Program Removed
This program is no longer available on Bugcrowd. The scope data shown below is historical and may not reflect the final state of the program.
immutable
58
In Scope
37
Out of Scope
In-Scope Assets (58)
Out-of-Scope Assets (37)
| Asset | Category | Bounty | |
|---|---|---|---|
| *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | OTHER | Yes | |
| *.godsunchained.com | OTHER | Yes | |
| *.gogbackend.com | OTHER | Yes | |
| *.guildofguardians.com | OTHER | Yes | |
| any data exposure bug that are classified as public data such as ethereum wallet address, nft purchase activity, or other public blockchain activity | OTHER | Yes | |
| any data exposure bug that are classified as public data such as ethereum wallet address, nft purchase activity, or other public blockchain activity | OTHER | Yes | |
| anything that does not belong to immutable | OTHER | Yes | |
| anything that does not belong to immutable | OTHER | Yes | |
| dev.imtbl.com | WILDCARD | Yes | |
| dev.x.immutable.com | WILDCARD | Yes | |
| godsunchained.com | URL | Yes | |
| godsunchained.com | WILDCARD | Yes | |
| godsunchained.com | OTHER | Yes | |
| gogbackend.com | URL | Yes | |
| gogbackend.com | WILDCARD | Yes | |
| gogbackend.com | OTHER | Yes | |
| guildofguardians.com | WILDCARD | Yes | |
| ropsten.imx.community | WILDCARD | Yes | |
| ropsten.x.immutable.com | WILDCARD | Yes | |
| sandbox.imtbl.com | WILDCARD | Yes | |
| sandbox.x.immutable.com | WILDCARD | Yes | |
| ██████████████ | OTHER | Yes | |
| ██████████████ | OTHER | Yes | |
| ████████████████ | OTHER | Yes | |
| ████████████████ | OTHER | Yes | |
| █████████████████ | OTHER | Yes | |
| █████████████████ | OTHER | Yes | |
| ███████████████████ | OTHER | Yes | |
| ███████████████████ | OTHER | Yes | |
| ██████████████████████ | OTHER | Yes | |
| ██████████████████████ | OTHER | Yes | |
| ██████████████████████████████████████████ | OTHER | Yes | |
| ██████████████████████████████████████████ | OTHER | Yes | |
| █████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Yes | |
| █████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Yes | |
| ██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Yes | |
| ██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Yes |
Scope Changes (240)
Jun 26, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Program Removed | — | — | — | 06:34 |
Jun 17, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | ██████████████████████████████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ████████████ | OTHER | In Scope | 11:28 |
| Added | ███████████ | URL | In Scope | 11:28 |
| Added | █████████████ | URL | In Scope | 11:28 |
| Added | █████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ██████████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ████████████████████████████████████████████████████ | URL | In Scope | 11:28 |
| Added | █████████████████████████████████████████████ | URL | In Scope | 11:28 |
| Added | ████████████████████████████████████████████████████ | URL | In Scope | 11:28 |
| Added | ████████████ | OTHER | In Scope | 11:28 |
| Added | █████████████████████████████████ | URL | In Scope | 11:28 |
| Added | █████████████████████████ | URL | In Scope | 11:28 |
| Added | ████████████████████████████ | URL | In Scope | 11:28 |
| Added | ███████████████ | URL | In Scope | 11:28 |
| Added | ███████████ | URL | In Scope | 11:28 |
| Added | █████████████████████ | OTHER | In Scope | 11:28 |
| Added | ███████████████████████ | OTHER | In Scope | 11:28 |
| Added | █████████████████████████████ | URL | In Scope | 11:28 |
| Added | ███████████████████████████ | URL | In Scope | 11:28 |
| Added | █████████████ | URL | In Scope | 11:28 |
| Added | ███████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ██████████████ | OTHER | Out of Scope | 11:28 |
| Added | █████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ██████████████████████████████████████████ | OTHER | Out of Scope | 11:28 |
| Added | █████████████████████████████ | URL | In Scope | 11:28 |
| Added | █████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ██████████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ███████████████ | URL | In Scope | 11:28 |
| Added | █████████████████████ | OTHER | In Scope | 11:28 |
| Added | ███████████████████████ | OTHER | In Scope | 11:28 |
| Added | █████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Out of Scope | 11:28 |
| Added | █████████████████████████████████████████████ | URL | In Scope | 11:28 |
| Added | ███████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ████████████████ | OTHER | Out of Scope | 11:28 |
| Added | ██████████████ | OTHER | Out of Scope | 11:28 |
| Added | ███████████████████████████ | URL | In Scope | 11:28 |
| Added | █████████████████████████████████ | URL | In Scope | 11:28 |
| Added | █████████████████████████ | URL | In Scope | 11:28 |
| Added | ████████████████████████████ | URL | In Scope | 11:28 |
| Program Removed | — | — | — | 10:34 |
May 11, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | ████████████████████████████████████████████████████ | URL | In Scope | 00:28 |
| Added | ████████████ | OTHER | In Scope | 00:28 |
| Added | █████████████████████████████████ | URL | In Scope | 00:28 |
| Added | █████████████████████████ | URL | In Scope | 00:28 |
| Added | ████████████████████████████ | URL | In Scope | 00:28 |
| Added | ███████████████ | URL | In Scope | 00:28 |
| Added | ███████████ | URL | In Scope | 00:28 |
| Added | █████████████████████ | OTHER | In Scope | 00:28 |
| Added | ███████████████████████ | OTHER | In Scope | 00:28 |
| Added | █████████████████████████████ | URL | In Scope | 00:28 |
| Added | ███████████████████████████ | URL | In Scope | 00:28 |
| Added | █████████████ | URL | In Scope | 00:28 |
| Added | ███████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ██████████████ | OTHER | Out of Scope | 00:28 |
| Added | █████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ██████████████████████████████████████████ | OTHER | Out of Scope | 00:28 |
| Added | █████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ██████████████████████ | OTHER | Out of Scope | 00:28 |
| Removed | https://api.x.immutable.com/ | URL | In Scope | 00:28 |
| Removed | https://docs.immutable.com/ | URL | In Scope | 00:28 |
| Removed | *.immutable.com | URL | In Scope | 00:28 |
| Removed | any data exposure bug that are classified as public data such as ethereum wallet address, nft purchase activity, or other public blockchain activity | OTHER | Out of Scope | 00:28 |
| Removed | https://hub.immutable.com/ | URL | In Scope | 00:28 |
| Removed | *.imtbl.com | URL | In Scope | 00:28 |
| Removed | godsunchained.com | OTHER | Out of Scope | 00:28 |
| Removed | https://passport.immutable.com/ | URL | In Scope | 00:28 |
| Removed | https://api.immutable.com | URL | In Scope | 00:28 |
| Removed | https://market.immutable.com/ | URL | In Scope | 00:28 |
| Removed | testnet.immutable.com | OTHER | In Scope | 00:28 |
| Removed | gogbackend.com | OTHER | Out of Scope | 00:28 |
| Removed | *.gogbackend.com | OTHER | Out of Scope | 00:28 |
| Removed | https://play.immutable.com | URL | In Scope | 00:28 |
| Removed | *.testnet.immutable.com | OTHER | In Scope | 00:28 |
| Removed | https://github.com/immutable/ts-immutable-sdk/tree/main/packages/passport | OTHER | In Scope | 00:28 |
| Removed | imx.community | URL | In Scope | 00:28 |
| Removed | *.godsunchained.com | OTHER | Out of Scope | 00:28 |
| Removed | *.guildofguardians.com | OTHER | Out of Scope | 00:28 |
| Removed | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | OTHER | Out of Scope | 00:28 |
| Removed | anything that does not belong to immutable | OTHER | Out of Scope | 00:28 |
| Removed | https://link.x.immutable.com/ | URL | In Scope | 00:28 |
| Removed | https://auth.immutable.com | URL | In Scope | 00:28 |
| Added | ████████████████████████████████████████████████████ | URL | In Scope | 00:28 |
| Added | █████████████████████████ | URL | In Scope | 00:28 |
| Added | ███████████████ | URL | In Scope | 00:28 |
| Added | ███████████ | URL | In Scope | 00:28 |
| Added | █████████████████████████████ | URL | In Scope | 00:28 |
| Added | ██████████████ | OTHER | Out of Scope | 00:28 |
| Added | █████████████████████████████████ | URL | In Scope | 00:28 |
| Added | ████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ███████████████████████████ | URL | In Scope | 00:28 |
| Added | █████████████████████████████████████████████ | URL | In Scope | 00:28 |
| Added | ████████████ | OTHER | In Scope | 00:28 |
| Added | █████████████████████ | CIDR | In Scope | 00:28 |
| Added | █████████████████ | OTHER | Out of Scope | 00:28 |
| Added | █████████████████████████████████████████████ | URL | In Scope | 00:28 |
| Added | ███████████████████████ | CIDR | In Scope | 00:28 |
| Added | █████████████ | URL | In Scope | 00:28 |
| Added | ██████████████████████████████████████████ | OTHER | Out of Scope | 00:28 |
| Added | █████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ██████████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ███████████████████ | OTHER | Out of Scope | 00:28 |
| Added | ████████████████████████████ | URL | In Scope | 00:28 |
Mar 5, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.imtbl.com | URL | In Scope | 22:26 |
| Added | testnet.immutable.com | OTHER | In Scope | 22:26 |
| Added | *.testnet.immutable.com | OTHER | In Scope | 22:26 |
| Added | https://link.x.immutable.com/ | URL | In Scope | 22:26 |
| Added | https://market.immutable.com/ | URL | In Scope | 22:26 |
| Added | https://docs.immutable.com/ | URL | In Scope | 22:26 |
| Added | imx.community | URL | In Scope | 22:26 |
| Added | *.godsunchained.com | OTHER | Out of Scope | 22:26 |
| Added | *.gogbackend.com | OTHER | Out of Scope | 22:26 |
| Added | gogbackend.com | OTHER | Out of Scope | 22:26 |
| Added | godsunchained.com | OTHER | Out of Scope | 22:26 |
| Added | anything that does not belong to immutable | OTHER | Out of Scope | 22:26 |
| Added | any data exposure bug that are classified as public data such as ethereum wallet address, nft purchase activity, or other public blockchain activity | OTHER | Out of Scope | 22:26 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | OTHER | Out of Scope | 22:26 |
| Added | *.guildofguardians.com | OTHER | Out of Scope | 22:26 |
| Added | https://auth.immutable.com | URL | In Scope | 22:26 |
| Added | https://market.immutable.com/ | URL | In Scope | 22:26 |
| Added | *.godsunchained.com | WILDCARD | Out of Scope | 22:26 |
| Added | https://play.immutable.com | URL | In Scope | 22:26 |
| Added | *.imtbl.com | WILDCARD | In Scope | 22:26 |
| Added | imx.community | URL | In Scope | 22:26 |
| Added | gogbackend.com | URL | Out of Scope | 22:26 |
| Added | godsunchained.com | URL | Out of Scope | 22:26 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 22:26 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 22:26 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 22:26 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 22:26 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 22:26 |
| Added | https://docs.immutable.com/ | URL | In Scope | 22:26 |
| Added | https://passport.immutable.com/ | URL | In Scope | 22:26 |
| Added | https://hub.immutable.com/ | URL | In Scope | 22:26 |
| Added | https://api.immutable.com | URL | In Scope | 22:26 |
| Added | https://api.x.immutable.com/ | URL | In Scope | 22:26 |
| Added | *.testnet.immutable.com | WILDCARD | In Scope | 22:26 |
| Added | https://link.x.immutable.com/ | URL | In Scope | 22:26 |
| Added | *.gogbackend.com | WILDCARD | Out of Scope | 22:26 |
| Added | https://github.com/immutable/ts-immutable-sdk/tree/main/packages/passport | URL | In Scope | 22:26 |
| Added | *.immutable.com | WILDCARD | In Scope | 22:26 |
| Added | testnet.immutable.com | URL | In Scope | 22:26 |
| Added | anything that does not belong to immutable | OTHER | Out of Scope | 22:26 |
| Added | any data exposure bug that are classified as public data such as ethereum wallet address, nft purchase activity, or other public blockchain activity | OTHER | Out of Scope | 22:26 |
| Added | *.guildofguardians.com | WILDCARD | Out of Scope | 22:26 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 22:26 |
| Added | https://passport.immutable.com/ | URL | In Scope | 22:26 |
| Added | https://auth.immutable.com | URL | In Scope | 22:26 |
| Added | https://github.com/immutable/ts-immutable-sdk/tree/main/packages/passport | OTHER | In Scope | 22:26 |
| Added | https://hub.immutable.com/ | URL | In Scope | 22:26 |
| Added | https://play.immutable.com | URL | In Scope | 22:26 |
| Added | https://api.immutable.com | URL | In Scope | 22:26 |
| Added | https://api.x.immutable.com/ | URL | In Scope | 22:26 |
| Added | *.immutable.com | URL | In Scope | 22:26 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 19:09 |
| Added | https://api.immutable.com | URL | In Scope | 19:09 |
| Added | *.imtbl.com | WILDCARD | In Scope | 19:09 |
| Added | testnet.immutable.com | URL | In Scope | 19:09 |
| Added | *.testnet.immutable.com | WILDCARD | In Scope | 19:09 |
| Added | *.godsunchained.com | WILDCARD | Out of Scope | 19:09 |
| Added | anything that does not belong to immutable | OTHER | Out of Scope | 19:09 |
| Added | *.guildofguardians.com | WILDCARD | Out of Scope | 19:09 |
| Added | https://docs.immutable.com/ | URL | In Scope | 19:09 |
| Added | https://passport.immutable.com/ | URL | In Scope | 19:09 |
| Added | https://github.com/immutable/ts-immutable-sdk/tree/main/packages/passport | URL | In Scope | 19:09 |
| Added | https://hub.immutable.com/ | URL | In Scope | 19:09 |
| Added | *.immutable.com | WILDCARD | In Scope | 19:09 |
| Added | https://link.x.immutable.com/ | URL | In Scope | 19:09 |
| Added | *.gogbackend.com | WILDCARD | Out of Scope | 19:09 |
| Added | https://play.immutable.com | URL | In Scope | 19:09 |
| Added | imx.community | URL | In Scope | 19:09 |
| Added | https://auth.immutable.com | URL | In Scope | 19:09 |
| Added | https://api.x.immutable.com/ | URL | In Scope | 19:09 |
| Added | https://market.immutable.com/ | URL | In Scope | 19:09 |
| Added | gogbackend.com | URL | Out of Scope | 19:09 |
| Added | godsunchained.com | URL | Out of Scope | 19:09 |
| Added | any data exposure bug that are classified as public data such as ethereum wallet address, nft purchase activity, or other public blockchain activity | OTHER | Out of Scope | 19:09 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 19:09 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 19:09 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 19:09 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 19:09 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 19:09 |
| Program Removed | — | — | — | 17:22 |
| Added | https://play.immutable.com | URL | In Scope | 16:59 |
| Added | *.immutable.com | WILDCARD | In Scope | 16:59 |
| Added | *.imtbl.com | WILDCARD | In Scope | 16:59 |
| Added | https://link.x.immutable.com/ | URL | In Scope | 16:59 |
| Added | *.gogbackend.com | WILDCARD | Out of Scope | 16:59 |
| Added | anything that does not belong to immutable | OTHER | Out of Scope | 16:59 |
| Added | *.guildofguardians.com | WILDCARD | Out of Scope | 16:59 |
| Added | https://github.com/immutable/ts-immutable-sdk/tree/main/packages/passport | URL | In Scope | 16:59 |
| Added | testnet.immutable.com | URL | In Scope | 16:59 |
| Added | https://market.immutable.com/ | URL | In Scope | 16:59 |
| Added | gogbackend.com | URL | Out of Scope | 16:59 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 16:59 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 16:59 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 16:59 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 16:59 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 16:59 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | WILDCARD | Out of Scope | 16:59 |
| Added | https://passport.immutable.com/ | URL | In Scope | 16:59 |
| Added | https://auth.immutable.com | URL | In Scope | 16:59 |
| Added | https://docs.immutable.com/ | URL | In Scope | 16:59 |
| Added | imx.community | URL | In Scope | 16:59 |
| Added | *.godsunchained.com | WILDCARD | Out of Scope | 16:59 |
| Added | any data exposure bug that are classified as public data such as ethereum wallet address, nft purchase activity, or other public blockchain activity | OTHER | Out of Scope | 16:59 |
| Added | https://passport.immutable.com/ | URL | In Scope | 16:59 |
| Added | https://auth.immutable.com | URL | In Scope | 16:59 |
| Added | https://github.com/immutable/ts-immutable-sdk/tree/main/packages/passport | OTHER | In Scope | 16:59 |
| Added | https://hub.immutable.com/ | URL | In Scope | 16:59 |
| Added | https://play.immutable.com | URL | In Scope | 16:59 |
| Added | https://api.immutable.com | URL | In Scope | 16:59 |
| Added | https://api.x.immutable.com/ | URL | In Scope | 16:59 |
| Added | *.immutable.com | URL | In Scope | 16:59 |
| Added | *.imtbl.com | URL | In Scope | 16:59 |
| Added | testnet.immutable.com | OTHER | In Scope | 16:59 |
| Added | *.testnet.immutable.com | OTHER | In Scope | 16:59 |
| Added | https://link.x.immutable.com/ | URL | In Scope | 16:59 |
| Added | https://market.immutable.com/ | URL | In Scope | 16:59 |
| Added | https://docs.immutable.com/ | URL | In Scope | 16:59 |
| Added | imx.community | URL | In Scope | 16:59 |
| Added | *.godsunchained.com | OTHER | Out of Scope | 16:59 |
| Added | *.gogbackend.com | OTHER | Out of Scope | 16:59 |
| Added | gogbackend.com | OTHER | Out of Scope | 16:59 |
| Added | godsunchained.com | OTHER | Out of Scope | 16:59 |
| Added | anything that does not belong to immutable | OTHER | Out of Scope | 16:59 |
| Added | any data exposure bug that are classified as public data such as ethereum wallet address, nft purchase activity, or other public blockchain activity | OTHER | Out of Scope | 16:59 |
| Added | *.dev.x.immutable.com, *.sandbox.x.immutable.com, *.dev.x.immutable.com, *.sandbox.imtbl.com, *.dev.imtbl.com, *.ropsten.x.immutable.com, ropsten.imx.community (see brief for exceptions) | OTHER | Out of Scope | 16:59 |
| Added | *.guildofguardians.com | OTHER | Out of Scope | 16:59 |
| Added | https://api.immutable.com | URL | In Scope | 16:59 |
| Added | https://api.x.immutable.com/ | URL | In Scope | 16:59 |
| Added | *.testnet.immutable.com | WILDCARD | In Scope | 16:59 |
| Added | https://hub.immutable.com/ | URL | In Scope | 16:59 |
| Added | godsunchained.com | URL | Out of Scope | 16:59 |