Open
Cached
·
just now
86/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=yho.com
Issuer
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
Valid From
September 02, 2025
Valid Until
February 25, 2026
108 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E4:99:95:B8:E2:8B:2F:22:28:55:5C:76:51:C5:62:8E:AE:48:AE:20:1E:3D:5C:69:67:74:CC:DF:46:EA:B5:5A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.0
TLS 1.1
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
Warnings
- • TLS 1.1 is deprecated and should be disabled
- • TLS 1.0 is deprecated and should be disabled
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
*.yahoo.com
*.adspecs.yahoo.com
*.adx.yahoo.com
*.aide.yahoo.com
*.aiuto.yahoo.com
*.ajuda.yahoo.com
*.ajutor.yahoo.com
*.att.yahoo.com
*.autos.yahoo.com
*.ayuda.yahoo.com
*.bantuan.yahoo.com
*.beauty.yahoo.com
*.cds.yahoo.com
*.celebridades.yahoo.com
*.celebrity.yahoo.com
*.cine.yahoo.com
*.cinema.yahoo.com
*.creators.yahoo.com
*.data.yahoo.com
*.deportes.yahoo.com
*.downloads.yahoo.com
*.ec.yahoo.com
*.entertainment.yahoo.com
*.esports.yahoo.com
*.eurosport.yahoo.com
*.fantasysports.yahoo.com
*.financas.yahoo.com
*.finance.yahoo.com
*.finanzas.yahoo.com
*.finanzen.yahoo.com
*.games.yahoo.com
*.health.yahoo.com
*.help.yahoo.com
*.hilfe.yahoo.com
*.kino.yahoo.com
*.lifestyle.yahoo.com
*.local.yahoo.com
*.martech.yahoo.com
*.media.yahoo.com
*.mobi.yahoo.com
*.mobile.yahoo.com
*.movies.yahoo.com
*.mujer.yahoo.com
*.music.yahoo.com
*.mysterio.yahoo.com
*.nachrichten.yahoo.com
*.news.yahoo.com
*.noticias.yahoo.com
*.notizie.yahoo.com
*.people.yahoo.com
*.pomoc.yahoo.com
*.query.yahoo.com
*.screen.yahoo.com
*.secure.yahoo.com
*.seguridad.yahoo.com
*.shopping.yahoo.com
*.sports.yahoo.com
*.stars.yahoo.com
*.style.yahoo.com
*.tech.yahoo.com
*.trendr.yahoo.com
*.trogiup.yahoo.com
*.tv.yahoo.com
*.vida-estilo.yahoo.com
*.video.yahoo.com
*.weather.yahoo.com
api.view.yahoo.com
id.berita.yahoo.com
tw.buy.yahoo.com
ucs.netsvs.yahoo.com
*.beta.finance.yahoo.com
*.experiences.media.yahoo.com
*.football.fantasysports.yahoo.com
*.golf.fantasysports.yahoo.com
*.pr.finance.yahoo.com
*.tournament.fantasysports.yahoo.com
beboundless.jp
*.beboundless.jp
*.ec-horizontal-rewards.aws.oath.cloud
*.oath.com
*.publishing.oath.com
maw.ouroath.com
*.maw.ouroath.com
*.adshowcase.verizonmedia.com
*.adspecs.verizonmedia.com
*.verizonmedia.com
*.www.verizonmedia.com
brb.yahoo.net
enlight.yahoo.net
forums.yahoo.net
*.fantasysports.yahooapis.com
*.yahooapis.com
*.adshowcase.yahooinc.com
*.adspecs.yahooinc.com
*.adtech.yahooinc.com
*.analytics.yahooinc.com
*.search.yahooinc.com
*.www.yahooinc.com
*.yahooinc.com
yho.com
Other domains in certificate