From 8bb20d1b7ebefb67ea1586ff921518de9884b2fb Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 6 Jun 2024 10:35:19 +0000 Subject: [PATCH] 20240606 --- date.txt | 1 + src/APPLE_STORE_APP_ID.txt | 1 + src/GOOGLE_PLAY_APP_ID.txt | 2 + src/IP_ADDRESS.txt | 46 +++++++++ src/OTHER.txt | 31 ++++++ src/URL.txt | 138 +++++++++++++++++++++++++ src/WILDCARD.txt | 11 ++ src/dib-vdp/IP_ADDRESS.txt | 46 +++++++++ src/dib-vdp/OTHER.txt | 31 ++++++ src/dib-vdp/URL.txt | 134 ++++++++++++++++++++++++ src/dib-vdp/WILDCARD.txt | 2 + src/dib-vdp/note.txt | 1 + src/disney/URL.txt | 1 + src/interco_vdp/APPLE_STORE_APP_ID.txt | 1 + src/interco_vdp/GOOGLE_PLAY_APP_ID.txt | 2 + src/interco_vdp/WILDCARD.txt | 9 ++ src/john-deere/URL.txt | 1 + src/klarna/OTHER.txt | 1 + src/klarna/note.txt | 1 + src/lemlist/URL.txt | 2 + src/note.txt | 2 + 21 files changed, 464 insertions(+) create mode 100644 date.txt create mode 100644 src/dib-vdp/IP_ADDRESS.txt create mode 100644 src/dib-vdp/OTHER.txt create mode 100644 src/dib-vdp/URL.txt create mode 100644 src/dib-vdp/WILDCARD.txt create mode 100644 src/dib-vdp/note.txt create mode 100644 src/klarna/OTHER.txt create mode 100644 src/klarna/note.txt diff --git a/date.txt b/date.txt new file mode 100644 index 0000000..ab2ff39 --- /dev/null +++ b/date.txt @@ -0,0 +1 @@ +20240606 diff --git a/src/APPLE_STORE_APP_ID.txt b/src/APPLE_STORE_APP_ID.txt index 237acd9..d794c2e 100644 --- a/src/APPLE_STORE_APP_ID.txt +++ b/src/APPLE_STORE_APP_ID.txt @@ -487,3 +487,4 @@ Freshservice-Intune-iOS-App com.bitwarden.authenticator Netflix Mobile Application for iOS com.zellepay.zelle +https://apps.apple.com/br/app/portal-granito/id1450658363 diff --git a/src/GOOGLE_PLAY_APP_ID.txt b/src/GOOGLE_PLAY_APP_ID.txt index 7ea8481..8f94f45 100644 --- a/src/GOOGLE_PLAY_APP_ID.txt +++ b/src/GOOGLE_PLAY_APP_ID.txt @@ -485,3 +485,5 @@ com.bitwarden.authenticator com.grofers.customerapp Netflix Mobile Application for Android com.zellepay.zelle +https://play.google.com/store/apps/details?id=br.com.granitopagamentos.granitopdv +https://play.google.com/store/apps/details?id=pagocartoes.com.br.pago diff --git a/src/IP_ADDRESS.txt b/src/IP_ADDRESS.txt index e3d2101..b4e1687 100644 --- a/src/IP_ADDRESS.txt +++ b/src/IP_ADDRESS.txt @@ -30,3 +30,49 @@ 157.230.83.95 2604:a880:400:d1::aad:8001 216.131.54.65 +71.179.14.34 +47.206.114.75 +71.179.14.35 +71.179.14.38 +216.196.176.19 +216.196.176.20 +216.196.176.21 +216.196.176.22 +216.196.176.23 +216.196.176.24 +216.196.176.25 +216.196.176.26 +216.196.176.27 +216.196.176.28 +216.196.176.29 +216.196.176.30 +50.186.231.242 +50.186.231.243 +50.186.231.244 +74.142.203.225 +74.142.203.226 +74.142.203.227 +74.142.203.228 +74.142.203.229 +74.142.203.230 +74.142.203.231 +74.142.203.232 +74.142.203.233 +74.142.203.234 +74.142.203.235 +74.142.203.236 +74.142.203.237 +74.142.203.238 +38.142.101.155 + 38.142.101.156 +38.142.101.157 +38.77.128.47 +173.12.29.41 +173.61.66.2 +216.54.101.6 +24.214.204.54 +40.129.202.162 +63.40.45.80 +64.183.4.242 +92.225.175.134 +98.188.213.202 diff --git a/src/OTHER.txt b/src/OTHER.txt index 555f776..fe700b2 100644 --- a/src/OTHER.txt +++ b/src/OTHER.txt @@ -880,3 +880,34 @@ Content authorization vulnerabilities affecting only the in-browser player Low impact, individually exposed Google Docs with no common root cause (see “Publicly accessible Google Document or Drive Links” in the “Corporate Targets” section) Netflix Gaming Target Amazon Subsidiaries (Please only actively test explicitly stated scope) +gateway.elevi.net +tenant-svc-fw-02.orl01.cymycloud.com +38.77.128.123 +38.77.128.190 +38.77.128.196 +38.77.128.254 +38.77.128.255 +autodiscover.cybermyte.io +imap.cybermyte.io +mail.cybermyte.io +vpn-west.lgsinnovations.com +access.saphotonics.com +connect-dr.caci.com +connect.caci.com +dns1.caci.com +dns2.caci.com +dns4.caci.com +vpn-east.lgsinnovations.com +mail.caci.com +mailserver1a.caci.com +mailserver1b.caci.com +mailserver2a.caci.com +mailserver2b.caci.com +mailserver3a.caci.com +mailserver3b.caci.com +devvpn.centurum.com +ems.centurum.com +https://sslvpn.centurum.com +keeper.centurum.com +syslog.centurum.com +tip.centurum.com diff --git a/src/URL.txt b/src/URL.txt index 36ff056..c5de495 100644 --- a/src/URL.txt +++ b/src/URL.txt @@ -10572,3 +10572,141 @@ https://stgcef2r.somnoware.com/ https://myapp.somnoware.com/login ablink.info.remitly.com fareharborsites.com +https://www.nucleussec.com +http://www.nucleussec.com +47.206.114.79 +https://test.nucleussec.com +http://umdintl.sharepoint.us +http://hxfive.sharepoint.com +http://test.nucleussec.com +http://hxfiveservice.com +http://hxfive.com +electroimpact.com +www.ariacoustics.com +74.85.94.220 +74.85.94.215 +74.85.94.213 +74.85.94.212 +74.85.94.211 +76.191.116.189 +76.191.116.187 +76.191.116.185 +76.191.116.183 +gw-alex.esailcloud.com +gw-cpep.esailcloud.com +gw-sea.esailcloud.com +gw.esailcloud.com +public.esailcloud.com +http://vpn.elevi.net +http://www.elevi.net +sdpgw01.cymycloud.com +gw01.cymycloud.com +gw02.cymycloud.com +ns1.ext.cymycloud.com +ns2.ext.cymycloud.com +sdpcon01.cymycloud.com +tenant-mail01.orl01.cymycloud.com +tenant-svc-fw-01.orl01.cymycloud.com +tenantgw01.orl01.cymycloud.com +cm-gw01.cybermyte.io +http://cybermyte.io +admin-edge01.orl01.cymycloud.io +admin-sdpcon01.orl01.cymycloud.io +38.77.128.194 +learning.raicescyberacademy.org +www.raicescon.org +milrecruiter.com +mail01.orl01.cymysecure.com +38.77.128.195 +challenge.cymy.io +dev-edge01.cymy.io +dev-gw01.cymy.io +dev-sdp01.cymy.io +https://access-auth.caci.com +https://access-dr-auth.caci.com +https://acquisitions.caci.com +https://apps.caci.com +https://artifactory.csde.caci.com +https://bglogin.caci.com +https://blackduck-com.caci.com +https://cast.caci.com +https://castportal.caci.com +https://cfa1.caci.com +https://cic.caci.com +https://cis-epm.caci.com +https://cis-epohdlr-02a.caci.com +https://cis-tpm.caci.com +https://cmr.caci.com +https://codeguardian-veeam.caci.com +https://comprizon.caci.com +https://confluence.csde.caci.com +https://controlleddelivery.caci.com +https://corianservicedesk.caci.com +https://cp.caci.com +https://cptestnext.caci.com +https://csde.caci.com +https://csgsurveys.caci.com +https://delivery.caci.com +https://draco.caci.com +https://ext-ebsods.caci.com +https://ext-ebsodsoauth.caci.com +https://extpass.caci.com +https://gitlab.csde.caci.com +https://harbor.csde.caci.com +https://home.caci.com +https://hudocfo.caci.com +https://irmai.caci.com +https://jenkins.nm.caci.com +https://jira.cirras.caci.com +https://jira.csde.caci.com +https://keycloak.csde.caci.com +https://kurt-prod.caci.com +https://lcv.caci.com +https://lepus.caci.com +https://libra.caci.com +https://login.caci.com +https://mimir.caci.com +https://mockup.smds.caci.com +https://moveit.caci.com +https://mybd.caci.com +https://mydesktop.caci.com +https://mydesktopdr.caci.com +https://mysites.caci.com +https://passchange.caci.com +https://plantuml.csde.caci.com +https://pricingrequest.caci.com +https://quarantine.caci.com +https://registry.csde.caci.com +https://rts.caci.com +https://sccmextmp01a.caci.com +https://sonarqube.csde.caci.com +https://spa.caci.com +https://spssite.caci.com +https://subktemp.caci.com +https://support.caci.com +https://talxsso.caci.com +https://test.smds.caci.com +https://tokenchange.caci.com +https://vault.csde.caci.com +https://vpc.caci.com +https://wacweb.caci.com +https://webmail.caci.com +https://wikiplus.caci.com +https://www.askit.caci.com +https://www.corianconfluence.caci.com +https://www.csde.caci.com +https://ganymede.cacicorenet.com +https://login.cacicorenet.com +https://passchange.cacicorenet.com +https://tokenchange.cacicorenet.com +https://www.hqig4portal2.com +https://www.idtec.com +https://www.saphotonics.com +https://vdi.lgsinnovations.com +http://da1dc2.centurum.com +https://da1dc2.centurum.com +https://support.centurum.com +disneyauditions.com +ai-lab.ae-machine-learning-operations-prod-vpn.us.e18.c01.johndeerecloud.com +taplio.com +tweethunter.io diff --git a/src/WILDCARD.txt b/src/WILDCARD.txt index ca07d85..5665fde 100644 --- a/src/WILDCARD.txt +++ b/src/WILDCARD.txt @@ -3622,3 +3622,14 @@ api.zmsp.*.earlywarning.io *.cibilcreditreport.in *.transuniondecisioncentre.co.in *.transunionsolutions.co.in +*.hxfivelaunch.com +*.dese.com +*.bmggranito.com.br +*.filialbmggranito.com.br +*.granitopagamentos.com.br +*.granitopdv.com.br +*.granitosistemas.com.br +*.pagocartoes.com.br +*.pagoportal.com.br +*.portalgranito.com.br +*.granito.xyz diff --git a/src/dib-vdp/IP_ADDRESS.txt b/src/dib-vdp/IP_ADDRESS.txt new file mode 100644 index 0000000..b401f6b --- /dev/null +++ b/src/dib-vdp/IP_ADDRESS.txt @@ -0,0 +1,46 @@ +71.179.14.34 +47.206.114.75 +71.179.14.35 +71.179.14.38 +216.196.176.19 +216.196.176.20 +216.196.176.21 +216.196.176.22 +216.196.176.23 +216.196.176.24 +216.196.176.25 +216.196.176.26 +216.196.176.27 +216.196.176.28 +216.196.176.29 +216.196.176.30 +50.186.231.242 +50.186.231.243 +50.186.231.244 +74.142.203.225 +74.142.203.226 +74.142.203.227 +74.142.203.228 +74.142.203.229 +74.142.203.230 +74.142.203.231 +74.142.203.232 +74.142.203.233 +74.142.203.234 +74.142.203.235 +74.142.203.236 +74.142.203.237 +74.142.203.238 +38.142.101.155 + 38.142.101.156 +38.142.101.157 +38.77.128.47 +173.12.29.41 +173.61.66.2 +216.54.101.6 +24.214.204.54 +40.129.202.162 +63.40.45.80 +64.183.4.242 +92.225.175.134 +98.188.213.202 diff --git a/src/dib-vdp/OTHER.txt b/src/dib-vdp/OTHER.txt new file mode 100644 index 0000000..ec04b20 --- /dev/null +++ b/src/dib-vdp/OTHER.txt @@ -0,0 +1,31 @@ +gateway.elevi.net +tenant-svc-fw-02.orl01.cymycloud.com +38.77.128.123 +38.77.128.190 +38.77.128.196 +38.77.128.254 +38.77.128.255 +autodiscover.cybermyte.io +imap.cybermyte.io +mail.cybermyte.io +vpn-west.lgsinnovations.com +access.saphotonics.com +connect-dr.caci.com +connect.caci.com +dns1.caci.com +dns2.caci.com +dns4.caci.com +vpn-east.lgsinnovations.com +mail.caci.com +mailserver1a.caci.com +mailserver1b.caci.com +mailserver2a.caci.com +mailserver2b.caci.com +mailserver3a.caci.com +mailserver3b.caci.com +devvpn.centurum.com +ems.centurum.com +https://sslvpn.centurum.com +keeper.centurum.com +syslog.centurum.com +tip.centurum.com diff --git a/src/dib-vdp/URL.txt b/src/dib-vdp/URL.txt new file mode 100644 index 0000000..6cb1d34 --- /dev/null +++ b/src/dib-vdp/URL.txt @@ -0,0 +1,134 @@ +https://www.nucleussec.com +http://www.nucleussec.com +47.206.114.79 +https://test.nucleussec.com +http://umdintl.sharepoint.us +http://hxfive.sharepoint.com +http://test.nucleussec.com +http://hxfiveservice.com +http://hxfive.com +electroimpact.com +www.ariacoustics.com +74.85.94.220 +74.85.94.215 +74.85.94.213 +74.85.94.212 +74.85.94.211 +76.191.116.189 +76.191.116.187 +76.191.116.185 +76.191.116.183 +gw-alex.esailcloud.com +gw-cpep.esailcloud.com +gw-sea.esailcloud.com +gw.esailcloud.com +public.esailcloud.com +http://vpn.elevi.net +http://www.elevi.net +sdpgw01.cymycloud.com +gw01.cymycloud.com +gw02.cymycloud.com +ns1.ext.cymycloud.com +ns2.ext.cymycloud.com +sdpcon01.cymycloud.com +tenant-mail01.orl01.cymycloud.com +tenant-svc-fw-01.orl01.cymycloud.com +tenantgw01.orl01.cymycloud.com +cm-gw01.cybermyte.io +http://cybermyte.io +admin-edge01.orl01.cymycloud.io +admin-sdpcon01.orl01.cymycloud.io +38.77.128.194 +learning.raicescyberacademy.org +www.raicescon.org +milrecruiter.com +mail01.orl01.cymysecure.com +38.77.128.195 +challenge.cymy.io +dev-edge01.cymy.io +dev-gw01.cymy.io +dev-sdp01.cymy.io +https://access-auth.caci.com +https://access-dr-auth.caci.com +https://acquisitions.caci.com +https://apps.caci.com +https://artifactory.csde.caci.com +https://bglogin.caci.com +https://blackduck-com.caci.com +https://cast.caci.com +https://castportal.caci.com +https://cfa1.caci.com +https://cic.caci.com +https://cis-epm.caci.com +https://cis-epohdlr-02a.caci.com +https://cis-tpm.caci.com +https://cmr.caci.com +https://codeguardian-veeam.caci.com +https://comprizon.caci.com +https://confluence.csde.caci.com +https://controlleddelivery.caci.com +https://corianservicedesk.caci.com +https://cp.caci.com +https://cptestnext.caci.com +https://csde.caci.com +https://csgsurveys.caci.com +https://delivery.caci.com +https://draco.caci.com +https://ext-ebsods.caci.com +https://ext-ebsodsoauth.caci.com +https://extpass.caci.com +https://gitlab.csde.caci.com +https://harbor.csde.caci.com +https://home.caci.com +https://hudocfo.caci.com +https://irmai.caci.com +https://jenkins.nm.caci.com +https://jira.cirras.caci.com +https://jira.csde.caci.com +https://keycloak.csde.caci.com +https://kurt-prod.caci.com +https://lcv.caci.com +https://lepus.caci.com +https://libra.caci.com +https://login.caci.com +https://mimir.caci.com +https://mockup.smds.caci.com +https://moveit.caci.com +https://mybd.caci.com +https://mydesktop.caci.com +https://mydesktopdr.caci.com +https://mysites.caci.com +https://passchange.caci.com +https://plantuml.csde.caci.com +https://pricingrequest.caci.com +https://quarantine.caci.com +https://registry.csde.caci.com +https://rts.caci.com +https://sccmextmp01a.caci.com +https://sonarqube.csde.caci.com +https://spa.caci.com +https://spssite.caci.com +https://subktemp.caci.com +https://support.caci.com +https://talxsso.caci.com +https://test.smds.caci.com +https://tokenchange.caci.com +https://vault.csde.caci.com +https://vpc.caci.com +https://wacweb.caci.com +https://webmail.caci.com +https://wikiplus.caci.com +https://www.askit.caci.com +https://www.corianconfluence.caci.com +https://www.csde.caci.com +https://ganymede.cacicorenet.com +https://login.cacicorenet.com +https://passchange.cacicorenet.com +https://tokenchange.cacicorenet.com +https://www.hqig4portal2.com +https://www.idtec.com +https://www.saphotonics.com +https://vdi.lgsinnovations.com +http://da1dc2.centurum.com +https://da1dc2.centurum.com +https://support.centurum.com diff --git a/src/dib-vdp/WILDCARD.txt b/src/dib-vdp/WILDCARD.txt new file mode 100644 index 0000000..2c3ff2b --- /dev/null +++ b/src/dib-vdp/WILDCARD.txt @@ -0,0 +1,2 @@ +*.hxfivelaunch.com +*.dese.com diff --git a/src/dib-vdp/note.txt b/src/dib-vdp/note.txt new file mode 100644 index 0000000..2968e41 --- /dev/null +++ b/src/dib-vdp/note.txt @@ -0,0 +1 @@ +51966 https://hackerone.com/dib-vdp DIB-VDP dib-vdp diff --git a/src/disney/URL.txt b/src/disney/URL.txt index 66a7537..3788322 100644 --- a/src/disney/URL.txt +++ b/src/disney/URL.txt @@ -4,3 +4,4 @@ abcspotdepot.com www.magicalphotos.cn www.shanghaidisneyresort.com www.shanghaidisneyresort.com.cn +disneyauditions.com diff --git a/src/interco_vdp/APPLE_STORE_APP_ID.txt b/src/interco_vdp/APPLE_STORE_APP_ID.txt index 4bf801f..d1b7276 100644 --- a/src/interco_vdp/APPLE_STORE_APP_ID.txt +++ b/src/interco_vdp/APPLE_STORE_APP_ID.txt @@ -1,2 +1,3 @@ br.com.Inter.CDPro br.com.intermedium +https://apps.apple.com/br/app/portal-granito/id1450658363 diff --git a/src/interco_vdp/GOOGLE_PLAY_APP_ID.txt b/src/interco_vdp/GOOGLE_PLAY_APP_ID.txt index 4bf801f..fe4d2c9 100644 --- a/src/interco_vdp/GOOGLE_PLAY_APP_ID.txt +++ b/src/interco_vdp/GOOGLE_PLAY_APP_ID.txt @@ -1,2 +1,4 @@ br.com.Inter.CDPro br.com.intermedium +https://play.google.com/store/apps/details?id=br.com.granitopagamentos.granitopdv +https://play.google.com/store/apps/details?id=pagocartoes.com.br.pago diff --git a/src/interco_vdp/WILDCARD.txt b/src/interco_vdp/WILDCARD.txt index 7526b88..2c0bd2b 100644 --- a/src/interco_vdp/WILDCARD.txt +++ b/src/interco_vdp/WILDCARD.txt @@ -8,3 +8,12 @@ *.pontualmoneytransfer.com *.pontualmt.com *.pontualconnect.com +*.bmggranito.com.br +*.filialbmggranito.com.br +*.granitopagamentos.com.br +*.granitopdv.com.br +*.granitosistemas.com.br +*.pagocartoes.com.br +*.pagoportal.com.br +*.portalgranito.com.br +*.granito.xyz diff --git a/src/john-deere/URL.txt b/src/john-deere/URL.txt index b7456c5..71fb115 100644 --- a/src/john-deere/URL.txt +++ b/src/john-deere/URL.txt @@ -476,3 +476,4 @@ sonar13.marketing-devl.us.e06.c01.johndeerecloud.com vdp.deere.com agile.deere.com vplanjvm.deere.com +ai-lab.ae-machine-learning-operations-prod-vpn.us.e18.c01.johndeerecloud.com diff --git a/src/klarna/OTHER.txt b/src/klarna/OTHER.txt new file mode 100644 index 0000000..e260fe2 --- /dev/null +++ b/src/klarna/OTHER.txt @@ -0,0 +1 @@ +Merchant Portal diff --git a/src/klarna/note.txt b/src/klarna/note.txt new file mode 100644 index 0000000..dfaf818 --- /dev/null +++ b/src/klarna/note.txt @@ -0,0 +1 @@ +81945 https://hackerone.com/klarna Klarna klarna diff --git a/src/lemlist/URL.txt b/src/lemlist/URL.txt index 9ed2c14..f11eee3 100644 --- a/src/lemlist/URL.txt +++ b/src/lemlist/URL.txt @@ -1,3 +1,5 @@ app.lemlist.com app.lemcal.com app.lemwarm.com +taplio.com +tweethunter.io diff --git a/src/note.txt b/src/note.txt index 2419ea9..d09467c 100644 --- a/src/note.txt +++ b/src/note.txt @@ -702,3 +702,5 @@ 79046 https://hackerone.com/nimiq Nimiq nimiq 43330 https://hackerone.com/lab45 Lab45 lab45 83563 https://hackerone.com/circle-bbp Circle BBP circle-bbp +51966 https://hackerone.com/dib-vdp DIB-VDP dib-vdp +81945 https://hackerone.com/klarna Klarna klarna