That ca.mg4 might be the redirect. I've never seen that before & I use yahoo mail a lot.
As easily & often as yahoo mail gets hacked, I wouldn't be surprised if that's a fake version of the site.
No, because they apparently have a validated certificate, but it says www.yahoo.com
instead of ca.mg4.mail.yahoo.com. There's no way a hacker can use that certificate on their own server unless they have the private key for www.yahoo.com
Now if it identified itself as vahoo.com and hoped you didn't notice, that would be a cause for concern.