Open
Cached
·
just now
73/100
SECURITY SCORE
Certificate Information
Subject
CN=*.artsinstitute.wisc.edu
Issuer
C=US, O=Amazon, CN=Amazon RSA 2048 M01
Valid From
October 07, 2025
Valid Until
November 05, 2026
356 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4C:E3:23:A9:1E:48:F3:4D:EA:61:B5:0A:C9:EF:3D:90:ED:92:A2:29:99:6D:AD:27:99:65:AA:D4:B7:E5:AF:3F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
97 domains
ageinplace.wisc.edu
ancientengrtech.wisc.edu
badgersinretailing.wisc.edu
communityaltar.wisc.edu
esra.wisc.edu
kirchdoerferlab.wisc.edu
majordiscoveryweek.wisc.edu
mayrent.wisc.edu
msfe.wisc.edu
parenthetical.wisc.edu
pophealth.wisc.edu
quitline.wisc.edu
wgpi.wisc.edu
widiabetesregistry.wisc.edu
wirose.wisc.edu
*.ageinplace.wisc.edu
*.ancientengrtech.wisc.edu
*.artsinstitute.wisc.edu
*.badgersinretailing.wisc.edu
*.communityaltar.wisc.edu
*.doit.wisc.edu
*.education.wisc.edu
*.em.wisc.edu
*.esra.wisc.edu
*.genetics.wisc.edu
*.history.wisc.edu
*.it.wisc.edu
*.kirchdoerferlab.wisc.edu
*.lss.wisc.edu
*.majordiscoveryweek.wisc.edu
*.mayrent.wisc.edu
*.medicine.wisc.edu
*.msfe.wisc.edu
*.obgyn.wisc.edu
*.parenthetical.wisc.edu
*.pathology.wisc.edu
*.plantpath.wisc.edu
*.pophealth.wisc.edu
*.quitline.wisc.edu
*.recsports.wisc.edu
*.soc.wisc.edu
*.soils.wisc.edu
*.students.wisc.edu
*.uwcc.wisc.edu
*.wgpi.wisc.edu
*.widiabetesregistry.wisc.edu
*.wirose.wisc.edu
*.wsb.wisc.edu
aday.education.wisc.edu
boss.pophealth.wisc.edu
covid19.international.wisc.edu
eps.education.wisc.edu
freylab.biochem.wisc.edu
games.education.wisc.edu
global.education.wisc.edu
hersheylab.bact.wisc.edu
internal.students.wisc.edu
intranet.emed.wisc.edu
jfhoude.econ.wisc.edu
kinesintranet.education.wisc.edu
laso.pophealth.wisc.edu
nfarm.bact.wisc.edu
pikelab.biochem.wisc.edu
shield.medicine.wisc.edu
sonar.bact.wisc.edu
trenthamdietzlab.pophealth.wisc.edu
*.aday.education.wisc.edu
*.admin.education.wisc.edu
*.aheadd.waisman.wisc.edu
*.boss.pophealth.wisc.edu
*.covid19.international.wisc.edu
*.cow.waisman.wisc.edu
*.cyshcn.waisman.wisc.edu
*.eps.education.wisc.edu
*.freylab.biochem.wisc.edu
*.games.education.wisc.edu
*.global.education.wisc.edu
*.goldsmithtwins.waisman.wisc.edu
*.hartleylab.waisman.wisc.edu
*.hersheylab.bact.wisc.edu
*.infantlearning.waisman.wisc.edu
*.internal.students.wisc.edu
*.intranet.emed.wisc.edu
*.intranet.waisman.wisc.edu
*.intranet.wsb.wisc.edu
*.jfhoude.econ.wisc.edu
*.laso.pophealth.wisc.edu
*.littlelisteners.waisman.wisc.edu
*.nfarm.bact.wisc.edu
*.pikelab.biochem.wisc.edu
*.shield.medicine.wisc.edu
*.sonar.bact.wisc.edu
*.trenthamdietzlab.pophealth.wisc.edu
*.wecp.waisman.wisc.edu
*.wic.waisman.wisc.edu
*.wicii.waisman.wisc.edu
*.wilend.waisman.wisc.edu