Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=src5.yahoo.com
Issuer
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
Valid From
August 19, 2025
Valid Until
February 11, 2026
89 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E4:36:7A:C2:A3:13:5C:58:E7:F6:85:FF:47:D2:CB:22:88:D6:87:1D:B6:DE:B9:F3:09:09:F0:D7:A9:6B:3B:A1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Weak
upgrade-insecure-requests; block-all-mixed-content; sandbox
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Significantly strengthen CSP directives
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Incident Reporting
mailto:[email protected]
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
84 domains
aim.com
anyprice.com
aollatino.com
aollistens.com
aolsearch.com
autoblog360.com
autos.parts
autos24-7.com
baby.guide
buildseries.com
chowist.com
citypedia.com
yahoo.monday.com.tw
conspiracy-land.com
www.conspiracy-land.com
convertro.com
couponbear.com
dailyfinance.com
diylife.com
enow.com
fashion.life
fast.rentals
find.furniture
foodbegood.com
formatjs.io
furniture.deals
gamer.site
games.com
gdgt.com
getnetscape.com
glamorbank.com
golocal.guru
greendaily.com
health.zone
health247.com
homesessive.com
housingwatch.com
insurance24-7.com
intheknow.com
intljs.io
intoautos.com
job-sift.com
kitchendaily.com
know-legal.com
kol.com
learn-247.com
purecss.io
thisisryot.com
thisisryot.net
thisisryot.org
verizonmedia.com
console-cd.vespa.vzbuilders.com
console.vespa.vzbuilders.com
opentext.corp.vzbuilders.com
hk.auctions.yahoo.com
hk.info.auctions.yahoo.com
intheknow.yahoo.com
postmaster.mail.yahoo.com
src5.yahoo.com
tw.search.bid.yahoo.com
tw.search.buy.yahoo.com
tw.search.mall.yahoo.com
tw.uwant.yahoo.com
www.be.yahoo.com
www.en-maktoob.yahoo.com
www.fr-be.yahoo.com
www.nz.yahoo.com
www.za.yahoo.com
adtech.yahooinc.co.uk
adtech.yahooinc.com.au
adtech.yahooinc.de
adtech.yahooinc.es
adtech.yahooinc.fr
adtech.yahooinc.it
adtech.yahooinc.nz
www.yahoomobile.com
yahoomobile.com
www.yahoosports.com
yahoosports.com
yuiblog.com
yuigallery.com
www.yuilibrary.com
yuilibrary.com
yuitheater.com
Other domains in certificate