Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

alibaba_vdp

HackerOneView on HackerOne

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (28)

Asset	Category	Bounty	Quick Links
*.1688.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.9apps.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.alibaba-inc.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.alibaba.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.alibabagroup.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.alibabapictures.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.aliexpress.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.aligames.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.alimama.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.alios.cn	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.alisports.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.aliyun.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.amap.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.cainiao.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.damai.cn	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.dingtalk.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.ele.me	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.fliggy.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.shuqi.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.shuqireader.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.sm.cn	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.taobao.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.tmall.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.tudou.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.uc.cn	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.ucweb.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.youku.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
www.lazada.*sixcountry	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Scope Changes (84)

Feb 25, 2026

Change	Asset	Category	Scope	Time
Added	*.1688.com	WILDCARD	In Scope	19:20
Added	*.alibabagroup.com	WILDCARD	In Scope	19:20
Added	*.aligames.com	WILDCARD	In Scope	19:20
Added	*.aliyun.com	WILDCARD	In Scope	19:20
Added	*.tmall.com	WILDCARD	In Scope	19:20
Added	*.uc.cn	WILDCARD	In Scope	19:20
Added	*.9apps.com	WILDCARD	In Scope	19:20
Added	*.alios.cn	WILDCARD	In Scope	19:20
Added	*.alisports.com	WILDCARD	In Scope	19:20
Added	*.cainiao.com	WILDCARD	In Scope	19:20
Added	*.sm.cn	WILDCARD	In Scope	19:20
Added	*.tudou.com	WILDCARD	In Scope	19:20
Added	*.youku.com	WILDCARD	In Scope	19:20
Added	*.amap.com	WILDCARD	In Scope	19:20
Added	*.ele.me	WILDCARD	In Scope	19:20
Added	*.alibabapictures.com	WILDCARD	In Scope	19:20
Added	*.aliexpress.com	WILDCARD	In Scope	19:20
Added	*.dingtalk.com	WILDCARD	In Scope	19:20
Added	*.fliggy.com	WILDCARD	In Scope	19:20
Added	*.taobao.com	WILDCARD	In Scope	19:20
Added	*.ucweb.com	WILDCARD	In Scope	19:20
Added	*.alibaba-inc.com	WILDCARD	In Scope	19:20
Added	*.alibaba.com	WILDCARD	In Scope	19:20
Added	*.alimama.com	WILDCARD	In Scope	19:20
Added	*.damai.cn	WILDCARD	In Scope	19:20
Added	*.shuqi.com	WILDCARD	In Scope	19:20
Added	*.shuqireader.com	WILDCARD	In Scope	19:20
Added	www.lazada.*sixcountry	WILDCARD	In Scope	19:20

Feb 22, 2026

Change	Asset	Category	Scope	Time
Added	*.tudou.com	WILDCARD	In Scope	00:48
Added	*.ucweb.com	WILDCARD	In Scope	00:48
Added	www.lazada.*sixcountry	WILDCARD	In Scope	00:48
Added	*.9apps.com	WILDCARD	In Scope	00:48
Added	*.alibaba-inc.com	WILDCARD	In Scope	00:48
Added	*.alibaba.com	WILDCARD	In Scope	00:48
Added	*.aliexpress.com	WILDCARD	In Scope	00:48
Added	*.fliggy.com	WILDCARD	In Scope	00:48
Added	*.sm.cn	WILDCARD	In Scope	00:48
Added	*.youku.com	WILDCARD	In Scope	00:48
Added	*.ele.me	WILDCARD	In Scope	00:48
Added	*.alibabagroup.com	WILDCARD	In Scope	00:48
Added	*.alibabapictures.com	WILDCARD	In Scope	00:48
Added	*.alios.cn	WILDCARD	In Scope	00:48
Added	*.shuqi.com	WILDCARD	In Scope	00:48
Added	*.uc.cn	WILDCARD	In Scope	00:48
Added	*.amap.com	WILDCARD	In Scope	00:48
Added	*.1688.com	WILDCARD	In Scope	00:48
Added	*.aligames.com	WILDCARD	In Scope	00:48
Added	*.alimama.com	WILDCARD	In Scope	00:48
Added	*.damai.cn	WILDCARD	In Scope	00:48
Added	*.shuqireader.com	WILDCARD	In Scope	00:48
Added	*.taobao.com	WILDCARD	In Scope	00:48
Added	*.tmall.com	WILDCARD	In Scope	00:48
Added	*.alisports.com	WILDCARD	In Scope	00:48
Added	*.aliyun.com	WILDCARD	In Scope	00:48
Added	*.cainiao.com	WILDCARD	In Scope	00:48
Added	*.dingtalk.com	WILDCARD	In Scope	00:48

Feb 21, 2026

Change	Asset	Category	Scope	Time
Added	*.1688.com	WILDCARD	In Scope	19:13
Added	*.alibaba-inc.com	WILDCARD	In Scope	19:13
Added	*.alibaba.com	WILDCARD	In Scope	19:13
Added	*.alibabagroup.com	WILDCARD	In Scope	19:13
Added	*.alibabapictures.com	WILDCARD	In Scope	19:13
Added	*.aliexpress.com	WILDCARD	In Scope	19:13
Added	*.aligames.com	WILDCARD	In Scope	19:13
Added	*.alimama.com	WILDCARD	In Scope	19:13
Added	*.alios.cn	WILDCARD	In Scope	19:13
Added	*.alisports.com	WILDCARD	In Scope	19:13
Added	*.aliyun.com	WILDCARD	In Scope	19:13
Added	*.cainiao.com	WILDCARD	In Scope	19:13
Added	*.damai.cn	WILDCARD	In Scope	19:13
Added	*.dingtalk.com	WILDCARD	In Scope	19:13
Added	*.fliggy.com	WILDCARD	In Scope	19:13
Added	*.shuqi.com	WILDCARD	In Scope	19:13
Added	*.shuqireader.com	WILDCARD	In Scope	19:13
Added	*.sm.cn	WILDCARD	In Scope	19:13
Added	*.taobao.com	WILDCARD	In Scope	19:13
Added	*.tmall.com	WILDCARD	In Scope	19:13
Added	*.tudou.com	WILDCARD	In Scope	19:13
Added	*.uc.cn	WILDCARD	In Scope	19:13
Added	*.ucweb.com	WILDCARD	In Scope	19:13
Added	*.youku.com	WILDCARD	In Scope	19:13
Added	www.lazada.*sixcountry	WILDCARD	In Scope	19:13
Added	*.9apps.com	WILDCARD	In Scope	19:13
Added	*.amap.com	WILDCARD	In Scope	19:13
Added	*.ele.me	WILDCARD	In Scope	19:13