/engagements/xfinity-home

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (26)

Asset	Category	Bounty	Quick Links
-cvr-aws-.sys.comcast.net	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.dh-commerce.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.ssr.ccp.xcal.tv	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.xfinityhome.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.xfiplatform.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*signalservice.comcast.net	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
Internet.xfinity.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
Xfinity Android mobile app	ANDROID	Yes	-
Xfinity Home Hardware (items listed below in brief)	HARDWARE	Yes	-
Xfinity Home cameras	HARDWARE	Yes	-
Xfinity iOS mobile app	IOS	Yes	-
aiq-prod.codebig2.net	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
csp-pci.prod.codebig2.net	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
gw.api.dh.comcast.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://apps.apple.com/us/app/xfinity/id1178765645	IOS	Yes	-
https://csp-prod.codebig2.net	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://home.xfinity.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
https://play.google.com/store/apps/details?id=com.xfinity.digitalhome&hl=en_US&gl=US	ANDROID	Yes	Play Store APKPure APKMirror
orc-xfi.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
siorc.xfinity.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
smartinet.xfinity.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
speedtest.xfinity.com	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
xFi Gateways (e.g., XB3, XB6, XB7)	HARDWARE	Yes	-
xFi Pods	HARDWARE	Yes	-
xhomeapi-*.cloud.comcast.net	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
xhomeapi-*.codebig2.net	URL	Yes	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Out-of-Scope Assets (31)

Asset	Category	Bounty
*.adnxs.com	URL	Yes
*.adobedtm.com	URL	Yes
*.amazon-adsystem.com	URL	Yes
*.appcenter.ms	URL	Yes
*.cimcontent.net	URL	Yes
*.criteo.net	URL	Yes
*.demdex.net	URL	Yes
*.fwmrm.net	URL	Yes
*.hfc.comcastbusiness.net	URL	Yes
.hsd1..comcast.net	URL	Yes
*.identity.xfinity.com	URL	Yes
*.kampyle.com	URL	Yes
*.openx.net	URL	Yes
*.pulseinsights.com	URL	Yes
*.webcontentassessor.com	URL	Yes
*.wurfulcloud.com	URL	Yes
*.xerxessecure.com	URL	Yes
10.0.0.0/8	OTHER	Yes
172.26.128.0/18	OTHER	Yes
184.112.0.0/13	OTHER	Yes
184.122.0.0/15	OTHER	Yes
3rd Party Devices (known as Works with Xfinity)	HARDWARE	Yes
50.128.0.0/12	OTHER	Yes
50.152.0.0/13	OTHER	Yes
96.201.0.0/16	OTHER	Yes
96.202.128.0/17	OTHER	Yes
96.203.0.0/16	OTHER	Yes
\*\business.comcast.com	URL	Yes
admin.selectwifi.xfinity.com	URL	Yes
https://login.xfinity.com	URL	Yes
oauth.xfinity.com	URL	Yes