Amazon
Top 100 siteBounty Swag Partial Safe Harbor
Program Details
- Handle
- amazonvrp
- Managed
- Yes
Response Metrics
- Response Time
- 11 days
- Bounty Time
- 338 days
- Resolution Time
- 2072 days
Response Efficiency
98%
Scope (100 targets)
web: 29 mobile: 65 other: 6 In Scope
- *.amazon.ae web bounty-eligible
- *.amazon.ca web bounty-eligible
- *.amazon.cl web bounty-eligible
- *.amazon.cn web bounty-eligible
- *.amazon.co.jp web bounty-eligible
- *.amazon.co.uk web bounty-eligible
- *.amazon.co.za web bounty-eligible
- *.amazon.com web bounty-eligible
- *.amazon.com.au web bounty-eligible
- *.amazon.com.be web bounty-eligible
- *.amazon.com.br web bounty-eligible
- *.amazon.com.co web bounty-eligible
- *.amazon.com.mx web bounty-eligible
- *.amazon.com.ng web bounty-eligible
- *.amazon.com.tr web bounty-eligible
- *.amazon.de web bounty-eligible
- *.amazon.eg web bounty-eligible
- *.amazon.es web bounty-eligible
- *.amazon.fr web bounty-eligible
- *.amazon.in web bounty-eligible
- and 80 more targets
Out of Scope
"Contact Us" Functionality, *.*a2z*.*, *.aws.*, *.dev, AWS and AWS customer assets are strictly out of scope, Amazon Web Services (AWS), Anything considered a non-prod asset, Anything which redirects to AWS, amazongames.com, learning.logistics.amazon.com
security.txt
- Contact
- https://hackerone.com/amazonvrp/reports/new
- Policy
- https://hackerone.com/amazonvrp
- Hiring
- https://www.amazon.jobs/en/teams/infosec