Robinhood

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
api.robinhood.com URL critical
com.robinhood.android GOOGLE_PLAY_APP_ID critical
com.robinhood.release.Robinhood APPLE_STORE_APP_ID critical
nummus.robinhood.com URL critical
robinhood.com URL critical

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
Content Delivery Network (CDN) servers OTHER none
Social media accounts (Facebook, Twitter, etc.) OTHER none
blog.robinhood.com URL none
share.robinhood.com URL none
support.robinhood.com URL none