My First Bounty and How Did I Get It?

Hello!! This is my first article, and I really hope you enjoy it! From June 2021, I began looking for issues on the websites.

So, one day after submiting many Report where some got accepted and Rejected, I was just showing/telling my sister about the BugBounty and clicked on the website from my google dork and by looking at the Hall of Fame I said “I can’t find the Bugs in these websites, which is already tested by HOF peoples” and while saying this one I was running a tool called findomain-linux on https://grofers.com.

Enumerate subdomains of a target with findomain

This tool is just awesome and helps you to find many and many subdomains. If you scope is *.domain.com you should use findomain.

Then I saw that no website is hosted in https://offers.grofer.io and thought that is vulnerable(saw same images on other posts saying that It might be vulnerable). Then I tested manually for the CNAME with the command host and dig. Then i got to know that the domain is not pointing to any website which was hosted in UNBOUNCE.

Then I registered there and hosted a website with my name and templete then I used the custom domain as https://offers.grofer.io.

Hosted and I was like,