Open
Cached
·
just now
84/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New Hampshire, L=Portsmouth, O=Liberty Mutual Insurance Company, CN=techcampus.libertymutual.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
Valid From
January 12, 2026
Valid Until
September 24, 2026
242 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
04:93:B4:45:AA:91:AF:F3:3E:85:88:FA:5B:AE:F7:4E:B9:92:D2:52:94:82:C7:3B:24:7C:A0:01:4C:6E:AA:12
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Good
default-src; connect-src; font-src; +3 more
default-src 'none'; connect-src 'self' wss://p.zpa-auth.net https://caa.prod.zpath.net; font-src 'self'; img-src data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
85 domains
ecxmlservices-leg1.lmig.com
ecxmlservices-leg2.lmig.com
ecxmlservices.lmig.com
forge.lmig.com
hold2-eservices-kc.lmig.com
ithd-chat-teams-prod.lmig.com
legalhold.lmig.com
lps.lmig.com
myliberty-metadata-api.lmig.com
mypassword-pilot.lmig.com
netbeez.lmig.com
netbeezconsole.lmig.com
www.concur-lit.lmig.com
www.gowandry.com
hellochaser.com
www.hellochaser.com
apis.helmsmantpa.com
lmidp.helmsmantpa.com
helpingyousucceed-libertymutual.com
libertygts.com
www.libertygts.com
1099portal.libertymutual.com
access.libertymutual.com
agentportal.libertymutual.com
azure-spi.libertymutual.com
ci-policyquoteapi.libertymutual.com
developers.libertymutual.com
easmd.libertymutual.com
eclps-bcdr.libertymutual.com
ecxmlservices-kc-leg1.libertymutual.com
ecxmlservices-kc-leg2.libertymutual.com
ecxmlservices-kc.libertymutual.com
eventphotos.libertymutual.com
fieldglass.libertymutual.com
hold-mytoken.libertymutual.com
hq2.libertymutual.com
hscct-app-gateway.libertymutual.com
idp-spi.libertymutual.com
lisa.libertymutual.com
lmidp.libertymutual.com
lps.libertymutual.com
mycareerdevelopmentcenter.libertymutual.com
relativity.libertymutual.com
reservation-system.libertymutual.com
sms-kdc-leg1.libertymutual.com
sms-kdc-leg2.libertymutual.com
sms-kdc.libertymutual.com
sms-pdc-leg1.libertymutual.com
sms-pdc-leg2.libertymutual.com
sms-pdc.libertymutual.com
sms.libertymutual.com
storefront.libertymutual.com
sureroute-pdc.libertymutual.com
techcampus.libertymutual.com
therightfit.libertymutual.com
torchbearers.libertymutual.com
tprm.libertymutual.com
unclaimedpropertyportal.libertymutual.com
libertymutualcommunications.com
www.libertymutualcommunications.com
libertymutualfoundation.org
www.libertymutualfoundation.org
fusionrestapiapp.libertymutualgroup.com
www.viewpoint.libertymutualgroup.com
libertymutualstrategicventures.com
lmidp.libertymutualsurety.com
prod.lmi.co
prod.lmig.co
prodll.lmig.co
www.lmig.co
csvideo.lmigex.com
emailtraining.lmigex.com
eventapps.lmigex.com
invitationalassets.lmigex.com
qcc.lmigex.com
risktrac-csp.lmigex.com
risktracdirector-hms.lmigex.com
risktracdirector-lmi.lmigex.com
tech.lmigex.com
welcome.lmigex.com
redirect.lmins.co
www.lmstrategicventures.com
lmb.mylibertyconnection.com
redirect.safins.co
media.solarialabs.com
Other domains in certificate