broken_pixel
|
|
June 25, 2013, 11:20:42 PM |
|
I logged in a few min ago to get my frank addy lol! Typed anyone home in the chat, lulz!
|
GA-990FXA-UD5, 1x 7970L, 2x S1, AX1200i, RIVBE, 2x R290x, NEX1500, BTC: 1G9cQix8bMgh35MQ9wY3Rb9yNSSCtnoRmK, DGC: DFo9FcKYsutv9Vx5c5xUzkrt7VJdECZWTM, LTC: LaAN33aktPGaimN5ALL9kjHjuJekfmKfTh
|
|
|
ohiwastedmylif
Member
Offline
Activity: 98
Merit: 10
|
|
June 25, 2013, 11:33:38 PM |
|
I logged in a few min ago to get my frank addy lol! Typed anyone home in the chat, lulz!
Hope you had 0 money in the account and had different passwords for other exchanges and used an account specific email and are now going to change all of that when the site is back to normal....
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
June 25, 2013, 11:38:47 PM |
|
I logged in a few min ago to get my frank addy lol! Typed anyone home in the chat, lulz!
Hope you had 0 money in the account and had different passwords for other exchanges and used an account specific email and are now going to change all of that when the site is back to normal.... I agree on this one. Else prepare to get hacked everywhere..
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
snowcrashed
|
|
June 25, 2013, 11:47:50 PM |
|
Hmm well I can access the site as per normal now, but ssl still isn't active and there's a little "Protected & Accelerated by Incapsula" pop-out on the side.
|
|
|
|
LosingAlpha
|
|
June 25, 2013, 11:49:47 PM |
|
I logged in a few min ago to get my frank addy lol! Typed anyone home in the chat, lulz!
You lose at Internet.
|
|
|
|
BitJohn (OP)
|
|
June 25, 2013, 11:53:55 PM |
|
Site is up waiting for SSL generation with new security service.
|
|
|
|
erpbridge
Legendary
Offline
Activity: 954
Merit: 1000
|
|
June 25, 2013, 11:55:25 PM |
|
Hmmmmmmmmmm.... Mine is still pointing to secure.4rx.com over here. Interesting that you are getting something different. From BigVern on Cryptsy's Chatbox: BigVern: @erpbridge: whoever made those screenshots prob has a virus then ....so I suggest you guys go get your virus scanners fixed.
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
June 25, 2013, 11:58:48 PM |
|
Hmmmmmmmmmm.... Mine is still pointing to secure.4rx.com over here. Interesting that you are getting something different. From BigVern on Cryptsy's Chatbox: BigVern: @erpbridge: whoever made those screenshots prob has a virus then ....so I suggest you guys go get your virus scanners fixed. Wrong that's coming from chroome and I had that a while ago too, now it's gone, and in my case it was a different url.. but heey i have a virus said the smart guy.. Tried again now it's another even more different url, but that's just my viruses..
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
LosingAlpha
|
|
June 26, 2013, 12:04:16 AM |
|
Hmmmmmmmmmm.... Mine is still pointing to secure.4rx.com over here. Interesting that you are getting something different. From BigVern on Cryptsy's Chatbox: BigVern: @erpbridge: whoever made those screenshots prob has a virus then ....so I suggest you guys go get your virus scanners fixed. Definitely not a virus, happened here on a stock iPad, a stock android device, and a clean win7 build. Absolutely, categorically *not* a virus.
|
|
|
|
weav
Sr. Member
Offline
Activity: 350
Merit: 250
- "Bitcore (BTX) - Airdrops every Monday"
|
|
June 26, 2013, 12:04:59 AM |
|
Hmmmmmmmmmm.... Mine is still pointing to secure.4rx.com over here. Interesting that you are getting something different. From BigVern on Cryptsy's Chatbox: BigVern: @erpbridge: whoever made those screenshots prob has a virus then ....so I suggest you guys go get your virus scanners fixed. What does he say about the invalid certificate warnings regarding other domains, namely: professionalperformanceonline.nl secure.4rx.com which several users here reported and which resolve to IPs associated with Incapsula.com, the DDoS mitigation service crytpsy are now apparently using as well? If he thinks a virus is the most probable explanation then cryptsy needs a new security team. This should be fully resolved in cooperation with Incapsula, immediately, and a full attack mitigation statement and impact report be published here and on the site if there is any interested in maintaining a base level of user trust. The site doesn't even offer two-factor authentication and now a potential MITM is about to be swept under the "must be a virus" rug? And nobody should login before any of that is resolved
|
|
|
|
kevindeangelis
Full Member
Offline
Activity: 448
Merit: 130
3D-Printing goes Blockchain!
|
|
June 26, 2013, 12:05:57 AM |
|
not a virus, just looks like an invalid cert config
|
|
|
|
nhminer
|
|
June 26, 2013, 12:07:06 AM |
|
From BigVern on Cryptsy's Chatbox:
BigVern: @erpbridge: whoever made those screenshots prob has a virus then
....so I suggest you guys go get your virus scanners fixed.
No, this is just a warning from chrome that your DNS record is still hosed. It will take a while until the dns poisoning goes away
|
BCH - 1EshwUEg9LRbY5WMSw7bkBGQUYQeenkcet
|
|
|
bigvern
|
|
June 26, 2013, 12:08:17 AM |
|
Chrome just gave me a warning message when I tried to access cryptsy stating that the server was identified as secure.4rx.com. What's the deal with that?
SSL is down SSL requests not supported for www.cryptsy.comThe site is not configured with SSL support. It is not down, it is serving an invalid SSL certificate issued to an unrelated entity (secure.4rx.com) which might indicate a quite serious man-in-the-middle attackwww.cryptsy.com resolves to IP 166.78.0.180 Rackspace Hosting, Texas secure.4rx.com resolves to IP 199.83.132.157 Incapsula, Delaware Nobody should try to login even if the site comes back until this is fully resolved UPDATE EDIT: now www.cryptsy.com resolves to IP 199.83.128.157, also Incapsula, North Carolina Seems like Incapsula.com offers some DDoS protection and general web security and cryptsy.com just put them in front of their site? So at least not a MITM attack but possibly just some Incapsula fuckup Please confirm BitJohn Yes, we are using Incapsula. Still finishing the ssl setup with them.
|
|
|
|
bigvern
|
|
June 26, 2013, 12:09:18 AM |
|
John, can you please post the real IP address for cryptsy.com
I believe it is 166.78.0.180 but just want to confirm it.
~nh
Ip changes from time to time and you should not be accessing the site using the ip BigVern
|
|
|
|
nhminer
|
|
June 26, 2013, 12:13:28 AM |
|
John, can you please post the real IP address for cryptsy.com
I believe it is 166.78.0.180 but just want to confirm it.
~nh
Ip changes from time to time and you should not be accessing the site using the ip BigVern What is your SOA for DNS? nslookup still returns the incapsula.com records a:\BA\main>nslookup cryptsy.com 75.75.75.75 Server: cdns01.comcast.net Address: 75.75.75.75 Non-authoritative answer: Name: cryptsy.com Addresses: 199.83.133.236 199.83.134.32 I thought it was rackspace, but that wont' let me query it. a:\BA\main>nslookup cryptsy.com ns1.rackspace.com Server: ns.rackspace.com Address: 69.20.95.4 *** ns.rackspace.com can't find cryptsy.com: Query refused
|
BCH - 1EshwUEg9LRbY5WMSw7bkBGQUYQeenkcet
|
|
|
r3wt
|
|
June 26, 2013, 12:14:38 AM |
|
John, can you please post the real IP address for cryptsy.com
I believe it is 166.78.0.180 but just want to confirm it.
~nh
Ip changes from time to time and you should not be accessing the site using the ip BigVern What is your SOA for DNS? nslookup still returns the incapsula.com records a:\BA\main>nslookup cryptsy.com 75.75.75.75 Server: cdns01.comcast.net Address: 75.75.75.75 Non-authoritative answer: Name: cryptsy.com Addresses: 199.83.133.236 199.83.134.32 I thought it was rackspace, but that wont' let me query it. a:\BA\main>nslookup cryptsy.com ns1.rackspace.com Server: ns.rackspace.com Address: 69.20.95.4 *** ns.rackspace.com can't find cryptsy.com: Query refused it is my understanding that cryptsy will now operate under incapsulas dns protection layer/cdn network
|
My negative trust rating is reflective of a personal vendetta by someone on default trust.
|
|
|
bigvern
|
|
June 26, 2013, 12:16:17 AM |
|
John, can you please post the real IP address for cryptsy.com
I believe it is 166.78.0.180 but just want to confirm it.
~nh
Ip changes from time to time and you should not be accessing the site using the ip BigVern What is your SOA for DNS? nslookup still returns the incapsula.com records a:\BA\main>nslookup cryptsy.com 75.75.75.75 Server: cdns01.comcast.net Address: 75.75.75.75 Non-authoritative answer: Name: cryptsy.com Addresses: 199.83.133.236 199.83.134.32 I thought it was rackspace, but that wont' let me query it. a:\BA\main>nslookup cryptsy.com ns1.rackspace.com Server: ns.rackspace.com Address: 69.20.95.4 *** ns.rackspace.com can't find cryptsy.com: Query refused Incapsula is the correct entry. That is our new security service. BigVern
|
|
|
|
nhminer
|
|
June 26, 2013, 12:26:23 AM |
|
Incapsula is the correct entry. That is our new security service.
BigVern
Ok, but your cryptsy.co, is not valid for their certificate. www.cryptsy.com uses an invalid security certificate. The certificate is only valid for the following names: incapsula.com , *.aguasandinas.cl , *.aldimobile.com.au , *.alyn.org , *.api.sell-n.com , *.astabis.com , *.b54.com , *.bancdeswiss.com , *.banggood.com , *.bank54.com , *.careyou.com.au , *.chc.com.sg , *.e-c.co.il , *.empireoption.com , *.epaydataonline.com , *.forexmagnates.com , *.gcmforex.com , *.grouploop.com , *.hallmarkinstantstreaming.com , *.hallmarkspiritclips.com , *.ioption.com , *.kaboodlehq.com , *.kaboodlepilot.com , *.liderforex.com , *.manage.cm , *.minit.com , *.my.truck-n.com , *.ordertickets.ca , *.partitionhost.com , *.paycall.co.il , *.pinklily.com.au , *.rushmorebingo.com , *.servertastic.com , *.smarttradefx.com , *.spicy.com.br , *.stormbattle.net , *.tamuvu.com , *.traderush.com , *.traderxp.com , *.videntfinancial.com , *.vipbinary.com , *.winoptions.com , *.xfcu.org , *.yakitome.com , *.zenobiajewellery.com , aldimobile.com.au , alyn.org , api.sell-n.com , astabis.com , b54.com , bancdeswiss.com , banggood.com , careyou.com.au , chc.com.sg , cp.truststream.co.uk , elpmultimedia.com , empireoption.com , epaydataonline.com , forexmagnates.com , gcmforex.com , hallmarkinstantstreaming.com , hallmarkspiritclips.com , ioption.com , kaboodlehq.com , kaboodlepilot.com , liderforex.com , manage.cm , minit.com , my.truck-n.com , ordertickets.ca , partitionhost.com , paycall.co.il , pinklily.com.au , recettage.ria.neopod.fm-ged.com , redcappi.com , rushmorebingo.com , servertastic.com , smarttradefx.com , spicy.com.br , stormbattle.net , tamuvu.com , traderush.com , traderxp.com , videntfinancial.com , vipbinary.com , winoptions.com , www.e-c.co.il , www.elpmultimedia.com , www.homologpedidos.sodexho.com.br , www.redcappi.com , xfcu.org , yakitome.com , zenobiajewellery.com (Error code: ssl_error_bad_cert_domain) ~nh
|
BCH - 1EshwUEg9LRbY5WMSw7bkBGQUYQeenkcet
|
|
|
Eli0t
|
|
June 26, 2013, 12:27:07 AM |
|
just did a force refresh and got the same ^
|
LTC: LKpJf3uk7KsHU73kxq8iFJrP1AAKN7Yni7 DGC: DKXGvEbj3Rwgrm2QQbRyNPDDZDYoq4Y44d XPM: AWV5AKfLFyoBaMjg9C77rGUBhuFxz5DGGL
|
|
|
weav
Sr. Member
Offline
Activity: 350
Merit: 250
- "Bitcore (BTX) - Airdrops every Monday"
|
|
June 26, 2013, 12:44:30 AM |
|
Incapsula is the correct entry. That is our new security service.
BigVern
Ok, but your cryptsy.co, is not valid for their certificate. www.cryptsy.com uses an invalid security certificate. The certificate is only valid for the following names: incapsula.com , *.aguasandinas.cl , *.aldimobile.com.au , *.alyn.org , *.api.sell-n.com , *.astabis.com , *.b54.com , *.bancdeswiss.com , *.banggood.com , *.bank54.com , *.careyou.com.au , *.chc.com.sg , *.e-c.co.il , *.empireoption.com , *.epaydataonline.com , *.forexmagnates.com , *.gcmforex.com , *.grouploop.com , *.hallmarkinstantstreaming.com , *.hallmarkspiritclips.com , *.ioption.com , *.kaboodlehq.com , *.kaboodlepilot.com , *.liderforex.com , *.manage.cm , *.minit.com , *.my.truck-n.com , *.ordertickets.ca , *.partitionhost.com , *.paycall.co.il , *.pinklily.com.au , *.rushmorebingo.com , *.servertastic.com , *.smarttradefx.com , *.spicy.com.br , *.stormbattle.net , *.tamuvu.com , *.traderush.com , *.traderxp.com , *.videntfinancial.com , *.vipbinary.com , *.winoptions.com , *.xfcu.org , *.yakitome.com , *.zenobiajewellery.com , aldimobile.com.au , alyn.org , api.sell-n.com , astabis.com , b54.com , bancdeswiss.com , banggood.com , careyou.com.au , chc.com.sg , cp.truststream.co.uk , elpmultimedia.com , empireoption.com , epaydataonline.com , forexmagnates.com , gcmforex.com , hallmarkinstantstreaming.com , hallmarkspiritclips.com , ioption.com , kaboodlehq.com , kaboodlepilot.com , liderforex.com , manage.cm , minit.com , my.truck-n.com , ordertickets.ca , partitionhost.com , paycall.co.il , pinklily.com.au , recettage.ria.neopod.fm-ged.com , redcappi.com , rushmorebingo.com , servertastic.com , smarttradefx.com , spicy.com.br , stormbattle.net , tamuvu.com , traderush.com , traderxp.com , videntfinancial.com , vipbinary.com , winoptions.com , www.e-c.co.il , www.elpmultimedia.com , www.homologpedidos.sodexho.com.br , www.redcappi.com , xfcu.org , yakitome.com , zenobiajewellery.com (Error code: ssl_error_bad_cert_domain) ~nh Wow, is this real? They are using one SSL certificate for all of their customers which simply includes a giant list of all the domain names, meaning every Incapsula customer could potentially impersonate every other? So banggood.com can just MITM cryptsy.com if they manage to mess with their DNS records for example. Not sure if this is a CDN requirement or something but it does sound kinda shitty to me...
|
|
|
|
|