Open
Cached
·
just now
92/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=kol.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
Valid From
October 21, 2025
Valid Until
April 15, 2026
145 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0B:28:BB:4C:11:F4:7A:66:78:78:06:02:22:63:C4:37:C9:70:B1:A9:CD:41:FA:D9:9D:A4:8D:C6:1C:72:47:C9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.0
TLS 1.1
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
Warnings
- • TLS 1.1 is deprecated and should be disabled
- • TLS 1.0 is deprecated and should be disabled
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
frame-ancestors; default-src; img-src; +6 more
frame-ancestors 'none'; default-src 'self' https://*.aol.com https://*.yahoo.com https://*.yimg.com; img-src * data:; script-src 'self' 'unsafe-inline' 'nonce-uj7U7Z8++ZRq/97AuBFwdw==' 'unsafe-eval' https://*.yahoo.com https://*.yimg.com https://*.aol.com https://*.aolcdn.com *.oath.com *.google.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net *.googlesyndication.com https://sb.scorecardresearch.com bat.bing.com *.demdex.net *.googletagmanager.com; style-src 'self' 'unsafe-inline' https://*.yimg.com; object-src *; connect-src *; font-src * data:; frame-src 'self' https://*.youtube.com https://s.yimg.com https://*.yahoo.com *.g.doubleclick.net *.googlesyndication.com;
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Incident Reporting
mailto:[email protected]
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
40 domains
walletpop.com
www.walletpop.com
5min.com
www.5min.com
altavista.com
www.altavista.com
binoz.com
www.binoz.com
boxely.com
www.boxely.com
checkonce.com
www.checkonce.com
ehealth247.com
www.ehealth247.com
helping.com
www.helping.com
instore.com
www.instore.com
instoreautos.com
www.instoreautos.com
instorecars.com
www.instorecars.com
instoredownloads.com
www.instoredownloads.com
instorehomes.com
www.instorehomes.com
kol.com
www.kol.com
leadlocal.com
www.leadlocal.com
netbusiness.com
www.netbusiness.com
umbat.com
www.umbat.com
wavezie.com
www.wavezie.com
wimzi.com
www.wimzi.com
www.ygm.com
ygm.com
Other domains in certificate