| + | https://hackerone.com/fanduel | 20 | 3 | HackerOne |
In Scope Assets:- WILDCARD: *.fanduel.com
- IOS: 599664106
- ANDROID: com.fanduel.android.self
- URL: login-4ngbets.us.betfair.com
- URL: www.4njbets.com
- WILDCARD: *.mgmt.fndlsb.net
- WILDCARD: *.prd.fndlsb.net
- WILDCARD: *inf.fndlsb.net
- URL: 4njbets.com
- URL: 4njbets.us.betfair.com
- URL: login-4njbets.us.betfair.com
- ANDROID: com.fanduel.sportsbook
- ANDROID: com.fanduel.casino
- IOS: 1506229470
- ANDROID: com.fanduel.racing
- IOS: 1485539253
- ANDROID: com.fanduel.flywheelnativecontainer.picks
- IOS: 6740879082
- IOS: 1413721906
- WILDCARD: *.tvg.com
Out of Scope Assets:- WILDCARD: *.fndl.dev (OOS)
- URL: affiliates.fanduel.com (OOS)
- URL: equibase-store.fanduel.com (OOS)
|
| + | https://hackerone.com/faraday_inc | 7 | 1 | HackerOne |
In Scope Assets:- OTHER: s3://faraday-uploads
- OTHER: s3://faraday-secret
- URL: app.faraday.ai
- URL: api.faraday.ai
- OTHER: gs://fdy-production-sdk-uploads
- OTHER: gs://faraday-secret
- URL: vault2.faraday.ai
Out of Scope Assets:- OTHER: Support Live Chat (OOS)
|
| + | https://hackerone.com/fetlife | 3 | 9 | HackerOne |
In Scope Assets:- URL: fetlife.com
- WILDCARD: *.fetlife.com
- URL: fetlifemail.com
Out of Scope Assets:- URL: status.fetlife.com (OOS)
- ANDROID: com.bitlove.fetlife (OOS)
- URL: mail.fetlife.com (OOS)
- URL: n2.fetlife.com (OOS)
- WILDCARD: *.bitlove.co (OOS)
- URL: bitlove.co (OOS)
- URL: fetlifestatus.com (OOS)
- IOS: co.bitlove.opensource.FetLife (OOS)
- OTHER: Requests to our ad endpoints (on any server): `/ads/serve`, `/ads/application_serve*`, and `/ads/click/*` (OOS)
|
| + | https://hackerone.com/figma | 7 | 1 | HackerOne |
In Scope Assets:- OTHER: Figma Desktop App
- OTHER: Figma iOS and Android apps
- OTHER: Figma Slack App
- OTHER: Figma for Microsoft Teams
- URL: www.figma.com
- URL: api.figma.com
- OTHER: Figma Atlassian App
Out of Scope Assets:- URL: www.designsystems.com (OOS)
|
| + | https://hackerone.com/files | 10 | 3 | HackerOne |
In Scope Assets:- URL: app.files.com
- URL: your-assigned-subdomain.files.com
- URL: www.files.com
- OTHER: FIles.com REST API
- OTHER: Files.com SDK's
- EXECUTABLE: Files.com Command Line Interface (CLI) App
- EXECUTABLE: Files.com Desktop v4 App (previously known as Desktop App)
- EXECUTABLE: Files.com Desktop v6 App
- OTHER: Files.com Mobile App
- EXECUTABLE: Files.com On-Premise Agent
Out of Scope Assets:- URL: developers.files.com (OOS)
- URL: status.files.com (OOS)
- URL: mail.files.com (OOS)
|
| + | https://hackerone.com/flickr | 3 | 17 | HackerOne |
In Scope Assets:- WILDCARD: *.flickr.com
- IOS: 328407587
- ANDROID: com.yahoo.mobile.client.android.flickr
Out of Scope Assets:- URL: blog.flickr.com (OOS)
- URL: amt.flickr.com (OOS)
- URL: appletv.flickr.com (OOS)
- URL: blogtest.flickr.com (OOS)
- URL: bluebird.flickr.com (OOS)
- URL: code.flickr.com (OOS)
- URL: csp.flickr.com (OOS)
- URL: guce.flickr.com (OOS)
- URL: stage.guce.flickr.com (OOS)
- URL: trunk.guce.flickr.com (OOS)
- URL: health.flickr.com (OOS)
- URL: help.flickr.com (OOS)
- URL: parkorbird.flickr.com (OOS)
- URL: links.flickr.com (OOS)
- WILDCARD: *.flickr.net (OOS)
- URL: flickrhelp.com (OOS)
- OTHER: Zero Day Vulnerabilities/Security Upgrades (OOS)
|
| + | https://hackerone.com/flipkart | 6 | 4 | HackerOne |
In Scope Assets:- URL: https://api.myntra.com
- URL: https://payments.myntra.com
- URL: https://www.myntra.com
- URL: https://www.flipkart.com
- URL: https://pay.payzippy.com
- URL: https://uiscoop.payzippy.com
Out of Scope Assets:- URL: https://apps.apple.com/in/app/flipkart-online-shopping-app/id742044692 (OOS)
- URL: https://play.google.com/store/apps/details?id=com.flipkart.android (OOS)
- ANDROID: https://play.google.com/store/apps/details?id=com.myntra.android (OOS)
- IOS: https://apps.apple.com/in/app/myntra-fashion-shopping-app/id907394059 (OOS)
|
| + | https://hackerone.com/floqast | 4 | 4 | HackerOne |
In Scope Assets:- URL: api-eu.floqast.app
- WILDCARD: *.floqast.app
- WILDCARD: https://*.floqast.engineering
- WILDCARD: *.eu.floqast.app
Out of Scope Assets:- WILDCARD: *.floqast.com (OOS)
- WILDCARD: *.floqast.studio (OOS)
- OTHER: Any Asset Not Specifically Listed as In-Scope (OOS)
- OTHER: s3://floqast (OOS)
|
| + | https://hackerone.com/flutteruki | 43 | 36 | HackerOne |
In Scope Assets:- WILDCARD: *.betfair.es
- WILDCARD: *.betfair.it
- WILDCARD: *.betfair.ro
- WILDCARD: *.betfair.se
- WILDCARD: *.paddypower.it
- WILDCARD: *.paddypartners.com
- WILDCARD: *.betfair.com
- WILDCARD: *.paddypower.com
- WILDCARD: *.ppbdev.com
- WILDCARD: *.dibz.co.uk
- WILDCARD: *.skygamingcontent.com
- WILDCARD: *.skycasino.com
- WILDCARD: *.sbgcdn.com
- WILDCARD: *.skybet.com
- WILDCARD: *.betviewapi.com
- WILDCARD: *.skypoker.com
- WILDCARD: *.skyvegas.com
- WILDCARD: *.skybingo.com
- WILDCARD: *.sbgcore.com
- WILDCARD: *.platformservices.io
- WILDCARD: *.skybetservices.com
- WILDCARD: *.sbgorigin.com
- WILDCARD: *.sbgservices.com
- WILDCARD: *.bonne-terre-data-layer.com
- WILDCARD: *.skybettingandgaming.com
- WILDCARD: *.msgsvc.io
- WILDCARD: *.operationstechnology.io
- WILDCARD: *.securityservices.io
- WILDCARD: *.skybet.net
- WILDCARD: *.skybet.co.uk
- WILDCARD: *.sbgtest.net
- WILDCARD: *.skybettest.net
- WILDCARD: *.skybettingandgaming.design
- WILDCARD: *.skybettingandgaming.info
- WILDCARD: *.betsharedservices.io
- WILDCARD: *.sportinglife.com
- URL: super6.skysports.com
- URL: itv7.itv.com
- ANDROID: https://play.google.com/store/apps/developer?id=Sky+Betting+and+Gaming+Apps&gl=uk
- ANDROID: https://play.google.com/store/apps/dev?id=9151483005769461618&gl=GB
- ANDROID: https://play.google.com/store/apps/dev?id=8912907283039023448&gl=GB
- ANDROID: https://play.google.com/store/apps/dev?id=5503565801970655430&gl=gb
- URL: rafflee.co.uk
Out of Scope Assets:- WILDCARD: online.*.skybingo.com (OOS)
- URL: www.betfair.com.co (OOS)
- WILDCARD: *.us.betfair.com (OOS)
- URL: community.betfair.com (OOS)
- WILDCARD: *.sbagmail.skybettingandgaming.com (OOS)
- WILDCARD: *.technology.skybettingandgaming.com (OOS)
- URL: support.developer.betfair.com (OOS)
- WILDCARD: *.betfair.com.au (OOS)
- WILDCARD: *.sbpartner.it (OOS)
- URL: affiliatehub.skybet.com (OOS)
- URL: partners.skybet.com (OOS)
- WILDCARD: *.skybet.de (OOS)
- WILDCARD: *.skybet.it (OOS)
- WILDCARD: *.skybetcareers.com (OOS)
- URL: technology.skybettingandgaming.com (OOS)
- WILDCARD: *.skybetpartner.de (OOS)
- WILDCARD: *.skybettingandgamingresearch.com (OOS)
- URL: email1.skybet.com (OOS)
- URL: skymail.sky.com (OOS)
- WILDCARD: *.sbgpeople.com (OOS)
- WILDCARD: *.sbga.me (OOS)
- WILDCARD: *.sbg.life (OOS)
- URL: skyrgs.blueprintgaming.com (OOS)
- WILDCARD: *.skybet-it.info (OOS)
- WILDCARD: *.skybetchiusuraconto.it (OOS)
- WILDCARD: *.sbgdataintl.com (OOS)
- WILDCARD: *.sbgcolab.com (OOS)
- WILDCARD: *.skybetgraduates.com (OOS)
- WILDCARD: *.sbggraduates.com (OOS)
- URL: community.skypoker.com (OOS)
- URL: community.staging.skypoker.com (OOS)
- URL: sbagmail.skybettingandgaming.com (OOS)
- WILDCARD: *.s6.sbgservices.com (OOS)
- WILDCARD: *.sbgmail.skybettingandgaming.com (OOS)
- WILDCARD: *.email.skybet.com (OOS)
- WILDCARD: *.skybusinessemail.com (OOS)
|
| + | https://hackerone.com/forescout_technologies | 64 | 9 | HackerOne |
In Scope Assets:- URL: us.forescout.cloud
- URL: uk.forescout.cloud
- URL: de.forescout.cloud
- URL: www.forescout.com
- URL: datapod-2-ingest.acceptance.forescoutcloud.net
- URL: datapod-2-query.acceptance.forescoutcloud.net
- URL: datapod-1-ingest.production.forescoutcloud.net
- URL: datapod-1-query.production.forescoutcloud.net
- URL: mgmtpod-1-dashboard.production.forescoutcloud.net
- URL: mgmtpod-1.production.forescoutcloud.net
- CIDR: 38.140.238.56/29
- CIDR: 97.105.243.96/28
- CIDR: 64.47.18.80/29
- CIDR: 194.90.25.80/29
- CIDR: 194.90.151.192/28
- CIDR: 194.90.89.165/32
- CIDR: 212.143.112.81/29
- URL: logstash-props.devicecloud.acceptance.forescoutcloud.net
- URL: datapod-1-100-druid-ingest.development.forescoutcloud.net
- URL: datapod-1-100-druid-query.development.forescoutcloud.net
- URL: datapod-1-100-druid-ingest.testing.forescoutcloud.net
- URL: a360f0bcc63ca11ea92550aeac091f3d-1101372245.us-east-1.elb.amazonaws.com
- URL: datapod-1-druid-ingest.production.forescoutcloud.net
- URL: datapod-1-100-druid-query.production.forescoutcloud.net
- CIDR: 64.84.60.0/24
- URL: datapod-2-druid-ingest.production.forescoutcloud.net
- URL: https://telemetry-polling.devicecloud.acceptance.forescoutcloud.net/v1/upload
- URL: https://telemetry-polling.devicecloud.acceptance.forescoutcloud.net/v1/polling
- URL: https://telemetry-polling.devicecloud.acceptance.forescoutcloud.net/v1/package
- URL: http://logstash-props.devicecloud.production.forescoutcloud.net/api/v1/properties
- URL: http://backend-api.devicecloud.production.forescoutcloud.net/api/v1/settings
- URL: http://datapod-1-druid-ingest.production.forescoutcloud.net/v1/upload
- URL: http://mgmtpod-1.production.forescoutcloud.net/oauth/token
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/query/grouptogroup
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/query/firstreporttimeentry
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/query/iplist
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v3/matrixoverview
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v3/query/overlappingzones
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v1/query/agg
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v1/polling
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/query/overlappinggroups
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/matrixoverview
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v3/query/zonetozone
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/deletestatus
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/query/ips/bysrc
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/service-list
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/query/ips/bydst/details
- URL: http://datapod-1-druid-query.production.forescoutcloud.net/v2/services
- URL: iris-testing-us-east-1-nlb-4df4bbde6f6e2bbb.elb.us-east-1.amazonaws.com
- HARDWARE: CounterAct 8.4
- URL: updates.forescout.com
- URL: streaming.iris.acceptance.forescoutcloud.net
- URL: mgmt-sensors.iris.acceptance.forescoutcloud.net
- URL: obs-sensors.iris.acceptance.forescoutcloud.net
- URL: streaming-api.iris.acceptance.forescoutcloud.net
- URL: aebddc74953f248bc8455665b0f7d47b-78af959a11e5d0c1.elb.us-east-1.amazonaws.com
- URL: streaming.iris.production.forescoutcloud.net
- URL: mgmt-sensors.iris.production.forescoutcloud.net
- URL: obs-sensors.iris.production.forescoutcloud.net
- URL: streaming-api.iris.production.forescoutcloud.net
- URL: ab2b0c50cdc7b445391f99d4957850c5-cd4ccfdb37dfafad.elb.us-east-1.amazonaws.com
- URL: streaming-gw.iris.production.forescoutcloud.net
- URL: community.forescout.com
- URL: cloud.forescout.com
Out of Scope Assets:- URL: datapod-1-100-ingest.development.forescoutcloud.net (OOS)
- URL: datapod-1-100-query.development.forescoutcloud.net (OOS)
- URL: mgmtpod-1-100-dashboard.development.forescoutcloud.net (OOS)
- URL: mgmtpod-1-100.development.forescoutcloud.net (OOS)
- URL: datapod-1-100-ingest.testing.forescoutcloud.net (OOS)
- URL: datapod-1-100-query.testing.forescoutcloud.net (OOS)
- URL: datapod-1-ingest.acceptance.forescoutcloud.net (OOS)
- URL: datapod-1-query.acceptance.forescoutcloud.net (OOS)
- HARDWARE: CounterAct 8.3 (OOS)
|
| + | https://hackerone.com/freshworks | 17 | 10 | HackerOne |
In Scope Assets:- URL: yourdomain.freshchat.com
- URL: yourdomain.freshcaller.com
- URL: yourdomain.myfreshworks.com
- URL: yourdomain.freshdesk.com
- URL: yourdomain.freshservice.com
- OTHER: Freshservice Discovery Agent and Probe
- ANDROID: com.freshservice.helpdesk
- ANDROID: com.freshdesk.helpdesk
- ANDROID: com.freshchat.agent.android
- ANDROID: com.freshworks.freshcaller
- ANDROID: com.freshservice.helpdesk.intune
- IOS: Freshdesk-iOS-App
- IOS: Freshservice-iOS-App
- IOS: Freshchat-iOS-App
- IOS: Freshcaller-iOS-App
- IOS: Freshservice-Intune-iOS-App
- URL: yourdomain.freshrelease.com
Out of Scope Assets:- ANDROID: com.freshdesk.freshsales.mobile (OOS)
- IOS: Freshsales-iOS-App (OOS)
- URL: wchat.freshchat.com (OOS)
- URL: www.freshworks.com (OOS)
- URL: freshworks.atlassian.net (OOS)
- URL: yourdomain.freshsurvey.io (OOS)
- URL: yourdomain.freshstatus.io (OOS)
- URL: yourdomain.freshping.io (OOS)
- URL: http://yourdomain.myfreshworks.com/crm/sales (OOS)
- URL: http://yourdomain.myfreshworks.com/crm/marketer (OOS)
|
| + | https://hackerone.com/frontegg | 2 | 2 | HackerOne |
In Scope Assets:- URL: api.au.frontegg.com
- URL: portal.au.frontegg.com
Out of Scope Assets:- URL: portal.frontegg.com (OOS)
- URL: api.frontegg.com (OOS)
|
| + | https://hackerone.com/fronthq | 6 | 0 | HackerOne |
In Scope Assets:- URL: app.frontapp.com
- URL: api2.frontapp.com
- IOS: com.frontapp.mobile
- ANDROID: com.frontapp.mobile
- EXECUTABLE: Front for Mac
- EXECUTABLE: Front for Windows
|
| + | https://hackerone.com/github | 27 | 12 | HackerOne |
In Scope Assets:- OTHER: Copilot
- URL: *.github.net
- OTHER: GitHub Enterprise Cloud
- OTHER: GitHub Pages
- URL: education.github.com
- OTHER: GitHub Production Credentials
- OTHER: Dependabot
- OTHER: GitHub for mobile
- EXECUTABLE: GitHub CLI
- OTHER: Copilot Chat on dotcom
- OTHER: Copilot for Business
- URL: *.githubusercontent.com
- URL: github.com
- URL: api.github.com
- URL: npmjs.com
- URL: npmjs.org
- EXECUTABLE: npm CLI
- URL: gist.github.com
- HARDWARE: GitHub Enterprise Server
- OTHER: GitHub Enterprise Cloud with Data Residency (GHEC-DR)
- EXECUTABLE: GitHub Desktop
- URL: classroom.github.com
- URL: *.githubapp.com
- OTHER: Copilot Spaces
- OTHER: Copilot Coding Agent
- OTHER: GitHub Spark
- OTHER: GitHub CSP
Out of Scope Assets:- URL: git.io (OOS)
- URL: spectrum.chat (OOS)
- URL: github.blog (OOS)
- EXECUTABLE: GitHub Classroom Assistant (OOS)
- URL: http://education.github.com/forum (OOS)
- URL: blog.github.com (OOS)
- URL: community.github.com (OOS)
- URL: shop.github.com (OOS)
- URL: enterprise.github.com (OOS)
- EXECUTABLE: Atom (OOS)
- EXECUTABLE: Electron (OOS)
- URL: *.github.io (OOS)
|
| + | https://hackerone.com/gitlab | 20 | 24 | HackerOne |
In Scope Assets:- OTHER: Other non-production infrastructure
- WILDCARD: *.gitlab.net
- WILDCARD: *.gitlab.org
- WILDCARD: *.gitlap.com
- URL: about.gitlab.com
- URL: docs.gitlab.com
- URL: design.gitlab.com
- URL: advisories.gitlab.com
- URL: customers.gitlab.com
- URL: registry.gitlab.com
- URL: gitlab.com
- OTHER: Your Own GitLab Instance
- SOURCE_CODE: https://gitlab.com/gitlab-org/opstrace/opstrace
- SOURCE_CODE: https://gitlab.com/gitlab-org/gitlab
- SOURCE_CODE: https://gitlab.com/gitlab-org/gitlab-runner
- SOURCE_CODE: https://gitlab.com/gitlab-org/gitaly
- SOURCE_CODE: https://gitlab.com/gitlab-org/gitlab-pages
- SOURCE_CODE: https://gitlab.com/gitlab-org/gitlab-shell
- OTHER: GitLab for Jira Cloud
- SOURCE_CODE: https://gitlab.com/gitlab-org/gitlab-vscode-extension
Out of Scope Assets:- URL: ir.gitlab.com (OOS)
- URL: levelup.gitlab.com (OOS)
- URL: dashboards.gitlab.com (OOS)
- URL: alerts.gitlab.com (OOS)
- URL: support.gitlab.com (OOS)
- URL: shop.gitlab.com (OOS)
- URL: forum.gitlab.com (OOS)
- URL: status.gitlab.com (OOS)
- URL: gitlab.biterg.io (OOS)
- SOURCE_CODE: https://gitlab.com/gitlab-org/cli/ (OOS)
- SOURCE_CODE: https://gitlab.com/gitlab-org/opstrace/opstrace-ui (OOS)
- WILDCARD: *.gitlab.cn (OOS)
- URL: gitlabsandbox.net (OOS)
- URL: gitlabdemo.cloud (OOS)
- URL: gitlabtraining.cloud (OOS)
- URL: partners.gitlab.com (OOS)
- URL: aptly.gitlab.com (OOS)
- URL: translate.gitlab.com (OOS)
- WILDCARD: *.service-now.com (OOS)
- WILDCARD: *.runway.gitlab.net (OOS)
- URL: packages.gitlab.com (OOS)
- URL: federal-support.gitlab.com (OOS)
- URL: us-federal-gitlab.com (OOS)
- WILDCARD: *.gitlab-private.org (OOS)
|
| + | https://hackerone.com/glassdoor | 8 | 4 | HackerOne |
In Scope Assets:- URL: Glassdoor APIs
- ANDROID: Glassdoor Android
- OTHER: Glassdoor Authentication
- OTHER: Glassdoor Employer Center
- OTHER: Glassdoor Heritage
- OTHER: Glassdoor Infrastructure & Misc
- OTHER: Glassdoor Jobs
- IOS: Glassdoor iOS
Out of Scope Assets:- OTHER: Fishbowl (OOS)
- OTHER: Glassdoor Blog (OOS)
- OTHER: Glassdoor Design Page (OOS)
- OTHER: Glassdoor Help Page (OOS)
|
| + | https://hackerone.com/gocardless_bbp | 14 | 23 | HackerOne |
In Scope Assets:- WILDCARD: *.gocardless-cicd.io
- URL: www.gocardless.com
- URL: manage-sandbox.gocardless.com
- URL: pay-sandbox.gocardless.com
- URL: api-sandbox.gocardless.com
- URL: connect-sandbox.gocardless.com
- WILDCARD: *.gocardless.io,*.gocardless-banking.io
- URL: oauth-sandbox.gocardless.com
- WILDCARD: *.gocardless.com
- URL: ob.gocardless.com
- OTHER: bankaccountdata.gocardless.com
- URL: auth0.gocardless.com
- URL: https://ob-sandbox.gocardless.io
- URL: payer-details-sandbox.gocardless.com
Out of Scope Assets:- URL: api.gocardless.com (OOS)
- URL: manage.gocardless.com (OOS)
- URL: connect.gocardless.com (OOS)
- URL: pay.gocardless.com (OOS)
- URL: xero.gocardless.com (OOS)
- URL: xero-staging.gocardless.com (OOS)
- URL: xero-sandbox.gocardless.com (OOS)
- URL: oauth.gocardless.com (OOS)
- URL: manage.gocardless-staging.io (OOS)
- URL: api-staging.gocardless.com (OOS)
- URL: oauth-staging.gocardless.com (OOS)
- URL: support.gocardless.com (OOS)
- URL: learn.gocardless.com (OOS)
- URL: outgrow.gocardless.com (OOS)
- URL: privacy.gocardless.com (OOS)
- URL: brand.gocardless.com (OOS)
- URL: storybook.gocardless.io (OOS)
- OTHER: partnerportal.gocardless.com, gocardless.my.site.com (OOS)
- OTHER: gocardless-status.com, status.gocardless.com (OOS)
- URL: qbo-api.gocardless.com (OOS)
- URL: payer-details.gocardless.com (OOS)
- URL: gc4x-api-sandbox.gocardless.com (OOS)
- URL: gocardless.atlassian.net (OOS)
|
| + | https://hackerone.com/goldmansachs | 46 | 19 | HackerOne |
In Scope Assets:- URL: *.marcus.com
- URL: *.honestdollar.com
- URL: *.goldmanpfm.com
- URL: *.marcus.co.uk
- URL: research.gs.com
- URL: *.gsam.com
- URL: *.gsselect.com
- URL: *.gs-mosaic.qa.gs.com
- URL: *.gs-mosaic.gs.com
- URL: *.qaglobal-liquidity.gs.com
- URL: *.global-liquidity.gs.com
- URL: developer.gs.com
- URL: goldmansachsindices.com
- URL: marquee.gs.com
- URL: apigw.foliofn.com
- URL: api.foliofn.com
- OTHER: *.advisorsolutions.gs.com
- OTHER: *.folioclient.com
- OTHER: *.foliodigitalwealth.com
- OTHER: *.foliofirst.com
- OTHER: *.foliofn.com
- OTHER: *.folioidentity.com
- OTHER: *.folioinstitutional.com
- OTHER: *.folioinvesting.com
- OTHER: *.nnip.com
- OTHER: *.vennhypotheken.nl
- IOS: com.marcus.ios-us
- IOS: com.marcus.ios-uk
- ANDROID: com.marcus.android.uk
- ANDROID: com.marcus.android
- ANDROID: com.gs.pwmdigital.external.android
- IOS: com.gs.pwmdigital.external
- ANDROID: com.gs.pfmg.wellness
- ANDROID: com.gs.mobile.trader
- IOS: com.gs.gstrader.external
- ANDROID: com.gs.mobile.gsnow
- IOS: com.gs.gsnow.external
- IOS: GS Select iOS app
- URL: *.goldmansachs.com
- OTHER: *.nextcapital.com
- URL: *.ayco.com
- URL: *.gs.com
- URL: *.goldman.com
- URL: *.gspublishing.com
- URL: *.gs.de
- URL: www.fitvermogen.nl
Out of Scope Assets:- URL: gsg.goldman.com (OOS)
- URL: gspf.goldman.com (OOS)
- URL: gsg-uk.goldman.com (OOS)
- OTHER: *.scripts.vennhypotheken.nl (OOS)
- OTHER: *.overrules.vennhypotheken.nl (OOS)
- OTHER: *.communicatie.vennhypotheken.nl (OOS)
- URL: 18098.nextcapital.com (OOS)
- URL: deb.nextcapital.com (OOS)
- URL: email.nextcapital.com (OOS)
- URL: npm-new.nextcapital.com (OOS)
- URL: npm.nextcapital.com (OOS)
- URL: repo.nextcapital.com (OOS)
- URL: rubygems.nextcapital.com (OOS)
- URL: *.rocaton.com,secure.rocaton.com (OOS)
- WILDCARD: *.events.gs.com (OOS)
- OTHER: All .cn domains (OOS)
- URL: qa-billpay.goldman.com (OOS)
- URL: billpay.goldman.com (OOS)
- OTHER: 3rd party hosted assets (OOS)
|
| + | https://hackerone.com/goodrx | 3 | 7 | HackerOne |
In Scope Assets:- IOS: com.goodrx.iphone
- ANDROID: com.goodrx
- URL: www.goodrx.com
Out of Scope Assets:- URL: support.goodrx.com (OOS)
- IOS: com.goodrx.doctors (OOS)
- ANDROID: com.goodrx.doctors (OOS)
- IOS: com.goodrx.gold (OOS)
- ANDROID: com.goodrx.gold (OOS)
- URL: sso.identity.goodrx.com (OOS)
- URL: investors.goodrx.com (OOS)
|
| + | https://hackerone.com/grab | 33 | 1 | HackerOne |
In Scope Assets:- URL: grab.careers
- WILDCARD: *.grabtaxi.com
- WILDCARD: *.myteksi.com
- WILDCARD: *.myteksi.net
- WILDCARD: *.grab.co
- WILDCARD: *.grab.com
- URL: p.grabtaxi.com
- URL: gamma.grab.co
- URL: manage.grab.co
- URL: jira.grab.com
- URL: wiki.grab.com
- IOS: 647268330
- IOS: 1257641454
- ANDROID: com.grabtaxi.passenger
- ANDROID: com.grabtaxi.driver2
- OTHER: C100447517
- OTHER: C103149579
- URL: kartaview.org
- URL: api.grabpay.com
- WILDCARD: *.grabpay.com
- ANDROID: com.grabpay.merchant
- IOS: 1343620481
- URL: xtramile.grabpay.com
- WILDCARD: *.grab-sure.com
- URL: gifts.grab.com
- ANDROID: com.grab.merchant
- WILDCARD: *.ovo.id
- IOS: 1142114207
- ANDROID: ovo.id
- URL: hungrygowhere.com
- IOS: 1481198245
- ANDROID: com.moveit.app.customer
- WILDCARD: *.ovofinansial.com
Out of Scope Assets:- WILDCARD: *.qms.grab.com (OOS)
|
| + | https://hackerone.com/greenhouse | 12 | 3 | HackerOne |
In Scope Assets:- URL: jss.greenhouse.io
- URL: interseller.io
- URL: app.interseller.io
- URL: app.greenhouse.io
- URL: www.greenhouse.io
- URL: boards.greenhouse.io
- URL: api.greenhouse.io
- URL: onboarding.greenhouse.io
- URL: support.greenhouse.io
- OTHER: Tier 1 Assets
- OTHER: Tier 2 Assets
- OTHER: Tier 3 Assets
Out of Scope Assets:- URL: store.greenhouse.io (OOS)
- URL: community.greenhouse.io (OOS)
- URL: resources.greenhouse.io (OOS)
|
| + | https://hackerone.com/grindr | 6 | 16 | HackerOne |
In Scope Assets:- URL: web.grindr.com
- WILDCARD: *.grindr.io
- WILDCARD: *.grindr.com
- WILDCARD: *.grindr.mobi
- IOS: 319881193
- ANDROID: com.grindrapp.android
Out of Scope Assets:- URL: shop.grindr.com (OOS)
- URL: investors.grindr.com (OOS)
- URL: selfservice.grindr.com (OOS)
- WILDCARD: *.intomore.com (OOS)
- WILDCARD: *.grindrads.com (OOS)
- URL: go.grindr.com (OOS)
- SOURCE_CODE: github.com/thesokrin/vfd (OOS)
- URL: grindr.atlassian.net (OOS)
- URL: blog.grindr.com (OOS)
- URL: help.grindr.com (OOS)
- URL: grindrbloop.com (OOS)
- URL: shop.grindrbloop.com (OOS)
- URL: grindrtogo.grindr.com (OOS)
- URL: kindr.grindr.com (OOS)
- URL: https://github.com/grindrlabs (OOS)
- URL: status.grindr.com (OOS)
|
| + | https://hackerone.com/helium | 1 | 27 | HackerOne |
In Scope Assets:Out of Scope Assets:- URL: www.helium.com (OOS)
- IOS: com.helium.mobile.wallet (OOS)
- ANDROID: com.helium.wallet (OOS)
- URL: ota.helium.com (OOS)
- OTHER: API (OOS)
- OTHER: Blockchain (OOS)
- URL: network.helium.com (OOS)
- URL: dashboard.helium.com (OOS)
- OTHER: Telegram, Discord, Slack, Helium Forums (OOS)
- URL: burrow.helium.systems (OOS)
- WILDCARD: *.helium.wtf (OOS)
- WILDCARD: *.helium.foundation (OOS)
- OTHER: https://github.com/helium/helium-console-cli (OOS)
- URL: https://www.helium.com/store (OOS)
- URL: whitepaper.helium.com (OOS)
- URL: https://heliumdashboard.grafana.net (OOS)
- URL: engineering.helium.com (OOS)
- URL: explorer.helium.com (OOS)
- WILDCARD: *.helium.io (OOS)
- URL: asia.helium.com (OOS)
- URL: blog.helium.com (OOS)
- URL: europe.helium.com (OOS)
- URL: helium.com (OOS)
- URL: zodiac.helium.com (OOS)
- URL: jobs.helium.com (OOS)
- ANDROID: com.helium.mobile.wireless (OOS)
- IOS: id1640323514 (OOS)
|
| + | https://hackerone.com/hilton | 17 | 10 | HackerOne |
In Scope Assets:- URL: hiltonbusinessonline.com
- URL: hiltonlocalbiz.com
- WILDCARD: *.hilton.com
- WILDCARD: *.hilton.io
- WILDCARD: *.hiltonbusinessonline.com
- WILDCARD: *.hiltonlocalbiz.com
- URL: hilton.com
- URL: hilton.io
- CIDR: 167.187.0.0/16
- CIDR: 192.251.123.0/24
- CIDR: 192.251.124.0/24
- CIDR: 192.251.125.0/24
- CIDR: 192.251.126.0/24
- CIDR: 82.196.42.196/28
- CIDR: 203.79.37.2/29
- CIDR: 62.216.152.46/29
- CIDR: 121.200.237.36/29
Out of Scope Assets:- WILDCARD: *.hiltonhotels.jp (OOS)
- URL: eis.hilton.com (OOS)
- URL: https://jobs.hilton.com (OOS)
- URL: hiltongrandvacations.com (OOS)
- URL: guestfeedback.hilton.com (OOS)
- URL: hiltonnet.hilton.com (OOS)
- URL: onqinsider.hilton.com (OOS)
- URL: pim.hilton.com (OOS)
- URL: hgv.com (OOS)
- URL: hiltonfoundation.org (OOS)
|
| + | https://hackerone.com/hostinger | 9 | 0 | HackerOne |
In Scope Assets:- URL: www.hostinger.com
- URL: cpanel.hostinger.com
- URL: hpanel.hostinger.com
- URL: payments.hostinger.com
- URL: builder.hostinger.com
- OTHER: H5G
- URL: horizons.hostinger.com
- URL: reach.hostinger.com
- OTHER: mail.hostinger.com/v2
|
| + | https://hackerone.com/hubspot | 14 | 6 | HackerOne |
In Scope Assets:- URL: chatspot.ai
- WILDCARD: *.hubspotemail.net
- WILDCARD: *.hs-sites(-eu1)?.com
- WILDCARD: *.hubspotpagebuilder.com
- WILDCARD: *.hubspotpagebuilder.eu
- OTHER: Customer Portal
- OTHER: Customer Connected Domain
- ANDROID: HubSpot Android Mobile App
- IOS: HubSpot iOS Mobile App
- OTHER: HubSpot Sales Office 365 add-in
- OTHER: Other HubSpot-owned (sub)domains not listed as Out of Scope
- WILDCARD: app*.hubspot.com
- WILDCARD: api*.hubspot.com
- WILDCARD: api*.hubapi.com
Out of Scope Assets:- URL: connect.com (OOS)
- URL: shop.hubspot.com (OOS)
- URL: trust.hubspot.com (OOS)
- URL: thespot.hubspot.com (OOS)
- URL: ir.hubspot.com (OOS)
- URL: events.hubspot.com (OOS)
|
| + | https://hackerone.com/hyatt | 65 | 0 | HackerOne |
In Scope Assets:- URL: hyatt.com
- URL: www.hyatt.com
- IOS: 476639005
- ANDROID: com.Hyatt
- URL: world.hyatt.com
- URL: assets.hyatt.com
- URL: book.cheapcaribbean.com
- URL: res.treasureisland.globalbookingsolutions.com
- URL: res.vacations.buschgardens.com
- URL: res.vacations.sesameplace.com
- URL: vacations.travelimpressions.com
- URL: www.blueskytours.com
- URL: www.cheapcaribbean.com
- URL: www.triseptsolutions.com
- URL: blueskytours.globalbookingsolutions.com
- URL: booking.cheapcaribbean.com
- URL: booking.beachbound.com
- URL: book.beachbound.com
- URL: res.funjet.com
- URL: res.secretsresorts.com
- URL: res.skyteam.com
- URL: res.vacations.discoverycove.com
- URL: res.vacations.seaworld.com
- URL: vacations.universalstudioshollywood.com
- URL: www.funjet.com
- URL: www.universalorlandovacations.com
- URL: www.wynnvacations.com
- URL: www.beachbound.com
- URL: book.applevacations.com
- URL: book.booktandl.com
- URL: login.www.vaxvacationaccess.com
- URL: new.www.vaxvacationaccess.com
- URL: res.blueskytours.globalbookingsolutions.com
- URL: res.southwestvacations.com
- URL: res.universalorlandovacations.com
- URL: res.vacations.united.com
- URL: res.vacations.universalstudioshollywood.com
- URL: reservations.wynnvacations.com
- URL: rezagent.triseptsolutions.com
- URL: shop.wyndhamvacationownership.trisept.travel
- URL: www.triseptapi.com
- URL: www.triseptdemo.com
- URL: vacations.united.com
- URL: www.applevacations.com
- CIDR: 199.66.248.0/22
- CIDR: 140.95.0.0/16
- URL: newsroom.images.hyatt.com
- CIDR: 213.139.133.32/28
- URL: salesportal.hyatt.com
- URL: meetings.hyatt.com
- URL: ebsext.oft.hyatt.com
- URL: mobileapp.hyatt.com
- URL: plannerrequest.hyatt.com
- URL: public.hyatt.com
- URL: roominglist.hyatt.com
- URL: soaext.oft.hyatt.com
- URL: sso.oft.hyatt.com
- URL: upsell.hyatt.com
- URL: res.hyattinclusivecollection.com
- URL: www.hyattinclusivecollection.com
- URL: booking.applevacations.com
- URL: www.hyattconnect.com
- URL: jira.hyattdev.com
- URL: confluence.hyattdev.com
- URL: scapegoat.hyatt.com
|
| + | https://hackerone.com/hypr-corp | 6 | 3 | HackerOne |
In Scope Assets:- WILDCARD: *.hypr.com
- IOS: com.hypr.one
- ANDROID: com.hypr.one
- EXECUTABLE: HyprUnlock.exe
- EXECUTABLE: HYPR Workforce Access.app
- WILDCARD: *.gethypr.com
Out of Scope Assets:- URL: support.hypr.com (OOS)
- URL: help.hypr.com (OOS)
- URL: partners.hypr.com (OOS)
|
| + | https://hackerone.com/ibb | 21 | 0 | HackerOne |
In Scope Assets:- SOURCE_CODE: https://github.com/argoproj/argoproj
- SOURCE_CODE: https://github.com/rack/rack
- SOURCE_CODE: https://github.com/apache/tomcat
- SOURCE_CODE: https://github.com/libuv/libuv
- SOURCE_CODE: https://github.com/ruby
- SOURCE_CODE: https://github.com/rails
- SOURCE_CODE: https://github.com/rubygems/rubygems
- SOURCE_CODE: https://github.com/curl/curl
- SOURCE_CODE: https://github.com/Electron
- SOURCE_CODE: https://github.com/django
- SOURCE_CODE: https://github.com/Nginx
- SOURCE_CODE: https://github.com/openssl/openssl
- SOURCE_CODE: https://github.com/nodejs/node
- SOURCE_CODE: https://github.com/apache/airflow
- SOURCE_CODE: https://github.com/apache/httpd
- SOURCE_CODE: https://wiki.xenproject.org/wiki/Xen_Project_Repositories
- SOURCE_CODE: https://git.libssh.org/
- SOURCE_CODE: https://github.com/spiffe/spiffe
- SOURCE_CODE: https://github.com/spiffe/spire
- URL: rubygems.org
- SOURCE_CODE: https://github.com/rust-lang/rust
|
| + | https://hackerone.com/inditex | 4 | 0 | HackerOne |
In Scope Assets:- OTHER: e-Commerce
- OTHER: Other related e-commerce services
- OTHER: Recruitment services
- OTHER: Main corporate site
|
| + | https://hackerone.com/indrive | 118 | 4 | HackerOne |
|
| + | https://hackerone.com/insightly | 9 | 17 | HackerOne |
In Scope Assets:- URL: crm.na1.insightly.com
- URL: accounts.insightly.com
- URL: outlook.insightly.com
- URL: mobileapi.na1.insightly.com
- URL: http://api.insightly.com/v3.1/
- URL: login.insightly.com
- URL: mobileapi.insightly.com
- URL: http://api.na1.insightly.com/v3.1/
- URL: marketing.na1.insightly.com
Out of Scope Assets:- IOS: 563017797 (OOS)
- URL: www.insightly.com (OOS)
- URL: www.insight.ly (OOS)
- URL: insightly.com (OOS)
- URL: insight.ly (OOS)
- URL: blog.insightly.com (OOS)
- URL: support.insightly.com (OOS)
- URL: help.insightly.com (OOS)
- URL: my.insightly.com (OOS)
- URL: newsletter.insightly.com (OOS)
- ANDROID: com.insightly.droid (OOS)
- URL: gmailaddon.insightly.com (OOS)
- WILDCARD: *.insight.ly (OOS)
- URL: podapi.na1.insightly.com (OOS)
- URL: chloe.insightly.com (OOS)
- URL: frontdoorproxy.insightly.com (OOS)
- URL: webhook.insightly.com (OOS)
|
| + | https://hackerone.com/inspectorio | 9 | 0 | HackerOne |
In Scope Assets:- URL: api.stg.inspectorio.com
- URL: rise-api.stg.inspectorio.com
- URL: docuflow.stg.inspectorio.com
- URL: id.stg.inspectorio.com
- TESTFLIGHT: https://testflight.apple.com/join/vwFxXX7t
- ANDROID: https://app.bitrise.io/app/51a95edaab331ec5/installable-artifacts/e5213e1a814bf0ba/public-install-page/bed0d33f048271d6828c5a4a979ecc96
- URL: app.stg.inspectorio.com
- URL: rise.stg.inspectorio.com
- URL: report-html-sight.stg.inspectorio.com
|
| + | https://hackerone.com/instacart | 10 | 12 | HackerOne |
In Scope Assets:- URL: api.instacart.com
- URL: www.instacart.com
- ANDROID: com.instacart.client
- IOS: 545599256
- URL: admin.instacart.com
- URL: shoppers.instacart.com
- OTHER: Android & iOS App for Instacart Shoppers
- WILDCARD: *.instacart.com
- WILDCARD: *.instacart.tools
- URL: template.uat.foodstorm.com
Out of Scope Assets:- URL: instacart.careers (OOS)
- URL: brand.instacart.com (OOS)
- URL: careers.instacart.com (OOS)
- URL: carrotstore.instacart.com (OOS)
- URL: corporate.instacart.com (OOS)
- URL: covidresponse.instacart.com (OOS)
- URL: design.instacart.com (OOS)
- WILDCARD: *.email.instacart.com (OOS)
- URL: life.instacart.com (OOS)
- URL: news.instacart.com (OOS)
- URL: tech.instacart.com (OOS)
- URL: enterprise-status.instacart.com (OOS)
|
| + | https://hackerone.com/judgeme | 6 | 0 | HackerOne |
In Scope Assets:- URL: judge.me
- URL: https://judge.me/reviews
- URL: shop.judge.me
- URL: woocommerce-adapter.judge.me
- URL: bigcommerce-adapter.judge.me
- URL: cache.judge.me
|
| + | https://hackerone.com/kayak | 12 | 6 | HackerOne |
In Scope Assets:- URL: www.swoodoo.com
- URL: www.checkfelix.com
- URL: www.kayak.com
- IOS: com.kayak.travel
- ANDROID: com.kayak.android
- WILDCARD: *.kayak.com
- URL: www.momondo.com
- URL: www.cheapflights.com
- URL: www.hotelscombined.com
- URL: www.mundi.com.br
- URL: kayak.ai
- URL: business.kayak.com
Out of Scope Assets:- URL: kayak.com/guides/* (OOS)
- URL: klassereise.checkfelix.com (OOS)
- URL: kayak.com/hotelowner/* (OOS)
- URL: kayak.com/moira/ehoe/* (OOS)
- URL: affiliates.kayak.com (OOS)
- WILDCARD: https://*.kayakairplanemode.com (OOS)
|
| + | https://hackerone.com/khealth | 24 | 4 | HackerOne |
In Scope Assets:- WILDCARD: https://*.khealth.com
- WILDCARD: https://*.khealth.io/
- URL: www.kpharmacyllc.com
- URL: start.khealth.com
- URL: app.khealth.com
- URL: kaccount.khealth.com
- URL: ask.khealth.com
- URL: http://auth.khealth.com/khealth/sign-up
- URL: http://auth.khealth.com/cedars/sign-up
- URL: http://auth.khealth.com/mayo-la-crosse/sign-up
- URL: salesforce.khealth.com
- URL: http://clinical-quality.khealth.com/api/v1
- URL: api.khealth.com
- IOS: 1180400838
- ANDROID: ai.kanghealth
- OTHER: Tier 1
- OTHER: Tier 2
- URL: accounts.khealth.com
- URL: eligibility.khealth.com
- URL: treatments.khealth.com
- IOS: https://apps.apple.com/us/app/hhc-24-7/id6741442288
- IOS: 6741442288
- ANDROID: org.hartfordhealthcare.hhc247
- URL: auth.hhc247.org
Out of Scope Assets:- URL: careers.khealth.com (OOS)
- URL: khealth-test.com (OOS)
- URL: https://khealth.com/careers (OOS)
- URL: hhc247.org (OOS)
|
| + | https://hackerone.com/kiwicom | 10 | 24 | HackerOne |
In Scope Assets:- URL: jobs.kiwi.com
- URL: www.kiwi.com
- WILDCARD: *.kiwi.com
- WILDCARD: *.skypicker.com
- ANDROID: com.skypicker.main
- IOS: com.skypicker.Skypicker
- URL: auth.skypicker.com
- URL: tequila.kiwi.com
- SOURCE_CODE: https://github.com/kiwicom/*
- URL: http://www.kiwi.com/stories
Out of Scope Assets:- WILDCARD: *cars.kiwi.com (OOS)
- URL: status.kiwi.com (OOS)
- WILDCARD: *code.kiwi.com (OOS)
- WILDCARD: *parking.kiwi.com (OOS)
- URL: rooms.kiwi.com (OOS)
- URL: vacation.kiwi.com (OOS)
- WILDCARD: *ov.kiwi.com (OOS)
- WILDCARD: *sg.kiwi.com (OOS)
- WILDCARD: *._domainkey.kiwi.com (OOS)
- URL: outbound.intercom.kiwi.com (OOS)
- WILDCARD: email*skypicker.com (OOS)
- WILDCARD: email*kiwi.com (OOS)
- WILDCARD: *_domainkey.skypicker.com (OOS)
- URL: mail.skypicker.com (OOS)
- URL: packages.kiwi.com (OOS)
- URL: nyrujhhu3yuk.nest.skypicker.com (OOS)
- WILDCARD: *citi-sign.kiwi.com (OOS)
- URL: retool.skypicker.com (OOS)
- WILDCARD: *.coupons.kiwi.com (OOS)
- WILDCARD: *experiences.kiwi.com (OOS)
- URL: kiwistore.kiwi.com (OOS)
- WILDCARD: *learn.kiwi.com (OOS)
- URL: link.kiwi.com (OOS)
- SOURCE_CODE: https://github.com/kiwicom/pytest-recording (OOS)
|
| + | https://hackerone.com/klarna | 12 | 8 | HackerOne |
In Scope Assets:- OTHER: Merchant Portal
- IOS: Klarna iOS App (com.klarna.app)
- ANDROID: Klarna Android App (com.myklarnamobile)
- URL: app.klarna.com
- URL: xs2a.banking.playground.klarna.com
- URL: pricerunner.com
- URL: portal.openbanking.playground.klarna.com
- URL: klarnacdn.net
- URL: api.klarna.com
- URL: js.klarna.com
- URL: klarna.com
- URL: klarna.net
Out of Scope Assets:- OTHER: Kustom (OOS)
- URL: nuji.com (OOS)
- URL: locker.klarna.com (OOS)
- URL: https://app.klarna.com/us/api/connected_card_bff/ (OOS)
- URL: https://api.pricerunner.com/swagger-ui.html (OOS)
- URL: https://api-us.pricerunner.com/swagger-ui.html (OOS)
- URL: https://api-stage.pricerunner.com/swagger-ui.html (OOS)
- URL: jobs.pricerunner.com (OOS)
|
| + | https://hackerone.com/koho | 9 | 2 | HackerOne |
In Scope Assets:- URL: web.koho.ca
- URL: www.koho.ca
- URL: http://api.koho.ca/1.0
- URL: http://api.koho.ca/partner
- URL: usercontent.koho.ca
- URL: app.koho.ca
- URL: webgateway.koho.ca
- IOS: 1091010942
- ANDROID: ca.koho
Out of Scope Assets:- WILDCARD: *.koho.ca/cdn-cgi (OOS)
- WILDCARD: *.line-of-credit.koho.ca (OOS)
|
| + | https://hackerone.com/kong | 13 | 10 | HackerOne |
In Scope Assets:- EXECUTABLE: Insomnia CLI (inso)
- URL: https://app.insomnia.rest/
- EXECUTABLE: Insomnia Desktop Client
- EXECUTABLE: Kong Mesh
- EXECUTABLE: Kong Gateway Plugins (Kong-Supported Only)
- WILDCARD: https://*.api.konghq.com
- URL: http://cloud.konghq.com
- OTHER: GitHub Actions in our Public Repositories
- URL: developer.konghq.com
- URL: konghq.com
- WILDCARD: https://us.identity.konghq.com/*
- OTHER: Subdomain Takeover - konghq.com
- EXECUTABLE: Kong Gateway Enterprise
Out of Scope Assets:- URL: https://konghq.com/ (OOS)
- URL: https://kuma.io/ (OOS)
- EXECUTABLE: Non-Kong Plugins (OOS)
- URL: https://insomnia.rest/ (OOS)
- WILDCARD: https://*.konghq.tech (OOS)
- URL: https://docs.konghq.com (OOS)
- OTHER: Non-Kong GitHub Repositories (OOS)
- WILDCARD: *.gateways.konghq.com (OOS)
- WILDCARD: *.*.edge.gateways.konghq.com (OOS)
- URL: https://httpbin.konghq.com/ (OOS)
|
| + | https://hackerone.com/krisp | 12 | 6 | HackerOne |
In Scope Assets:- URL: app.krisp.ai
- EXECUTABLE: https://download.krisp.ai/win
- EXECUTABLE: https://download.krisp.ai/mac
- URL: krisp.ai
- URL: account.krisp.ai
- URL: api.krisp.ai
- URL: teams.krisp.ai
- URL: download.krisp.ai
- URL: analytics.krisp.ai
- URL: upld.krisp.ai
- WILDCARD: *.krisp.ai
- OTHER: Other
Out of Scope Assets:- URL: url5145.krisp.ai (OOS)
- URL: voice-ai-newsletter.krisp.ai (OOS)
- URL: sdk-docs.krisp.ai (OOS)
- URL: whatsnew.krisp.ai (OOS)
- WILDCARD: *dev*.krisp.ai (OOS)
- URL: metabase.krisp.ai (OOS)
|
| + | https://hackerone.com/kubernetes | 58 | 2 | HackerOne |
In Scope Assets:- SOURCE_CODE: https://github.com/kubernetes/csi-api
- SOURCE_CODE: https://github.com/kubernetes/kubernetes
- SOURCE_CODE: https://github.com/kubernetes/dns
- SOURCE_CODE: https://github.com/kubernetes/kube-openapi
- SOURCE_CODE: https://github.com/kubernetes/git-sync
- SOURCE_CODE: https://github.com/kubernetes/gengo
- SOURCE_CODE: https://github.com/kubernetes/cluster-bootstrap
- SOURCE_CODE: https://github.com/kubernetes/kube-controller-manager
- SOURCE_CODE: https://github.com/kubernetes/kube-scheduler
- SOURCE_CODE: https://github.com/kubernetes/kubelet
- SOURCE_CODE: https://github.com/kubernetes/kube-proxy
- SOURCE_CODE: https://github.com/kubernetes/cli-runtime
- SOURCE_CODE: https://github.com/kubernetes/metrics
- SOURCE_CODE: https://github.com/kubernetes/apiextensions-apiserver
- SOURCE_CODE: https://github.com/kubernetes/kube-aggregator
- SOURCE_CODE: https://github.com/kubernetes/apiserver
- SOURCE_CODE: https://github.com/kubernetes/component-base
- SOURCE_CODE: https://github.com/kubernetes/client-go
- SOURCE_CODE: https://github.com/kubernetes/api
- SOURCE_CODE: https://github.com/kubernetes/apimachinery
- SOURCE_CODE: https://github.com/kubernetes/code-generator
- SOURCE_CODE: https://github.com/kubernetes/publishing-bot
- SOURCE_CODE: https://github.com/kubernetes/cluster-registry
- SOURCE_CODE: https://github.com/kubernetes/k8s.io
- SOURCE_CODE: https://github.com/kubernetes/klog
- SOURCE_CODE: https://github.com/kubernetes/utils
- SOURCE_CODE: https://github.com/kubernetes/website
- SOURCE_CODE: https://github.com/kubernetes/test-infra
- SOURCE_CODE: https://github.com/kubernetes/kops
- SOURCE_CODE: https://github.com/kubernetes/minikube
- SOURCE_CODE: https://github.com/kubernetes/kompose
- SOURCE_CODE: https://github.com/kubernetes/kube-state-metrics
- SOURCE_CODE: https://github.com/kubernetes/autoscaler
- SOURCE_CODE: https://github.com/kubernetes/kube-deploy
- SOURCE_CODE: https://github.com/kubernetes/release
- SOURCE_CODE: https://github.com/kubernetes/dashboard
- SOURCE_CODE: https://github.com/kubernetes/node-problem-detector
- SOURCE_CODE: https://github.com/kubernetes/repo-infra
- SOURCE_CODE: https://github.com/kubernetes/kubectl
- SOURCE_CODE: https://github.com/kubernetes/org
- SOURCE_CODE: https://github.com/kubernetes/sig-release
- SOURCE_CODE: https://github.com/kubernetes/kubeadm
- SOURCE_CODE: https://github.com/kubernetes/cri-api
- SOURCE_CODE: https://github.com/kubernetes/node-api
- SOURCE_CODE: https://github.com/kubernetes/csi-translation-lib
- SOURCE_CODE: https://github.com/kubernetes/cloud-provider
- SOURCE_CODE: https://github.com/kubernetes-security
- SOURCE_CODE: https://github.com/kubernetes-client
- OTHER: k8s.gcr.io
- OTHER: https://storage.googleapis.com/kubernetes-release/
- URL: prow.k8s.io
- URL: kubernetes.io
- URL: k8s.io
- SOURCE_CODE: github.com/kubernetes-csi
- URL: kubernetes-csi.github.io
- OTHER: Tier 1
- OTHER: Tier 2
- OTHER: Tier 3
Out of Scope Assets:- SOURCE_CODE: https://github.com/kubernetes/ingress-gce (OOS)
- SOURCE_CODE: https://github.com/kubernetes/ingress-nginx (OOS)
|
| + | https://hackerone.com/lark_technologies | 18 | 0 | HackerOne |
In Scope Assets:- URL: larksuite.com
- URL: lark-frontier.byteoversea.com
- URL: file.larksuite.com
- URL: open.larksuite.com
- URL: api.larksuite.com
- URL: app.larksuite.com
- URL: caldav.larksuite.com
- URL: status.larksuite.com
- URL: passport.larksuite.com
- URL: internal-api.larksuite.com
- URL: internal-api-lark-api.larksuite.com
- URL: internal-api-drive-stream.larksuite.com
- EXECUTABLE: Windows OS Executable: Download here https://www.larksuite.com/download
- EXECUTABLE: Mac OS Executable: Download here https://www.larksuite.com/download
- IOS: 1452166623
- ANDROID: com.larksuite.suite
- URL: hackers_chosendomain.larksuite.com
- URL: larksuite.us
|
| + | https://hackerone.com/launchdarkly | 6 | 5 | HackerOne |
In Scope Assets:- SOURCE_CODE: LaunchDarkly Open Source SDKs
- URL: docs.launchdarkly.com
- URL: app.launchdarkly.com
- URL: events.launchdarkly.com
- URL: stream.launchdarkly.com
- URL: https://launchdarkly.com/docs
Out of Scope Assets:- URL: blog.launchdarkly.com (OOS)
- URL: launchdarkly.com (OOS)
- URL: sandbox.launchdarkly.com (OOS)
- URL: slack.launchdarkly.com (OOS)
- URL: status.launchdarkly.com (OOS)
|
| + | https://hackerone.com/lightspark_bbp | 12 | 1 | HackerOne |
In Scope Assets:- URL: http://api.lightspark.com
- URL: http://app.lightspark.com
- SOURCE_CODE: lightsparkdev/lightspark-crypto-uniffi
- SOURCE_CODE: lightsparkdev/kotlin-sdk
- SOURCE_CODE: lightsparkdev/js-sdk
- SOURCE_CODE: lightsparkdev/flutter-sdk
- SOURCE_CODE: https://github.com/lightsparkdev/go-sdk
- SOURCE_CODE: https://github.com/lightsparkdev/lightspark-rs
- SOURCE_CODE: https://github.com/lightsparkdev/python-sdk
- URL: https://link.uma.me
- URL: app.uma.money
- SOURCE_CODE: https://github.com/buildonspark/spark
Out of Scope Assets:- URL: support.lighstpark.com (OOS)
|
| + | https://hackerone.com/linkedin | 5 | 0 | HackerOne |
In Scope Assets:- URL: business.linkedin.com
- URL: www.linkedin.com
- URL: api.linkedin.com
- IOS: 288429040
- ANDROID: com.linkedin.android
|
| + | https://hackerone.com/logitech | 37 | 6 | HackerOne |
In Scope Assets:- EXECUTABLE: Logi Options+ PC/MAC
- URL: www.logicool.co.jp
- URL: logitechg.com.cn
- URL: gaming.logicool.co.jp
- URL: circle.logi.com
- URL: id.logi.com
- URL: accounts.logi.com
- HARDWARE: Circle Cameras
- HARDWARE: Ultimate Ears Speakers
- HARDWARE: Presentation Remotes
- ANDROID: com.logitech.ueboom
- ANDROID: com.logitech.circle
- IOS: 632344648
- IOS: 1018340690
- URL: www.logitech.com
- URL: www.logitechg.com
- URL: www.ultimateears.com
- URL: www.astrogaming.com
- WILDCARD: *vc.logitech.com
- URL: www.logitech.com.cn
- WILDCARD: *.streamlabs.com
- EXECUTABLE: Streamlabs Desktop Application PC/MAC
- IOS: 1294578643
- IOS: 1476615877
- ANDROID: com.streamlabs.slobsrc
- ANDROID: com.streamlabs
- IOS: 1456293789
- ANDROID: com.logitech.logue
- EXECUTABLE: Logi Tune PC/MAC
- HARDWARE: Video Conferencing Products
- EXECUTABLE: Logitech Sync
- HARDWARE: USB Unifying and LightSpeed Receivers
- EXECUTABLE: G Hub
- URL: sync.logitech.com
- HARDWARE: Logitech Mice & Keyboards
- EXECUTABLE: Logitech MIXLINE
- URL: logiq.logitech.io
Out of Scope Assets:- WILDCARD: *.saitekforum.com (OOS)
- WILDCARD: *.saitek-fr.com (OOS)
- WILDCARD: *.saitek.com (OOS)
- HARDWARE: Squeezebox Products (OOS)
- HARDWARE: Logitech Alert Cameras (OOS)
- WILDCARD: *.wilife.com (OOS)
|
| + | https://hackerone.com/lyst | 7 | 1 | HackerOne |
In Scope Assets:- WILDCARD: *.lyst.com
- IOS: 597940518
- URL: cdna.lystit.com
- URL: mobileapi.lystit.com
- WILDCARD: *.lystit.com
- WILDCARD: *.lyst.co
- ANDROID: com.lyst.lystapp
Out of Scope Assets: |
| + | https://hackerone.com/magic-eden | 4 | 8 | HackerOne |
In Scope Assets:- URL: magiceden.io
- OTHER: *.magiceden.io
- OTHER: *.magiceden.dev
- OTHER: *.magiceden.workers.dev
Out of Scope Assets:- URL: blog.magiceden.io (OOS)
- URL: eng.magiceden.io (OOS)
- URL: eng.magiceden.dev (OOS)
- URL: http://ord-mirror.magiceden.dev (OOS)
- URL: mainframe.magiceden.io (OOS)
- URL: img-cdn.magiceden.dev (OOS)
- URL: cdn.magiceden.dev (OOS)
- URL: http://auth.magiceden.io (OOS)
|