23andMe Bug Bounty icon 23andMe Bug Bounty HackerOne

Target Policy
https://hackerone.com/23andme_bbp?type=team
Structured Scope
  • Asset Identifier
    Asset Type
    Max Severity
  • healthaid.lemonaidhealth.com
    URL
    critical
  • sapi-live.lh.us-west-2.prd.23andme.us
    URL
    critical
  • clinic.lemonaidhealth.com
    URL
    critical
  • pd-api.polkadoc.com
    URL
    critical
  • www.lemonaidhealth.com

    LemonaidHealth.com: A telehealth platform providing accessible online medical consultations and prescription services

    URL
    critical
  • lemonaidhealth.com
    URL
    critical
  • api.23andme.com

    First API from original codebase, responsible for less services at the moment but still integrated into the product.

    URL
    critical
  • blog.23andme.com

    Official blog of 23andMe, sharing insightful articles, updates, and stories on genetics, health, and personal genomics.

    URL
    critical
  • mediacenter.23andme.com

    Media center for 23andMe, providing press releases, media assets, and comprehensive information for journalists and media professionals

    URL
    critical
  • education.23andme.com

    23andMe's dedicated education site, offering resources and insights to enhance genetic literacy through informative content and educational materials

    URL
    critical
  • medical.23andme.com

    Medical and therapeutics site containing information about 23andMe's medical research.

    URL
    critical
  • store.23andme.com

    Online store for 23andMe products, offering DNA testing kits, genetic insights, and personalized merchandise.

    URL
    critical
  • auth.23andme.com

    Responsible for all authenticated services throughout the product.

    URL
    critical
  • you.23andme.com

    you.23andme.com is our main consumer site which contains users DNA kit results, dna relatives, and more. Users can interact with relatives and perform profile related features such as downloading data.

    URL
    critical
  • therapeutics.23andme.com

    23andMe's site exclusively dedicated to therapeutics to share and market what we've done and what we have in the pipeline in regards to therapeutics.

    URL
    critical
  • research.23andme.com

    research.23andMe.com is the official research domain of 23andMe

    URL
    medium
Target Scope Domains
  • api.23andme.com
  • auth.23andme.com
  • blog.23andme.com
  • clinic.lemonaidhealth.com
  • education.23andme.com
  • healthaid.lemonaidhealth.com
  • lemonaidhealth.com
  • mediacenter.23andme.com
  • medical.23andme.com
  • pd-api.polkadoc.com
  • research.23andme.com
  • sapi-live.lh.us-west-2.prd.23andme.us
  • store.23andme.com
  • therapeutics.23andme.com
  • www.lemonaidhealth.com
  • you.23andme.com
Tech Stack
Last Finished Scan:
Scan Name
Fleet
Finished
State
auto-gausubs-2-kor
allkxss
4 months ago
Finished
auto-gausubs-2-kor
  • Fleet: allkxss
  • Duration: 11.17 Minutes
  • Finished: 4 months ago