RATELIMITED

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
*.pengu.will-never-love.me URL high high high critical
*.ratelimited.me URL high high high critical
*.theendlessweb.com URL high high high critical
Any other domain OTHER medium medium medium critical
pengu.will-never-love.me URL high high high critical
ratelimited.me URL high high high critical
theendlessweb.com URL high high high critical
api.ratelimited.me URL high high high critical
This is the RATELIMITED API, used for file uploading.
https://github.com/gtsatsis/RLAPI-v3-OOP SOURCE_CODE high none high critical
Custom Webpages for Private Domains OTHER medium none high critical
Vulnerabilities regarding the custom HTML implementation on private domains. This does not include XSS, as the user is meant to be able to add script tags into their own index page.

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
*.pengu.will-never-love.me URL high high high none
pengu.will-never-love.me URL high high high none
ratelimitedme.atlassian.net URL none
Please report any vulnerabilities to Atlassian's team.
*.endl.site URL none
These are customer sites and therefore do not pertain to the service
Publically-Editable GitHub Wikis OTHER none
These are left editable intentionally.
forums.ratelimited.me URL none
Please report any issues with regards to the forum to Invision Community/Invision Power.
support.theendlessweb.com URL none
Please report Vulnerabilities to Kayako
status.ratelimited.me URL high none none none
Contact Atlassian/Statuspage
media.ratelimited.me URL none
storage.ratelimited.me URL none
feedback.ratelimited.me URL none none
Managed by Canny.
support.ratelimited.me URL none
Managed by Zendesk