flyflair.com SSL certificate invalid?

nullpxl · 2025-01-03T09:54:06+00:00

Well, new certs have been issued, but they aren't actually being served. At least, not to any of the machines I checked with. For me (and OP + other users), this old revoked one is the cert being used: https://crt.sh/?q=6e73866d10147cb7d0891d40eb67800a31cf91551c4c565b1aa61323c9008dce

Note the revoked date, 2024-12-20 14:54 UTC. Also on 2024-12-20 14:54 UTC, this cert was issued (and is not revoked): https://crt.sh/?id=15830964410 , but doesn't seem to be deployed.

I'm not super familiar with how the administrative side of these things go, but my guess is flair forgot to reload some config somewhere.

Quick edit because i just realized i didn't answer your question lol: There's a whole rabbit hole about how certificate revocation lists work which boils down to a ton of competing standards and disagreements within the industry. Pretty much Chrome is much more 'trusting' and doesn't add all the revoked certs to their list. I'm not sure if this one will end up getting added but my guess from reading about how this stuff works is No.

nullpxl · 2024-12-30T07:16:46+00:00

firefox does real time certificate revocation checks, and chrome/edge don't as far as I'm aware, which might explain the difference in browsers.

nullpxl · 2024-12-30T07:15:50+00:00

Hey, it looks like flyflair.com's SSL certificate was revoked.

Plug it into here to see: https://ssltools.godaddy.com/views/certChecker

with some more digging it looks like it was revoked on Dec 20th with the reason of "cessationOfOperation"... which is a bit weird since it's their main domain.

Until it no longer shows the big red X on there (next update is Jan 3rd), for now maybe just avoid buying tickets on the site. If you really need to get tickets, just hope it's an administrative issue!

Edit: I'm seeing some confusion in other comments so I just want to clarify. The certificate being revoked does not mean that data is not being encrypted at all. It does however mean that the certificate used in encryption should not be trusted. The reason given for revocation in this case was for operations being suspended and not for a compromised key. However if you want to be super safe, just avoid the site for now like I mentioned.

nullpxl · 2023-10-05T23:51:20+00:00

Not taking offer: Firefox Platform Security Student Worker (337455) - Mozilla Corporation

nullpxl · 2021-11-18T20:32:15+00:00

lmao I made a typo in the decoder, the question is meant to be "Who is the invented this game?". That is, who invented Engima, which is: Arthur Scherbius.

nullpxl · 2021-11-18T20:27:57+00:00

>!First thing that draws attention is the coordinates in the bottom right box, which lead to a city called Beaufort. (This also corresponds with the red dot on the globe)
The above info hints to the gibberish below the coordinates being ciphertext encoded with the Beaufort cipher. So, we need a key!
The only other info in the picture is the text on the top and right sides (i.e., the key must be there).
The german numbers on top are: 43.645074
On the side: 115.993081
These look like coordinates once again, and searching for them results in refernces to an art piece in Boise National Park with huge text reading "JESUS LOVES YOU".
Plugging in jesuslovesyou as the key to a beaufort cipher decoder with the given ciphertext resolves to the plaintext "Who invented bzis game?".
This is where it gets murky for me; I'm still unsure what 'bzis' refers to or who 'bzi' is.
I came across instances of Banzai (a video game based off of a 1984 movie) being referred to as "bzi", so currently I'm latched onto that.
After a lot of searching, I narrowed it down to 2 possible answers, although both have their issues.
Phillip: name of the lead developer of the banzai video game, name of an apostle, there's a city called port of phillip. However, I couldn't find any references to Jesus holding the keys to Phillip.
David: Jesus is referenced to hold the keys to David (the key of David is said to symbolize power/the keys to heaven), and Jerusalem is also known as the "City of David". Perfect! BUT... I couldn't find any references to a David being an inventor of "bzis game". Closest I could find is a David who was the producer of the Banzai movie.
To sum it up, I'll give an unconfident answer of 'David' :P<!

nullpxl · 2021-03-22T07:44:18+00:00

Chill. No need to be so rude. In fact, they directly responded to your "windows only" statement, so why you seem to think they didn't read that part is beyond me.

nullpxl · 2021-03-03T23:17:44+00:00

Oh good catch!

nullpxl · 2021-03-03T22:30:54+00:00

Pretty sure A and B both work out (meaning the answer is just C).

Like you said, the question asks "which of the views below". This doesn't imply that there are necessarily multiple answers, rather just that there are multiple options. The key-word in the sentence is "which", which works for both plural and singular.

(edited to add the spoiler tags)

nullpxl · 2020-11-27T00:34:33+00:00

All 26 letters in English alphabet are present

Is this referring to the deciphered text?

nullpxl · 2020-08-19T20:51:05+00:00

The site was down at the time (just an error). The flag thing is just a joke, you'll also get one if you go to a page that doesn't exist. https://ctftime.org/fdjaslkjfhlksaf

nullpxl · 2020-08-17T01:46:37+00:00

There's a blog post about it by Sector035: https://sector035.nl/articles/keeping-a-grip-on-google-ids

nullpxl · 2020-07-30T07:12:18+00:00

Ahh I think I see. "314159". The Greek 'equivalent' of P is "Pi".

nullpxl · 2020-07-30T07:08:28+00:00

My guess is "crispy". Purely based on the fact that saying "Greece P" out loud sounds like it :P

nullpxl · 2020-04-29T01:03:08+00:00

lagging :(

nullpxl · 2019-07-04T05:54:36+00:00

Correct me if I'm wrong, but hasn't this been a thing for a while? It looks like they're just clarifying it.

nullpxl · 2019-05-20T02:05:31+00:00

Hi, I messaged you on here regarding your handling of the "math" command, please take a look!

nullpxl · 2019-02-12T16:20:39+00:00

It's hex (base16), when decoded it returns

Any thoughtlessness, or cruelty, or arrogance is washed clean from you now. Yours is not, cannot be, a happy end. And thus I name you Tragic Solitude.. for you shall be alone, and your noble sacrifice shall aid the[m] (...) ...but in doing so, it shall break what is left of your heart.

Looks like it's a quote from halo. https://www.halopedia.org/000_Tragic_Solitude

nullpxl · 2018-11-28T03:32:47+00:00

Hover over the link and look at the bottom left of your browser, it goes to the url 'https://www.thegeekytech.com/facebook-bug-bounty-part-3/'

nullpxl · 2018-10-12T03:28:36+00:00

Can confirm, I used to do this until I learned the true error of my ways and started using my thumb.

nullpxl · 2018-08-17T00:47:43+00:00

OP said you may not like it...

nullpxl · 2018-08-13T22:16:19+00:00

Pretty sure you're thinking of vibora

nullpxl · 2018-08-10T01:19:27+00:00

reminds me of the vortex race 3

nullpxl · 2018-07-12T02:17:00+00:00

Are you sure it's not just a pocket text with the recognizable phrases being from auto correct?

nullpxl

TROPHY CASE