5qgc9nfi51s9hci47uljg6jh.net., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 05.09.2024, 03:00:43 +, Signature-Inception: 29.08.2024, 01:50:43 +, KeyTag 42924, Signer-Name: net



0 DNSKEY RR found




Zone: com.edgekey.net
com.edgekey.net
0 DS RR in the parent zone found

Zone: blackrock.com.edgekey.net
blackrock.com.edgekey.net
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
blackrock.com
  ns1.blackrock.com
193.108.91.23
Paris/Île-de-France/France (FR) - Akamai International B.V.


  ns2.blackrock.com
96.7.49.67
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


  ns3.blackrock.com
23.61.199.64
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


  ns4.blackrock.com
184.26.160.66
Sterling/Virginia/United States (US) - Akamai International B.V.


  ns5.blackrock.com
23.211.132.67
Milan/Lombardy/Italy (IT) - Akamai International, BV


  ns6.blackrock.com
95.100.173.65
Frankfurt am Main/Hesse/Germany (DE) - Akamai Technologies

com
  a.gtld-servers.net / nnn1-par6


  b.gtld-servers.net / nnn1-elwaw4


  c.gtld-servers.net / nnn1-par6


  d.gtld-servers.net / nnn1-par6


  e.gtld-servers.net / nnn1-par6


  f.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  j.gtld-servers.net / nnn1-frmrs-2


  k.gtld-servers.net / nnn1-frmrs-2


  l.gtld-servers.net / nnn1-frmrs-2


  m.gtld-servers.net / nnn1-ein4


edgekey.net
  a10-66.akam.net
96.7.50.66
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2600:1480:d000::42
Los Angeles/California/United States (US) - Akamai International B.V.


  a11-65.akam.net
84.53.139.65
Los Angeles/California/United States (US) - Akamai Technologies


 
2600:1480:1::41
Los Angeles/California/United States (US) - Akamai International B.V.


  a12-65.akam.net
184.26.160.65
Sterling/Virginia/United States (US) - Akamai International B.V.


 
2600:1480:f000::41
Dallas/Texas/United States (US) - Akamai International B.V.


  a13-65.akam.net
2.22.230.65
Madrid/Spain (ES) - Akamai Technologies


 
2600:1480:800::41
Warsaw/Mazovia/Poland (PL) - Akamai International B.V.


  a1-66.akam.net
193.108.91.66
Paris/Île-de-France/France (FR) - Akamai International B.V.


 
2600:1401:2::42
Seattle/Washington/United States (US) - Akamai International B.V.


  a16-65.akam.net
23.211.132.65
Milan/Lombardy/Italy (IT) - Akamai International, BV


 
2600:1406:1b::41
Milan/Lombardy/Italy (IT) - Akamai International B.V.


  a18-65.akam.net
95.101.36.65
Paris/Île-de-France/France (FR) - Akamai Technologies


 
2600:1480:4800::41
Warsaw/Mazovia/Poland (PL) - Akamai International B.V.


  a28-65.akam.net
95.100.173.65
Frankfurt am Main/Hesse/Germany (DE) - Akamai Technologies


 
2600:1480:d800::41
Newark/New Jersey/United States (US) - Akamai International B.V.


  a3-65.akam.net
96.7.49.65
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2600:1408:1c::41
Springfield/Illinois/United States (US) - Akamai International B.V.


  a5-65.akam.net
95.100.168.65
Chicago/Illinois/United States (US) - Akamai Technologies


 
2600:1480:b000::41
Milan/Lombardy/Italy (IT) - Akamai International B.V.


  a6-65.akam.net
23.211.133.65
Frankfurt am Main/Hesse/Germany (DE) - Akamai International B.V.


 
2600:1401:1::41
Ashburn/Virginia/United States (US) - Akamai International B.V.


  a7-64.akam.net
23.61.199.64
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2600:1406:32::40
San Jose/California/United States (US) - Akamai International B.V.


  a9-65.akam.net
184.85.248.65
Los Angeles/California/United States (US) - Akamai International B.V.


 
2a02:26f0:117::41
Cambridge/Massachusetts/United States (US) - Akamai International B.V


  adns1.akam.net
96.7.50.66
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


  ns1-2.akam.net
193.108.91.2
Paris/Île-de-France/France (FR) - Akamai International B.V.


 
2600:1401:2::2
Seattle/Washington/United States (US) - Akamai International B.V.


  ns1-2.akamai.com


  usw6.akam.net
23.61.199.64
Cambridge/Massachusetts/United States (US) - Akamai International B.V.

net
  a.gtld-servers.net / nnn1-par6


  b.gtld-servers.net / nnn1-elwaw4


  c.gtld-servers.net / nnn1-par6


  d.gtld-servers.net / nnn1-defra-5


  e.gtld-servers.net / nnn1-par6


  f.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  j.gtld-servers.net / nnn1-frmrs-2


  k.gtld-servers.net / nnn1-frmrs-2


  l.gtld-servers.net / nnn1-frmrs-2


  m.gtld-servers.net / nnn1-ein2


4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1725173614
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:7


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1725173629
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:6


Domain:blackrock.com
Zone-Name:blackrock.com
Primary:ns1.blackrock.com
Mail:netops.blackrock.com
Serial:2024082302
Refresh:3600
Retry:900
Expire:604800
TTL:3600
num Entries:6



Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1725173629
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:2


Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1725173644
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:11


Domain:edgekey.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:edgekey.net
Zone-Name:edgekey.net
Primary:ns1-2.akamai.com
Mail:hostmaster.akamai.com
Serial:1579372690
Refresh:900
Retry:300
Expire:604800
TTL:180
num Entries:30


5. Screenshots

Startaddress: https://www.blackrock.com/de/privatanleger, address used: https://www.blackrock.com/de/privatanleger, Screenshot created 2024-09-01 09:00:48 +00:0

Mobil (412px x 732px)

1396 milliseconds

Screenshot mobile - https://www.blackrock.com/de/privatanleger
Mobil + Landscape (732px x 412px)

1279 milliseconds

Screenshot mobile landscape - https://www.blackrock.com/de/privatanleger
Screen (1280px x 1680px)

1662 milliseconds

Screenshot Desktop - https://www.blackrock.com/de/privatanleger

Mobile- and other Chrome-Checks

widthheight
visual Viewport396732
content Size3965330

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://blackrock.com/
69.52.2.199
301
http://www.blackrock.com/
0.206
D
Location: http://www.blackrock.com/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

• http://blackrock.com/
69.52.13.199
301
http://www.blackrock.com/
0.213
D
Location: http://www.blackrock.com/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

• http://www.blackrock.com/
104.79.33.16
301
https://www.blackrock.com/
0.023

Server: AkamaiGHost
Location: https://www.blackrock.com/
Date: Sun, 01 Sep 2024 06:57:02 GMT
Connection: keep-alive
Set-Cookie: _abck=5B72F4F642DFDE73B54A8FEF3089612F~-1~YAAQttbdWEpjSI+RAQAAUHVfrAwACLbgGbvX18RjFTHUwjaXVCsLo05Mimd6jDnfoCT5B7Gb4pyEVVn8SkBh6jAzVS0C5KYf3xMm3vb3a5HTZzISZ1c8ktaJNujzlGEq7JWSEflGzu+h3FAi07lPUMf02bpqAi0lRZEHEYiHAmk79ZvBF8r9rSyQlCAbx7YZMmtDcBU/YeuWWKkMOV4DJavT5on1y8jtzxPMRtcjhTVUY8kBJKZogkuFKrQ/4Ad7B/o6nm7iioB2ngqiL0MAc8TwyLGG5YfQPDVY6mN05lDpPitj11sW7eV6EVo5IhlJNAoSS63Q3do1zIGwoI/LbOtFpw5peHtjnS7L~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:02 GMT; Max-Age=31536000,bm_sz=678347BB0C15D40A2987D6A16EF881E2~YAAQttbdWEtjSI+RAQAAUHVfrBhyEubUlCXPWfdlXk4kLwRz0OoviKrkSZQInn71Klqwv0gIUNWwzeROVUNVll4DRiL8j9vEAH45FwxiPmgjFN2++plnJHk4x3qR7hFYmwnnvSa/4SpFU7AHiyod8NZ5bdcPUITR8BJ7AHBWAy001OBddmVlqNOEt2JUFPgoU9cUcS08x12Bu3fZTxNLz7zcth83WBb/UVCq9o52W6CwVSZvfxOJa+IdurdrkqzHGy7hyWiFGrtdYAY6d0CtWcas8JiGxw8juP4K71dw3FiPcM2z9XkbJ9oodbQHxD7cy79wF9U32vFifRHtGW0K/A84yqc1Nrf6baMCkQUItnY=~3556934~3488065; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:02 GMT; Max-Age=14400
Content-Length: 0

• https://blackrock.com/
69.52.2.199
301
https://www.blackrock.com/
5.114
B
Location: https://www.blackrock.com/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

• https://blackrock.com/
69.52.13.199
301
https://www.blackrock.com/
6.693
B
Location: https://www.blackrock.com/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

• https://www.blackrock.com/
104.79.33.16
301
https://www.blackrock.com/de/privatanleger
3.020
B
Server: AkamaiGHost
Location: https://www.blackrock.com/de/privatanleger
Date: Sun, 01 Sep 2024 06:57:16 GMT
Connection: keep-alive
Set-Cookie: _abck=279BCC6C030B7214C7C9359AF9794693~-1~YAAQttbdWPZlSI+RAQAA1KpfrAx4rAn8YgICrvPkrbDzQMsQSkTdssWJ+mQDt28wyvf5sE9L6Ixz+j12/vZ6/0eRFXNdhsgQEt3VpyOZbDcW8u2JF9c4k64Qc1zR0O8QXu0CSlzQPLVN+6jLHYd83XjeGoQpFkdq/lfsr7kQUEa7bHdyZdj19LlJX+kWUAHj6sn2PRbjVTinhv0cWD58gNXom8B7tUqRTt94nwKu2E0rpJDfkMKtDkTYJkY5wZLD0MvXyf7xcPedmbe47Pb4LhJP6HBs8vJTA9CxLNXOe/d4XCf1/R4+wGDRFG+5Mv+8FTIkUuEmwSc1u+k7cedfpXOiR11OmvRtu/YT7isj/LqUwpl6PbXri1Usuk1JUAIQsblilGZSVfQF99o=~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:16 GMT; Max-Age=31536000; Secure,bm_sz=2FE37E7A448A3CA3BE741182EEF6386A~YAAQttbdWPdlSI+RAQAA1KpfrBhK3q0AkwID7Ijo7y2nICPCdJEfrYJ7s6oTGPcHCvfTKM0o1MqEtaJMWCfh9wDza24e8etSiGMuonBlZ6cq/4iC2ndRsPql8fApunjeEHNI8n2bkaAv5yUBkU8soBglwb49eQOlMKbFjmxSF894Fke9s/EoK+DrD2RrZZea5CVOAP8hjgOjjsavmVdVjyOBKgmEZPV+RojdtFQpLnozuMgfgzIWQtOdT/r/aKmBkvXCLxCu78/R3QJVSQMqXYmI+ANa020C+r5e+H6vsAjjK/kdIRHWtUfJk1aOQpnztX01v49dzszcLHVkgGbWM3+BoHsc0Vk22XF2edgqn00=~4474161~3359540; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:16 GMT; Max-Age=14400
Content-Length: 0

• https://www.blackrock.com/de/privatanleger
gzip used - 16805 / 75117 - 77.63 %
Inline-JavaScript (∑/total): 6/4814 Inline-CSS (∑/total): 1/158
200

Html is minified: 109.30 %
3.597
B
Server: istio-envoy
X-Request-ID: 9c6c1d9-191a3d766aa
x-site-name: de-retail
x-locale: de_DE
Cache-Control: no-store, no-cache
x-page-name: index
X-UA-Compatible: IE=edge
Link: </uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-solid-900.woff2>; rel="preload"; as="font"; type="font/woff2"; crossorigin, </uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-regular-400.woff2>; rel="preload"; as="font"; type="font/woff2"; crossorigin, </uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-light-300.woff2>; rel="preload"; as="font"; type="font/woff2"; crossorigin, </uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Extrabold.woff2>; rel="preload"; as="font"; type="font/woff2"; crossorigin, </uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Book.woff2>; rel="preload"; as="font"; type="font/woff2"; crossorigin, </uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Bold.woff2>; rel="preload"; as="font"; type="font/woff2"; crossorigin, <https://sourcedefense.blackrock.com>; rel=preconnect; crossorigin, <https://tags.tiqcdn.com>; rel=preconnect; crossorigin, <https://services.sdiapi.com>; rel=preconnect; crossorigin
Content-Security-Policy: default-src https://www.blackrock.com/u5vn5_pFt/o4X1/HWgJw/ai1DLcDh0GbS/HRNLRk0/ETBXd/290BX4 'nonce-94a37d1cf6ae9fc94097ea31271a134d' https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: blob:; child-src https: blob:; worker-src https: blob:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com; style-src https: 'unsafe-inline'; script-src 'nonce-94a37d1cf6ae9fc94097ea31271a134d' https: 'unsafe-eval' 'nonce-BWOAW4n6/2ijDvoGOfr/dA==';
X-Frame-Options: SAMEORIGIN
Referrer-Policy: no-referrer-when-downgrade
x-cache-status: MISS
x-host-ref: cwp-uk-retail01-live-58bd9db6d6-v65gl/orca
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;preload
x-envoy-upstream-service-time: 29
x-region-ref: musw2
X-Akamai-Transformed: 9 17309 0 pmb=mTOE,1
Date: Sun, 01 Sep 2024 06:57:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: ts-de-retail-locale=de_DE; Expires=Fri, 31 Aug 2029 06:57:37 GMT; Path=/; Secure; HttpOnly; SameSite=Lax,StatisticalAnalyticsEnabled=false; Expires=Sat, 30 Nov 2024 06:57:37 GMT; Path=/; Secure; SameSite=Lax,SSESSIONID_uk-retail01=NzRlMjVmNzctM2E2NS00YjcwLWI4ODctZDA2MjJkOTViZWVj; Path=/; Secure; HttpOnly; SameSite=Lax,STICKY_SESSION_COOKIE_UK_RETAIL01_LIVE="b566672679e29e7a"; Max-Age=3600; Path=/; HttpOnly,_abck=29281FA350C4C1275AA557364E6D4549~-1~YAAQttbdWGFrSI+RAQAArf5frAxsNwCziizc6jm67j/w1L5Pd3MAAzwjyI55g29XYZTfCKxZ0X2p20YdN2aetmQ+83IJ5jTlyRAQdiSr94WvlT5ntsNhc/EGX2c3wyeOS34pshb6ow16zJVBcDSYZ9aqSeIXSiTUh6qeOkx9AQ/sE243+YIZRsFRUFNvrM86a/IqvcbrB+v38VD28nwTShPJPUkLHaU0oQT4nPBJFm4P/swlKqfh2UgiWAYGOn/7FcUS0ImFzegEf0RftkZCxI2tsbCVAtSY+VZBS4IpVomTzvN2AWz4ffWVHAKTMnE42KBwtcTSR9MMMF0ReH01PEQf/aHW9CcSSGtIFXK2Dacnl804E3jhWWZGtxtAlUt29n7CF/ScymmxHh4=~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:37 GMT; Max-Age=31536000; Secure,bm_sz=93FE3C390A2F822304CA67794B9263C0~YAAQttbdWGJrSI+RAQAArf5frBgYmTNymTkl00xfU791PS7XR+mwK+9tfqUJE9RHHizB1TDJ+ElhkWOM1C0/HTdliM9G5jFtZC5UkSqX0bwC6Hf2CTQFP1hA9H97euwhWNF1pAGowgcvd9r5BKhYbxkpd1UvhoEVtZXxy8DDit7CzofnPbOW5FHRvtc55vFV7qIp3e6ls5IivlliSYGOSx74BiuV9z7I38M+aD4jEIJAar6ZTCFDmYiDi3kjDsmurXvrxAiJYgH8v4PzN8NUvyUiYxXnCoW9ezr2vUWub8ol33oQKwKUWTAgz0v0YUHoxLihX6oKTHvInrJ7FKoi7qm/qxW8h3Jp3fpXkQU4Ek0=~3229235~4343353; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:37 GMT; Max-Age=14400
Content-Type: text/html; charset=UTF-8
Expires: Sun, 01 Sep 2024 06:57:37 GMT
Content-Encoding: gzip
Content-Length: 16805

• http://blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
69.52.2.199
301
http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.106
D
Visible Content:
Location: http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

• http://blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
69.52.13.199
301
http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.110
D
Visible Content:
Location: http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

• http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
104.79.33.16
301
https://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.576

Visible Content:
Server: AkamaiGHost
Location: https://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Date: Sun, 01 Sep 2024 06:57:21 GMT
Connection: keep-alive
Set-Cookie: _abck=8EF1952C59CF8445BA868E02B165EE6A~-1~YAAQttbdWMtmSI+RAQAAkb1frAzGIS6c9H/f3l8MMV98lZNDXkutB/75khejNqpZ8PnpUYaJgoHxui5OgZftBKI6mxgzJKErRRGdT6lRzKkDS+2DNTuNk3RlftCAiQbdjAhatzDvPFBggYhxpEBdcw/rC/YnjcVaUE4Dwb4miH1x1oqZs5NYMCjarERAKjnNEt9r98g3bGV81PU+Cud5mtIBIOlxKgjI/9prNyb85HqGKbGdwSWagHToltMMbThsXzdqiR85TkSEib5lOlPdnh4KVxos/i4x9AcLGkxeHGVRgKOTcf8X1MbUYJFJS3JQ40uWp36ic/YUhbJXeuH2n78J9PDfIqMa6KQj~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:21 GMT; Max-Age=31536000,bm_sz=DB41722C4EA7314DE3B610E2D091110A~YAAQttbdWMxmSI+RAQAAkb1frBib4S68ZjIOcTZHuhporFqGs3wygYEqUgQTqlgip/UdU8FVK5/RpciHNP5xufhJCi+iRlBPI6RqnBk7fzyCp6rq7B4GSy573DsIaCz5XD5YVRBhxRcQYJXAKQWW5z5r3kCu565xsegZXJPq/iJg8pNZVsmFygXqtAgW8nMm+m7znWnsazu/ctxEr9GLs93XwKORLOiSfwVfkdm1THXTaUH+GQ/kDXWldBM1rBn45dCmCI9tm9JRCezNsxyHH/f5KY29ZdgA5Nbv0hu6LrIey1zLo0lfyO5ayEwpGYwMvefu9gMXR9DyusvVZ3gepagsYYwJHZqxKCP3JXDBq28=~3359811~3747894; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:21 GMT; Max-Age=14400
Content-Length: 0

• https://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
404

Html is minified: 471.14 %
3.173
B
Not Found
Visible Content:
Server: istio-envoy
ETag: "66c5fa4d-e69"
x-host-ref: cwp-blk-corp01-live-67dbb85b7f-fmgsr/orca
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;preload
Content-Security-Policy: default-src https://www.blackrock.com/u5vn5_pFt/o4X1/HWgJw/ai1DLcDh0GbS/HRNLRk0/ETBXd/290BX4 https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-envoy-upstream-service-time: 5
x-region-ref: musw2
Date: Sun, 01 Sep 2024 06:57:43 GMT
Connection: keep-alive
Set-Cookie: STICKY_SESSION_COOKIE_BLK_CORP01_LIVE="d0a9f2dbcdc9fd93"; Max-Age=3600; Path=/; HttpOnly
Content-Type: text/html; charset=UTF-8
Content-Length: 3689

• https://69.52.2.199/
69.52.2.199
301
https://www.69.52.2.199/
5.140
N
Certificate error: RemoteCertificateNameMismatch
Location: https://www.69.52.2.199/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

• https://69.52.13.199/
69.52.13.199
301
https://www.69.52.13.199/
5.353
N
Certificate error: RemoteCertificateNameMismatch
Location: https://www.69.52.13.199/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

• https://104.79.33.16/
104.79.33.16
400

Html is minified: 100.00 %
2.926
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Server: AkamaiGHost
Mime-Version: 1.0
Date: Sun, 01 Sep 2024 06:57:33 GMT
Connection: close
Content-Type: text/html
Content-Length: 312
Expires: Sun, 01 Sep 2024 06:57:33 GMT

• https://www.69.52.2.199/

-101

0.007
R
NameResolutionError (1, 0x80004005). Der angegebene Host ist unbekannt. (www.69.52.2.199:443)

• https://www.69.52.13.199/

-101

0.010
R
NameResolutionError (1, 0x80004005). Der angegebene Host ist unbekannt. (www.69.52.13.199:443)

7. Comments


1. General Results, most used to calculate the result

Aname "blackrock.com" is domain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 94787 (complete: 245733)
AGood: All ip addresses are public addresses
AGood: Minimal 2 ip addresses per domain name found: blackrock.com has 2 different ip addresses (authoritative).
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: blackrock.com has no ipv6 address.
AGood: No asked Authoritative Name Server had a timeout
Ahttps://www.blackrock.com/ 104.79.33.16
301
https://www.blackrock.com/de/privatanleger
Correct redirect https to https
AGood: destination is https
AGood - only one version with Http-Status 200
AGood: one preferred version: www is preferred
Warning: HSTS preload sent, but not in Preload-List. Never send a preload directive if you don't know what preload means. Check https://hstspreload.org/ to learn the basics about the Google-Preload list. If you send a preload directive, you should **immediately** add your domain to the HSTS preload list via https://hstspreload.org/ . If Google accepts the domain, so the status is "pending": Note that new entries are hardcoded into the Chrome source code and can take several months before they reach the stable version. So you will see this message some months. If you don't want that or if you don't understand "preload", but if you send a preload directive and if you have correct A-redirects, everybody can add your domain to that list. Then you may have problems, it's not easy to undo that. So if you don't want your domain preloaded, remove the preload directive.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Bhttps://blackrock.com/ 69.52.2.199
301

Missing HSTS-Header
Bhttps://blackrock.com/ 69.52.13.199
301

Missing HSTS-Header
Bhttps://www.blackrock.com/ 104.79.33.16
301

Missing HSTS-Header
http://www.blackrock.com/ 104.79.33.16
301
_abck=5B72F4F642DFDE73B54A8FEF3089612F~-1~YAAQttbdWEpjSI+RAQAAUHVfrAwACLbgGbvX18RjFTHUwjaXVCsLo05Mimd6jDnfoCT5B7Gb4pyEVVn8SkBh6jAzVS0C5KYf3xMm3vb3a5HTZzISZ1c8ktaJNujzlGEq7JWSEflGzu+h3FAi07lPUMf02bpqAi0lRZEHEYiHAmk79ZvBF8r9rSyQlCAbx7YZMmtDcBU/YeuWWKkMOV4DJavT5on1y8jtzxPMRtcjhTVUY8kBJKZogkuFKrQ/4Ad7B/o6nm7iioB2ngqiL0MAc8TwyLGG5YfQPDVY6mN05lDpPitj11sW7eV6EVo5IhlJNAoSS63Q3do1zIGwoI/LbOtFpw5peHtjnS7L~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:02 GMT; Max-Age=31536000
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.blackrock.com/ 104.79.33.16
301
bm_sz=678347BB0C15D40A2987D6A16EF881E2~YAAQttbdWEtjSI+RAQAAUHVfrBhyEubUlCXPWfdlXk4kLwRz0OoviKrkSZQInn71Klqwv0gIUNWwzeROVUNVll4DRiL8j9vEAH45FwxiPmgjFN2++plnJHk4x3qR7hFYmwnnvSa/4SpFU7AHiyod8NZ5bdcPUITR8BJ7AHBWAy001OBddmVlqNOEt2JUFPgoU9cUcS08x12Bu3fZTxNLz7zcth83WBb/UVCq9o52W6CwVSZvfxOJa+IdurdrkqzHGy7hyWiFGrtdYAY6d0CtWcas8JiGxw8juP4K71dw3FiPcM2z9XkbJ9oodbQHxD7cy79wF9U32vFifRHtGW0K/A84yqc1Nrf6baMCkQUItnY=~3556934~3488065; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:02 GMT; Max-Age=14400
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 104.79.33.16
301
_abck=8EF1952C59CF8445BA868E02B165EE6A~-1~YAAQttbdWMtmSI+RAQAAkb1frAzGIS6c9H/f3l8MMV98lZNDXkutB/75khejNqpZ8PnpUYaJgoHxui5OgZftBKI6mxgzJKErRRGdT6lRzKkDS+2DNTuNk3RlftCAiQbdjAhatzDvPFBggYhxpEBdcw/rC/YnjcVaUE4Dwb4miH1x1oqZs5NYMCjarERAKjnNEt9r98g3bGV81PU+Cud5mtIBIOlxKgjI/9prNyb85HqGKbGdwSWagHToltMMbThsXzdqiR85TkSEib5lOlPdnh4KVxos/i4x9AcLGkxeHGVRgKOTcf8X1MbUYJFJS3JQ40uWp36ic/YUhbJXeuH2n78J9PDfIqMa6KQj~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:21 GMT; Max-Age=31536000
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 104.79.33.16
301
bm_sz=DB41722C4EA7314DE3B610E2D091110A~YAAQttbdWMxmSI+RAQAAkb1frBib4S68ZjIOcTZHuhporFqGs3wygYEqUgQTqlgip/UdU8FVK5/RpciHNP5xufhJCi+iRlBPI6RqnBk7fzyCp6rq7B4GSy573DsIaCz5XD5YVRBhxRcQYJXAKQWW5z5r3kCu565xsegZXJPq/iJg8pNZVsmFygXqtAgW8nMm+m7znWnsazu/ctxEr9GLs93XwKORLOiSfwVfkdm1THXTaUH+GQ/kDXWldBM1rBn45dCmCI9tm9JRCezNsxyHH/f5KY29ZdgA5Nbv0hu6LrIey1zLo0lfyO5ayEwpGYwMvefu9gMXR9DyusvVZ3gepagsYYwJHZqxKCP3JXDBq28=~3359811~3747894; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:21 GMT; Max-Age=14400
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
Bhttps://www.blackrock.com/ 104.79.33.16
301
bm_sz=2FE37E7A448A3CA3BE741182EEF6386A~YAAQttbdWPdlSI+RAQAA1KpfrBhK3q0AkwID7Ijo7y2nICPCdJEfrYJ7s6oTGPcHCvfTKM0o1MqEtaJMWCfh9wDza24e8etSiGMuonBlZ6cq/4iC2ndRsPql8fApunjeEHNI8n2bkaAv5yUBkU8soBglwb49eQOlMKbFjmxSF894Fke9s/EoK+DrD2RrZZea5CVOAP8hjgOjjsavmVdVjyOBKgmEZPV+RojdtFQpLnozuMgfgzIWQtOdT/r/aKmBkvXCLxCu78/R3QJVSQMqXYmI+ANa020C+r5e+H6vsAjjK/kdIRHWtUfJk1aOQpnztX01v49dzszcLHVkgGbWM3+BoHsc0Vk22XF2edgqn00=~4474161~3359540; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:16 GMT; Max-Age=14400
Cookie sent via https, but not marked as secure
Bhttps://www.blackrock.com/de/privatanleger
200
STICKY_SESSION_COOKIE_UK_RETAIL01_LIVE="b566672679e29e7a"; Max-Age=3600; Path=/; HttpOnly
Cookie sent via https, but not marked as secure
Bhttps://www.blackrock.com/de/privatanleger
200
bm_sz=93FE3C390A2F822304CA67794B9263C0~YAAQttbdWGJrSI+RAQAArf5frBgYmTNymTkl00xfU791PS7XR+mwK+9tfqUJE9RHHizB1TDJ+ElhkWOM1C0/HTdliM9G5jFtZC5UkSqX0bwC6Hf2CTQFP1hA9H97euwhWNF1pAGowgcvd9r5BKhYbxkpd1UvhoEVtZXxy8DDit7CzofnPbOW5FHRvtc55vFV7qIp3e6ls5IivlliSYGOSx74BiuV9z7I38M+aD4jEIJAar6ZTCFDmYiDi3kjDsmurXvrxAiJYgH8v4PzN8NUvyUiYxXnCoW9ezr2vUWub8ol33oQKwKUWTAgz0v0YUHoxLihX6oKTHvInrJ7FKoi7qm/qxW8h3Jp3fpXkQU4Ek0=~3229235~4343353; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:37 GMT; Max-Age=14400
Cookie sent via https, but not marked as secure
Bhttps://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404
STICKY_SESSION_COOKIE_BLK_CORP01_LIVE="d0a9f2dbcdc9fd93"; Max-Age=3600; Path=/; HttpOnly
Cookie sent via https, but not marked as secure
Bhttp://www.blackrock.com/ 104.79.33.16
301
_abck=5B72F4F642DFDE73B54A8FEF3089612F~-1~YAAQttbdWEpjSI+RAQAAUHVfrAwACLbgGbvX18RjFTHUwjaXVCsLo05Mimd6jDnfoCT5B7Gb4pyEVVn8SkBh6jAzVS0C5KYf3xMm3vb3a5HTZzISZ1c8ktaJNujzlGEq7JWSEflGzu+h3FAi07lPUMf02bpqAi0lRZEHEYiHAmk79ZvBF8r9rSyQlCAbx7YZMmtDcBU/YeuWWKkMOV4DJavT5on1y8jtzxPMRtcjhTVUY8kBJKZogkuFKrQ/4Ad7B/o6nm7iioB2ngqiL0MAc8TwyLGG5YfQPDVY6mN05lDpPitj11sW7eV6EVo5IhlJNAoSS63Q3do1zIGwoI/LbOtFpw5peHtjnS7L~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:02 GMT; Max-Age=31536000
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.blackrock.com/ 104.79.33.16
301
bm_sz=678347BB0C15D40A2987D6A16EF881E2~YAAQttbdWEtjSI+RAQAAUHVfrBhyEubUlCXPWfdlXk4kLwRz0OoviKrkSZQInn71Klqwv0gIUNWwzeROVUNVll4DRiL8j9vEAH45FwxiPmgjFN2++plnJHk4x3qR7hFYmwnnvSa/4SpFU7AHiyod8NZ5bdcPUITR8BJ7AHBWAy001OBddmVlqNOEt2JUFPgoU9cUcS08x12Bu3fZTxNLz7zcth83WBb/UVCq9o52W6CwVSZvfxOJa+IdurdrkqzHGy7hyWiFGrtdYAY6d0CtWcas8JiGxw8juP4K71dw3FiPcM2z9XkbJ9oodbQHxD7cy79wF9U32vFifRHtGW0K/A84yqc1Nrf6baMCkQUItnY=~3556934~3488065; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:02 GMT; Max-Age=14400
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://www.blackrock.com/ 104.79.33.16
301
_abck=279BCC6C030B7214C7C9359AF9794693~-1~YAAQttbdWPZlSI+RAQAA1KpfrAx4rAn8YgICrvPkrbDzQMsQSkTdssWJ+mQDt28wyvf5sE9L6Ixz+j12/vZ6/0eRFXNdhsgQEt3VpyOZbDcW8u2JF9c4k64Qc1zR0O8QXu0CSlzQPLVN+6jLHYd83XjeGoQpFkdq/lfsr7kQUEa7bHdyZdj19LlJX+kWUAHj6sn2PRbjVTinhv0cWD58gNXom8B7tUqRTt94nwKu2E0rpJDfkMKtDkTYJkY5wZLD0MvXyf7xcPedmbe47Pb4LhJP6HBs8vJTA9CxLNXOe/d4XCf1/R4+wGDRFG+5Mv+8FTIkUuEmwSc1u+k7cedfpXOiR11OmvRtu/YT7isj/LqUwpl6PbXri1Usuk1JUAIQsblilGZSVfQF99o=~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:16 GMT; Max-Age=31536000; Secure
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://www.blackrock.com/ 104.79.33.16
301
bm_sz=2FE37E7A448A3CA3BE741182EEF6386A~YAAQttbdWPdlSI+RAQAA1KpfrBhK3q0AkwID7Ijo7y2nICPCdJEfrYJ7s6oTGPcHCvfTKM0o1MqEtaJMWCfh9wDza24e8etSiGMuonBlZ6cq/4iC2ndRsPql8fApunjeEHNI8n2bkaAv5yUBkU8soBglwb49eQOlMKbFjmxSF894Fke9s/EoK+DrD2RrZZea5CVOAP8hjgOjjsavmVdVjyOBKgmEZPV+RojdtFQpLnozuMgfgzIWQtOdT/r/aKmBkvXCLxCu78/R3QJVSQMqXYmI+ANa020C+r5e+H6vsAjjK/kdIRHWtUfJk1aOQpnztX01v49dzszcLHVkgGbWM3+BoHsc0Vk22XF2edgqn00=~4474161~3359540; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:16 GMT; Max-Age=14400
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://www.blackrock.com/de/privatanleger
200
STICKY_SESSION_COOKIE_UK_RETAIL01_LIVE="b566672679e29e7a"; Max-Age=3600; Path=/; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://www.blackrock.com/de/privatanleger
200
_abck=29281FA350C4C1275AA557364E6D4549~-1~YAAQttbdWGFrSI+RAQAArf5frAxsNwCziizc6jm67j/w1L5Pd3MAAzwjyI55g29XYZTfCKxZ0X2p20YdN2aetmQ+83IJ5jTlyRAQdiSr94WvlT5ntsNhc/EGX2c3wyeOS34pshb6ow16zJVBcDSYZ9aqSeIXSiTUh6qeOkx9AQ/sE243+YIZRsFRUFNvrM86a/IqvcbrB+v38VD28nwTShPJPUkLHaU0oQT4nPBJFm4P/swlKqfh2UgiWAYGOn/7FcUS0ImFzegEf0RftkZCxI2tsbCVAtSY+VZBS4IpVomTzvN2AWz4ffWVHAKTMnE42KBwtcTSR9MMMF0ReH01PEQf/aHW9CcSSGtIFXK2Dacnl804E3jhWWZGtxtAlUt29n7CF/ScymmxHh4=~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:37 GMT; Max-Age=31536000; Secure
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://www.blackrock.com/de/privatanleger
200
bm_sz=93FE3C390A2F822304CA67794B9263C0~YAAQttbdWGJrSI+RAQAArf5frBgYmTNymTkl00xfU791PS7XR+mwK+9tfqUJE9RHHizB1TDJ+ElhkWOM1C0/HTdliM9G5jFtZC5UkSqX0bwC6Hf2CTQFP1hA9H97euwhWNF1pAGowgcvd9r5BKhYbxkpd1UvhoEVtZXxy8DDit7CzofnPbOW5FHRvtc55vFV7qIp3e6ls5IivlliSYGOSx74BiuV9z7I38M+aD4jEIJAar6ZTCFDmYiDi3kjDsmurXvrxAiJYgH8v4PzN8NUvyUiYxXnCoW9ezr2vUWub8ol33oQKwKUWTAgz0v0YUHoxLihX6oKTHvInrJ7FKoi7qm/qxW8h3Jp3fpXkQU4Ek0=~3229235~4343353; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:37 GMT; Max-Age=14400
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 104.79.33.16
301
_abck=8EF1952C59CF8445BA868E02B165EE6A~-1~YAAQttbdWMtmSI+RAQAAkb1frAzGIS6c9H/f3l8MMV98lZNDXkutB/75khejNqpZ8PnpUYaJgoHxui5OgZftBKI6mxgzJKErRRGdT6lRzKkDS+2DNTuNk3RlftCAiQbdjAhatzDvPFBggYhxpEBdcw/rC/YnjcVaUE4Dwb4miH1x1oqZs5NYMCjarERAKjnNEt9r98g3bGV81PU+Cud5mtIBIOlxKgjI/9prNyb85HqGKbGdwSWagHToltMMbThsXzdqiR85TkSEib5lOlPdnh4KVxos/i4x9AcLGkxeHGVRgKOTcf8X1MbUYJFJS3JQ40uWp36ic/YUhbJXeuH2n78J9PDfIqMa6KQj~-1~-1~-1; Domain=.blackrock.com; Path=/; Expires=Mon, 01 Sep 2025 06:57:21 GMT; Max-Age=31536000
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 104.79.33.16
301
bm_sz=DB41722C4EA7314DE3B610E2D091110A~YAAQttbdWMxmSI+RAQAAkb1frBib4S68ZjIOcTZHuhporFqGs3wygYEqUgQTqlgip/UdU8FVK5/RpciHNP5xufhJCi+iRlBPI6RqnBk7fzyCp6rq7B4GSy573DsIaCz5XD5YVRBhxRcQYJXAKQWW5z5r3kCu565xsegZXJPq/iJg8pNZVsmFygXqtAgW8nMm+m7znWnsazu/ctxEr9GLs93XwKORLOiSfwVfkdm1THXTaUH+GQ/kDXWldBM1rBn45dCmCI9tm9JRCezNsxyHH/f5KY29ZdgA5Nbv0hu6LrIey1zLo0lfyO5ayEwpGYwMvefu9gMXR9DyusvVZ3gepagsYYwJHZqxKCP3JXDBq28=~3359811~3747894; Domain=.blackrock.com; Path=/; Expires=Sun, 01 Sep 2024 10:57:21 GMT; Max-Age=14400
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404
STICKY_SESSION_COOKIE_BLK_CORP01_LIVE="d0a9f2dbcdc9fd93"; Max-Age=3600; Path=/; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Dhttp://blackrock.com/ 69.52.2.199
301
http://www.blackrock.com/
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://blackrock.com/ 69.52.13.199
301
http://www.blackrock.com/
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 69.52.2.199
301
http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 69.52.13.199
301
http://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Mhttps://104.79.33.16/ 104.79.33.16
400

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://69.52.2.199/ 69.52.2.199
301
https://www.69.52.2.199/
Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://69.52.13.199/ 69.52.13.199
301
https://www.69.52.13.199/
Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://104.79.33.16/ 104.79.33.16
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Rhttps://69.52.2.199/ 69.52.2.199
301
https://www.69.52.2.199/
Redirect to not existing domain
Rhttps://69.52.13.199/ 69.52.13.199
301
https://www.69.52.13.199/
Redirect to not existing domain
Fatal: More then one ip address per domain name found, but checking all ip addresses different http status found.: Domain blackrock.com, 2 ip addresses, 2 different http results.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain blackrock.com, 2 ip addresses, 1 different http results.
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.blackrock.com

2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05)

Awww.blackrock.com
Content-Security-Policy
Ok: Header without syntax errors found: default-src https://www.blackrock.com/u5vn5_pFt/o4X1/HWgJw/ai1DLcDh0GbS/HRNLRk0/ETBXd/290BX4 'nonce-94a37d1cf6ae9fc94097ea31271a134d' https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: blob:; child-src https: blob:; worker-src https: blob:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com; style-src https: 'unsafe-inline'; script-src 'nonce-94a37d1cf6ae9fc94097ea31271a134d' https: 'unsafe-eval' 'nonce-BWOAW4n6/2ijDvoGOfr/dA==';
F

Bad: default-src with "*" or a scheme found. That allows too much, don't use such a definition.
A

Good: default-src without 'unsafe-inline' or 'unsave-eval'.
E

Bad: No form-action directive found. Use one to limit the form - action - destinations. form-action is a navigation-directive, so default-src isn't used.
A

Good: frame-ancestors directive found. That limits pages who are allowed to use this page in a frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
A

Good: base-uri directive found. That limits the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
A

Good: object-src only with 'none' or 'self' found, no scheme, no other urls. That blocks object / embed / applet - elements.
C

Critical: script-src with 'unsafe-inline' or 'unsafe-eval' and with a nonce found. Ok, better with the nonce, but not really good. Don't use 'unsafe' - declarations.
F

Critical: script-src with * or a scheme found. Never allow wildcard - sources.
A

Good: script-src without data: schema found. Why is this important? The data: schema allows hidden code injection. Insert <script src='data:application/javascript;base64,YWxlcnQoJ1hTUycpOw=='></script> in your page and see what happens.
A

Good: frame-src without data: defined or frame-src missing and the default-src used as fallback not allows the data: schema. That blocks hidden code injection. Insert <iframe src="data:text/html;charset=utf-8;base64,PCFET0NUWVBFIGh0bWw+PGh0bWw+PGJvZHk+PHA+YmVmb3JlPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPmFsZXJ0KCdYU1MnKTwvc2NyaXB0PjxwPmFmdGVyPC9ib2R5PjwvaHRtbD4="></iframe> in your page and see what happens.
A

Ok: Nonce found. (Element: default-src)
A

Ok: Nonce found. (Element: base-uri)
A

Ok: Nonce found. (Element: base-uri)
A
X-Content-Type-Options
Ok: Header without syntax errors found: nosniff
A
Referrer-Policy
Ok: Header without syntax errors found: no-referrer-when-downgrade
A
X-Frame-Options
Ok: Header without syntax errors found: SAMEORIGIN
B

Info: Header is deprecated. May not longer work in modern browsers. SAMEORIGIN. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A
X-Xss-Protection
Ok: Header without syntax errors found: 1; mode=block
B

Info: Header is deprecated. May not longer work in modern browsers. 1; mode=block
Fwww.blackrock.com
Permissions-Policy
Critical: Missing Header:
Bwww.blackrock.com
Cross-Origin-Embedder-Policy
Info: Missing Header
Bwww.blackrock.com
Cross-Origin-Opener-Policy
Info: Missing Header
Bwww.blackrock.com
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks

AInfo:: 2 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 6 Name Servers.
AInfo:: 2 Queries complete, 2 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
AGood: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.ns1.blackrock.com (193.108.91.23), ns2.blackrock.com (96.7.49.67), ns3.blackrock.com (23.61.199.64), ns4.blackrock.com (184.26.160.66), ns5.blackrock.com (23.211.132.67), ns6.blackrock.com (95.100.173.65)
AGood (1 - 3.0):: An average of 0.3 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 6 different Name Servers found: ns1.blackrock.com, ns2.blackrock.com, ns3.blackrock.com, ns4.blackrock.com, ns5.blackrock.com, ns6.blackrock.com, 6 Name Servers included in Delegation: ns1.blackrock.com, ns2.blackrock.com, ns3.blackrock.com, ns4.blackrock.com, ns5.blackrock.com, ns6.blackrock.com, 6 Name Servers included in 1 Zone definitions: ns1.blackrock.com, ns2.blackrock.com, ns3.blackrock.com, ns4.blackrock.com, ns5.blackrock.com, ns6.blackrock.com, 1 Name Servers listed in SOA.Primary: ns1.blackrock.com.
AGood: Only one SOA.Primary Name Server found.: ns1.blackrock.com.
AGood: SOA.Primary Name Server included in the delegation set.: ns1.blackrock.com.
AGood: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns1.blackrock.com, ns2.blackrock.com, ns3.blackrock.com, ns4.blackrock.com, ns5.blackrock.com, ns6.blackrock.com
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 6 different Name Servers found
Warning: No Name Server IPv6 address found. IPv6 is the future, so your name servers should be visible via IPv6.: 6 different Name Servers found
Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 6 Name Servers, 1 Top Level Domain: com
Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: blackrock.com
AGood: Name servers with different Country locations found: 6 Name Servers, 4 Countries: DE, FR, IT, US
AInfo: Ipv4-Subnet-list: 6 Name Servers, 5 different subnets (first Byte): 184., 193., 23., 95., 96., 6 different subnets (first two Bytes): 184.26., 193.108., 23.211., 23.61., 95.100., 96.7., 6 different subnets (first three Bytes): 184.26.160., 193.108.91., 23.211.132., 23.61.199., 95.100.173., 96.7.49.
AGood: Name Server IPv4-addresses from different subnet found:
AGood: Nameserver supports TCP connections: 6 good Nameserver
AGood: Nameserver supports Echo Capitalization: 6 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 6 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 6 good Nameserver
Nameserver doesn't pass all EDNS-Checks: ns1-2.akamai.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
https://www.blackrock.com/de/privatanleger
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
AGood: Every https result with status 200 has a minified Html-Content with a quota lower then 110 %.
AGood: Every https connection via port 443 supports the http/2 protocol via ALPN.
AGood: Some script Elements (type text/javascript) with a src-Attribute have a defer / async - Attribute. So loading and executing these JavaScripts doesn't block parsing and rendering the Html-Output.
https://www.blackrock.com/de/privatanleger
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 2 script elements without defer/async.
AGood: All CSS / JavaScript files are sent compressed (gzip, deflate, br checked). That reduces the content of the files. 23 external CSS / JavaScript files found
AGood: All svg-Images greater 1024 Bytes without internal compression are compressed. Svg is an Xml-Application, so Compression reduces the size of the file. 3 images (type image/svg+xml, image/x-icon, image/vnd.microsoft.icon) found with compression.
AGood: All images with internal compression not compressed. Some Images (.png, .jpg, .jpeg, .webp, .gif) are already compressed, so an additional compression isn't helpful. 3 images (type image/png, image/jpg, image/jpeg, image/webp, image/gif) found without additional Compression. Not required because these images are already compressed
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 0 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 4 with Cache-Control max-age too short (minimum 7 days), 19 with Cache-Control long enough, 23 complete.
AGood: All images are sent with a long Cache-Control header (minimum 7 days). So the browser can reuse these files, no download is required. 7 image files with long Cache-Control max-age found
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AGood: All img-elements have a valid alt-attribute.: 7 img-elements found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
https://www.blackrock.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404
3.173 seconds
Warning: 404 needs more then one second
AInfo: Different Server-Headers found
ADuration: 418360 milliseconds, 418.360 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
blackrock.com
69.52.2.199
443
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
not supported
ok
blackrock.com
69.52.2.199
443
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=www.blackrock.com, O="BlackRock Financial Management, Inc.", L=New York, C=US, ST=New York

2CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


blackrock.com
69.52.13.199
443
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
not supported
ok

blackrock.com
69.52.13.199
443
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=www.blackrock.com, O="BlackRock Financial Management, Inc.", L=New York, C=US, ST=New York

2CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


www.blackrock.com
www.blackrock.com
443
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok

www.blackrock.com
www.blackrock.com
443
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=*.blackrock.com, O=BlackRock Financial Management Inc., L=New York, C=US, ST=New York

2CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


www.blackrock.com
104.79.33.16
443
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok

www.blackrock.com
104.79.33.16
443
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=*.blackrock.com, O=BlackRock Financial Management Inc., L=New York, C=US, ST=New York

2CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


www.blackrock.com
www.blackrock.com
443
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok

www.blackrock.com
www.blackrock.com
443
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=*.blackrock.com, O=BlackRock Financial Management Inc., L=New York, C=US, ST=New York

2CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


69.52.2.199
69.52.2.199
443
name does not match
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
not supported
ok

69.52.2.199
69.52.2.199
443
name does not match
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=www.blackrock.com, O="BlackRock Financial Management, Inc.", L=New York, C=US, ST=New York

2CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


69.52.13.199
69.52.13.199
443
name does not match
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
not supported
ok

69.52.13.199
69.52.13.199
443
name does not match
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=www.blackrock.com, O="BlackRock Financial Management, Inc.", L=New York, C=US, ST=New York

2CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US


104.79.33.16
104.79.33.16
443
name does not match
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok

104.79.33.16
104.79.33.16
443
name does not match
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=*.blackrock.com, O=BlackRock Financial Management Inc., L=New York, C=US, ST=New York

2CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


9. Certificates

1.
1.
CN=www.blackrock.com, O="BlackRock Financial Management, Inc.", L=New York, S=New York, C=US
25.10.2023
21.11.2024
expires in 72 days
www.blackrock.com, blackrock.com - 2 entries
1.
1.
CN=www.blackrock.com, O="BlackRock Financial Management, Inc.", L=New York, S=New York, C=US
25.10.2023

21.11.2024
expires in 72 days
www.blackrock.com, blackrock.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:79CCE7CFE7E23C1873402F769A226785
Thumbprint:0F9A85F12B9561A7A8A1FC309EDC3AA8CE6DB6B4
SHA256 / Certificate:DyJuTsSnD0xvYvqbNAo5Ww/rbq7v324ROZntjeOiflE=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):ac0f736f1b9365dc9346c97da2c567886941090e98515070d28aa76dce4061dd
SHA256 hex / Subject Public Key Information (SPKI):ac0f736f1b9365dc9346c97da2c567886941090e98515070d28aa76dce4061dd (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=www.blackrock.com, O="BlackRock Financial Management, Inc.", L=New York, S=New York, C=US
25.10.2023
21.11.2024
expires in 72 days
www.blackrock.com, blackrock.com - 2 entries

2.
CN=www.blackrock.com, O="BlackRock Financial Management, Inc.", L=New York, S=New York, C=US
25.10.2023

21.11.2024
expires in 72 days
www.blackrock.com, blackrock.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:79CCE7CFE7E23C1873402F769A226785
Thumbprint:0F9A85F12B9561A7A8A1FC309EDC3AA8CE6DB6B4
SHA256 / Certificate:DyJuTsSnD0xvYvqbNAo5Ww/rbq7v324ROZntjeOiflE=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):ac0f736f1b9365dc9346c97da2c567886941090e98515070d28aa76dce4061dd
SHA256 hex / Subject Public Key Information (SPKI):ac0f736f1b9365dc9346c97da2c567886941090e98515070d28aa76dce4061dd (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


3.
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
05.10.2015
05.12.2030
expires in 2277 days


3.
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
05.10.2015

05.12.2030
expires in 2277 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0EE94CC30000000051D37785
Thumbprint:F21C12F46CDB6B2E16F09F9419CDFF328437B2D7
SHA256 / Certificate:E++zmi9mVOjGe9BPTG1MkM1sq1CRvO3HN4f2t309P+c=
SHA256 hex / Cert (DANE * 0 1):13efb39a2f6654e8c67bd04f4c6d4c90cd6cab5091bcedc73787f6b77d3d3fe7
SHA256 hex / PublicKey (DANE * 1 1):f7cd08a27aa9df0918b4df5265580ccee590cc9b5ad677f134fc137a6d57d2e7
SHA256 hex / Subject Public Key Information (SPKI):f7cd08a27aa9df0918b4df5265580ccee590cc9b5ad677f134fc137a6d57d2e7
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


4.
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
05.10.2015
05.12.2030
expires in 2277 days


4.
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
05.10.2015

05.12.2030
expires in 2277 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0EE94CC30000000051D37785
Thumbprint:F21C12F46CDB6B2E16F09F9419CDFF328437B2D7
SHA256 / Certificate:E++zmi9mVOjGe9BPTG1MkM1sq1CRvO3HN4f2t309P+c=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):f7cd08a27aa9df0918b4df5265580ccee590cc9b5ad677f134fc137a6d57d2e7
SHA256 hex / Subject Public Key Information (SPKI):f7cd08a27aa9df0918b4df5265580ccee590cc9b5ad677f134fc137a6d57d2e7
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


5.
CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
07.07.2009
07.12.2030
expires in 2279 days


5.
CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
07.07.2009

07.12.2030
expires in 2279 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:4A538C28
Thumbprint:8CF427FD790C3AD166068DE81E57EFBB932272D4
SHA256 / Certificate:Q99XdLA+f+9f5A2TGnvt8bsua0JzjE5tOEEQPTqn8zk=
SHA256 hex / Cert (DANE * 0 1):43df5774b03e7fef5fe40d931a7bedf1bb2e6b42738c4e6d3841103d3aa7f339
SHA256 hex / PublicKey (DANE * 1 1):76ee8590374c715437bbca6bba6028eadde2dc6dbbb8c3f610e851f11d1ab7f5
SHA256 hex / Subject Public Key Information (SPKI):76ee8590374c715437bbca6bba6028eadde2dc6dbbb8c3f610e851f11d1ab7f5
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



6.
CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
22.09.2014
23.09.2024
expires in 13 days


6.
CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
22.09.2014

23.09.2024
expires in 13 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:51D34044
Thumbprint:9E1A0C35E714B69792D090B2CC4BBA45833C3015
SHA256 / Certificate:axQ8IAXVU5zCLqtfdy2yqf6HRn/v+gf88Kn30oJ0yno=
SHA256 hex / Cert (DANE * 0 1):6b143c2005d5539cc22eab5f772db2a9fe87467feffa07fcf0a9f7d28274ca7a
SHA256 hex / PublicKey (DANE * 1 1):76ee8590374c715437bbca6bba6028eadde2dc6dbbb8c3f610e851f11d1ab7f5
SHA256 hex / Subject Public Key Information (SPKI):76ee8590374c715437bbca6bba6028eadde2dc6dbbb8c3f610e851f11d1ab7f5
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.entrust.net
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


7.
CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
27.11.2006
27.11.2026
expires in 808 days


7.
CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
27.11.2006

27.11.2026
expires in 808 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:456B5054
Thumbprint:B31EB1B740E36C8402DADC37D44DF5D4674952F9
SHA256 / Certificate:c8F2Q08bxtWt9FsOducnKHyN5XYWwebmFBorLLx9jkw=
SHA256 hex / Cert (DANE * 0 1):73c176434f1bc6d5adf45b0e76e727287c8de57616c1e6e6141a2b2cbc7d8e4c
SHA256 hex / PublicKey (DANE * 1 1):6dbfae00d37b9cd73f8fb47de65917af00e0dddf42dbceac20c17c0275ee2095
SHA256 hex / Subject Public Key Information (SPKI):6dbfae00d37b9cd73f8fb47de65917af00e0dddf42dbceac20c17c0275ee2095
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


2.
1.
CN=*.blackrock.com, O=BlackRock Financial Management Inc., L=New York, S=New York, C=US
16.11.2023
17.11.2024
expires in 68 days
*.blackrock.com, blackrock.com - 2 entries
2.
1.
CN=*.blackrock.com, O=BlackRock Financial Management Inc., L=New York, S=New York, C=US
16.11.2023

17.11.2024
expires in 68 days
*.blackrock.com, blackrock.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:01D0B3123660DA5DD3C2C090A6A8D6E8
Thumbprint:0095B4A7536B1B43155B0F1E1193D374816E2A26
SHA256 / Certificate:MKn1lJbMnlvqEyNlL0+J0I6rUVxyZN0Wsn5NpMyfjo8=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):5d7cc64db2a30403b992a5b76646e58b86350e0d09160fbfd93935800c2a1bae
SHA256 hex / Subject Public Key Information (SPKI):5d7cc64db2a30403b992a5b76646e58b86350e0d09160fbfd93935800c2a1bae (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=*.blackrock.com, O=BlackRock Financial Management Inc., L=New York, S=New York, C=US
16.11.2023
17.11.2024
expires in 68 days
*.blackrock.com, blackrock.com - 2 entries

2.
CN=*.blackrock.com, O=BlackRock Financial Management Inc., L=New York, S=New York, C=US
16.11.2023

17.11.2024
expires in 68 days
*.blackrock.com, blackrock.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:01D0B3123660DA5DD3C2C090A6A8D6E8
Thumbprint:0095B4A7536B1B43155B0F1E1193D374816E2A26
SHA256 / Certificate:MKn1lJbMnlvqEyNlL0+J0I6rUVxyZN0Wsn5NpMyfjo8=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):5d7cc64db2a30403b992a5b76646e58b86350e0d09160fbfd93935800c2a1bae
SHA256 hex / Subject Public Key Information (SPKI):5d7cc64db2a30403b992a5b76646e58b86350e0d09160fbfd93935800c2a1bae (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


3.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021
14.04.2031
expires in 2407 days


3.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021

14.04.2031
expires in 2407 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:06D8D904D5584346F68A2FA754227EC4
Thumbprint:1C58A3A8518E8759BF075B76B750D4F2DF264FCD
SHA256 / Certificate:UidMV85N7jtJ23p/9wjAQPdxiYs76IclqG+0QwGC/hQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SHA256 hex / Subject Public Key Information (SPKI):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


4.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021
14.04.2031
expires in 2407 days


4.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021

14.04.2031
expires in 2407 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:06D8D904D5584346F68A2FA754227EC4
Thumbprint:1C58A3A8518E8759BF075B76B750D4F2DF264FCD
SHA256 / Certificate:UidMV85N7jtJ23p/9wjAQPdxiYs76IclqG+0QwGC/hQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SHA256 hex / Subject Public Key Information (SPKI):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006
10.11.2031
expires in 2617 days


5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006

10.11.2031
expires in 2617 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:083BE056904246B1A1756AC95991C74A
Thumbprint:A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016
10.05.2025
expires in 242 days


6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016

10.05.2025
expires in 242 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0F5BC3A176CB789E2020C7893C8167B4
Thumbprint:FB20FA8A6A93B375F054814F9E00273EA51A6138
SHA256 / Certificate:bay7iUUTex2tQhGwQ2774G8SrONpBJc7Ra4ldAgj02k=
SHA256 hex / Cert (DANE * 0 1):6dacbb8945137b1dad4211b0436efbe06f12ace36904973b45ae25740823d369
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000
13.05.2025
expires in 245 days


7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000

13.05.2025
expires in 245 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:020000B9
Thumbprint:D4DE20D05E66FC53FE1A50882C78DB2852CAE474
SHA256 / Certificate:Fq9XqfZ2sKsSYJWqXrre8iqzERnWRKyVzUuT2/Pyaus=
SHA256 hex / Cert (DANE * 0 1):16af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb
SHA256 hex / PublicKey (DANE * 1 1):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SHA256 hex / Subject Public Key Information (SPKI):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
0
21
21

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
6000406835
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-10-13 03:50:46
2024-11-12 03:50:45
bfm.com, blackrock.com, lonvcse.bfm.com, lon-vcs-e.bfm.com - 4 entries


5887837100
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-21 16:40:52
2024-10-20 16:40:51
bfm.com, blackrock.com, edgeaudioamrseast.bfm.com, halexpeedge1.bfm.com, halexpeedge2.bfm.com, wbx.edge-amrs.bfm.com - 6 entries


5887837103
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-21 16:40:52
2024-10-20 16:40:51
bfm.com, blackrock.com, edgeaudioamrseast.bfm.com, halexpeedge1.bfm.com, halexpeedge2.bfm.com, wbx.edge-amrs.bfm.com - 6 entries


5887837095
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-21 16:40:52
2024-10-20 16:40:50
bfm.com, blackrock.com, edgeaudioamrsweste1.bfm.com, ewdexpeedge1.bfm.com, ewdexpeedge2.bfm.com, wbx.edge-amrs.bfm.com - 6 entries


5887837080
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-21 16:40:51
2024-10-20 16:40:50
bfm.com, blackrock.com, delexpeedge1.bfm.com, delexpeedge2.bfm.com, edgeaudioamrseast2.bfm.com, wbx.edge-amrs.bfm.com - 6 entries


5887837090
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-21 16:40:51
2024-10-20 16:40:50
bfm.com, blackrock.com, edgeaudioamrsweste1.bfm.com, ewdexpeedge1.bfm.com, ewdexpeedge2.bfm.com, wbx.edge-amrs.bfm.com - 6 entries


5887837069
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-21 16:40:50
2024-10-20 16:40:49
bfm.com, blackrock.com, delexpeedge1.bfm.com, delexpeedge2.bfm.com, edgeaudioamrseast2.bfm.com, wbx.edge-amrs.bfm.com - 6 entries


5844732600
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-13 15:38:27
2024-10-11 15:38:26
*.blackrock.com, blackrock.com - 2 entries


5844732614
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-13 15:38:27
2024-09-21 15:38:26
bfm.com, blackrock.com, halccmlab01p.bfm.com, halccmlab01p-ms.bfm.com, halccmlab01s.bfm.com, halimplab01p.bfm.com, halimplab01s.bfm.com, jabbercucm.uclab.bfm.com, jabbercucm.uclab.blackrock.com, uclab.bfm.com, uclab.blackrock.com - 11 entries


5809241984
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:30
2024-10-04 16:10:29
bfm.com, blackrock.com, expeldg.bfm.com, ldgexpe1.bfm.com, ldgexpe2.bfm.com, ldgexpe3.bfm.com, sipmra.bfm.com - 7 entries


5809241967
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:30
2024-10-04 16:10:29
bfm.com, blackrock.com, expeldg.bfm.com, ldgexpe1.bfm.com, ldgexpe2.bfm.com, ldgexpe3.bfm.com, sipmra.bfm.com - 7 entries


5809241979
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:30
2024-10-04 16:10:29
bfm.com, blackrock.com, expeldg.bfm.com, ldgexpe1.bfm.com, ldgexpe2.bfm.com, ldgexpe3.bfm.com, sipmra.bfm.com - 7 entries


5809241911
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:28
2024-10-04 16:10:27
bfm.com, blackrock.com, edgeaudioemeae.bfm.com, ldgexpeedge1.bfm.com, ldgexpeedge2.bfm.com, wbx.edge-emea.bfm.com - 6 entries


5809241904
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:28
2024-10-04 16:10:27
bfm.com, blackrock.com, edgeaudioemeae.bfm.com, ldgexpeedge1.bfm.com, ldgexpeedge2.bfm.com, wbx.edge-emea.bfm.com - 6 entries


5809241830
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:26
2024-10-04 16:10:25
bfm.com, blackrock.com, edgeaudioemeae2.bfm.com, lvaexpeedge1.bfm.com, lvaexpeedge2.bfm.com, wbx.edge-emea.bfm.com - 6 entries


5809241820
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:26
2024-10-04 16:10:25
bfm.com, blackrock.com, edgeaudioemeae2.bfm.com, lvaexpeedge1.bfm.com, lvaexpeedge2.bfm.com, wbx.edge-emea.bfm.com - 6 entries


5809241817
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:26
2024-10-04 16:10:25
bfm.com, blackrock.com, expelva.bfm.com, lvaexpe1.bfm.com, lvaexpe2.bfm.com, lvaexpe3.bfm.com, sipmra.bfm.com - 7 entries


5809241843
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:26
2024-10-04 16:10:25
bfm.com, blackrock.com, expelva.bfm.com, lvaexpe1.bfm.com, lvaexpe2.bfm.com, lvaexpe3.bfm.com, sipmra.bfm.com - 7 entries


5809241835
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-09-06 16:10:26
2024-10-04 16:10:25
bfm.com, blackrock.com, expelva.bfm.com, lvaexpe1.bfm.com, lvaexpe2.bfm.com, lvaexpe3.bfm.com, sipmra.bfm.com - 7 entries


5768316846
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-08-30 14:32:04
2024-09-29 14:32:02
bfm.com, blackrock.com, sg4b2bexpc1.bfm.com - 3 entries


5768316853
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-08-30 14:32:04
2024-09-29 14:32:03
bfm.com, blackrock.com, sg4b2bexpe1.bfm.com - 3 entries



2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
0
0
8

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
9534708244
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-05-31 13:06:47
2024-06-29 13:06:47
bfm.com, blackrock.com, mraexpclab.amrswest.bfm.com, sfoexpclab1.bfm.com, sfoexpclab2.bfm.com, sipmra.uclabsfo.bfm.com, sipmra.uclabsfo.blackrock.com, uclabsfo.bfm.com, uclabsfo.blackrock.com
9 entries


9534708273
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-05-31 13:06:47
2024-06-29 13:06:47
bfm.com, blackrock.com, mraexpelab.amrswest.bfm.com, sfoexpelab1.bfm.com, sfoexpelab2.bfm.com, sipmra.uclabsfo.bfm.com, sipmra.uclabsfo.blackrock.com, uclabsfo.bfm.com, uclabsfo.blackrock.com
9 entries


9280835432
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-05-01 13:21:00
2024-05-29 13:20:59
bfm.com, blackrock.com, edgeaudioapacsg5e.bfm.com, sg5expeedge1.bfm.com, sg5expeedge2.bfm.com, wbx.edge-apac.bfm.com, www.sg5expeedge1.bfm.com
7 entries


9280835417
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-05-01 13:21:00
2024-05-29 13:20:59
bfm.com, blackrock.com, edgeaudioapacsg5e.bfm.com, sg5expeedge1.bfm.com, sg5expeedge2.bfm.com, wbx.edge-apac.bfm.com, www.sg5expeedge2.bfm.com
7 entries


9231047644
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-04-25 13:13:57
2024-05-24 13:13:57
bfm.com, blackrock.com, expesg4.bfm.com, sg4expe1.bfm.com, sg4expe2.bfm.com, sg4expe3.bfm.com, sg4expe4.bfm.com, sipmra.bfm.com
8 entries


9231047495
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-04-25 13:13:56
2024-05-24 13:13:56
bfm.com, blackrock.com, expesg4.bfm.com, sg4expe1.bfm.com, sg4expe2.bfm.com, sg4expe3.bfm.com, sg4expe4.bfm.com, sipmra.bfm.com
8 entries


9231047473
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-04-25 13:13:54
2024-05-24 13:13:54
bfm.com, blackrock.com, expesg4.bfm.com, sg4expe1.bfm.com, sg4expe2.bfm.com, sg4expe3.bfm.com, sg4expe4.bfm.com, sipmra.bfm.com
8 entries


9231047461
precert
CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", O="Entrust, Inc.", C=US
2023-04-25 13:13:54
2024-05-24 13:13:54
bfm.com, blackrock.com, expesg4.bfm.com, sg4expe1.bfm.com, sg4expe2.bfm.com, sg4expe3.bfm.com, sg4expe4.bfm.com, sipmra.bfm.com
8 entries



11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://www.blackrock.com/de/privatanleger
a

144

0


0
0
0


form

1
26,103 Bytes
0
1
0
0
0
0


img

5
25,631 Bytes
0
5
0
0
0
0


link
stylesheet
5
277,204 Bytes
0
5
0
0
0
0


link
other
6
277,204 Bytes
0
5
0
0
0
0


meta
og
6
19,462 Bytes
0
2
0
0
0
0


meta
other
6

0


0
0
0


picture

2

0


0
0
0


script

18
510,290 Bytes
0
15
3
1
0
0
-1

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://www.blackrock.com/de/privatanleger

a

#


5
ok












a

#bodyWrapper


1
ok












a

/de/privatanleger


2
ok












a

/de/privatanleger/blackrock-in-deutschland


3
ok












a

/de/privatanleger/compliance/impressum


1
ok












a

/de/privatanleger/compliance/terms-and-conditions


1
ok












a

/de/privatanleger/fonds-im-fokus/bgf-esg-multi-asset-fund


2
ok












a

/de/privatanleger/fonds-im-fokus/bgf-natres-funds-index


2
ok












a

/de/privatanleger/fonds-im-fokus/bgf-technology-funds


2
ok












a

/de/privatanleger/fonds-im-fokus/bgf-world-healthscience-fund


2
ok












a

/de/privatanleger/fonds-im-fokus/blackrock-global-impact-fund


2
ok












a

/de/privatanleger/fonds-im-fokus/bsf-bmips


2
ok












a

/de/privatanleger/markte/aktuelle-markteinschaetzung


3
ok












a

/de/privatanleger/markte/markt-einblicke


3
ok












a

/de/privatanleger/markte/update/blackrock-blog/frauen-und-finanzen


2
ok












a

/de/privatanleger/markte/update/blackrock-blog/globaler-anlageausblick-zur-jahresmitte-2024


1
ok












a

/de/privatanleger/produkt/product-list


3
ok












a

/de/privatanleger/produkt/product-list#!type=all&view=perfNav&style=44341


2
ok












a

/de/privatanleger/produkt/product-list#!type=all&view=perfNav&style=44342


2
ok












a

/de/privatanleger/produkt/product-list#!type=ishares&view=perfNav&style=All


1
ok












a

/de/privatanleger/produkt/product-list#!type=mutualFunds&view=perfNav&style=All


1
ok












a

/de/privatanleger/themen/megatrends


2
ok












a

/de/privatanleger/themen/multi-asset


2
ok












a

/de/privatanleger/themen/nachhaltig-investieren


2
ok












a

/de/privatanleger/themen/nachhaltig-und-uebergang-investieren/wie


2
ok












a

/de/privatanleger/themen/ruhestand/sparplantool


2
ok












a

/de/privatanleger/uber-blackrock


1
ok












a

/de/privatanleger/uber-blackrock/complaints-handling


3
ok












a

/de/privatanleger/uber-blackrock/investment-stewardship


2
ok












a

/de/privatanleger/uber-blackrock/kontakt


1
ok












a

/de/privatanleger/uber-blackrock/nachhaltigkeitsbezogene-offenlegungen


3
ok












a

/de/privatanleger/uber-blackrock/verguetungsrichtlinie


2
ok












a

/de/privatanleger/uber-blackrock/wir-engagieren-uns-vor-ort


2
ok












a

/de/privatanleger/wissenswertes/bibliothek


2
ok












a

/de/privatanleger/wissenswertes/vermoegensaufbau-fuer-alle


5
ok












a

/de/privatanleger/wissenswertes/was-sind-etfs


3
ok












a

/de/privatanleger/wissenswertes/was-sind-investmentfonds


1
ok












a

/de/privatanleger/wissenswertes/wertpapierleihe


2
ok












a

/de/professionelle-anleger


1
ok












a

https://careers.blackrock.com


1
ok












a

https://de.linkedin.com/company/blackrock


1
ok












a

https://ir.blackrock.com


1
ok












a

https://ir.blackrock.com/financials/quarterly-results/default.aspx


2
ok












a

https://twitter.com/blackrockDE


1
ok












a

https://www.blackrock.com.cn


1
ok












a

https://www.blackrock.com/ae


1
ok












a

https://www.blackrock.com/aladdin


1
ok












a

https://www.blackrock.com/americas-offshore/


1
ok












a

https://www.blackrock.com/at


1
ok












a

https://www.blackrock.com/au


1
ok












a

https://www.blackrock.com/be


1
ok












a

https://www.blackrock.com/br


1
ok












a

https://www.blackrock.com/ca


1
ok












a

https://www.blackrock.com/ch


1
ok












a

https://www.blackrock.com/cl


1
ok












a

https://www.blackrock.com/cn


1
ok












a

https://www.blackrock.com/co


1
ok












a

https://www.blackrock.com/corporate


2
ok












a

https://www.blackrock.com/corporate/compliance/privacy-policy


1
ok












a

https://www.blackrock.com/corporate/insights/public-policy/blackrock-in-europe


2
ok












a

https://www.blackrock.com/corporate/literature/continuous-disclosure-and-important-information/sfdr-principal-adverse-sustainability-impacts-statement-bamde.pdf


1
ok












a

https://www.blackrock.com/cz


1
ok












a

https://www.blackrock.com/de


4
ok












a

https://www.blackrock.com/de/privatanleger/themen/megatrends


1
ok












a

https://www.blackrock.com/de/privatanleger/themen/nachhaltig-investieren/esg


1
ok












a

https://www.blackrock.com/de/privatanleger/uber-blackrock/kontakt#medien-und-marketing


1
ok












a

https://www.blackrock.com/de/privatanleger/uber-blackrock/weg-zu-netto-null


1
ok












a

https://www.blackrock.com/de/privatanleger/uber-blackrock?userType=


1
ok












a

https://www.blackrock.com/dk


1
ok












a

https://www.blackrock.com/es


1
ok












a

https://www.blackrock.com/fi


1
ok












a

https://www.blackrock.com/fr


1
ok












a

https://www.blackrock.com/hk


1
ok












a

https://www.blackrock.com/hu


1
ok












a

https://www.blackrock.com/il


1
ok












a

https://www.blackrock.com/it


1
ok












a

https://www.blackrock.com/jp/individual/ja


1
ok












a

https://www.blackrock.com/kr


1
ok












a

https://www.blackrock.com/lu


1
ok












a

https://www.blackrock.com/mx


1
ok












a

https://www.blackrock.com/nl


1
ok












a

https://www.blackrock.com/no


1
ok












a

https://www.blackrock.com/pl


1
ok












a

https://www.blackrock.com/pt


1
ok












a

https://www.blackrock.com/sa


1
ok












a

https://www.blackrock.com/se


1
ok












a

https://www.blackrock.com/sg


1
ok












a

https://www.blackrock.com/sk


1
ok












a

https://www.blackrock.com/tw


1
ok












a

https://www.blackrock.com/uk


1
ok












a

https://www.blackrock.com/us/individual


1
ok












a

https://www.blackrock.com/za


1
ok












a

https://www.ishares.com/de


1
ok












a

https://www.ishares.com/de/privatanleger/de/wissen-und-service/uber-ishares


2
ok












a

https://www.youtube.com/channel/UC4mxyB0DHnJlqlDUq0aGtDw


1
ok












form

/de/privatanleger/search/summary-search-results
200

1
ok
text/html; charset=UTF-8
X-Content-Type-Options nosniff found




26103 Bytes






img
src
/uk-retail-c-assets/cache-1542298123000/images/media-bin/web/global/wordmark/blackrock-logo-nav-mobile.svg
200

1
ok
alt: BlackRockimage/svg+xml
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
Compression (gzip): 2513/6967 Bytes




ETag: W/"5bed9a0b-1b37"



img
src
/uk-retail-c-assets/cache-1542298123000/images/media-bin/web/global/wordmark/blackrock-logo-sitemap.svg
200

1
ok
alt: BlackRockimage/svg+xml
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
Compression (gzip): 2002/6942 Bytes




ETag: W/"5bed9a0b-1b1e"



img
src
/uk-retail-c-assets/cache-1608743339000/images/media-bin/web/global/wordmark/blackrock-logo-white.svg
200

1
ok
alt: BlackRock Logoimage/svg+xml
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
Compression (gzip): 2145/5543 Bytes




ETag: W/"5fe379ab-15a7"



img
src
/uk-retail-c-assets/cache-1667395616000/images/media-bin/web/global/thumbs/blk-life-bike.png
200

1
ok
alt: Thumb: IM FOKUSimage/png
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
No Compression - 18738 Bytes




ETag: "63627020-4932"



img
src
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/x-twitter-black.svg
200

1
ok
alt: twitter-x-logoimage/svg+xml
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
233 Bytes




ETag: "66d18480-e9"



link
canonical
https://www.blackrock.com/de/privatanleger


1
ok












link
preload
/uk-retail-c-assets/include/bundles/minified-24f45eefaff401855fe106ec31447c85.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Compression (gzip): 160140/1330714 Bytes




ETag: W/"66d1dc19-144e1a"



link
preload
/uk-retail-c-assets/include/bundles/minified-56cddb8d11a40a2249a3e56e9e4a223f.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Compression (br): 57943/324809 Bytes




ETag: W/"66d1ddbd-4f4c9"



link
preload
/uk-retail-c-assets/include/bundles/minified-7e6651f327292f6060255f71cda9745c.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Compression (br): 10470/44427 Bytes




ETag: W/"66d1ddbc-ad8b"



link
preload
/uk-retail-c-assets/include/bundles/minified-ae51ead85a00b2afe862e8772c12c9b1.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Compression (br): 14715/98471 Bytes




ETag: W/"66d1ddbf-180a7"



link
preload
/uk-retail-c-assets/include/bundles/minified-ee2ade4dfd9c77f8251510c34cb8dcb1.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Compression (br): 33936/218078 Bytes




ETag: W/"66d1ddbc-353de"



link
stylesheet
/uk-retail-c-assets/include/bundles/minified-24f45eefaff401855fe106ec31447c85.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (gzip): 160140/1330714 Bytes




ETag: W/"66d1dc19-144e1a"

local SRI possible, possible hash-values:

sha256-QY0K3GQ9W6PCvbur1s0+VCywKDjdEBFonFJeWmRhdX8=
sha384-MsffasvyCEBv+8YzLhaKPsWCPjRKDcN/LIa1mzej/JQqz7Rp38/G80kArWCpPIIG
sha512-PdsjewgVp86GQPHsGH4H8iQ0A18I0yP3JB8TJRTCzB13Ozn9kGeOmPPozHQ+T52P9qSj+RL3028jIbAeriRzvw==

<link rel="stylesheet" href="/uk-retail-c-assets/include/bundles/minified-24f45eefaff401855fe106ec31447c85.css" crossorigin="anonymous" integrity="sha256-QY0K3GQ9W6PCvbur1s0+VCywKDjdEBFonFJeWmRhdX8=" />



Content loaded via url("...")

/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/ant-black.svg1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/ant-white.svg1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-one-sprite-icons.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-rwd-search-icon.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-sprite-icons.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/line-brand.svg1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/line-brand-black.svg1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/ui-anim_basic_16x16.gif4
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi16-sprite.png5
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi19-icon-sprite.png11
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_charity.svg2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_direction.svg2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_global_globe.svg2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_govt_insti_bldg.svg2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_info_bell.svg4
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_info_bell_white.svg2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_people.svg2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_person_C.svg2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/BLK_icn_user_type_noti.svg1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/forward15.svg2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/img-gallery.svg1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/rewind10.svg3
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/vi20/rewind15.svg2

link
stylesheet
/uk-retail-c-assets/include/bundles/minified-56cddb8d11a40a2249a3e56e9e4a223f.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 57943/324809 Bytes




ETag: W/"66d1ddbd-4f4c9"

local SRI possible, possible hash-values:

sha256-Cdc+WZHTAgg7gYxPGyDwYp6IHgo99QhH2ROG9/CuY3o=
sha384-lxJebzkB80Mr2BCdAWDQYfJVj2m4QFw8t3+0L863BFNE8N5SPHcSGm4rzKg9UB+i
sha512-4kPgcfRX5D4b77kw2wZgZgKtwo8Left1XEnp8eTJWhDZD5lkvWcFGujs6W32Gyz4CpRG5mIvR8g6knMs27YLsA==

<link rel="stylesheet" href="/uk-retail-c-assets/include/bundles/minified-56cddb8d11a40a2249a3e56e9e4a223f.css" crossorigin="anonymous" integrity="sha256-Cdc+WZHTAgg7gYxPGyDwYp6IHgo99QhH2ROG9/CuY3o=" />



Content loaded via url("...")

/uk-retail-c-assets/cache-1425267796000/images/media-bin/web/retail/emea/uk/adviser-centre/blog/ithinking-page-intro-img.png1
/uk-retail-c-assets/cache-1725006976000/include/common/css/drift/i/blk_icn_chatbot.svg2
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/flowplayer/flowplayer.eot?#iefix1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/flowplayer/flowplayer.woff1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/flowplayer/flowplayer.woff21
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-brands-400.eot1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-brands-400.eot?#iefix1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-brands-400.svg#fontawesome1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-brands-400.ttf1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-brands-400.woff1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-brands-400.woff21
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-duotone-900.eot1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-duotone-900.eot?#iefix1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-duotone-900.svg#fontawesome1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-duotone-900.ttf1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-duotone-900.woff1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-duotone-900.woff21
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-light-300.eot1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-light-300.eot?#iefix1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-light-300.svg#fontawesome1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-light-300.ttf1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-light-300.woff1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-light-300.woff21
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-regular-400.eot1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-regular-400.eot?#iefix1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-regular-400.svg#fontawesome1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-regular-400.ttf1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-regular-400.woff1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-regular-400.woff21
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-solid-900.eot2
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-solid-900.eot?#iefix2
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-solid-900.svg#fontawesome2
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-solid-900.ttf2
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-solid-900.woff2
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/fontawesome-5pro/fa-solid-900.woff22
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk_icon_collapse.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk_icon_expand.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-one-sprite-icons.png2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-sprite-icons.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/freeform_home_buttons.png7
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/icon-pdf.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/lock_white.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/sprite_pagination_arrow.png3
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/sprite-social-media-logo-icons-16px.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/nw/i/light-touch-magnifying-glass.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/nw/i/nw-sprite-icons-16px.png1
/uk-retail-c-assets/cache-1725006976000/include/teamsite-editing/css/i/exclamation.gif1
/uk-retail-c-assets/images/media-bin/web/ishares/us/resources/ithinking/ithinking-banner-promo.png1
/uk-retail-c-assets/images/media-bin/web/ishares/us/resources/ithinking/ithinking-page-intro-img.png1
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAIAAAAC64paAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYxIDY0LjE0MDk0OSwgMjAxMC8xMi8wNy0xMDo1NzowMSAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNS4xIFdpbmRvd3MiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6M0RGNDVBMDc2OTlCMTFFNDgxNEFEMUY3NEVDNkZCMDciIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6M0RGNDVBMDg2OTlCMTFFNDgxNEFEMUY3NEVDNkZCMDciPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDozREY0NUEwNTY5O UIxMUU0ODE0QUQxRjc0RUM2RkIwNyIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDozREY0NUEwNjY5OUIxMUU0ODE0QUQxRjc0RUM2RkIwNyIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Ps1TBUUAAAAgSURBVHjaYvz//z8DuYCJgQIwqnlU86jmUc2UawYIMACcoAMldwINTwAAAABJRU5ErkJggg==1
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAIAAAAC64paAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYxIDY0LjE0MDk0OSwgMjAxMC8xMi8wNy0xMDo1NzowMSAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNS4xIFdpbmRvd3MiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6M0RGNDVBMDc2OTlCMTFFNDgxNEFEMUY3NEVDNkZCMDciIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6M0RGNDVBMDg2OTlCMTFFNDgxNEFEMUY3NEVDNkZCMDciPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDozREY0NUEwNTY5O UIxMUU0ODE0QUQxRjc0RUM2RkIwNyIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDozREY0NUEwNjY5OUIxMUU0ODE0QUQxRjc0RUM2RkIwNyIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Ps1TBUUAAAAgSURBVHjaYvz//z8DuYCJgQIwqnlU86jmUc2UawYIMACcoAMldwINTwAAAABJRU5ErkJggg==1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iI2YyZjJmMiIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNmZmZmZmYiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iI2ZmZmZmZiIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNmMmYyZjIiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iIzVlYThkNyIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiMwNzcyYzAiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iIzYyY2I5MyIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiMwYWFjNTciIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PHN2ZyBmaWxsPSIjMDAwMDAwIiBoZWlnaHQ9IjI0IiB2aWV3Qm94PSIwIDAgMjQgMjQiIHdpZHRoPSIyNCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KICAgIDxwYXRoIGQ9Ik0wIDBoMjR2MjRIMHoiIGZpbGw9Im5vbmUiIG9wYWNpdHk9Ii4xIi8+CiAgICA8cGF0aCBkPSJNMCAwaDI0djI0SDB6IiBmaWxsPSJub25lIi8+CiAgICA8cGF0aCBkPSJNMSAxOHYzaDNjMC0xLjY2LTEuMzQtMy0zLTN6bTAtNHYyYzIuNzYgMCA1IDIuMjQgNSA1aDJjMC0zLjg3LTMuMTMtNy03LTd6bTE4LTdINXYxLjYzYzMuOTYgMS4yOCA3LjA5IDQuNDEgOC4zNyA4LjM3SDE5Vjd6TTEgMTB2MmM0Ljk3IDAgOSA0LjAzIDkgOWgyYzAtNi4wOC00LjkzLTExLTExLTExem0yMC03SDNjLTEuMSAwLTIgLjktMiAydjNoMlY1aDE4djE0aC03djJoN2MxLjEgMCAyLS45IDItMlY1YzAtMS4xLS45LTItMi0yeiIvPgo8L3N2Zz4=2

link
stylesheet
/uk-retail-c-assets/include/bundles/minified-7e6651f327292f6060255f71cda9745c.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 10470/44427 Bytes




ETag: W/"66d1ddbc-ad8b"

local SRI possible, possible hash-values:

sha256-Tl2B1yIg3kYKn8I/4/Mx7Pl44mjpgZiHcK5xKofZVNs=
sha384-4lnsO0ppGcIHzrG1RBsXLiyCzCiicbgRrI3c3mY/0pFw4AR1ete9HgxGkGXdapj4
sha512-W2H/N/6mg49ziBE+xyiZe7y8RcAwJD+IV8XEcS2fvLlSbVD4fghyUQl/KIoA7F3MzsUM7ZxBO6sj3lwK+2FMog==

<link rel="stylesheet" href="/uk-retail-c-assets/include/bundles/minified-7e6651f327292f6060255f71cda9745c.css" crossorigin="anonymous" integrity="sha256-Tl2B1yIg3kYKn8I/4/Mx7Pl44mjpgZiHcK5xKofZVNs=" />



Content loaded via url("...")

#default#VML1
/uk-retail-c-assets/cache-1725006976000/include/third-party/jquery-ui-1.13.3/images/ui-icons_444444_256x240.png2
/uk-retail-c-assets/cache-1725006976000/include/third-party/jquery-ui-1.13.3/images/ui-icons_555555_256x240.png1
/uk-retail-c-assets/cache-1725006976000/include/third-party/jquery-ui-1.13.3/images/ui-icons_777620_256x240.png1
/uk-retail-c-assets/cache-1725006976000/include/third-party/jquery-ui-1.13.3/images/ui-icons_777777_256x240.png1
/uk-retail-c-assets/cache-1725006976000/include/third-party/jquery-ui-1.13.3/images/ui-icons_cc0000_256x240.png1
/uk-retail-c-assets/cache-1725006976000/include/third-party/jquery-ui-1.13.3/images/ui-icons_ffffff_256x240.png1
data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA71
data:image/gif;base64,R0lGODlhKAAoAIABAAAAAP///yH/C05FVFNDQVBFMi4wAwEAAAAh+QQJAQABACwAAAAAKAAoAAACkYwNqXrdC52DS06a7MFZI+4FHBCKoDeWKXqymPqGqxvJrXZbMx7Ttc+w9XgU2FB3lOyQRWET2IFGiU9m1frDVpxZZc6bfHwv4c1YXP6k1Vdy292Fb6UkuvFtXpvWSzA+HycXJHUXiGYIiMg2R6W459gnWGfHNdjIqDWVqemH2ekpObkpOlppWUqZiqr6edqqWQAAIfkECQEAAQAsAAAAACgAKAAAApSMgZnGfaqcg1E2uuzDmmHUBR8Qil95hiPKqWn3aqtLsS18y7G1SzNeowWBENtQd+T1JktP05nzPTdJZlR6vUxNWWjV+vUWhWNkWFwxl9VpZRedYcflIOLafaa28XdsH/ynlcc1uPVDZxQIR0K25+cICCmoqCe5mGhZOfeYSUh5yJcJyrkZWWpaR8doJ2o4NYq62lAAACH5BAkBAAEALAAAAAAoACgAAAKVDI4Yy22ZnINRNqosw0Bv7i1gyHUkFj7oSaWlu3ovC8GxNso5fluz3qLVhBVeT/Lz7ZTHyxL5dDalQWPVOsQWtRnuwXaFTj9jVVh8pma9JjZ4zYSj5ZOyma7uuolffh+IR5aW97cHuBUXKGKXlKjn+DiHWMcYJah4N0lYCMlJOXipGRr5qdgoSTrqWSq6WFl2ypoaUAAAIfkECQEAAQAsAAAAACgAKAAAApaEb6HLgd/iO7FNWtcFWe+ufODGjRfoiJ2akShbueb0wtI50zm02pbvwfWEMWBQ1zKGlLIhskiEPm9R6vRXxV4ZzWT2yHOGpWMyorblKlNp8HmHEb/lCXjcW7bmtXP8Xt229OVWR1fod2eWqNfHuMjXCPkIGNileOiImVmCOEmoSfn3yXlJWmoHGhqp6ilYuWYpmTqKUgAAIfkECQEAAQAsAAAAACgAKAAAApiEH6kb58biQ3FNWtMFWW3eNVcojuFGfqnZqSebuS06w5V80/X02pKe8zFwP6EFWOT1lDFk8rGERh1TTNOocQ61Hm4Xm2VexUHpzjymViHrFbiELsefVrn6XKfnt2Q9G/+Xdie499XHd2g4h7ioOGhXGJboGAnXSBnoBwKYyfioubZJ2Hn0RuRZaflZOil56Zp6iioKSXpUAAAh+QQJAQABACwAAAAAKAAoAAACkoQRqRvnxuI7kU1a1UU5bd5tnSeOZXhmn5lWK3qNTWvRdQxP8qvaC+/yaYQzXO7BMvaUEmJRd3TsiMAgswmNYrSgZdYrTX6tSHGZO73ezuAw2uxuQ+BbeZfMxsexY35+/Qe4J1inV0g4x3WHuMhIl2jXOKT2Q+VU5fgoSUI52VfZyfkJGkha6jmY+aaYdirq+lQAACH5BAkBAAEALAAAAAAoACgAAAKWBIKpYe0L3YNKToqswUlvznigd4wiR4KhZrKt9Upqip61i9E3vMvxRdHlbEFiEXfk9YARYxOZZD6VQ2pUunBmtRXo1Lf8hMVVcNl8JafV38aM2/Fu5V16Bn63r6xt97j09+MXSFi4BniGFae3hzbH9+hYBzkpuUh5aZmHuanZOZgIuvbGiNeomCnaxxap2upaCZsq+1kAACH5BAkBAAEALAAAAAAoACgAAAKXjI8By5zf4kOxTVrXNVlv1X0d8IGZGKLnNpYtm8Lr9cqVeuOSvfOW79D9aDHizNhDJidFZhNydEahOaDH6nomtJjp1tutKoNWkvA6JqfRVLHU/QUfau9l2x7G54d1fl995xcIGAdXqMfBNadoYrhH+Mg2KBlpVpbluCiXmMnZ2Sh4GBqJ+ckIOqqJ6LmKSllZmsoq6wpQAAAh+QQJAQABACwAAAAAKAAoAAAClYx/oLvoxuJDkU1a1YUZbJ59nSd2ZXhWqbRa2/gF8Gu2DY3iqs7yrq+xBYEkYvFSM8aSSObE+ZgRl1BHFZNr7pRCavZ5BW2142hY3AN/zWtsmf12p9XxxFl2lpLn1rseztfXZjdIWIf2s5dItwjYKBgo9yg5pHgzJXTEeGlZuenpyPmpGQoKOWkYmSpaSnqKileI2FAAACH5BAkBAAEALAAAAAAoACgAAAKVjB+gu+jG4kORTVrVhRlsnn2dJ3ZleFaptFrb+CXmO9OozeL5VfP99HvAWhpiUdcwkpBH3825AwYdU8xTqlLGhtCosArKMpvfa1mMRae9VvWZfeB2XfPkeLmm18lUcBj+p5dnN8jXZ3YIGEhYuOUn45aoCDkp16hl5IjYJvjWKcnoGQpqyPlpOhr3aElaqrq56Bq7VAAAOw==1

link
stylesheet
/uk-retail-c-assets/include/bundles/minified-ae51ead85a00b2afe862e8772c12c9b1.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 14715/98471 Bytes




ETag: W/"66d1ddbf-180a7"

local SRI possible, possible hash-values:

sha256-qUw+nepKA6K/7adsDIz3j7khqKG3nvohmnnfY4SHcp4=
sha384-EETVie1CLWAJ7qwk1z7UfFnPKdrh6pQBA+cye+mxzcd2lqEZpa0HLNrpIEM/Slk6
sha512-bM4IVVpT1clBsk7PebBZ1eYu9nNV46MoBN0wEvii7nZpxnsG3tXu5t5b5Lfagt6LQg8xll+DWXl4FqX3WuHZ4Q==

<link rel="stylesheet" href="/uk-retail-c-assets/include/bundles/minified-ae51ead85a00b2afe862e8772c12c9b1.css" crossorigin="anonymous" integrity="sha256-qUw+nepKA6K/7adsDIz3j7khqKG3nvohmnnfY4SHcp4=" />



Content loaded via url("...")

/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-rwd-search-icon.png1

link
stylesheet
/uk-retail-c-assets/include/bundles/minified-ee2ade4dfd9c77f8251510c34cb8dcb1.css
200

1
ok
text/css
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 33936/218078 Bytes




ETag: W/"66d1ddbc-353de"

local SRI possible, possible hash-values:

sha256-8PragL5anDcLc8ti5kVMRLpl82npN2GMW219KbHkEpg=
sha384-yytux4mYGJkxC0v8wOBhCbUBp3rSmNlqO87hlS2Rro9IsVLS/5txwxfww45Ao+WC
sha512-rBnmXTiVSD3krzt/z+Pm6hXJR+VXLCUUG0KiYknHbT13/C2Mr1/Vb/CSwV1UOLSWtMP6BS8/Rf5BybQ9hem4Fg==

<link rel="stylesheet" href="/uk-retail-c-assets/include/bundles/minified-ee2ade4dfd9c77f8251510c34cb8dcb1.css" crossorigin="anonymous" integrity="sha256-8PragL5anDcLc8ti5kVMRLpl82npN2GMW219KbHkEpg=" />



Content loaded via url("...")

/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Bold.woff1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Bold.woff21
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Bold_Italic.woff1
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Bold_Italic.woff21
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Book.woff4
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Book.woff24
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-BookItalic.woff3
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-BookItalic.woff23
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Extrabold.woff9
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-Extrabold.woff29
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-ExtraboldItalic.woff3
/uk-retail-c-assets/cache-1725006976000/include/common/fonts/blk-fort/BLKFort-ExtraboldItalic.woff23
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/1.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/10.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/2.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/3.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/4.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/5.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/6.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/7.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/8.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/9.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/arrow-right-white.png32
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/bg.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blackrock-logo-footer.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk_icon_key.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk_sprites.png2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-one-icon-chevron.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-one-sprite-icons.png18
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-rwd-current-arrow.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-rwd-exit-icon.png2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-rwd-menu-icon.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-rwd-search-icon.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-rwd-search-icon-gray.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-rwd-user-icon.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/blk-sprite-icons.png3
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/flowplayer/icon-play-lg.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/flowplayer/icon-play-sm.png2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/icon-pdf.png2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/mobile-share-sprite.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/selected-tab-arrow-up.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/sprite_icons.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/sprite_pagination_arrow.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/sprite-flags.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/sprite-social-media-logo-icons-16px.png1
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/transparent_bg-ie-white.png2
/uk-retail-c-assets/cache-1725006976000/include/one/css/blk/i/ui-anim_basic_16x16.gif3
/uk-retail-c-assets/cache-1725006976000/include/one/css/nw/i/light-touch-magnifying-glass.png2
/uk-retail-c-assets/cache-1725006976000/include/one/css/nw/i/nw-sprite-icons-12px.png3
/uk-retail-c-assets/cache-1725006976000/include/one/fonts/lineto-akkurat-pro-bold.woff1
/uk-retail-c-assets/cache-1725006976000/include/one/fonts/lineto-akkurat-pro-bolditalic.woff1
/uk-retail-c-assets/cache-1725006976000/include/one/fonts/lineto-akkurat-pro-italic.woff1
/uk-retail-c-assets/cache-1725006976000/include/one/fonts/lineto-akkurat-pro-light.woff1
/uk-retail-c-assets/cache-1725006976000/include/one/fonts/lineto-akkurat-pro-lightitalic.woff1
/uk-retail-c-assets/cache-1725006976000/include/one/fonts/lineto-akkurat-pro-regular.woff1
/uk-retail-c-assets/images/ideas_green_icons.png3
/uk-retail-c-assets/include/one/css/blk/icn-select-arrow.png1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iI2E2Y2MyNSIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiM4NmI4MWEiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iI2YyZjJmMiIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNmZmZmZmYiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iI2ZlZmVmZSIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNmM2YzZjMiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iI2ZmYjc2YiIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjAlIiBzdG9wLWNvbG9yPSIjZjg5NzFkIiBzdG9wLW9wYWNpdHk9IjEiLz4KICAgIDxzdG9wIG9mZnNldD0iOTklIiBzdG9wLWNvbG9yPSIjZDE1NDIwIiBzdG9wLW9wYWNpdHk9IjEiLz4KICA8L2xpbmVhckdyYWRpZW50PgogIDxyZWN0IHg9IjAiIHk9IjAiIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIGZpbGw9InVybCgjZ3JhZC11Y2dnLWdlbmVyYXRlZCkiIC8+Cjwvc3ZnPg==2
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iI2ZmZmZmZiIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNmMmYyZjIiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iIzAwNDVhNSIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiMwMDc5Y2QiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+2
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iIzAwNzljZCIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiMwMDQ1YTUiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+2
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIwJSIgc3RvcC1jb2xvcj0iIzg2YjgxYSIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNhNmNjMjUiIHN0b3Atb3BhY2l0eT0iMSIvPgogIDwvbGluZWFyR3JhZGllbnQ+CiAgPHJlY3QgeD0iMCIgeT0iMCIgd2lkdGg9IjEiIGhlaWdodD0iMSIgZmlsbD0idXJsKCNncmFkLXVjZ2ctZ2VuZXJhdGVkKSIgLz4KPC9zdmc+1
data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/Pgo8c3ZnIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgd2lkdGg9IjEwMCUiIGhlaWdodD0iMTAwJSIgdmlld0JveD0iMCAwIDEgMSIgcHJlc2VydmVBc3BlY3RSYXRpbz0ibm9uZSI+CiAgPGxpbmVhckdyYWRpZW50IGlkPSJncmFkLXVjZ2ctZ2VuZXJhdGVkIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeDE9IjAlIiB5MT0iMCUiIHgyPSIwJSIgeTI9IjEwMCUiPgogICAgPHN0b3Agb2Zmc2V0PSIxJSIgc3RvcC1jb2xvcj0iI2QxNTQyMCIgc3RvcC1vcGFjaXR5PSIxIi8+CiAgICA8c3RvcCBvZmZzZXQ9IjEwMCUiIHN0b3AtY29sb3I9IiNmODk3MWQiIHN0b3Atb3BhY2l0eT0iMSIvPgogICAgPHN0b3Agb2Zmc2V0PSIxMDAlIiBzdG9wLWNvbG9yPSIjZmZiNzZiIiBzdG9wLW9wYWNpdHk9IjEiLz4KICA8L2xpbmVhckdyYWRpZW50PgogIDxyZWN0IHg9IjAiIHk9IjAiIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIGZpbGw9InVybCgjZ3JhZC11Y2dnLWdlbmVyYXRlZCkiIC8+Cjwvc3ZnPg==2

meta




1
ok












meta

1576905891966


1
ok












meta

Seit über 30 Jahren arbeitet BlackRock daran, die Wirtschaft zu stärken und Anlegern zu ihren finanziellen Zielen zu verhelfen.


2
ok












meta

Vermögensverwaltung und Finanzdienstleistungen


1
ok












meta

width=device-width, initial-scale=1


1
ok












meta
og:image
/uk-retail-c-assets/include/common/images/blackrock_logo.png
200

1
ok
image/png
X-Content-Type-Options nosniff found




Cache-Control: public - max-age missing.
No Compression - 2658 Bytes




ETag: "66d18480-a62"



meta
og:locale
de_DE


1
ok












meta
og:site_name
BlackRock


1
ok












meta
og:title
Vermögensverwaltung und Finanzdienstleistungen | BlackRock


1
ok












meta
og:type
website


1
ok












meta
og:url
https://www.blackrock.com/de/privatanleger
200

1
ok
text/html; charset=UTF-8
X-Content-Type-Options nosniff found




16804 Bytes






picture


• source

type: image/webp


1
ok











srcset
/uk-retail-c-assets/cache-1721123879000/images/media-bin/web/de-retail/trends-and-markets/local-bii-outlook-midyear-2024/blk-midyear-2024-outlook-banner.webp


1
ok






/uk-retail-c-assets/cache-1721123879000/images/media-bin/web/de-retail/trends-and-markets/local-bii-outlook-midyear-2024/blk-midyear-2024-outlook-banner.webp
200

1
ok
image/webp
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
No Compression - 93332 Bytes




ETag: "66964427-16c94"

• img




/uk-retail-c-assets/cache-1721123879000/images/media-bin/web/de-retail/trends-and-markets/local-bii-outlook-midyear-2024/blk-midyear-2024-outlook-banner.jpg
200

1
ok
alt: Rechenzentrumimage/jpeg
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
No Compression - 271320 Bytes




ETag: "66964427-423d8"



picture


• source

type: image/webp


1
ok











srcset
/uk-retail-c-assets/cache-1657885456000/images/media-bin/web/global/banner/blk-header-about-us.webp


1
ok






/uk-retail-c-assets/cache-1657885456000/images/media-bin/web/global/banner/blk-header-about-us.webp
200

1
ok
image/webp
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
No Compression - 144926 Bytes




ETag: "62d15312-2361e"

• img




/uk-retail-c-assets/cache-1657885456000/images/media-bin/web/global/banner/blk-header-about-us.jpg
200

1
ok
alt: Zwei Fragen liegen lachend in einer sommerlichen Blumenwiese.image/jpeg
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable with long duration found.
No Compression - 233012 Bytes




ETag: "62d15310-38e34"



script
src
//sourcedefense.blackrock.com/cdncch/vice_loader/blackrock/blackrockprod
200

1
ok
Missing defer / async attribute. application/javascript
missing X-Content-Type-Options nosniff




Cache-Control: public, max-age=320, s-maxage=600 - max-age too short.
Compression (gzip): 34109/114089 Bytes




ETag: W/"255220b251a86ccc43f462cd6ecb8f5a"

Server-Header Access-Control-Allow-Origin: not found
Cross-Origin Resource Sharing (CORS) not supported



script
src
//tags.tiqcdn.com/utag/blackrock/main/prod/utag.js
200

1
ok
defer attribute found application/javascript
missing X-Content-Type-Options nosniff




Cache-Control: max-age=300 - max-age too short.
Compression (gzip): 96990/371314 Bytes




ETag: W/"0161b0a8c7145279410b6e44d1c6238a"

Server-Header Access-Control-Allow-Origin: not found
Cross-Origin Resource Sharing (CORS) not supported



script
src
/u5vn5_pFt/o4X1/HWgJw/ai1DLcDh0GbS/HRNLRk0/ETBXd/290BX4
200

1
ok
Missing defer / async attribute. application/javascript
missing X-Content-Type-Options nosniff




Cache-Control: max-age=21600 - max-age too short.
Compression (br): 76948/212164 Bytes




ETag: "7d4788d8c09d7584f4e6e6550dc4a0b58f3b3a41dd8660a1eaaf5dc1daa1dbb7"

local SRI possible, possible hash-values:

sha256-Oks0ZciUtF8EUzfqoqrQB9rcAigolbnVXfI6dYNWIbY=
sha384-26owRjSFQYsKQBuoV4ozvFYsnRVwHO2VDiul61cNCkWNDoP5pXsCLxa65CuAByH2
sha512-JcPTeTk8iqQ5BPyf2qcfaSGrhwcEUD54l1hFWegKrO52lZOd6LTWwoYoLZ0J+bTQ9JgoC9VtEFZaQeIcyDkGNQ==

<script src="/u5vn5_pFt/o4X1/HWgJw/ai1DLcDh0GbS/HRNLRk0/ETBXd/290BX4" crossorigin="anonymous" integrity="sha256-Oks0ZciUtF8EUzfqoqrQB9rcAigolbnVXfI6dYNWIbY=" />




script
src
/uk-retail-c-assets/include/bundles/minified-2840c537a8c289eaa15b9f15b23567cb.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (gzip): 1726/6021 Bytes




ETag: W/"66d1ddbd-1785"

local SRI possible, possible hash-values:

sha256-VyJ9sT9Ov1Mbr6D0t1ogzxKZo8OERLkxqZZB7C8fRyw=
sha384-hzxG0jKptafdvdep2YbA3u0ZjqbyoiTx0sYc31WeWk4OrVxwI8gQR3bCIYSgDyHt
sha512-XUpGOp3KuNpXGZrAFbJwu6IIV7IBxK5VRFCcHodLszUE10VQzaJ/oB+3uIhMXEmQg+2lJ6LkDyIg3jAG94w5Vg==

<script src="/uk-retail-c-assets/include/bundles/minified-2840c537a8c289eaa15b9f15b23567cb.js" crossorigin="anonymous" integrity="sha256-VyJ9sT9Ov1Mbr6D0t1ogzxKZo8OERLkxqZZB7C8fRyw=" />




script
src
/uk-retail-c-assets/include/bundles/minified-38283fde803cf34e604022d279e594c9.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 28259/81248 Bytes




ETag: W/"66d1dc1d-13d60"

local SRI possible, possible hash-values:

sha256-0yvp8TfuQXS8NU0bwMMUdSXyM79b8Mz2dbCRApsFMkg=
sha384-NhZ5kRaaMYiMMoIbesmbCirkXFLBr/iWUttOL6n5UdxoKCCO73AU466tLGePv5o1
sha512-9I+RgDPO5pP2negJzWtjvmGtaSAg4rF+MP2IjMLvdZrkrc10AT71igQsA0dUdxW7vRA4mYsQswjDvZOrwIQITg==

<script src="/uk-retail-c-assets/include/bundles/minified-38283fde803cf34e604022d279e594c9.js" crossorigin="anonymous" integrity="sha256-0yvp8TfuQXS8NU0bwMMUdSXyM79b8Mz2dbCRApsFMkg=" />




script
src
/uk-retail-c-assets/include/bundles/minified-4d813b463d7afcbda86baa5799208b41.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 4126/13717 Bytes




ETag: W/"66d1ddc4-3595"

local SRI possible, possible hash-values:

sha256-TE9NWre/JJPatWRrTeFlEZId+vtq5fcThVQl9VZwX6Y=
sha384-34W3SPl3xdvWFstqLrqTiaha/JzzTCaN/mWpASJaWAbqQ4FCAxDnhN2aY3mhvtBH
sha512-EhXiPNx7hxm4kW6yELpqU52NsAgIMTCLyYW9OdOWzkYcCY0csdF+nKk0Hw+JYeWD8CYm85Hon/AmEFNP54C1wg==

<script src="/uk-retail-c-assets/include/bundles/minified-4d813b463d7afcbda86baa5799208b41.js" crossorigin="anonymous" integrity="sha256-TE9NWre/JJPatWRrTeFlEZId+vtq5fcThVQl9VZwX6Y=" />




script
src
/uk-retail-c-assets/include/bundles/minified-6347ed2df43a093708481cc72b210e6f.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 90804/301416 Bytes




ETag: W/"66d1dc1e-49968"

local SRI possible, possible hash-values:

sha256-tVGFW+31JFZZX07yUDmj9DPiMz2KtE+t1nHS6YfZAHw=
sha384-ZJLM1MjnzeYgqbcPp7sWl64AVNmKwy2WRWijPCIR98RuxP52zj958+6doYiU76MU
sha512-P5x9zovVs62AZ4pRfl+aC33Wtrek8ObAzUceqZjQHyWEmBqEDQKJ1nLfTLo+fELsfdVsf8L/lAXWoQWvCr+ULA==

<script src="/uk-retail-c-assets/include/bundles/minified-6347ed2df43a093708481cc72b210e6f.js" crossorigin="anonymous" integrity="sha256-tVGFW+31JFZZX07yUDmj9DPiMz2KtE+t1nHS6YfZAHw=" />




script
src
/uk-retail-c-assets/include/bundles/minified-66717937fa540b0e7788c6817ff7e442.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 20214/102192 Bytes




ETag: W/"66d1ddc4-18f30"

local SRI possible, possible hash-values:

sha256-K0dgZ46IK1ct/isjysVw5y7BJaGvZuIkzxTgW00KJr0=
sha384-nqLtax0iUv6KiUSVDPs+iifLSvR9JNQ620cm2jmPB0c8u7mvNEkEopsmbwwBL6n6
sha512-JQzPIamR1X/x3dtBWn7WbbPSxOBwYHWorsaevnJI58HggQRILl3z+jlY0hFJVFgVT0RVeMZwkePoLXzBcBdCaA==

<script src="/uk-retail-c-assets/include/bundles/minified-66717937fa540b0e7788c6817ff7e442.js" crossorigin="anonymous" integrity="sha256-K0dgZ46IK1ct/isjysVw5y7BJaGvZuIkzxTgW00KJr0=" />




script
src
/uk-retail-c-assets/include/bundles/minified-68306b798190518dc6682447e470f98a.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 3581/7619 Bytes




ETag: W/"66d1ddc0-1dc3"

local SRI possible, possible hash-values:

sha256-Dr3/ZubDL9Gl1T3wfTzmSWJxG9QEMpOzbiuPZRLNMeI=
sha384-63FIXnaskVLtIG3+x//AOjI21wUHUXOioE0qOoYVqSXQawbT0dVAq3TO59hutqqO
sha512-6xcmMBGuWI6zBK/ryKIDNhArroa9drb9e7Y7+0GyzJzoEAJOBFB103Imi5BohJAjZvz9N4SJukP0Ck3A6s/BoA==

<script src="/uk-retail-c-assets/include/bundles/minified-68306b798190518dc6682447e470f98a.js" crossorigin="anonymous" integrity="sha256-Dr3/ZubDL9Gl1T3wfTzmSWJxG9QEMpOzbiuPZRLNMeI=" />




script
src
/uk-retail-c-assets/include/bundles/minified-686b35a7a4ef0cef8d4737badeba6b13.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 11417/37667 Bytes




ETag: W/"66d1ddc4-9323"

local SRI possible, possible hash-values:

sha256-BwbZX0FpjYOSotW+VWvLeQA9IKZwYwcsBTjUtRUE9c4=
sha384-zS8Bo2qE50g9uni+r/wamiTYMT5D7tm6ytQ29QdO2tmmsiw7XwMGd+EdH++WniYZ
sha512-IZmC9w0oaDXXpcY/pVAq2YZSmpHbmpDIpxZX+ZYPdCO2JWpiJryLVS/j2LijG1EsJoT4971BOeWPl34lFS6cXw==

<script src="/uk-retail-c-assets/include/bundles/minified-686b35a7a4ef0cef8d4737badeba6b13.js" crossorigin="anonymous" integrity="sha256-BwbZX0FpjYOSotW+VWvLeQA9IKZwYwcsBTjUtRUE9c4=" />




script
src
/uk-retail-c-assets/include/bundles/minified-777714552b533564c1834a62e704a1da.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 15110/54333 Bytes




ETag: W/"66d1ddc6-d43d"

local SRI possible, possible hash-values:

sha256-MPEAuJ9ZabaQl0vGbtdcjBSQd1Dy/ncuca31vLP/5So=
sha384-un8kXBV4FaYUukWGXGxsJEKoRe7Lmow7q9aOEiVqV7pCa+KsnDDtsMDl8gt4DrwE
sha512-NhIGodesRbkRUBokJ/BfgPr310v220wODK1w/R2Ao5pvu+1ZZvZ8iyIii7kRNQXadDlt2aiwRpDNBlEw4pwgwQ==

<script src="/uk-retail-c-assets/include/bundles/minified-777714552b533564c1834a62e704a1da.js" crossorigin="anonymous" integrity="sha256-MPEAuJ9ZabaQl0vGbtdcjBSQd1Dy/ncuca31vLP/5So=" />




script
src
/uk-retail-c-assets/include/bundles/minified-aa7e534755b8282e9a4d81b49adad9e9.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
74 Bytes




ETag: W/"66d1ddc2-b6"

local SRI possible, possible hash-values:

sha256-b4DpylajmsuYxKZlYv1rD1yO+0l/UxOh2CPl1hvScgg=
sha384-z5MQqWodwcu/QVeomPenqRmrSE7+tdnn3IsW+ILOvmdEAihsyQH9Ee/dZrwNndxR
sha512-iW9y7/zbOb/dW5fTRsNAqzcbWfv63Xdv+98gsE4n89PKQm1x8XhZJfo71qC196b7TLw0ypICXZ1ifuwpxrpTNw==

<script src="/uk-retail-c-assets/include/bundles/minified-aa7e534755b8282e9a4d81b49adad9e9.js" crossorigin="anonymous" integrity="sha256-b4DpylajmsuYxKZlYv1rD1yO+0l/UxOh2CPl1hvScgg=" />




script
src
/uk-retail-c-assets/include/bundles/minified-ae7959ff4d076b495b53899c1c0ec06f.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 1327/4595 Bytes




ETag: W/"66d1ddc6-11f3"

local SRI possible, possible hash-values:

sha256-izHEM1UYoV10TzNnjBSN68XrIYPAUjb3CcwEMyk6mU0=
sha384-goXzHJY4trtFmhiVQnkbZ79n0cRD/L1ASZb7eIiJQaRtYE6+5LmgtHQvbsqTieSL
sha512-wJx3Qsz1W+yv03mC7hzXpcSkVNDUU4i0J/5CHl7ukOVvdvOYJPlv2gr+Gw7O1lW97MbP5is2XSeGecglVjYvvQ==

<script src="/uk-retail-c-assets/include/bundles/minified-ae7959ff4d076b495b53899c1c0ec06f.js" crossorigin="anonymous" integrity="sha256-izHEM1UYoV10TzNnjBSN68XrIYPAUjb3CcwEMyk6mU0=" />




script
src
/uk-retail-c-assets/include/bundles/minified-df3971de6204cdf3cfc44cbb05a5fe39.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 9364/31794 Bytes




ETag: W/"66d1ddc7-7c32"

local SRI possible, possible hash-values:

sha256-AF+5wW2e3YWGlbs5sFGQ8nM3gdwGwhFtdQ9UX+1lsGA=
sha384-PqiMYGXQYvTUbnE932aVfmeldERmbbAkqUqcO/amT1uYI4rDbUcGskQxJJp6PR7h
sha512-G3OsahcbRhZ0mhYV2mwSwsk2qo7I40KnCmZqNzWfBg8AexRRx8SvY1IA0J51rXc1twu1lpO3WCzptFBY9UV4NA==

<script src="/uk-retail-c-assets/include/bundles/minified-df3971de6204cdf3cfc44cbb05a5fe39.js" crossorigin="anonymous" integrity="sha256-AF+5wW2e3YWGlbs5sFGQ8nM3gdwGwhFtdQ9UX+1lsGA=" />




script
src
/uk-retail-c-assets/include/bundles/minified-eea964b9bf814cccea96ec80cb63af4f.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (gzip): 107772/357111 Bytes




ETag: W/"66d1ddc3-572f7"

local SRI possible, possible hash-values:

sha256-26BWxYtPh6HPy0ngZ73c8ok7FV7zOh1Sp9XhihrbxsI=
sha384-fsLLzAgx5p79vHpP7PrPQPdFfobUPQdiLHkLge85MK+6gJ7slohBEAvQiKSkbotu
sha512-WFfYq2ZfnRwb8tEpoD1UDGnkBH1UroRdJCwTwPswD6P1+DlDOac4hswBFxCrzjctPedf9IcxhLfXbA/Ok6FHyA==

<script src="/uk-retail-c-assets/include/bundles/minified-eea964b9bf814cccea96ec80cb63af4f.js" crossorigin="anonymous" integrity="sha256-26BWxYtPh6HPy0ngZ73c8ok7FV7zOh1Sp9XhihrbxsI=" />




script
src
/uk-retail-c-assets/include/bundles/minified-eeb467ef45af506b63a61a4aa276337b.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 1026/2536 Bytes




ETag: W/"66d1ddc8-9e8"

local SRI possible, possible hash-values:

sha256-em91+uSL46hIyaOFEFAjuu00jKrssrs43PqkX2yNhVY=
sha384-5Z6sba2ujdIsY55FT87EJYJaohWqqUtNykCxeThs0ik53tqb3cfiQG3XPlKi/Ols
sha512-pTfRh2VzJ8FBQdmp9FCBWDhFnUH2U/pA/DxR8BMV9CGVA4NFIbSDdf4LKqw/gXOiY8GbMbcNxvtWgOVvnXrKFw==

<script src="/uk-retail-c-assets/include/bundles/minified-eeb467ef45af506b63a61a4aa276337b.js" crossorigin="anonymous" integrity="sha256-em91+uSL46hIyaOFEFAjuu00jKrssrs43PqkX2yNhVY=" />




script
src
/uk-retail-c-assets/include/bundles/minified-ef161d7dc197e1c42cde372e3e4e731d.js
200

1
ok
defer attribute found application/javascript; charset=UTF-8
X-Content-Type-Options nosniff found




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (br): 561/1096 Bytes




ETag: W/"66d1ddc8-448"

local SRI possible, possible hash-values:

sha256-gIvvIEBjC64+8w80I8DC6MUd7UK/0xfTCLbRRL9VXj4=
sha384-+O+dOZmxQHUU4rgemDgI8brFbznMJc1w2dybKKo0IOAgLjOIi35OP4HAyMXEFHLh
sha512-84XU0XxU7agusJK1zPCek6n8jKK5LRGFP5P49jKFcF83ERL5VBMIuu92r9O41IHZv+NiSrJQQTCrX7c4wVCArw==

<script src="/uk-retail-c-assets/include/bundles/minified-ef161d7dc197e1c42cde372e3e4e731d.js" crossorigin="anonymous" integrity="sha256-gIvvIEBjC64+8w80I8DC6MUd7UK/0xfTCLbRRL9VXj4=" />




script
src
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found




Compression (gzip): 6882/21230 Bytes




ETag: 0x8DCC87FF100D572

Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-UDd9HT59yyyCmP640lBQmd8ZV+NwCjWLmTtM9EP9Nug=
sha384-0lMaPOtSX6PLXq5iei4u1G1KlC1ZJeBE7z8FbdxGyVXdU0QvNQ3o17JkW26TfZHs
sha512-Oqul/Ucy3RIBiPEcQaDXHGW2xMOubQqwm4bYSR248vFlg3f4fPJwXYdk9VE19F2QPGz1tAqVCF4Cb+acFUa+pA==

<script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" crossorigin="anonymous" integrity="sha256-UDd9HT59yyyCmP640lBQmd8ZV+NwCjWLmTtM9EP9Nug=" />




12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns1.blackrock.com, ns2.blackrock.com, ns3.blackrock.com, ns4.blackrock.com, ns5.blackrock.com, ns6.blackrock.com

QNr.DomainTypeNS used
1
com
NS
k.root-servers.net (2001:7fd::1)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
ns1.blackrock.com: 193.108.91.23
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns2.blackrock.com
96.7.49.67

Answer: ns3.blackrock.com
23.61.199.64

Answer: ns4.blackrock.com
184.26.160.66

Answer: ns5.blackrock.com
23.211.132.67

Answer: ns6.blackrock.com
95.100.173.65


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
blackrock.com.edgekey.net



1
0
www.blackrock.com



1
0
com.edgekey.net



1
0
blackrock.com
0

no CAA entry found
1
0
edgekey.net
0

no CAA entry found
1
0
net
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
blackrock.com
0f1815be-65d1-4cbf-9fda-f331702621b5
ok
1
0
blackrock.com
18E2-B4A1-A780-E9D8-DE27-00BD-E084-6F52
ok
1
0
blackrock.com
2FE6-F3BB-EDF8-C58F-D2A4-8035-EDCF-AFB0
ok
1
0
blackrock.com
5c6b3a4f931e1cee133989872555093bf795d13585b18b9815abae5b154b34b2
ok
1
0
blackrock.com
amazonses:1HI9lAXiWsijpz4JNXwXz2gQaHC2wXzskAqDUj3RTg8=
ok
1
0
blackrock.com
atlassian-domain-verification=382cypeoFrrqy4R9MkRopItq5Cbixu5CS3S0UGcjZHHS6Rf6Lq/NICGahGifaMk5
ok
1
0
blackrock.com
atlassian-domain-verification=VDrpZs9FnE3/l/dJxRC+0mkjndLafqB2r3l/ztET32a5TZyDfavvWoxVWw+OeokX
ok
1
0
blackrock.com
docusign=a2dbcd74-2a86-49de-b3f6-0c5d794d9f70
ok
1
0
blackrock.com
docusign=b627a610-c752-4e1d-8de5-13f584944729
ok
1
0
blackrock.com
drift-domain-verification=f5a2bbc86ce9fdecab7db01d6dc30ec356433bbc94c69811bf448b99fa661526
ok
1
0
blackrock.com
duo_sso_verification=4Rjlata2GmnHS66E9wbFXjZGtssVPUzUaV5XE4YjDS726aDgVMQOkbZTdmUwjG9m
ok
1
0
blackrock.com
duo_sso_verification=JnQQBWIliQ5FriK2DOPrGg16cJoZiSOfSLUCv02CQtvxU8NXyRChuWaXLem8RizK
ok
1
0
blackrock.com
facebook-domain-verification=jgst7ahvoqwagulxzu7zstebenl0nh
ok
1
0
blackrock.com
google-site-verification=z1Aw-cih_E2FKOWotfSW8RUFHKmTIfB1VXHbV_J6bM8
ok
1
0
blackrock.com
h1-domain-verification=ktpxEvEwdQXJNsQuFywMvSrzMVyqLQXdXK4LzzPHBeUwK6Sa
ok
1
0
blackrock.com
intersight=162938a7f29649663d27ccf1b81d58259224c4820fdd02fa3612e95c123f8ce7
ok
1
0
blackrock.com
miro-verification=eceb7135b08ca0b6c70bfa3efeb5d7a66f1ea1bb
ok
1
0
blackrock.com
mongodb-site-verification=ocUum2f1wfuEq7KWecCMvS3K0fWQLjaP
ok
1
0
blackrock.com
MS=ms38828697
ok
1
0
blackrock.com
postman-domain-verification=1f2166c59f809215f1f2302acee74f2135a8be53fced04f4e9739de6ac7af54be6894cefd27d71d81a9ebae32bf278430985e561d1ab1a216838267a847a3925
ok
1
0
blackrock.com
QKhkBUJSEzOyADjEzY5RtC49rqKCWcl+c1NvPPP3l0+9gSO+nqR+Np2Zs2cpzzvf7BLyScIteZHHljt5j4EuSQ==
ok
1
0
blackrock.com
smartsheet-site-validation=DhO08aWdiKQgWHj44tKwLySIpkgYcV7V
ok
1
0
blackrock.com
v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
ok
1
0
blackrock.com
ZOOM_verify_FsOJw095SMyypVXs8wlBQQ
ok
1
0
blackrock.com
ZOOM_verify_u51YW9QoScOHBUzIhbDgtg
ok
1
0
www.blackrock.com


1
0
blackrock.com.edgekey.net


1
0
_acme-challenge.blackrock.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.blackrock.com

Name Error - The domain name does not exist
1
0
_acme-challenge.blackrock.com.edgekey.net

Name Error - The domain name does not exist
1
0
_acme-challenge.blackrock.com.blackrock.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.blackrock.com.blackrock.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.blackrock.com.www.blackrock.com

Name Error - The domain name does not exist
1
0
_acme-challenge.blackrock.com.edgekey.net.blackrock.com.edgekey.net

Name Error - The domain name does not exist
1
0


15. DomainService - Entries (SPF-Check is alpha - 2024-06-22, DMARC-Detailcheck is alpha - 2024-07-06, SMTP-TLS-Reporting is alpa - 2024-07-13)

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
MX

blackrock.com
10
mxb-00162b01.gslb.pphosted.com
02ok

A


67.231.156.56
01ok

CNAME


00ok
MX

blackrock.com
10
mxa-00162b01.gslb.pphosted.com
02ok

A


67.231.148.58
01ok

CNAME


00ok
SPF
TXT
blackrock.com

v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
ok



16. Cipher Suites

Summary
DomainIPPortnum CipherstimeStd.ProtocolForward Secrecy
blackrock.com
69.52.2.199
443
3 Ciphers62.80 sec
0 without, 3 FS
100.00 %
blackrock.com
69.52.13.199
443
3 Ciphers66.19 sec
0 without, 3 FS
100.00 %
Complete

2
6 Ciphers
3.00 Ciphers/Check
128.99 sec64.49 sec/Check
0 without, 6 FS
100.00 %

Details
DomainIPPortCipher (OpenSsl / IANA)
blackrock.com
69.52.2.199
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
3 Ciphers, 62.80 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDH
RSA
CHACHA20/POLY1305(256)
AEAD



ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDH
RSA
AESGCM(256)
AEAD



ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDH
RSA
AESGCM(128)
AEAD

69.52.13.199
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
3 Ciphers, 66.19 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDH
RSA
CHACHA20/POLY1305(256)
AEAD



ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDH
RSA
AESGCM(256)
AEAD



ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDH
RSA
AESGCM(128)
AEAD


17. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.



Permalink: https://check-your-website.server-daten.de/?i=c7a3c82f-7ffd-49ea-865b-3aa830ff4ab8


Last Result: https://check-your-website.server-daten.de/?q=blackrock.com - 2024-09-01 08:53:57


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=blackrock.com" target="_blank">Check this Site: blackrock.com</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=blackrock.com