Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=src1.yahoo.com
Issuer
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
Valid From
August 21, 2025
Valid Until
February 11, 2026
38 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A9:6A:3E:C8:EF:0E:5B:03:29:91:19:E3:DC:E7:78:0C:E9:77:26:54:56:6B:DD:71:8F:DA:7B:29:16:FB:7D:F9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
default-src; sandbox; img-src; +8 more
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: https://sb.scorecardresearch.com https://*.yahoo.com blob: wss:; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-top-navigation-by-user-activation allow-presentation allow-storage-access-by-user-activation; img-src 'self' https: data: blob: https://*.yimg.com https://bats.video.yahoo.com https://*.scorecardresearch.com https://trk.vidible.tv https://ganon.yahoo.com https://geo.yahoo.com https://api.cloudinary.com https://res.cloudinary.com https://*.amazon-adsystem.com https://geo.yahoo.com https://pbs.yahoo.com https://*.pubmatic.com https://*.adsrvr.org https://static.criteo.com https://*.casalemedia.com https://*.taboola.com https://*.rubiconproject.com https://*.openx.net https://ads.yieldmo.com http://static.yieldmo.com https://*.media.net https://*.3lift.com https://*.sharethrough.com https://*.lijit.com https://*.indexww.com https://geo.yahoo.com https://ep1.adtrafficquality.google https://*.facebook.com https://*.kargo.com https://sync.kueezrtb.com https://*.mediago.io https://*.postrelease.com https://*.yellowblue.io https://*.sonobi.com https://*.lijit.com https://*.1rx.io https://*.cootlogix.com https://p.rfihub.com https://www.google.com/s2/favicons; object-src https://*.engadget.com https://s.yimg.com https://api.cloudinary.com https://o.aolcdn.com; worker-src 'self' blob:; manifest-src 'self' https://s.yimg.com; font-src 'self' data: https://*.engadget.com https://s.yimg.com https://fonts.gstatic.com https://*.spot.im https://assets.video.yahoo.net https://cdn.taboola.com; connect-src 'self' https://*.engadget.com https://*.liadm.com https://s.yimg.com https://*.yahoo.net https://*.yahoo.com https://*.yahoosandbox.com https://*.oath.com https://*.cdn.yimg.com https://ad.doubleclick.net https://*.doubleverify.com https://*.googlesyndication.com https://*.spot.im https://*.giphy.com https://*.vidible.com https://*.media.yahoo.com:4443 https://*.skimresources.com https://*.taboola.com https://securepubads.g.doubleclick.net https://*.spotim.market https://*.criteo.com https://*.criteo.net https://*.pubmatic.com https://*.rubiconproject.com https://ap.lijit.com https://rtb.gumgum.com https://*.openx.net https://*.adtelligent.com https://htlb.casalemedia.com http://ssum-sec.casalemedia.com https://*.creativecdn.com https://*.adnxs.com https://api.rlcdn.com https://*.adsrvr.org https://*.adform.net https://*.uplynk.com https://*.doubleclick.net https://d1z2jf7jlzjs58.cloudfront.net https://*.aniview.com https://*.ad-score.com https://polarcdn-terrax.com https://*.polarcdn-terrax.com https://polarcdn-engine.com https://polarcdn-pentos.com https://videodelivery.net https://*.videodelivery.net https://sf-hs-sg.ibytedtos.com https://b1h.zemanta.com https://hb-api.omnitagjs.com https://video-api.yql.yahoo.com https://edgecast-vod.yimg.com https://edgecast-vod.yahoo.net https://*.vpg.cdn.yimg.com https://media.zenfs.com https://assets.video.yahoo.net https://tpc.googlesyndication.com/ima3vpaid https://*.adsafeprotected.com https://api.cloudinary.com https://*.media.net https://events.newsroom.bi https://flowcards.mrf.io https://compassdata.mrf.io https://sdk.mrf.io https://s.yimg.com/oa/ https://api.privacy-center.org/v1/events https://api.privacy-center.org/v1/metrics https://api.privacy-center.org/v1/sync https://api.privacy-center.org/v1/locations https://ec.yimg.com/didomi https://guce.engadget.com/ https://guce.oath.com/ https://consent.yahoo.com/ https://i.clean.gg https://ads.yieldmo.com http://static.yieldmo.com https://*.3lift.com https://*.sharethrough.com https://*.lijit.com https://*.indexww.com https://sdk.privacy-center.org/f5623e34-377a-419c-8bb7-3928cebffbc9/ https://snippet.affilimate.io/ https://snippet.affilimatejs.com https://pub.affilimateapis.com https://pub-eu.affilimateapis.com https://api.assertcom.de https://icu.newsroom.bi/ingest.php https://tlx.3lift.com https://ads.yieldmo.com https://*.google-analytics.com https://api.alyavista.com https://*.seedtag.com https://search.yahoo.com https://connect.facebook.net https://*.facebook.com https://sync.kueezrtb.com https://exchange.kueezrtb.com https://sync.go.sonobi.com https://apex.go.sonobi https://pbs-yahoo-us.ay.delivery https://pbs-yahoo-eu.ay.delivery https://pbs-yahoo-apac.ay.delivery https://c.aps.amazon-adsystem.com https://*.amazon-adsystem.com https://*.publisher-services.amazon.dev https://vector.hereapi.com https://js.api.here.com https://browser-intake-datadoghq.com https://dataplane.rum.us-east-1.amazonaws.com https://dataplane.rum.us-west-2.amazonaws.com https://mpc-prod-16-s6uit34pua-uk.a.run.app https://hb.emxdgt.com https://prg.smartadserver.com https://reachms.bfmio.com https://targeting.unrulymedia.com https://api.vetted.ai https://api.reefpig.com https://*.rudderstack.com; frame-ancestors 'self' https://*.engadget.com https://*.oath.com https://*.yahoo.com; report-uri https://csp.yahoo.com/beacon/csp?src=commerce; report-to csp-endpoint;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
75 domains
*.yahoo.com
*.ouryahoo.com
src1.yahoo.com
*.advertising.yahoo.com
*.isp.yahoo.com
*.knowledge.yahoo.com
*.aol.ca
*.aol.co.uk
*.aol.com
*.onemobile.aol.com
*.ops.aol.com
*.web.aol.com
*.aol.de
*.aol.fr
*.aol.jp
*.brightroll.com
*.builtbygirls.com
*.yahoo.co.id
*.yahoo.co.in
*.yahoo.co.th
*.yahoo.com.cn
*.yahoo.com.hk
*.yahoo.com.my
*.yahoo.com.ph
*.yahoo.com.sg
*.yahoo.com.tw
*.yahoo.com.vn
*.crunchgear.com
*.engadget.com
*.games.com
*.joystiq.com
*.makers.com
*.maktoob.com
*.mobilecrunch.com
*.isp.netscape.com
*.notdonedocumentary.com
*.notdonefilm.com
*.oath.com
*.ouroath.com
*.glp.searchjam.com
*.teamaol.com
*.techcrunchit.com
*.verizonmedia.com
*.broman.vzbuilders.com
*.vzbuilders.com
*.yahoo.bg
*.yahoo.ca
*.yahoo.cn
*.yahoo.co
*.yahoo.co.nz
*.yahoo.co.uk
*.yahoo.com.ar
*.yahoo.com.au
*.yahoo.com.br
*.yahoo.com.mx
*.yahoo.de
*.yahoo.ee
*.yahoo.es
*.yahoo.fr
*.yahoo.hk
*.yahoo.hu
*.yahoo.ie
*.yahoo.in
*.yahoo.it
*.yahoo.net
*.yahoo.ph
*.yahoo.pt
*.yahoo.sg
*.yahooapis.com
*.yahoofinance.com
*.yahooinc.com
*.yahoomusic.com
*.yahoosmallbusiness.com
*.yahoosports.com
*.yahoosportsbook.com
Other domains in certificate