while browsing with dev tools in Chrome opened back here, I recognised a warning like this in the console:
The SSL certificate used to load resources from https://d11a6trkgmumsb.cloudfront.net will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.
By the end of 2018, this might break meta with Chrome 70. I do see that it is Amazon Cloudfront with a Wildcard certificate issued by Symtantec.
michi@mbmif ~/coding/icinga/icinga2 (master *=) $ openssl s_client -connect d11a6trkgmumsb.cloudfront.net:443 ... subject=/C=US/ST=Washington/L=Seattle/O=Amazon.com, Inc./CN=*.cloudfront.net issuer=/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4
So I am guessing that Amazon will take action soon enough, but who knows