Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=src6.yahoo.com
Issuer
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
Valid From
July 08, 2025
Valid Until
December 31, 2025
48 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
26:6F:51:AF:28:B0:B0:2A:A3:96:AF:D2:A9:2A:FE:10:46:6F:2B:83:98:B8:04:F5:EF:BB:9C:12:1D:C5:6B:FC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
script-src
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
92 domains
altomail.com
www.altomail.com
alephd.com
alephd.fr
aol.ca
aol.co.uk
aol.com
corp.aol.com
mail.latino.aol.com
webmail.aol.com.br
aol.de
aol.fr
sfrclient.welcome.aol.fr
aol.jp
beboundless.jp
brightroll.com
www.brightroll.com
m.order.yahoo.com.tw
csi.com
www.csi.com
engadget.com
gamedailyxl.com
www.gamedailyxl.com
gamerfeed.com
www.gamerfeed.com
gamescanvas.com
www.gamescanvas.com
gamesdomain.com
www.gamesdomain.com
deals.gdgt.com
joystiq.com
luxist.com
makers.com
money-a2z.com
netdeals.com
netfind.com
helpisp.netscape.com
netscape.com
www.netscape.com
oath.com
parentdish.ca
pets.world
ryotstudio.co.uk
see-it.live
shelterpop.com
shopfone.com
sport-king.com
streampad.com
stylelist.com
tech24.deals
tech247.co
thatsfit.ca
thegifts.co
theparanoids.com
www.theparanoids.com
think24-7.com
uk.360.yahoo.com
blog.postmaster.verizonmedia.com
maw-looker-api.analytics.verizonmedia.com
maw.analytics.verizonmedia.com
viral.site
broman.vzbuilders.com
when.com
wmconnect.com
wow.com
att.my.yahoo.com
au.be.yahoo.com
au.solutions.yahoo.com
dns.ops.yahoo.com
hk.ent.yahoo.com
hk.mobi.yahoo.com
hk.smartr.yahoo.com
hk.youcard.yahoo.com
id.berita.yahoo.com
id.omg.search.yahoo.com
kr.edit.billing.yahoo.com
kr.img.search.yahoo.com
mando.data.yahoo.com
no.profiles.yahoo.com
src6.yahoo.com
tw.mobi.yahoo.com
tw.smartr.yahoo.com
tw.youcard.yahoo.com
www.ar.yahoo.com
yahoo.dev
tw.discount.yahoo.net
www.yahooforcreators.com
yahooforcreators.com
www.yahoogames.com
yahoogames.com
www.yahoogamez.com
yahoogamez.com
Other domains in certificate