Open
Cached
·
just now
85/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=src4.yahoo.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
Valid From
October 27, 2025
Valid Until
April 22, 2026
154 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
32:35:E9:F4:A5:27:EA:3B:81:A1:37:A6:34:B3:24:11:D9:9A:F6:2B:51:07:2A:76:07:68:BF:08:40:6D:88:0D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Weak
frame-ancestors; sandbox; report-uri
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
about.yahoo.com
careers.yahoo.com
labs.yahoo.com
ontheroad.yahoo.com
partners.yahoo.com
postmaster.yahoo.com
src4.yahoo.com
style.yahoo.com
transparency.yahoo.com
au.astrology.yahoo.com
au.entertainment.yahoo.com
au.food.yahoo.com
au.gwn7.yahoo.com
au.health.yahoo.com
au.horoscopes.yahoo.com
au.lifestyle.yahoo.com
au.movies.yahoo.com
au.pets.yahoo.com
au.recipes.yahoo.com
au.style.yahoo.com
au.travel.yahoo.com
au.tv.yahoo.com
au.video.yahoo.com
br.seguranca.yahoo.com
brooklyn.ops.yahoo.com
es-us.seguridad.yahoo.com
es.seguro.yahoo.com
evaluate.data.yahoo.com
hk.charity.yahoo.com
jira.corp.yahoo.com
jp.search.yahoo.com
me.advertising.yahoo.com
onramp.dh.yahoo.com
tv.widgets.yahoo.com
tw.messenger.yahoo.com
vn.antoan.yahoo.com
www.in.yahoo.com
www.it.yahoo.com
www.legal.yahoo.com
www.maktoob.yahoo.com
www.malaysia.yahoo.com
www.ph.yahoo.com
www.qc.yahoo.com
www.ro.yahoo.com
www.se.yahoo.com
www.sg.yahoo.com
www.tw.yahoo.com
www.uk.yahoo.com
www.vn.yahoo.com
yo.corp.yahoo.com
hk.forum.search.yahoo.com
tw.autos.search.yahoo.com
tw.blog.search.yahoo.com
24-7.pet
247.vacations
5min.com
adtechus.com
gochat.desktop.aol.com
compuserve.com
finance.yahoo
flurry.com
monetization.flurry.com
mail.yahoo
advertising.maktoob.com
oathadplatform.com
oathadplatforms.com
gsd.ouroath.com
www.platinumpetpremonitions.com
glp.searchjam.com
www.yahoo-inc.com
yahoo-inc.com
weather.gwn7.yahoo.com.au
weather.prime7.yahoo.com.au
yahoo.finance
cricket.yahoo.net
education.yahoo.net
tw.news.yahoo.net
www.yahoo.net
yahoo.net
www.yahoocreator.com
yahoocreator.com
yahoocreators.com
yahoofinance.com
yahoofinanceinvest.com
yahoohealth.com
yahooinc.com
yahoosports.tv
yahoostyle.com
Other domains in certificate