Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=src1.yahoo.com
Issuer
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
Valid From
August 21, 2025
Valid Until
February 11, 2026
31 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A9:6A:3E:C8:EF:0E:5B:03:29:91:19:E3:DC:E7:78:0C:E9:77:26:54:56:6B:DD:71:8F:DA:7B:29:16:FB:7D:F9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
connect-src; default-src; font-src; +12 more
connect-src 'self' wss://*.finance.yahoo.com/ https://*.cdn.yimg.com https://*.oath.com https://*.yahoo.com https://*.yahoo.net https://api.alyavista.com https://api.privacy-center.org https://bam.nr-data.net/ https://dpm.demdex.net/ https://guce.yahoofinance.com https://oathmembershipsupport.my.salesforce-sites.com/ https://oathmembershipsupport.my.salesforce.com/ https://s.yimg.com https://sdk.privacy-center.org/f5623e34-377a-419c-8bb7-3928cebffbc9/ https://smetrics.att.com/ https://files.quartr.com/streams/ https://b.trueanthem.com/ https://*.googlesyndication.com https://*.adtrafficquality.google https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.google.com https://*.google.de https://*.google.com.au https://*.google.ca https://*.google.co.uk https://*.google.co.nz https://*.google.com.sg https://*.google.es https://*.google.fr https://*.google.it https://*.google.com.br https://*.google.com.hk; default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://s.yimg.com; frame-ancestors 'self' https://www.aol.com https://www.aol.co.uk https://www.aol.de https://www.aol.ca https://*.ouryahoo.com https://news.yahoo.com https://local.cm.yahoo.com https://cm-ui.staging.yahoo.com https://cm-ui.yahoo.com; frame-src 'self' https://*.abcnews.go.com https://*.advertising.com https://*.bbc.co.uk https://*.chartbeat.com https://*.clicktivatedvideoplayer.com https://*.deezer.com https://*.delivery.vidible.tv https://*.dailymotion.com/ https://*.etonline.com https://*.facebook.com https://*.google.com https://*.hulu.com https://*.instagram.com https://*.jac.yahoosandbox.com https://*.livestream.com https://*.mtvnservices.com https://*.myfinance.com https://*.nbc.com https://*.nytimes.com https://*.oath.com https://*.reuters.com https://*.scribd.com https://*.smartasset.com https://*.soundcloud.com https://*.spotify.com https://*.ted.com https://*.theguardian.com https://*.tumblr.com https://*.turner.com https://*.usatoday.com https://*.vimeo.com https://*.washingtonpost.com https://*.wsj.com https://*.yahoo.com https://*.yahoo.net https://abcnews.go.com https://att.demdex.net/ https://bbc.co.uk https://cdn.yahoofinance.com/ https://chartbeat.com https://compass.pressekompass.net https://datawrapper.dwcdn.net https://delivery.vidible.tv https://embed.acast.com https://embed.music.apple.com https://embed.podcasts.apple.com https://embedder.wirewax.com https://flo.uri.sh/ https://flourish.studio https://guce.yahoofinance.com https://interactives.ap.org https://livestream.com https://platform.twitter.com https://s.yimg.com https://service.force.com/ https://smartasset.com https://tsdtocl.com/ https://view.ceros.com https://vimeo.com https://widget-yahoo.ofx.com https://www.bankrate.com https://www.credible.com https://www.surveymonkey.com https://www.youtube.com https://yahoo.crunchbaseembed.com https://yahoo.real-estate.hk https://*.googleadservices.com https://*.googlesyndication.com https://*.googletagservices.com https://*.adtrafficquality.google https://www.googletagmanager.com; img-src 'self' data: blob: about: https://*.amazon-adsystem.com https://*.chartbeat.com https://*.chartbeat.net https://*.cloudfront.net/pixel.gif https://*.dotomi.com https://*.wc.yahoodns.net https://*.yahoo.com https://*.yahoo.net https://*.yimg.com https://media.zenfs.com https://o.aolcdn.com/images/dims https://pbs.twimg.com https://pbs-yahoo-us.ay.delivery https://pbs-yahoo-eu.ay.delivery https://pbs-yahoo-apac.ay.delivery https://platform.twitter.com https://public.flourish.studio/resources/ https://res.cloudinary.com/yfc-nonprod/ https://res.cloudinary.com/yfc-production/ https://s2.coinmarketcap.com/static/img/coins/ https://sb.scorecardresearch.com https://smetrics.att.com/b/ss/attnetprod/ https://syndication.twitter.com https://vop-yahoo.akamaized.net/pixel.gif https://www.facebook.com https://cdn.yodlee.com https://news-assets.stockstory.org https://*.googleadservices.com https://*.googlesyndication.com https://*.googletagservices.com https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://*.google.com https://*.google.de https://*.google.com.au https://*.google.ca https://*.google.co.uk https://*.google.co.nz https://*.google.com.sg https://*.google.es https://*.google.fr https://*.google.it https://*.google.com.br https://*.google.com.hk; manifest-src 'self' https://s.yimg.com; media-src 'self' blob: https://s.yimg.com https://res.cloudinary.com/yfc-nonprod/ https://res.cloudinary.com/yfc-production/ https://files.quartr.com/streams/; object-src 'none'; report-to csp-endpoint; report-uri https://csp.yahoo.com/beacon/csp?src=yahoofinance; sandbox allow-downloads allow-forms allow-modals allow-popups-to-escape-sandbox allow-popups allow-presentation allow-same-origin allow-scripts allow-top-navigation-by-user-activation; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://launcher.spot.im https://*.oath.com https://*.salesforceliveagent.com/ https://*.yahoo.com https://*.yahoo.net https://cdn.jsdelivr.net/npm/ https://cdn.rawgit.com/dcodeIO/protobuf.js/ https://ec.yimg.com/didomi/ https://jac.yahoosandbox.com/2.0.0/jac.js https://oathmembershipsupport.my.salesforce-sites.com/ https://oathmembershipsupport.my.salesforce.com/ https://openweb.jac.yahoosandbox.com/1.5.0/jac.js https://platform.twitter.com https://s.aolcdn.com/membership/omp-static/omp-widgets/ https://s.yimg.com https://service.force.com/embeddedservice/5.0/ https://static.lightning.force.com/ https://static2.chartbeat.com https://*.adtrafficquality.google https://*.googlesyndication.com https://console.googletagservices.com/pubconsole/loader.js https://adservice.google.com/adsid/integrator.js https://cdn.ampproject.org/rtv/ https://www.googletagservices.com/activeview/js https://*.googletagmanager.com; style-src 'self' 'unsafe-inline' https://*.yahoo.com https://cdn.taboola.com https://oathmembershipsupport.my.salesforce-sites.com/ https://platform.twitter.com https://s.yimg.com https://service.force.com/; worker-src 'self' blob:
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
interest-cohort=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
75 domains
*.yahoo.com
*.ouryahoo.com
src1.yahoo.com
*.advertising.yahoo.com
*.isp.yahoo.com
*.knowledge.yahoo.com
*.aol.ca
*.aol.co.uk
*.aol.com
*.onemobile.aol.com
*.ops.aol.com
*.web.aol.com
*.aol.de
*.aol.fr
*.aol.jp
*.brightroll.com
*.builtbygirls.com
*.yahoo.co.id
*.yahoo.co.in
*.yahoo.co.th
*.yahoo.com.cn
*.yahoo.com.hk
*.yahoo.com.my
*.yahoo.com.ph
*.yahoo.com.sg
*.yahoo.com.tw
*.yahoo.com.vn
*.crunchgear.com
*.engadget.com
*.games.com
*.joystiq.com
*.makers.com
*.maktoob.com
*.mobilecrunch.com
*.isp.netscape.com
*.notdonedocumentary.com
*.notdonefilm.com
*.oath.com
*.ouroath.com
*.glp.searchjam.com
*.teamaol.com
*.techcrunchit.com
*.verizonmedia.com
*.broman.vzbuilders.com
*.vzbuilders.com
*.yahoo.bg
*.yahoo.ca
*.yahoo.cn
*.yahoo.co
*.yahoo.co.nz
*.yahoo.co.uk
*.yahoo.com.ar
*.yahoo.com.au
*.yahoo.com.br
*.yahoo.com.mx
*.yahoo.de
*.yahoo.ee
*.yahoo.es
*.yahoo.fr
*.yahoo.hk
*.yahoo.hu
*.yahoo.ie
*.yahoo.in
*.yahoo.it
*.yahoo.net
*.yahoo.ph
*.yahoo.pt
*.yahoo.sg
*.yahooapis.com
*.yahoofinance.com
*.yahooinc.com
*.yahoomusic.com
*.yahoosmallbusiness.com
*.yahoosports.com
*.yahoosportsbook.com
Other domains in certificate