Is jpmorgan.com legit?

90
/ 100
Trusted
Industry: Finance

This website is Trusted. It demonstrates excellent security practices, strong infrastructure, and clear identity, with only minor gaps in some external reputation checks and certificate rotation schedules.

Finance average: 82/100 · based on 48 sites

Checked: April 30, 2026 at 1:01 PM UTC

Is jpmorgan.com a scam? Here's what we found.

Security 90/100

The security posture is excellent, featuring modern TLS 1.3, an HSTS header, content security policy, and clean Google Web Risk results. The only minor concerns are the unavailable Certificate Transparency data and a looming certificate expiration.

Identity 95/100

The domain boasts a remarkable age of over 34 years, indicative of a well-established entity. It's registered through a reputable corporate registrar, clearly establishing a long-standing and transparent identity.

Reputation 85/100

Overall reputation appears very strong due to the clean DNS blacklist status and high Tranco rank. However, the lack of a Trustpilot profile and unavailability of Web Archive data mean some external and historical reputation checks could not be fully completed.

Transparency 100/100

This site exhibits strong transparency with readily available contact information, legal pages, a robust social media presence, and complete branding elements.

Compliance 100/100

The presence of both a privacy policy and terms of service pages indicates a commitment to legal and user-centric compliance. This is standard for a business of this nature.

Infrastructure 100/100

The infrastructure is robust, with multiple DNS resolvers, numerous name servers from reputable providers, comprehensive email (MX) records, and DMARC configured for email authenticity. Page load times are also excellent.

Signals Detected

[+]
Tranco Rank: Rank #5541

This is a well-known, high-traffic website

[?]
Structured Data: None found

No structured data markup found

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
Domain Age: 34 years, 6 months

Domain created 1992-04-24T04:00:00Z (34 years, 6 months ago)

[?]
Registrar: MarkMonitor Inc.

Registered through MarkMonitor Inc.

[+]
Domain Expiry: 2028-04-25T04:00:00Z

Expires in 725 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
DNS Resolution: 3 IP(s)

Resolves to: 146.143.70.109, 146.143.198.109, 146.143.134.109

[+]
Email (MX Records): 4 record(s)

Mail servers: cluster14.us.messagelabs.com., cluster14.us.messagelabs.com., cluster14.us.messagelabs.com., cluster14a.us.messagelabs.com.

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[+]
Name Servers: 6 server(s)

DNS providers: ns2.jpmorganchase.com., ns0098.secondary.cloudflare.com., ns06.jpmorganchase.com., ns1.jpmorganchase.com., ns0221.secondary.cloudflare.com., ns05.jpmorganchase.com.

[?]
Certificate Transparency: Unable to check

crt.sh returned status 429

[+]
SSL Certificate: Valid

Valid certificate, expires in 33 days

[?]
Certificate Issuer: DigiCert Inc

Certificate issued by DigiCert Inc

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[+]
Branding: Complete

Site has custom branding and social media metadata

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[+]
Clickjacking Protection: Present

X-Frame-Options: SAMEORIGIN

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
robots.txt: Present

robots.txt has 9 directives and references a sitemap

[+]
Website Status: Online

Website is live and responding

[+]
Contact Info: Found

Website appears to have contact information

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[+]
Social Media Presence: 5 platforms

Website links to multiple social media platforms

[+]
Sitemap: 68 pages

Site maintains a proper sitemap with 68 indexed pages

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[+]
Page Load Time: 875ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for jpmorgan.com
<a href="https://verified.fyi/review/jpmorgan.com"><img src="https://verified.fyi/badge/jpmorgan.com?size=medium&style=full&theme=dark" alt="jpmorgan.com trust score — verified.fyi" /></a>
[![jpmorgan.com trust score](https://verified.fyi/badge/jpmorgan.com?size=medium&style=full&theme=dark)](https://verified.fyi/review/jpmorgan.com)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating the legitimacy of a major financial institution like JPMorgan Chase, a long-standing digital presence is a huge indicator of trustworthiness. Unlike smaller or newer digital-first companies that might struggle for visibility, a behemoth like JPMorgan operates with an established online identity that has been meticulously maintained for decades. The domain's creation date back in 1992 isn't just an arbitrary number; it signifies a continuous, professional operation in the digital space since the internet's early days. This kind of longevity is almost impossible for fraudulent entities to replicate, as they typically have much shorter lifespans. For a financial website, security is non-negotiable. JPMorgan.com excels here, employing advanced security protocols like TLS 1.3 and HSTS, which are essential for safeguarding sensitive user data during transactions and interactions. These are not optional extras but fundamental components expected of any legitimate bank. Furthermore, the website's infrastructure, including sophisticated email authentication (SPF and DMARC), demonstrates a commitment to preventing phishing attempts and securing communication, protecting both the bank and its customers from common cyber threats. Any website handling financial data without these layers of protection should raise immediate red flags, but jpmorgan.com clearly prioritizes these critical safeguards.