Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=src6.yahoo.com
Issuer
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
Valid From
July 08, 2025
Valid Until
December 31, 2025
49 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
26:6F:51:AF:28:B0:B0:2A:A3:96:AF:D2:A9:2A:FE:10:46:6F:2B:83:98:B8:04:F5:EF:BB:9C:12:1D:C5:6B:FC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Weak
upgrade-insecure-requests; block-all-mixed-content; sandbox
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Significantly strengthen CSP directives
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Incident Reporting
mailto:[email protected]
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
92 domains
aol.jp
alephd.com
alephd.fr
altomail.com
www.altomail.com
aol.ca
aol.co.uk
aol.com
corp.aol.com
mail.latino.aol.com
webmail.aol.com.br
aol.de
aol.fr
sfrclient.welcome.aol.fr
beboundless.jp
brightroll.com
www.brightroll.com
m.order.yahoo.com.tw
csi.com
www.csi.com
engadget.com
gamedailyxl.com
www.gamedailyxl.com
gamerfeed.com
www.gamerfeed.com
gamescanvas.com
www.gamescanvas.com
gamesdomain.com
www.gamesdomain.com
deals.gdgt.com
joystiq.com
luxist.com
makers.com
money-a2z.com
netdeals.com
netfind.com
helpisp.netscape.com
netscape.com
www.netscape.com
oath.com
parentdish.ca
pets.world
ryotstudio.co.uk
see-it.live
shelterpop.com
shopfone.com
sport-king.com
streampad.com
stylelist.com
tech24.deals
tech247.co
thatsfit.ca
thegifts.co
theparanoids.com
www.theparanoids.com
think24-7.com
uk.360.yahoo.com
blog.postmaster.verizonmedia.com
maw-looker-api.analytics.verizonmedia.com
maw.analytics.verizonmedia.com
viral.site
broman.vzbuilders.com
when.com
wmconnect.com
wow.com
att.my.yahoo.com
au.be.yahoo.com
au.solutions.yahoo.com
dns.ops.yahoo.com
hk.ent.yahoo.com
hk.mobi.yahoo.com
hk.smartr.yahoo.com
hk.youcard.yahoo.com
id.berita.yahoo.com
id.omg.search.yahoo.com
kr.edit.billing.yahoo.com
kr.img.search.yahoo.com
mando.data.yahoo.com
no.profiles.yahoo.com
src6.yahoo.com
tw.mobi.yahoo.com
tw.smartr.yahoo.com
tw.youcard.yahoo.com
www.ar.yahoo.com
yahoo.dev
tw.discount.yahoo.net
www.yahooforcreators.com
yahooforcreators.com
www.yahoogames.com
yahoogames.com
www.yahoogamez.com
yahoogamez.com
Other domains in certificate