Something weird is going on:
Wanting to check on the state of the little securities exchange that could, bitfunder, i visited their website;
It appears that the site is being directed through a cloudflare SSL termination service/load balancer that is not configured to be handling this site.
This is resulting in certificate errors. It is likely to be doing this for everyone..
Now the cert was generated: Friday, 25 October 2013 3:12:07 AM and i am reasonably certain the
https://www.bitfunder.com web application worked correctly last weekend.
The DNS history logs:
http://whoisrequest.org/history/?dom_ip=bitfunder.com show that the domain was handled by cloudflare Oct 15 2012 and Aug 6 2013. On Sep 12 it 2013 it went back to cloudflare.
To cloudflares credit (also shame), they appear to be negotiating ECDHE cipher suites as a priority (good). Its a shame RC4 has a higher priority than AES.
If you disable RC4 in the browser (this will break some sites...) it will negotiate a strong default.
http://i.imgur.com/wO8m6E3.pngWhat exactly is going on here? Was Ukyo experiencing a major DDoS and had to redirect traffic flow through an address that isn't set up properly?
Have cloudflare generated their next LB certificate without Ukyo's domain for non-payment reasons?
http://i.imgur.com/h3fRG51.pnghttp://i.imgur.com/F7xwkGu.pnghttp://i.imgur.com/BuKnBCx.pngFor posterity, here is the certificate returned by cloudflare:
-----BEGIN CERTIFICATE-----
MIIHuTCCBqGgAwIBAgISESGpVJPTdK7WBeEaw6xNddG1MA0GCSqGSIb3DQEBBQUA
MF0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTMwMQYD
VQQDEypHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gRzIw
HhcNMTMxMDI0MTY0MjA3WhcNMTcwNjI4MjEyMzQxWjBuMQswCQYDVQQGEwJVUzEL
MAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoTEENs
b3VkRmxhcmUsIEluYy4xHzAdBgNVBAMTFnNzbDI2NTAuY2xvdWRmbGFyZS5jb20w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6GxDp4tpBTPehxjFxjJbN
1xwORxWdW50ozrVwEjtOCmdgpRwIdPo1Wxk3KtrnD2c9xDhQlj+5VeZ/x9Xme7vp
18KKMhgtWFZN9JvL+VGgEYmkB6YX/y6+S+e5Exq9Aty0R4xa2qQFgRYzR2Ktlav+
fcvEBSb+b9XMuzpRZHddbX0JqoHxvLTo/D0jchlOGDOr4OxjLPkljXbFysEKkf7l
LUDOomzJeXfVTpBKrc7yH3AnMcKsZ+6fndZN+Z/9JdAiXyvooe7OmsPpBKfCWmCh
qXL1RSLXC5FZuM/EOSS8TVFciNjhmm91BH9aJXNjO5IBv6oDDngNAFkzLnvsgpdN
AgMBAAGjggRgMIIEXDAOBgNVHQ8BAf8EBAMCBaAwSQYDVR0gBEIwQDA+BgZngQwB
AgIwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVw
b3NpdG9yeS8wggKzBgNVHREEggKqMIICpoIWc3NsMjY1MC5jbG91ZGZsYXJlLmNv
bYIMeHBpY29ubHkuY29tggsqLnZkb3RoLmNvbYINcm9tZWl0YWxpYS5pdIISZWxl
dGF6aWxsYXRvc29uLmh1ggwqLmFwcm9uZXQuaHWCCmFwcm9uZXQuaHWCDyoud2lu
ZWhvdXNlLmNvbYINd2luZWhvdXNlLmNvbYIJdmRvdGguY29tghIqLmZ1bm55LXNj
ZW5lcy5jb22CEGZ1bm55LXNjZW5lcy5jb22CDWZ1dHVyYWNybS5jb22CFiouY29s
b3JhZG9jYXB0dXJlcy5jb22CC21vdmlldGguY29tgg9mdXR1cmFlbnRyeS5jb22C
ESouZnV0dXJhc3VpdGUuY29tgg0qLm1vdmlldGguY29tgg8qLnJvbWVpdGFsaWEu
aXSCDyoudW5yZXN0cmljdC5saYISKi50aGFpcGljcG9zdC5pbmZvgg11bnJlc3Ry
aWN0Lmxpgg8qLmZ1dHVyYWNybS5jb22CFCouZWxldGF6aWxsYXRvc29uLmh1ggh4
Y3ViZS5pb4IPKi5kcm9sbGV0dGUuY29tghEqLmJ0cG9ydGFsLmNvbS5hdYIPYnRw
b3J0YWwuY29tLmF1gg4qLm1vbXNhdmVyLmNvbYIMbW9tc2F2ZXIuY29tgg4qLnhw
aWNvbmx5LmNvbYIUY29sb3JhZG9jYXB0dXJlcy5jb22CDWRyb2xsZXR0ZS5jb22C
CioueGN1YmUuaW+CDGF0bW9zZmVyYS5jbYIOKi5hdG1vc2ZlcmEuY22CD2Z1dHVy
YXN1aXRlLmNvbYIPKi5mdXR1cmExMjMuY29tgg1mdXR1cmExMjMuY29tghEqLmZ1
dHVyYWVudHJ5LmNvbYIQdGhhaXBpY3Bvc3QuaW5mbzAJBgNVHRMEAjAAMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBFBgNVHR8EPjA8MDqgOKA2hjRodHRw
Oi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzL2dzb3JnYW5pemF0aW9udmFsZzIuY3Js
MIGWBggrBgEFBQcBAQSBiTCBhjBHBggrBgEFBQcwAoY7aHR0cDovL3NlY3VyZS5n
bG9iYWxzaWduLmNvbS9jYWNlcnQvZ3Nvcmdhbml6YXRpb252YWxnMi5jcnQwOwYI
KwYBBQUHMAGGL2h0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc29yZ2FuaXph
dGlvbnZhbGcyMB0GA1UdDgQWBBQ/fsnJRhw485DDIUzyxmgcz+AnzTAfBgNVHSME
GDAWgBRdRrKNxEt0HLvt9XO2Orc4j3WefjANBgkqhkiG9w0BAQUFAAOCAQEAp77y
Dxv96pLSXHdsLQf9cpJsJV6Z5OIfu6av0uP0qhkIZQDIGr43yOsBmJ1rY+acwB6Z
ykRV3UF5xQmQdletHstvqCKM6wojjhAkV5P6Nxv3q2F/ojSPmT4eNnbZ+T1H8/kr
hjVEJFyVZ4r/2Fwl+XYxV9Q9An1xGA2RB8Q+DMDT01r9GQsb2EK8MoOJKtR/bo4c
1xtxKjJk487VyIcsUKjQHNQiUZHn0BPXvOWaWagj9v5umXS8Ibd8jPA4dLmsn2O/
+stEcMdwwHn3x8JV3L34sip2YXBC8kJotpSiS5Bllg+9UEvOZ3W0uVoxUXOs/A+i
52NpZCpPqOyzJWvEaQ==
-----END CERTIFICATE-----