search

anand-bhat / httpswatch

Track usage and HTTPS configuration of websites that are expected to be secure.
https://anand-bhat.github.io/httpswatch/
GNU General Public License v3.0
4 stars 1 forks source link

analytics.axisbank.co.in #33

Open anand-bhat opened 8 years ago

anand-bhat commented 8 years ago

Organization: Axis Bank Type: Private-sector bank

Host: analytics.axisbank.co.in Function: ?

https://www.ssllabs.com/ssltest/analyze.html?d=analytics.axisbank.co.in

Grade: F

Issues:

  1. Heartbleed
  2. CVE-2014-0224
  3. CVE-2016-2107
  4. POODLE (SSL)
  5. RC4
  6. SSLv3
  7. No FS

All IP addresses that use this certificate and are vulnerable to Heartbleed:

202.191.184.208
2403:0:100:1c:0:0:0:66
115.112.85.208
anand-bhat commented 8 years ago

When contacted for a security contact via DM (@AxisBank) on 2016-08-29, was asked to provide details via a DM. Details sent on 2016-08-30 and acknowledged ("Hi, thanks for sharing the details. We’ve shared the same with the relevant team.")

anand-bhat commented 7 years ago

Contacted CERT-In via incident@cert-in.org.in on 2016-10-04. Provided evidence on 2016-10-05.

anand-bhat commented 7 years ago

Reminded on 2016-11-07.

anand-bhat commented 7 years ago

Grade improved to A+ when checked on 2016-12-06.

anand-bhat commented 7 years ago

No longer supports HTTPS.