ForeScout Technologies

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
datapod-1-ingest.forescoutcloud.net URL high high high critical
datapod-1-query.forescoutcloud.net URL high high high critical
mgmtpod-1.forescoutcloud.net URL high high high critical
datapod-1-ingest.Acceptance.Forescout.com URL high high high critical
datapod-1-ingest.Development.Forescout.com URL high high high critical
datapod-1-ingest.Production.Forescout.com URL high high high critical
datapod-1-ingest.Testing.Forescout.com URL high high high critical
datapod-1-query.Acceptance.Forescout.com URL high high high critical
datapod-1-query.Development.Forescout.com URL high high high critical
datapod-1-query.Production.Forescout.com URL high high high critical
datapod-1-query.Testing.Forescout.com URL high high high critical
datapod-2-ingest.Acceptance.Forescout.com URL high high high critical
datapod-2-query.Acceptance.Forescout.com URL high high high critical
mgmtpod-1-dashboard.Development.Forescout.com URL high high high critical
mgmtpod-1-dashboard.Production.Forescout.com URL high high high critical
mgmtpod-1.Development.Forescout.com URL high high high critical
mgmtpod-1.Production.Forescout.com URL high high high critical
www.forescout.com URL high medium high critical
This is the primary www.forescout.com website.
135.84.145.9/32 CIDR high high high critical
192.151.146.64/26 CIDR high high high critical
38.140.238.58/32 CIDR high high high critical
74.201.95.0/27 CIDR high high high critical
12.156.228.240/29 CIDR medium high high critical
135.84.145.0/27 CIDR high high high critical
194.90.151.192/28 CIDR high high high critical
Please do not bombard these sites while testing. Be gentle.
194.90.25.80/29 CIDR high high high critical
Please be careful when testing these sites to not bombard them. Be gentle.
194.90.89.165/32 CIDR high high high critical
212.143.112.81/29 CIDR high high high critical
Please be gentle when testing these sites. Do not bombard them.
38.140.238.56/28 CIDR high high high critical
64.47.18.80/29 CIDR high high high critical
97.105.243.96/28 CIDR high high high critical
datapod-1-ingest.Acceptance.ForescoutCloud.net URL high high high critical
datapod-1-ingest.Development.ForescoutCloud.net URL high high high critical
datapod-1-ingest.Production.ForescoutCloud.net URL high high high critical
datapod-1-ingest.Testing.ForescoutCloud.net URL high high high critical
datapod-1-query.Acceptance.ForescoutCloud.net URL high high high critical
datapod-1-query.Development.ForescoutCloud.net URL high high high critical
datapod-1-query.Production.ForescoutCloud.net URL high high high critical
datapod-1-query.Testing.ForescoutCloud.net URL high high high critical
datapod-2-ingest.Acceptance.ForescoutCloud.net URL high high high critical
datapod-2-query.Acceptance.ForescoutCloud.net URL high high high critical
mgmtpod-1-dashboard.Development.ForescoutCloud.net URL high high high critical
mgmtpod-1-dashboard.Production.ForescoutCloud.net URL high high high critical
mgmtpod-1.Development.ForescoutCloud.net URL high high high critical
mgmtpod-1.Production.ForescoutCloud.net URL high high high critical
38.140.238.56/29 CIDR high high high critical
logstash-props.devicecloud.acceptance.forescoutcloud.net URL high high high critical
Please begin testing against this host as soon as possible. We are working through a release cycle and this testing is part of that cycle.
CounterAct 8.1 HARDWARE high high high critical
This is a new device type being introduced to the bug bounty program. Those with access to a counteract device / image are welcome to submit their findings!
datapod-1-100-druid-ingest.Testing.ForescoutCloud.net URL high high high critical
* Expanded Datapod Host Range to 100 nodes ** Naming convention is datapod-[1-100]-druid-ingest.development.forescoutcloud.net ** Example: datapod-1-druid-ingest.development.forescoutcloud.net ** Example: datapod-10-druid-ingest.development.forescoutcloud.net and so on.
datapod-1-100-druid-ingest.development.forescoutcloud.net URL high high high critical
*New Host Added on 3/12/2010 ** Naming convention is datapod-[1-100]-druid-ingest.development.forescoutcloud.net ** Example: datapod-1-druid-ingest.development.forescoutcloud.net ** Example: datapod-10-druid-ingest.development.forescoutcloud.net and so on.
datapod-1-100-druid-query.development.forescoutcloud.net URL high high high critical
** Naming convention is datapod-[1-100]-druid-query.development.forescoutcloud.net ** Example: datapod-1-druid-query.development.forescoutcloud.net ** Example: datapod-10-druid-query.development.forescoutcloud.net and so on.
datapod-1-100-ingest.Testing.ForescoutCloud.net URL high high high critical
* Expanded Datapod Host Range to 100 nodes ** Naming convention is datapod-[1-100]-ingest.testing.forescoutcloud.net ** Example: datapod-1-ingest.testing.forescoutcloud.net ** Example: datapod-10-ingest.testing.forescoutcloud.net and so on.
datapod-1-100-ingest.development.forescoutcloud.net URL high high high critical
* Expanded Datapod Host Range to 100 nodes ** Naming convention is datapod-[1-100]-ingest.development.forescoutcloud.net ** Example: datapod-1-ingest.development.forescoutcloud.net ** Example: datapod-10-ingest.development.forescoutcloud.net and so on.
datapod-1-100-query.Development.ForescoutCloud.net URL high high high critical
* Expanded Datapod Host Range to 100 nodes ** Naming convention is datapod-[1-100]-query.development.forescoutcloud.net ** Example: datapod-1-query.development.forescoutcloud.net ** Example: datapod-10-query.development.forescoutcloud.net and so on.
datapod-1-100-query.Testing.ForescoutCloud.net URL high high high critical
* Expanded Datapod Host Range to 100 nodes ** Naming convention is datapod-[1-100]-query.testing.forescoutcloud.net ** Example: datapod-1-ingest.query.forescoutcloud.net ** Example: datapod-10-ingest.query.forescoutcloud.net and so on.
mgmtpod-1-100-dashboard.Development.ForescoutCloud.net URL high high high critical
* Expanded Mgmtpod Host Range to 100 nodes ** Naming convention is mgmtpod-[1-100]-dashboard.development.forescoutcloud.net ** Example: mgmtpod-1-dashboard.development.forescoutcloud.net ** Example: mgmtpod-10-dashboard.development.forescoutcloud.net and so on.
mgmtpod-1-100.Development.ForescoutCloud.net URL high high high critical
* Expanded Mgmtpod Host Range to 100 nodes ** Naming convention is mgmtpod-[1-100].development.forescoutcloud.net ** Example: mgmtpod-1.development.forescoutcloud.net ** Example: mgmtpod-10.development.forescoutcloud.net and so on.
a360f0bcc63ca11ea92550aeac091f3d-1101372245.us-east-1.elb.amazonaws.com URL high high high critical
Please prioritize your testing for this device. Thank You.
datapod-1-100-druid-ingest.production.forescoutcloud.net URL high high high critical
datapod-1-100-druid-ingest.production.forescoutcloud.net is the range ex. datapod-1-druid-ingest.production.forescoutcloud.net datapod-2-druid-ingest.production.forescoutcloud.net datapod-10-druid-ingest.production.forescoutcloud.net and so on....
datapod-1-100-druid-query.production.forescoutcloud.net URL high high high critical
datapod-1-100-druid-query.production.forescoutcloud.net is the range ex. datapod-1-druid-query.production.forescoutcloud.net datapod-2-druid-query.production.forescoutcloud.net datapod-10-druid-query.production.forescoutcloud.net and so on....

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
107.154.80.169 URL high high high none
135.84.145.0/27 OTHER high high high none
San Jose Office IP Range
144.178.70.80/29 OTHER high high high none
Eindhoven Office IP Range
194.90.151.193 URL high high high none
194.90.151.197 URL high high high none
194.90.25.81 URL high high high none
194.90.25.82 URL high high high none
194.90.25.83 URL high high high none
194.90.25.84 URL high high high none
194.90.25.86 URL high high high none
194.90.89.165 URL high high high none
199.203.102.106 URL high high high none
207.232.12.9 URL high high high none
212.143.112.83 URL high high high none
212.143.112.84 URL high high high none
212.143.112.85 URL high high high none
212.143.112.86 URL high high high none
212.179.243.144 URL high high high none
3.208.210.205 URL high high high none
3.212.205.107 URL high high high none
3.215.110.36 URL high high high none
3.215.76.104 URL none
3.217.118.139 URL none
3.217.5.237 URL none
3.218.206.196 URL high high high none
3.218.235.180 URL high high high none
3.219.10.206 URL none
3.86.127.226 URL high high high none
3.92.115.87 URL high high high none
34.194.26.17 URL high high high none
34.235.209.211 URL high high high none
38.140.238.56/29 OTHER high high high none
Plano Colo Lab IP Range
52.201.2.226 URL high high high none
54.173.159.83 URL high high high none
54.85.213.6 URL high high high none
64.47.18.80/29 OTHER high high high none
Plano Office Lab IP Range
74.201.95.0/27 OTHER high high high none
Santa Clara Colo Office IP Range
97.105.243.96/28 OTHER high high high none
Plano Office IP Range
api-stage-inc.forescout.com URL high high high none
api.fem-stage-inc.forescout.com URL high high high none
api.fem.forescout.com URL high high high none
bzq-219-243-144.static.bezeqint.net URL high high high none
dapi-ingest-db06.forescoutcloud.net URL high high high none
These assets are load balancers currently not protected by a WAF.
dapi-query-db06.forescoutcloud.net URL high high high none
These assets are load balancers currently not protected by a WAF.
fr-forescout.ser.netvision.net.il URL high high high none
fs-ds-beta-ingestion-dapi.beta.forescoutcloud.com URL high high high none
This host is part of an updated beta environment. Communication should be via HTTPS however all ports are open game. Host is configured to not respond to ICMP so even though the ping doesn't respond, there is something there. Else why list it?
fs-ds-beta-query-dapi.beta.forescoutcloud.com URL none
This host is part of an updated beta environment. Communication should be via HTTPS however all ports are open game. Host is configured to not respond to ICMP so even though the ping doesn't respond, there is something there. Else why list it?
fs0.forescout.com URL high high high none
fsios.forescout.com URL high high high none
mgmtpod1-auth-sd.beta.forescoutcloud.com URL high high high none
This host is part of an updated beta environment. Communication should be via HTTPS however all ports are open game. Host is configured to not respond to ICMP so even though the ping doesn't respond, there is something there. Else why list it?
mgmtpod1-dashboard.beta.forescoutcloud.com URL high high high none
This host is part of an updated beta environment. Communication should be via HTTPS however all ports are open game. Host is configured to not respond to ICMP so even though the ping doesn't respond, there is something there. Else why list it?
mgmtpod1-mapi.beta.forescoutcloud.com URL high high high none
This host is part of an updated beta environment. Communication should be via HTTPS however all ports are open game. Host is configured to not respond to ICMP so even though the ping doesn't respond, there is something there. Else why list it?
mgmtpod1-mgmt-auth.beta.forescoutcloud.com URL high high high none
This host is part of an updated beta environment. Communication should be via HTTPS however all ports are open game. Host is configured to not respond to ICMP so even though the ping doesn't respond, there is something there. Else why list it?
odap-199-203-102-106.bb.netvision.net.il URL high high high none
sra-emea1.forescout.com URL high high high none
svc23.forescout.com URL high high high none
www.forescout.de URL high high high none
Please note that issues present across other language domains will count as one singular issue.
www.forescout.fr URL high high high none
Please note that issues present across other language domains will count as one singular issue.
www.forescout.jp URL high high high none
Please note that issues present across other language domains will count as one singular issue.
www.forescout.kr URL high high high none
Please note that issues present across other language domains will count as one singular issue.
www.forescouttechnologies.mx URL high high high none
Please note that issues present across other language domains will count as one singular issue.
zh.forescout.com URL high high high none
Please note that issues present across other language domains will count as one singular issue.