Open
Cached
·
just now
86/100
SECURITY SCORE
Certificate Information
Subject
CN=foundry-usc-2.status.palantir.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 21, 2025
Valid Until
March 21, 2026
66 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
15:94:BD:B6:25:38:17:A8:F5:B8:D5:C6:B6:FB:BF:46:59:D8:26:5F:1F:CE:C7:75:E7:5D:2A:40:A1:D7:39:6D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=259200
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
35 domains
status.pagely.com
status2.aarnet.edu.au
status.abeta.co.uk
status.airbridge.io
status.aisera.com
status.aspentech.ai
status.avochato.com
status.bi360.com
status.bitbrew.com
status.ede-shop.de
status.factorialhr.com
status.files.com
status.foleon.com
status.genetec.com
status.getflow.com
status.gocommotion.com
status.hginsights.com
vmonline-status.ids.io
status-test.illinoisstate.edu
status.intricately.com
status.jooxter.com
status.mycasavi.com
status.orbeeauto.com
status.oswald.ai
foundry-usc-2.status.palantir.com
status.peakon.com
up.glasshouse.qld.edu.au
status.razer.com
systemstatus.rentfurniture.com
status.seedcx.com
status.sendwyre.com
status.snc.edu
status.trychameleon.com
status.upsiide.com
status.zenoss.io
Other domains in certificate