expressvpn-bug-bounty-program
30
In Scope
1
Out of Scope
In-Scope Assets (30)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| *.expressvpn.com | URL | Yes | ||
| *.polymoon.it | URL | Yes | ||
| *.xvservice.net | URL | Yes | ||
| *.xvtest.net | URL | Yes | ||
| 1pw-scim.prd.iat.it.xvservice.net | URL | Yes | ||
| Any Applications under https://www.expressvpn.com/latest | OTHER | Yes | - | |
| ExpressVPN APIs | URL | Yes | - | |
| ExpressVPN Router | OTHER | Yes | - | |
| ExpressVPN VPN servers | OTHER | Yes | - | |
| TrustedServer 100,000 Bonus Award (See Program Policy for Info) | OTHER | Yes | - | |
| app.expressmailguard.com | URL | Yes | ||
| corp.polymoon.it | URL | Yes | ||
| expressvpn.jobs | URL | Yes | ||
| gatekeeper.prd.iat.it.xvservice.net | URL | Yes | ||
| gh-mail.expressvpn.com | URL | Yes | ||
| https://api.blts.kape.com | URL | Yes | ||
| https://api.dbs.kape.com | URL | Yes | ||
| https://api.dts.kape.com | URL | Yes | ||
| https://api.enc.kape.com | URL | Yes | ||
| https://api.expressvpn.com | URL | Yes | ||
| https://api.jwks.kape.com | URL | Yes | ||
| https://api.pcrs.kape.com | URL | Yes | ||
| https://cp.expressapisv2.net | URL | Yes | ||
| https://github.com/expressvpn/lightway | OTHER | Yes | - | |
| https://xv-cp.apis-staging.xvtest.net/ | URL | Yes | ||
| iat.it.xvservice.net | URL | Yes | ||
| it.xvservice.net | URL | Yes | ||
| networkguard.com | URL | Yes | ||
| prd.iat.it.xvservice.net | URL | Yes | ||
| vector.prd.iat.it.xvservice.net | URL | Yes |
Out-of-Scope Assets (1)
| Asset | Category | Bounty | |
|---|---|---|---|
| All domains or subdomains not listed in the above list of 'Scopes' | OTHER | Yes |
Scope Changes (94)
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | trustedserver 100,000 bonus award (see program policy for info) | OTHER | In Scope | 20:22 |
| Added | *.xvtest.net | WILDCARD | In Scope | 19:08 |
| Added | any applications under https://www.expressvpn.com/latest | URL | In Scope | 19:08 |
| Added | https://github.com/expressvpn/lightway | URL | In Scope | 19:08 |
| Added | https://api.dbs.kape.com | URL | In Scope | 19:08 |
| Added | https://api.dts.kape.com | URL | In Scope | 19:08 |
| Added | https://api.jwks.kape.com | URL | In Scope | 19:08 |
| Added | all domains or subdomains not listed in the above list of 'scopes' | OTHER | Out of Scope | 19:08 |
| Added | *.expressvpn.com | WILDCARD | In Scope | 19:08 |
| Added | https://api.expressvpn.com | URL | In Scope | 19:08 |
| Added | https://api.pcrs.kape.com | URL | In Scope | 19:08 |
| Added | https://cp.expressapisv2.net | URL | In Scope | 19:08 |
| Added | gatekeeper.prd.iat.it.xvservice.net | URL | In Scope | 19:08 |
| Added | iat.it.xvservice.net | URL | In Scope | 19:08 |
| Added | *.polymoon.it | WILDCARD | In Scope | 19:08 |
| Added | corp.polymoon.it | URL | In Scope | 19:08 |
| Added | expressvpn apis | URL | In Scope | 19:08 |
| Added | https://xv-cp.apis-staging.xvtest.net/ | URL | In Scope | 19:08 |
| Added | https://api.enc.kape.com | URL | In Scope | 19:08 |
| Added | it.xvservice.net | URL | In Scope | 19:08 |
| Added | 1pw-scim.prd.iat.it.xvservice.net | URL | In Scope | 19:08 |
| Added | prd.iat.it.xvservice.net | URL | In Scope | 19:08 |
| Added | gh-mail.expressvpn.com | URL | In Scope | 19:08 |
| Added | expressvpn router | OTHER | In Scope | 19:08 |
| Added | *.xvservice.net | WILDCARD | In Scope | 19:08 |
| Added | vector.prd.iat.it.xvservice.net | URL | In Scope | 19:08 |
| Added | networkguard.com | URL | In Scope | 19:08 |
| Added | expressvpn.jobs | URL | In Scope | 19:08 |
| Added | https://api.blts.kape.com | URL | In Scope | 19:08 |
| Added | expressvpn vpn servers | OTHER | In Scope | 19:08 |
| Added | app.expressmailguard.com | URL | In Scope | 19:08 |
Feb 22, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | gh-mail.expressvpn.com | URL | In Scope | 00:51 |
| Added | https://api.expressvpn.com | URL | In Scope | 00:51 |
| Added | *.expressvpn.com | WILDCARD | In Scope | 00:51 |
| Added | https://api.pcrs.kape.com | URL | In Scope | 00:51 |
| Added | expressvpn router | OTHER | In Scope | 00:51 |
| Added | all domains or subdomains not listed in the above list of 'scopes' | OTHER | Out of Scope | 00:51 |
| Added | https://xv-cp.apis-staging.xvtest.net/ | URL | In Scope | 00:51 |
| Added | https://api.jwks.kape.com | URL | In Scope | 00:51 |
| Added | iat.it.xvservice.net | URL | In Scope | 00:51 |
| Added | https://github.com/expressvpn/lightway | URL | In Scope | 00:51 |
| Added | trustedserver 100,000 bonus award (see program policy for info) | OTHER | In Scope | 00:51 |
| Added | *.xvtest.net | WILDCARD | In Scope | 00:51 |
| Added | gatekeeper.prd.iat.it.xvservice.net | URL | In Scope | 00:51 |
| Added | 1pw-scim.prd.iat.it.xvservice.net | URL | In Scope | 00:51 |
| Added | prd.iat.it.xvservice.net | URL | In Scope | 00:51 |
| Added | *.polymoon.it | WILDCARD | In Scope | 00:51 |
| Added | corp.polymoon.it | URL | In Scope | 00:51 |
| Added | expressvpn apis | OTHER | In Scope | 00:51 |
| Added | https://api.dbs.kape.com | URL | In Scope | 00:51 |
| Added | https://api.blts.kape.com | URL | In Scope | 00:51 |
| Added | it.xvservice.net | URL | In Scope | 00:51 |
| Added | networkguard.com | URL | In Scope | 00:51 |
| Added | https://cp.expressapisv2.net | URL | In Scope | 00:51 |
| Added | https://api.dts.kape.com | URL | In Scope | 00:51 |
| Added | any applications under https://www.expressvpn.com/latest | URL | In Scope | 00:51 |
| Added | app.expressmailguard.com | URL | In Scope | 00:51 |
| Added | expressvpn.jobs | URL | In Scope | 00:51 |
| Added | https://api.enc.kape.com | URL | In Scope | 00:51 |
| Added | expressvpn vpn servers | OTHER | In Scope | 00:51 |
| Added | *.xvservice.net | WILDCARD | In Scope | 00:51 |
| Added | vector.prd.iat.it.xvservice.net | URL | In Scope | 00:51 |
Feb 21, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Removed | *.expressvpn.com | URL | In Scope | 21:40 |
| Removed | app.expressmailguard.com | URL | In Scope | 21:40 |
| Removed | expressvpn.jobs | URL | In Scope | 21:40 |
| Removed | expressvpn apis | URL | In Scope | 21:40 |
| Removed | https://xv-cp.apis-staging.xvtest.net/ | URL | In Scope | 21:40 |
| Removed | https://cp.expressapisv2.net | URL | In Scope | 21:40 |
| Removed | https://api.expressvpn.com | URL | In Scope | 21:40 |
| Removed | https://api.enc.kape.com | URL | In Scope | 21:40 |
| Removed | https://api.dbs.kape.com | URL | In Scope | 21:40 |
| Removed | https://api.dts.kape.com | URL | In Scope | 21:40 |
| Removed | https://api.blts.kape.com | URL | In Scope | 21:40 |
| Removed | https://api.pcrs.kape.com | URL | In Scope | 21:40 |
| Removed | https://api.jwks.kape.com | URL | In Scope | 21:40 |
| Removed | expressvpn vpn servers | OTHER | In Scope | 21:40 |
| Removed | expressvpn router | OTHER | In Scope | 21:40 |
| Removed | *.xvtest.net | URL | In Scope | 21:40 |
| Removed | *.xvservice.net | URL | In Scope | 21:40 |
| Removed | it.xvservice.net | URL | In Scope | 21:40 |
| Removed | 1pw-scim.prd.iat.it.xvservice.net | URL | In Scope | 21:40 |
| Removed | gatekeeper.prd.iat.it.xvservice.net | URL | In Scope | 21:40 |
| Removed | iat.it.xvservice.net | URL | In Scope | 21:40 |
| Removed | prd.iat.it.xvservice.net | URL | In Scope | 21:40 |
| Removed | vector.prd.iat.it.xvservice.net | URL | In Scope | 21:40 |
| Removed | gh-mail.expressvpn.com | URL | In Scope | 21:40 |
| Removed | *.polymoon.it | URL | In Scope | 21:40 |
| Removed | corp.polymoon.it | URL | In Scope | 21:40 |
| Removed | networkguard.com | URL | In Scope | 21:40 |
| Removed | any applications under https://www.expressvpn.com/latest | OTHER | In Scope | 21:40 |
| Removed | https://github.com/expressvpn/lightway | OTHER | In Scope | 21:40 |
| Removed | trustedserver 100,000 bonus award (see program policy for info) | OTHER | In Scope | 21:40 |
| Removed | all domains or subdomains not listed in the above list of 'scopes' | OTHER | Out of Scope | 21:40 |
| Added | all domains or subdomains not listed in the above list of 'scopes' | OTHER | Out of Scope | 00:33 |