Banner object (1)

Hack and Take the Cash !

751 bounties in database
jsDelivr logo


jsDelivr is used by thousands of websites around the world and they all rely on malware-free and reliable file delivery.
We take the security of our CDN very seriously and want to ensure our service is bulletproof.


Except from static file delivery we also have a dynamic /g/ functionality which can combine on the fly multiple files and output them to the user. Documentation __

Tests on /g/ itself can be done on the server __.
(Note: the root domain redirects to __which is out of scope. You need to provide a path to test it)
It is not used in production but it is clone of the actual server and can be used for penetration tests.

HTTPS or other vulnerabilities can be tested on as long as they don't pose a real threat to live users.

We expect vulnerability reports for any server or service owned or used by jsDelivr, including DNS, CDN providers, load balancing algorithm, VPS, installed software and anything else that can be used in a harmful way.

Our website __is out of scope for these tests as it does not contain any user information and it is completely isolated from the CDN infrastructure.

Hall of Fame

List your Bug Bounty for free immediately!

Contact us if you want more information.

FireBounty (c) 2015-2019