goto-financial-public-bounty-program

YesWeHackView on YesWeHack

14

In Scope

2

Out of Scope

In-Scope Assets (14)

Asset	Category	Quick Links
*.findaya.co.id	WILDCARD	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
*.findaya.com	WILDCARD	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
*.gaming.gopayapi.com	WILDCARD	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
*.go-pay.co.id	WILDCARD	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
*.gofin.io	WILDCARD	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
*.gopayapi.com	WILDCARD	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
*.gtflabs.io	WILDCARD	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
api.midtrans.com	URL	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
app.midtrans.com	URL	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
gopaymerchant.midtrans.com	URL	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://apps.apple.com/id/app/gopay-transfer-pulsa-bills/id6446321594	IOS	-
https://play.google.com/store/apps/details?id=com.gojek.gopay&hl=id	ANDROID	Play Store
mokapos.com	URL	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
www.midtrans.com	URL	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal

Out-of-Scope Assets (2)

Asset	Category
- All other Goto Financial assets not listed above are to be considered as out of scope	OTHER
- Any staging environment will be out of scope (staging domain could be indicated by words like test/integration/staging, etc)	OTHER