telenor-sweden-public-bug-bounty-program
9
In Scope
14
Out of Scope
In-Scope Assets (9)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| *.bredbandsbolaget.se | WILDCARD | Yes | ||
| *.europolitan.se | WILDCARD | Yes | ||
| *.inpli.se | WILDCARD | Yes | ||
| *.ownit.se | WILDCARD | Yes | ||
| *.telenor.se | WILDCARD | Yes | ||
| *.telenorinpli.se | WILDCARD | Yes | ||
| *.vimla.io | WILDCARD | Yes | ||
| *.vimla.se | WILDCARD | Yes | ||
| *.vimla.work | WILDCARD | Yes |
Out-of-Scope Assets (14)
| Asset | Category | Bounty | |
|---|---|---|---|
| *.bbcust.telenor.se | OTHER | Yes | |
| *.cust.bredbandsbolaget.se | OTHER | Yes | |
| *.cust.ownit.se | OTHER | Yes | |
| *.cust.telenor.se | OTHER | Yes | |
| *.customers.ownit.se | OTHER | Yes | |
| *.ownit.nu | OTHER | Yes | |
| *.sme.telenor.se | OTHER | Yes | |
| Any domain that looks like it's owned by a third party or customer due to customer's privacy | OTHER | Yes | |
| Mobile services and devices provided by Telenor Sweden and subsidiaries not reachable from Internet | OTHER | Yes | |
| Other business units of the Telenor Group - including *.telenor.com | OTHER | Yes | |
| Telenor ID | OTHER | Yes | |
| faq.vimla.se | OTHER | Yes | |
| stage-vimla-se.vimla.io | OTHER | Yes | |
| tc.ownit.se | OTHER | Yes |
Scope Changes (86)
Apr 21, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Removed | hosting.ownit.nu | URL | In Scope | 12:21 |
| Removed | webmail.ownit.nu | URL | In Scope | 12:21 |
Apr 17, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | webmail.ownit.nu | URL | In Scope | 10:21 |
| Added | hosting.ownit.nu | URL | In Scope | 10:21 |
| Added | *.ownit.nu | OTHER | Out of Scope | 10:21 |
| Added | tc.ownit.se | OTHER | Out of Scope | 10:21 |
| Added | faq.vimla.se | OTHER | Out of Scope | 10:21 |
| Added | any domain that looks like it's owned by a third party or customer due to customer's privacy | OTHER | Out of Scope | 10:21 |
| Removed | any domain that looks like it's owned by a third party or customer due customer's privacy | OTHER | Out of Scope | 10:21 |
| Added | tc.ownit.se | URL | Out of Scope | 10:21 |
| Added | faq.vimla.se | URL | Out of Scope | 10:21 |
| Added | webmail.ownit.nu | URL | In Scope | 10:21 |
| Added | any domain that looks like it's owned by a third party or customer due to customer's privacy | OTHER | Out of Scope | 10:21 |
| Added | hosting.ownit.nu | URL | In Scope | 10:21 |
| Added | *.ownit.nu | WILDCARD | Out of Scope | 10:21 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | telenor id | OTHER | Out of Scope | 19:08 |
| Added | *.vimla.work | WILDCARD | In Scope | 19:08 |
| Added | *.telenorinpli.se | WILDCARD | In Scope | 19:08 |
| Added | *.telenor.se | WILDCARD | In Scope | 19:08 |
| Added | *.europolitan.se | WILDCARD | In Scope | 19:08 |
| Added | *.ownit.se | WILDCARD | In Scope | 19:08 |
| Added | *.vimla.io | WILDCARD | In Scope | 19:08 |
| Added | *.inpli.se | WILDCARD | In Scope | 19:08 |
| Added | *.cust.telenor.se | OTHER | Out of Scope | 19:08 |
| Added | *.cust.ownit.se | OTHER | Out of Scope | 19:08 |
| Added | *.sme.telenor.se | OTHER | Out of Scope | 19:08 |
| Added | *.customers.ownit.se | OTHER | Out of Scope | 19:08 |
| Added | *.cust.bredbandsbolaget.se | OTHER | Out of Scope | 19:08 |
| Added | *.vimla.se | WILDCARD | In Scope | 19:08 |
| Added | *.bbcust.telenor.se | OTHER | Out of Scope | 19:08 |
| Added | stage-vimla-se.vimla.io | OTHER | Out of Scope | 19:08 |
| Added | any domain that looks like it's owned by a third party or customer due customer's privacy | OTHER | Out of Scope | 19:08 |
| Added | mobile services and devices provided by telenor sweden and subsidiaries not reachable from internet | OTHER | Out of Scope | 19:08 |
| Added | other business units of the telenor group - including *.telenor.com | OTHER | Out of Scope | 19:08 |
| Added | *.bredbandsbolaget.se | WILDCARD | In Scope | 19:08 |
Feb 22, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | mobile services and devices provided by telenor sweden and subsidiaries not reachable from internet | OTHER | Out of Scope | 00:51 |
| Added | *.vimla.work | WILDCARD | In Scope | 00:51 |
| Added | *.cust.telenor.se | OTHER | Out of Scope | 00:51 |
| Added | *.sme.telenor.se | OTHER | Out of Scope | 00:51 |
| Added | *.cust.bredbandsbolaget.se | OTHER | Out of Scope | 00:51 |
| Added | stage-vimla-se.vimla.io | OTHER | Out of Scope | 00:51 |
| Added | *.vimla.se | WILDCARD | In Scope | 00:51 |
| Added | *.vimla.io | WILDCARD | In Scope | 00:51 |
| Added | any domain that looks like it's owned by a third party or customer due customer's privacy | OTHER | Out of Scope | 00:51 |
| Added | other business units of the telenor group - including *.telenor.com | OTHER | Out of Scope | 00:51 |
| Added | *.bredbandsbolaget.se | WILDCARD | In Scope | 00:51 |
| Added | *.ownit.se | WILDCARD | In Scope | 00:51 |
| Added | *.inpli.se | WILDCARD | In Scope | 00:51 |
| Added | *.bbcust.telenor.se | OTHER | Out of Scope | 00:51 |
| Added | *.customers.ownit.se | OTHER | Out of Scope | 00:51 |
| Added | *.cust.ownit.se | OTHER | Out of Scope | 00:51 |
| Added | telenor id | OTHER | Out of Scope | 00:51 |
| Added | *.telenor.se | WILDCARD | In Scope | 00:51 |
| Added | *.europolitan.se | WILDCARD | In Scope | 00:51 |
| Added | *.telenorinpli.se | WILDCARD | In Scope | 00:51 |
Feb 21, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Removed | *.telenor.se | WILDCARD | In Scope | 21:40 |
| Removed | *.bredbandsbolaget.se | WILDCARD | In Scope | 21:40 |
| Removed | *.europolitan.se | WILDCARD | In Scope | 21:40 |
| Removed | *.ownit.se | WILDCARD | In Scope | 21:40 |
| Removed | *.vimla.se | WILDCARD | In Scope | 21:40 |
| Removed | *.vimla.work | WILDCARD | In Scope | 21:40 |
| Removed | *.vimla.io | WILDCARD | In Scope | 21:40 |
| Removed | *.inpli.se | WILDCARD | In Scope | 21:40 |
| Removed | *.telenorinpli.se | WILDCARD | In Scope | 21:40 |
| Removed | *.bbcust.telenor.se | OTHER | Out of Scope | 21:40 |
| Removed | *.cust.telenor.se | OTHER | Out of Scope | 21:40 |
| Removed | *.sme.telenor.se | OTHER | Out of Scope | 21:40 |
| Removed | *.cust.bredbandsbolaget.se | OTHER | Out of Scope | 21:40 |
| Removed | *.customers.ownit.se | OTHER | Out of Scope | 21:40 |
| Removed | *.cust.ownit.se | OTHER | Out of Scope | 21:40 |
| Removed | stage-vimla-se.vimla.io | OTHER | Out of Scope | 21:40 |
| Removed | any domain that looks like it's owned by a third party or customer due customer's privacy | OTHER | Out of Scope | 21:40 |
| Removed | mobile services and devices provided by telenor sweden and subsidiaries not reachable from internet | OTHER | Out of Scope | 21:40 |
| Removed | telenor id | OTHER | Out of Scope | 21:40 |
| Removed | other business units of the telenor group - including *.telenor.com | OTHER | Out of Scope | 21:40 |
| Added | *.cust.telenor.se | OTHER | Out of Scope | 00:33 |
| Added | *.sme.telenor.se | OTHER | Out of Scope | 00:33 |
| Added | *.cust.bredbandsbolaget.se | OTHER | Out of Scope | 00:33 |
| Added | *.customers.ownit.se | OTHER | Out of Scope | 00:33 |
| Added | *.cust.ownit.se | OTHER | Out of Scope | 00:33 |
| Added | stage-vimla-se.vimla.io | OTHER | Out of Scope | 00:33 |
| Added | any domain that looks like it's owned by a third party or customer due customer's privacy | OTHER | Out of Scope | 00:33 |
| Added | mobile services and devices provided by telenor sweden and subsidiaries not reachable from internet | OTHER | Out of Scope | 00:33 |
| Added | telenor id | OTHER | Out of Scope | 00:33 |
| Added | other business units of the telenor group - including *.telenor.com | OTHER | Out of Scope | 00:33 |
| Added | *.bbcust.telenor.se | OTHER | Out of Scope | 00:33 |