SSL Certificate Analysis for jll.eu - Security Grade & TLS Configuration | DNS Gurus

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

C=US, ST=Illinois, L=Chicago, O=Jones Lang LaSalle IP, Inc., CN=sansites6.jll.com

Issuer

C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1

Valid From

October 21, 2025

Valid Until

October 21, 2026 326 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

ECDSA-SHA384

SHA-256 Fingerprint

B7:2C:1A:F4:FA:5F:2F:DC:F2:13:A2:5D:52:99:E4:C0:4F:60:00:49:74:C1:A3:25:7C:F2:92:71:3B:F2:16:82

Alternative Names

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15768000 ; includeSubDomains

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

99 domains

jll.eu www.jll.eu

Other domains in certificate

3000state.com www.3000state.com

staging.afpaces.com up-assessment-staging.afpaces.com

aaronvanderpoel.prism.beifederation.com abdulrub.prism.beifederation.com anushreeshetty.prism.beifederation.com api.predev.prism.beifederation.com api.qa.prism.beifederation.com architmishra.prism.beifederation.com avatar.predev.prism.beifederation.com avatar.qa.prism.beifederation.com bhaskardas.prism.beifederation.com danielcender.prism.beifederation.com developerx.prism.beifederation.com eduardourrutia.prism.beifederation.com elbapi.plab.v2.beifederation.com gauravkumar.prism.beifederation.com green-pmapi.dev.core.beifederation.com jeromeduguaysouc.prism.beifederation.com jogendradhaka.prism.beifederation.com minsupko.prism.beifederation.com nitishasrivastav.prism.beifederation.com predev.prism.beifederation.com qa.prism.beifederation.com reports.dev.prism.beifederation.com

apac-uat.prism.buildingengines.com apac.prism.buildingengines.com api.apac-uat.prism.buildingengines.com api.apac.prism.buildingengines.com api.dr.prism.buildingengines.com api.prism.buildingengines.com api.prod.prism.buildingengines.com api.stg.prism.buildingengines.com avatar.prism.buildingengines.com avatar.stg.prism.buildingengines.com green-pmapi.app.buildingengines.com prod.prism.buildingengines.com reports.prism.buildingengines.com reports.stg.prism.buildingengines.com stage.prism.buildingengines.com stg.prism.buildingengines.com

www.property.jll.co.id

brightstone.co.in dev.brightstone.co.in portal.jllhomes.co.in stg.brightstone.co.in www.brightstone.co.in www.property.jll.co.in

www.property.jll.co.th

www.property.jll.com.sg

am-platformservices.corrigo.net apac-platformservices.corrigo.net emea-platformservices.corrigo.net ent-noc-latam.corrigo.net pro-noc-apac.corrigo.net pro-noc-latam.corrigo.net wonproviderivr.corrigo.net

jll-properties.cz www.jll-properties.cz

jll.co

mylettings.jll.co.uk mytenancy.jll.co.uk

admin.ca.sbp.jll.com admin.sbp.jll.com admin.symdev.apps.maximo-aro-dev.jll.com admin.us.sbp.jll.com api.symdev.apps.maximo-aro-dev.jll.com auth.symdev.apps.maximo-aro-dev.jll.com ca.sbp.jll.com global.safety.live.jll.com home.symdev.apps.maximo-aro-dev.jll.com maxinst.manage.symdev.apps.maximo-aro-dev.jll.com ridgewayboulder.resource.jll.com sansites6.jll.com symdev-all.manage.symdev.apps.maximo-aro-dev.jll.com symdev.home.symdev.apps.maximo-aro-dev.jll.com symdev.manage.symdev.apps.maximo-aro-dev.jll.com us.sbp.jll.com

www.property.jll.com.au

dataroom.jll.nz www.property.jll.nz

data-dev-analytics.azara.jllt.com sandbox-analytics.azara.jllt.com

inspections.eu.joneslanglasalle.com

dev.lifetimecapital.co.uk lifetimecapital.co.uk stg.lifetimecapital.co.uk www.lifetimecapital.co.uk

cms.magazyny.pl

beta.realaccess.com commercial2.realaccess.com drawingservercloud.realaccess.com residential.realaccess.com

dev.signalsiq.io signalsiq.io

www.triangleinnovationpoint.com

Free Cloud Credits

Get free credits to test cloud platforms

DigitalOcean

Get $200 in credits

Linode

Get $100 in credits

UpCloud

Get €25 in credits