Firefox things front page is dangerous
-
@Tsaukpaetra said in WTF Bites:
@Zerosquare said in WTF Bites:
Probably old and well-known, but it made me chuckle:
(note the https)
According to Firefox, this site is dangerous and should not be visited.
Yes.
https://what.thedailywtf.com/topic/24985/https-is-down-on-the-main-site/
This time https is not completely down, it just has incorrect certificate. It has
X509v3 Subject Alternative Name: DNS:thedailywtf.com, DNS:what.thedailywtf.com, DNS:chooseyourstory.com
which misses the also existing
www.thedailywtf.com
domain name.$ openssl s_client -connect www.thedailywtf.com:443 -showcerts < /dev/null | openssl x509 -noout -text depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA verify return:1 depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA verify return:1 depth=0 C = US, ST = Ohio, L = BEREA, O = Inedo, CN = thedailywtf.com verify return:1 DONE Certificate: Data: Version: 3 (0x2) Serial Number: 0f:c8:7e:5e:80:67:74:f8:b0:f7:21:40:c6:47:9d:04 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA Validity Not Before: Jan 3 00:00:00 2019 GMT Not After : Mar 10 12:00:00 2021 GMT Subject: C = US, ST = Ohio, L = BEREA, O = Inedo, CN = thedailywtf.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:05:fc:21:82:52:78:d6:52:a2:35:32:b4:27: 41:9d:e1:44:54:1d:bd:d5:73:66:af:00:a6:ec:7a: 07:ee:27:bb:dc:8d:c4:4d:b7:3e:6b:03:e9:a5:f8: dc:f1:6d:0e:de:9f:24:45:ad:3f:aa:49:8e:8a:f5: ba:43:06:cf:aa:da:15:42:0a:7e:c4:35:f5:41:60: 53:05:fe:9b:27:a3:81:a7:94:16:03:93:65:11:c6: b9:f8:93:fc:e7:46:4a:3d:30:28:36:9d:d0:75:70: 88:f7:58:91:91:d6:26:47:51:47:e0:69:56:bd:05: db:1f:68:80:77:49:7a:52:bf:38:65:5b:ec:e7:a2: 71:3f:64:33:f3:6a:4b:c8:dc:17:65:79:8e:df:1f: 60:d0:1e:82:53:1d:d3:4e:e6:4f:e8:3e:7d:4e:9a: b5:21:97:97:8d:2a:ba:1a:07:dc:b4:5d:f7:26:40: 39:ac:99:79:b8:9d:82:ed:9f:ee:0e:57:37:c9:df: ce:3a:15:41:74:2f:5b:c0:37:4d:dc:39:6a:d6:d4: 72:1b:89:eb:4b:cc:07:4f:c1:08:cc:89:93:e3:38: f8:63:91:78:60:7b:4a:f0:bc:df:31:f6:f3:0c:48: 68:87:75:5d:25:6a:69:41:6b:1f:60:ea:ae:96:cb: f0:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: keyid:0F:80:61:1C:82:31:61:D5:2F:28:E7:8D:46:38:B4:2C:E1:C6:D9:E2 X509v3 Subject Key Identifier: 32:E6:64:05:42:67:8C:52:8F:E6:50:EC:9C:96:FE:D0:F0:40:43:B1 X509v3 Subject Alternative Name: DNS:thedailywtf.com, DNS:what.thedailywtf.com, DNS:chooseyourstory.com X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/ssca-sha2-g6.crl Full Name: URI:http://crl4.digicert.com/ssca-sha2-g6.crl X509v3 Certificate Policies: Policy: 2.16.840.1.114412.1.1 CPS: https://www.digicert.com/CPS Policy: 2.23.140.1.2.2 Authority Information Access: OCSP - URI:http://ocsp.digicert.com CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt X509v3 Basic Constraints: critical CA:FALSE CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : A4:B9:09:90:B4:18:58:14:87:BB:13:A2:CC:67:70:0A: 3C:35:98:04:F9:1B:DF:B8:E3:77:CD:0E:C8:0D:DC:10 Timestamp : Jan 3 02:24:01.710 2019 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:21:00:FE:7E:5F:9A:18:F8:9E:8C:EE:24:1B: 92:A9:6C:D5:7B:04:9B:07:83:65:5A:11:F2:5E:DD:B7: FA:2F:A2:B5:C8:02:20:2B:7F:6D:CE:E0:C4:16:FD:A6: CF:85:BC:49:F7:1D:C3:B9:FC:8A:6D:7D:7C:0C:CB:B6: A7:A4:25:C0:76:D2:75 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 87:75:BF:E7:59:7C:F8:8C:43:99:5F:BD:F3:6E:FF:56: 8D:47:56:36:FF:4A:B5:60:C1:B4:EA:FF:5E:A0:83:0F Timestamp : Jan 3 02:24:01.937 2019 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:7F:B3:AD:BA:67:C1:05:DC:C6:CB:55:5D: E5:F0:99:96:FC:C6:4A:79:28:70:D9:C1:81:8F:04:DA: 2D:D4:E3:47:02:21:00:E1:3B:58:59:A3:38:7B:84:D4: 21:B4:62:68:E5:F7:7F:90:D0:F1:51:FE:64:59:40:F3: 96:55:24:11:CA:07:E7 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77: 15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13 Timestamp : Jan 3 02:24:02.061 2019 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:6A:37:CE:5A:21:6A:6C:B0:03:19:8F:73: 10:CA:E8:84:26:84:B3:22:09:31:84:95:DB:08:99:20: 2A:9E:3B:57:02:21:00:C0:1C:51:74:1E:00:17:39:D8: 2E:D2:97:20:A8:59:7B:32:F4:44:4D:81:F1:DC:B8:AC: 66:70:6B:21:FD:F6:10 Signature Algorithm: sha256WithRSAEncryption 37:6c:a2:42:8f:d4:ef:3d:b3:1d:44:0e:c4:9b:8a:13:2d:75: a3:04:bb:47:04:d0:3b:08:1f:03:4e:c8:06:b9:f0:e2:9b:df: 4a:3c:2a:6e:4d:1c:fe:44:ec:68:2b:77:82:96:ab:70:3b:87: 8a:8c:d8:93:cb:8d:5d:02:d6:2a:07:7d:e7:a6:b2:bc:67:15: ef:a4:92:f8:d7:6f:5f:14:d0:b3:85:70:15:a3:de:2b:c0:07: 68:fa:92:35:b4:cc:2d:7e:5e:3f:0d:07:9e:91:3a:14:80:e0: 75:0b:b5:19:0c:d6:e6:07:4c:92:d1:72:d6:b4:a5:3d:b2:eb: e9:54:aa:92:14:ac:e5:1c:82:80:47:47:e2:1b:1c:91:b0:86: 9c:2a:1e:cf:7c:56:12:96:30:d7:cd:cf:7d:b1:06:4d:54:73: b0:b6:1a:fd:8f:60:84:8d:b2:12:75:60:f1:34:e5:d3:24:dd: 57:51:27:de:02:0e:62:93:45:27:a6:38:b5:34:a3:9a:c9:60: a1:2c:3b:17:76:8c:6a:3f:74:22:b8:d4:d0:99:72:67:0a:c2: df:dd:36:95:9f:5a:92:1e:81:24:4e:f8:cb:5d:b2:f9:a5:59: 6a:d0:6f:3e:2d:ef:7e:cc:58:ad:d9:c7:b0:64:ba:21:13:36: e0:7c:17:12
-
@Bulb A new game: without looking at the tooltips, can you find what the various flags are?
(knowing that only [a-f][a-f] is possible helps, but actually not that much... in fact, even looking at the tooltips doesn't help that much!)
Filed under: thread derailed in 1, but it's still a bug.
-
@remi …damn semantic whitespace… (apparently the code fences only work when they are a paragraph of their own )
-
We have front page things?