search

pirate / sites-using-cloudflare

:broken_heart: Archived list of domains using Cloudflare DNS at the time of the CloudBleed announcement.
1.92k stars 320 forks source link

Remove: hdfcbank.com (static) #177

Closed yogeshpadharia closed 7 years ago

yogeshpadharia commented 7 years ago

Remove hdfcbank.com

Phineas commented 7 years ago

Please email phin@phineas.io from the domain so we can verify ownership @yogeshpadharia

yogeshpadharia commented 7 years ago

Hello,

I will have a PR raised with official id @hdfcbank.com aswell.

I had submitted the PR as I'm the managed service provider for hdfcbank.com and just because it is listed in top 10k Alexa using Cloudflare is not correct to list it.

Dear Rajesh, Avkash, Rajan please raise PR from you side aswell.

ps: Appreciate if you can have the domain removed asap.

Thank You and Regards, Yogesh Padharia

Softcell | 303 B-Wing, Commercial-1, Kohinoor City, Kirol Road, Kurla (W), Mumbai - 400 070, Maharashtra, India Phone: +91-22-6600 6700 extn 6723 | Mobile: +91 9820881279 E-mail: yogesh@softcell.com

On 25-Feb-2017, at 23:34, Phineas notifications@github.com wrote:

Please email phin@phineas.io from the domain so we can verify ownership @yogeshpadharia

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

This message contains information that may be privileged or confidential and is the property of Softcell Technologies Limited. It's intended only for the person/s to whom it is addressed and any misuse of this information is prohibited and unlawful. The contents of this message do not necessarily represent the views or policies of Softcell Technologies Limited.

Phineas commented 7 years ago

@yogeshpadharia So do you want me to close this PR until they submit one or will you let me know they've emailed me here?

Phineas commented 7 years ago

Also - I don't see how this domain's eligible, can you somehow prove it wasn't using the proxy during the exploit or how it's not in scope?

coderobe commented 7 years ago

We will likely not remove this domain, as it's currently using the CF Proxy. So unless you can confirm that this site was not using the CF proxy during the affected time period we're gonna close this PR.

JedrzejMajko commented 7 years ago

@coderobe @Phineas How do you want people to give you verification that they did not use cloudflare in this time period?

Phineas commented 7 years ago

@Coobers It really depends on the website; if the have old dumps from their proxy/web log, or a site with IP data, etc

JedrzejMajko commented 7 years ago

@Phineas And providing you get it, how do you want to validate that?

coderobe commented 7 years ago

@Coobers Manual review & a trustworthy, signed post by the site owner.

JedrzejMajko commented 7 years ago

@coderobe What kind of manual review?

coderobe commented 7 years ago

@Coobers That depends. This has to be done on a case-by-case basis and AFAIK has not been done before because of missing information and/or communication.

I suggest opening an issue objectively describing any current problems in our way of reviewing domains if you really want to debate on this any further.

pirate commented 7 years ago

@yogeshpadharia at this point I recommend you guys send us link to an official blog post to list next to your domain, explaining why you're likely not affected. We will tag it with [no data found in search engine caches], or [not affected] depending on whether your justification is the Cloudflare email, or if you have some special setup where you believe user traffic never went through the CF proxy. Unfortunately we cant remove you from our list outright because you appear to have been a Cloudflare proxy customer during the affected period (and this is consistent with how we've resolved other removal requests).

yogeshpadharia commented 7 years ago

Hello Nick,

We have (1) email from Cloudflare stating the said domain is not affected, (2) domain is just displaying publically available information and doesn't have any login options to visitor, (3) doesn't store any PII or PCI info on the same website as those informations are hosted on separate sub-domains which are not using CF Proxy.

I don't know what more info you need, I suggest you explore the site yourself and will understand there isn't any option to login or store/upload/download any PII or PCI data.

Thank You and Regards, Yogesh Padharia

Softcell | 303 B-Wing, Commercial-1, Kohinoor City, Kirol Road, Kurla (W), Mumbai - 400 070, Maharashtra, India Phone: +91-22-6600 6700 extn 6723 | Mobile: +91 9820881279 E-mail: yogesh@softcell.com

On 28-Feb-2017, at 14:18, Nick Sweeting notifications@github.com wrote:

@yogeshpadharia at this point I recommend you guys send us link to an official blog post to list next to your domain, explaining why you're likely not affected. We will tag it with [no data found in search engine caches], or [not affected] depending on whether your justification is the Cloudflare email, or if you have some special setup where you believe user traffic never went through the CF proxy. Unfortunately we cant remove you from our list outright because you appear to have been a Cloudflare proxy customer during the affected period (and this is consistent with how we've resolved other removal requests).

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

This message contains information that may be privileged or confidential and is the property of Softcell Technologies Limited. It's intended only for the person/s to whom it is addressed and any misuse of this information is prohibited and unlawful. The contents of this message do not necessarily represent the views or policies of Softcell Technologies Limited.

pirate commented 7 years ago

After some more investigation, it looks like hdfcbank.com is indeed static, and all user input that I've found is collected on non-proxied subdomains such as netbanking.hdfcbank.com or apply.hdfcbank.com.

pirate commented 7 years ago

@yogeshpadharia thanks for your patience, and sorry for the confusion, we've had 200+ issues opened to deal with in the last few days, and I'm still working my way through all the emails. I've approved this and removed you from the Alexa 10,000 list on the README.

yogeshpadharia commented 7 years ago

Thanks a ton Nick 👍

Thank You and Regards, Yogesh Padharia

Softcell | 303 B-Wing, Commercial-1, Kohinoor City, Kirol Road, Kurla (W), Mumbai - 400 070, Maharashtra, India Phone: +91-22-6600 6700 extn 6723 | Mobile: +91 9820881279 E-mail: yogesh@softcell.com

On 28-Feb-2017, at 14:41, Nick Sweeting notifications@github.com wrote:

@yogeshpadharia thanks for your patience, and sorry for the confusion, we've had 200+ issues opened to deal with in the last few days, and I'm still working my way through all the emails. I've approved this and removed you from the Alexa 10,000 list on the README.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

This message contains information that may be privileged or confidential and is the property of Softcell Technologies Limited. It's intended only for the person/s to whom it is addressed and any misuse of this information is prohibited and unlawful. The contents of this message do not necessarily represent the views or policies of Softcell Technologies Limited.