<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jan 8, 2015 at 3:47 PM, Aleksejs Popovs <span dir="ltr"><<a href="mailto:popoffka@gmail.com" target="_blank">popoffka@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div id=":vb" class="" style="overflow:hidden">To conclude, this is a<br>
real case of a non gambling-related page being blocked, although<br>
almost definitely by accident. I will notify Lattelecom about this.</div></blockquote></div><br><div>Cloudflare-hosted sites are included as Subject Alternative Names in the certificate they share between hosted sites. I wonder if the intermediary parses the cert to match against the blacklisted domains, and terminates any connection that lists the name. That identifier also provides you a list of all of the sites that are overblocked as a result in your work, e.g.</div></div><div>







<p class=""><span class="">openssl s_client -connect <a href="http://lucky31.com:443">lucky31.com:443</a> 2>&1 | openssl x509 -text </span></p><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><div>X509v3 Subject Alternative Name: </div></blockquote><div><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><div class="gmail_extra">
<p class=""><span class="">DNS:<a href="http://ssl3055.cloudflare.com">ssl3055.cloudflare.com</a>, DNS:<a href="http://myriotravelguide.com">myriotravelguide.com</a>, DNS:*.<a href="http://americandreamhomeimprovement.com">americandreamhomeimprovement.com</a>, DNS:*.<a href="http://thermosystemsinc.info">thermosystemsinc.info</a>, DNS:*.<a href="http://evasi0ndownload.com">evasi0ndownload.com</a>, DNS:*.<a href="http://fraglive.cl">fraglive.cl</a>, DNS:<a href="http://thealtitudecompany.com">thealtitudecompany.com</a>, DNS:<a href="http://cmonsite.fr">cmonsite.fr</a>, DNS:*.<a href="http://weekcal.com">weekcal.com</a>, DNS:<a href="http://cu2nite.com.au">cu2nite.com.au</a>, DNS:*.<a href="http://genesisenergyinternational.net">genesisenergyinternational.net</a>, DNS:*.<a href="http://lucky31.com">lucky31.com</a>, DNS:*.<a href="http://starspayment.com">starspayment.com</a>, DNS:<a href="http://starspayment.com">starspayment.com</a>, DNS:*.<a href="http://loppis.me">loppis.me</a>, DNS:<a href="http://loppis.me">loppis.me</a>, DNS:<a href="http://unitedcostumes.com.au">unitedcostumes.com.au</a>, DNS:<a href="http://2ch.hk">2ch.hk</a>, DNS:<a href="http://thermosystemsinc.info">thermosystemsinc.info</a>, DNS:*.<a href="http://bunadformenn.info">bunadformenn.info</a>, DNS:<a href="http://weekcal.com">weekcal.com</a>, DNS:<a href="http://starfishmedia.com">starfishmedia.com</a>, DNS:<a href="http://mycareers360.com">mycareers360.com</a>, DNS:*.<a href="http://casinoextra.com">casinoextra.com</a>, DNS:<a href="http://peakfit.com.gt">peakfit.com.gt</a>, DNS:<a href="http://productworld.com">productworld.com</a>, DNS:*.<a href="http://unitedcostumes.com.au">unitedcostumes.com.au</a>, DNS:*.<a href="http://habbo.as">habbo.as</a>, DNS:<a href="http://genesisenergyinternational.net">genesisenergyinternational.net</a>, DNS:<a href="http://lucky31.com">lucky31.com</a>, DNS:*.<a href="http://thealtitudecompany.com">thealtitudecompany.com</a>, DNS:*.<a href="http://timesulin.com">timesulin.com</a>, DNS:<a href="http://evasi0ndownload.com">evasi0ndownload.com</a>, DNS:<a href="http://fraglive.cl">fraglive.cl</a>, DNS:*.<a href="http://2ch.hk">2ch.hk</a>, DNS:*.<a href="http://productworld.com">productworld.com</a>, DNS:<a href="http://casinoextra.com">casinoextra.com</a>, DNS:<a href="http://americandreamhomeimprovement.com">americandreamhomeimprovement.com</a>, DNS:<a href="http://timesulin.com">timesulin.com</a>, DNS:*.<a href="http://peakfit.com.gt">peakfit.com.gt</a>, DNS:*.<a href="http://myriotravelguide.com">myriotravelguide.com</a>, DNS:<a href="http://bunadformenn.info">bunadformenn.info</a>, DNS:<a href="http://habbo.as">habbo.as</a>, DNS:*.<a href="http://cmonsite.fr">cmonsite.fr</a>, DNS:*.<a href="http://starfishmedia.com">starfishmedia.com</a>, DNS:*.<a href="http://mycareers360.com">mycareers360.com</a>, DNS:*.<a href="http://cu2nite.com.au">cu2nite.com.au</a></span></p></div></blockquote><div class="gmail_extra"><div>If it is certificate parsing, that might make for an interesting test and test helper. Neat find.</div><div><br></div>-- <br><div class="gmail_signature"><b>Collin David Anderson</b><div><a href="http://averysmallbird.com" target="_blank">averysmallbird.com</a> | @cda | Washington, D.C.</div></div>
</div></div></div></div>