Skip to content

Instantly share code, notes, and snippets.

@ACK-J
Last active November 10, 2023 09:16
Show Gist options
  • Save ACK-J/65dfe84fcf5a06c46364e5f2bd29c118 to your computer and use it in GitHub Desktop.
Save ACK-J/65dfe84fcf5a06c46364e5f2bd29c118 to your computer and use it in GitHub Desktop.
All endpoints currently known which are used to run ThreatMetrix's invasive data collection scripts
*.caesarscasino.com
*.credit24.com
*.credit24.com.au
*.creditea.com
*.fashionette.de
*.hapipozyczki.pl
*.ideafinancial.com
*.mohegansuncasino.com
*.online-metrix.net
*.qa.threatmetrix.com
*.rewardspay.com
*.royalairmaroc.com
*.ssisurveys.com
*.teknosa.com
*.threatmetrix.com
*.tmxcyber.com
1of1.skipcash.app
3ds.targobank.de
Api1.sfcu.org
CFA.febtest.com
Cfa.advisorchannel.com
Cfa.mystreetscape.com
Cfa.streetscape.com
Cfaxq.advisorchannel.com
Cfaxq.mystreetscape.com
Cfaxq.streetscape.com
Faas.2dehands.be
Faas.2ememain.be
Faas.marktplaats.nl
Img2.arrow.com
RVW.connection.com
RVW.govconnection.com
RVW.macconnection.com
acsrt.cardnet-tds.com
acsweb-3dr1.dnp-cdms.jp
allmaechd.loberon.de
analytics.vacations.united.com
apicorporativops.portoseguro.com.br
app392.gerberlife.com
appschk.scotiabank.com
assets.werally.co
assets2.thefirstclub.com
auth.vedacheck.com.au
backend.pin-up.dev
barnacle.tommybahama.com
bi.threatmetrix.com
bi.threatmetrix.eu
bilder10.kalaydo.de
bilder10.markt.de
cache.callsign.com
caesarscasino.com
cas.threatmetrix.com
cas.threatmetrix.eu
cas.threatmetrix.us
caveo.boost-my.com
cbtm.klarmobil.de
cbtm.mobilcom-debitel.de
ccf.prod.fedex.com
cda.boacompra.com
cda.pagseguro.uol.com.br
cda.thecardservicescenter.com
cdn-1.dealstream.com
cdn-s.chumbacasino.com
cdn-s.dev.chumbacasino.com
cdn-s.dev.globalpoker.com
cdn-s.globalpoker.com
cdn.alliantcreditunion.com
cdn.bambusystems.com
cdn.gusto.com
cdn.joom.com
cdn.onlinepaysecure.com
cdn1.f-cdn.com
cdn1.onecalldirect.co.uk
cdn1.skrill.com
cdn1.thm.bankofmelbourne.com.au
cdn1.thm.banksa.com.au
cdn1.thm.stgeorge.com.au
cdn1.thm.westpac.com.au
cdn17.citizensbank.com
cdn2.intercambioexpress.com
cdn2.lfg.com
cdn2.moneycorp.com
cdnA.JPay.com
cdna.cofidis.be
cdna.kpers.org
cdna.lottohelden.de
cdna.paymentncb.cofidis.be
cdnb.cashcentral.com
cdncy.jmbullion.com
cdncy.providentmetals.com
cdncy.silver.com
cdnm.sts.pl
cdns.moneyplace.com.au
cdntm.billpay.de
cdntm.firstdirect.com
cdntm.hsbc.co.uk
cdntm.hsbc.com.au
cdntm.hsbc.com.hk
cfa.fidelity.com
cfaxdev2.fidelity.com
cfaxq1.fidelity.com
cfaxq2.fidelity.com
check.starbukks.com
check2.tsb.co.uk
check3.tiaa-cref.org
clear.wallapop.com
clovergo.june-testing.firstdata.com
cmprofile.cards.citidirect.com
cnd1.splayt.com
cnt.patpat.com
content.aceticket.com
content.addisonlee.com
content.ageas.co.uk
content.allstate.com
content.alterna.ca
content.alternabank.ca
content.americanfirstfinance.com
content.asurion53.com
content.au.ofx.com
content.bankerslife.com
content.berluti.com
content.biggerbooks.com
content.billscenter.paytrust.com
content.bnl.it
content.bookmob.ca
content.ca.ofx.com
content.canadianforex.ca
content.canyon.com
content.certifid.com
content.citizensbankonline.com
content.clearfx.com
content.clubpremier.com
content.covantagecu.org
content.dwd.wisconsin.gov
content.ecampus.com
content.evisa.mofa.go.jp
content.firstinterstatebank.com
content.frs.fl.gov
content.heidipay.com
content.hellobank.it
content.hellomobile.com
content.hk.ofx.com
content.id.elsevier.com
content.ifpsoyyo.co
content.interaconline.com
content.knetbooks.com
content.kylottery.com
content.linode.com
content.listsource.com
content.lotto.pl
content.massmutual.com
content.members.fujiq.jp
content.mercadolibre.com
content.mercadolibre.com.mx
content.mercadopago.com
content.moni.com.ar
content.mycoseva.com
content.mywisely.com
content.name.com
content.netcredit.pl
content.nubank.com.br
content.numobile.com.au
content.nz.ofx.com
content.nzforex.co.nz
content.ozforex.com.au
content.pachirapay.com
content.paynearme.com
content.paytrust.com
content.personifyfinancial.com
content.pmbank.com
content.pnbank.com.au
content.qlinkwireless.co
content.qlinkwireless.com
content.realquest.com
content.rias.co.uk
content.secure.veda.com.au
content.sfbli.com
content.sg.ofx.com
content.sheerid.com
content.smallbusiness.paytrust.com
content.southcrestbank.com
content.ssctech.com
content.statefarm.com
content.tab.com.au
content.tab.ubet.com
content.uk.ofx.com
content.ukforex.co.uk
content.us.ofx.com
content.usforex.com
content.usps.com
content.varetire.org
content.walmart.tuconline.com
content.washingtonnational.com
content1.esdiacapi.com
content2.instacart.com
content22.accountonline.com
content22.bancanet.banamex.com
content22.bmoharris.com
content22.citibank.co.in
content22.citibank.com
content22.citibank.com.bh
content22.citibank.com.tw
content22.citibank.com.vn
content22.citibank.pl
content4c.iberia.com
content9.lendingtree.com
contentinfo.tcdrs.org
contentservice.de.glassdoor.ch
contentservice.fr.glassdoor.be
contentservice.fr.glassdoor.ch
contentservice.glassdoor.at
contentservice.glassdoor.be
contentservice.glassdoor.ca
contentservice.glassdoor.ch
contentservice.glassdoor.co.in
contentservice.glassdoor.co.uk
contentservice.glassdoor.com
contentservice.glassdoor.com.au
contentservice.glassdoor.de
contentservice.glassdoor.fr
contentservice.glassdoor.ie
contentservice.glassdoor.nl
contentservice.nl.glassdoor.be
contentservices.greentrustcash.com
contentservices.zurvita.com
creditapp.rogersbank.com
creditcheck.digitecgalaxus.ch
creditea.com
cs.blundstone.com
csource.rentals.com
css.bitcasino.io
css.slots.io
csservice.aircanada.com
cstm.gumtree.com
customer.homedepot.com
cybersource.shoplineapp.com
cybs.dhgate.com
cybs.dhpay.com
d.mlcdn.com.br
ddata.huntingtonbank.com
ddc-test.worldpay.com
ddc.worldpay.com
debs.giantbank.com
debs.my100bank.com
deviceauth.dmv.ca.gov
devicecontent.icuracao.com
df.allsaints.com
df.greenmangaming.com
df.thumbtack.com
dfp.garmin.com
dfp.s-budget-mobile.at
dfp.t-mobile.at
dfp.telering.at
did.fashionworld.co.uk
did.simplybe.co.uk
dii.bankaust.com.au
directinfo.ib.mizuhobank.co.jp
donor.cafamerica.org
dpcontent.locationsmart.net
drfdisvc.walmart.com
ebay-us.com
fashionette.de
fdbplnd.zootweb.com
fdts.ebay-kleinanzeigen.de
fp.aion.be
fp.cdn-scripts.com
fp.dior.com
fp.disney.go.com
fp.joyobank.chance.co.jp
fp.ups.com
fpcn.bpsgameserver.com
fpp.emiratesnbd.com
fpt.norton.com
fraudcheck.interwetten.com
ganalytics.anu.edu.au
gesa.mfoundry.com
go.citizensaccess.com
goecf.hm.com
h-test.secure.epaiement-up2pay.fr
h.chase.co.uk
h.secure.epaiement-up2pay.fr
h.threatmetrix.com
h.wirecard.com
hint-tmdp.opendoor.com
hooru.regence.com
ideafinancial.com
idhtm.bb.com.br
im2.personalloans.pnc.com
im2.prod.amount.com
im2.regions.prod.amount.com
imagesmx.cdscdn.com
imagestm.bossrevolution.com
img.dailylook.com
img.e-pago.com.mx
img.fortunejack.com
img.givex.com
img.kittykuddly.com
img.neora.com
img.nuskin.com
img.oney.fr
img.remit.co.jp
img.zootweb.com
img02.pensionfund.org
img03.tandem.co.uk
img2.massageenvy.com
img2.moneylion.com
img2.otto.nl
img2.prosper.com
img2.seivy.com
img2.tmrs.com
img20.subway.com
img2021.navyfederal.org
img24.rei.com
img4.cargurus.com
img4.instarem.com
img4.nbpa.com
img4.portal.citidirect.com
img4.portaluat.citidirect.com
img4.uscellular.com
img9.target.com
imgcdn.genworth.com
imgl2.hardrockcasino.com
imgs.signifyd.com
info.directpay.irs.gov
info.eftps.com
info.eftps.gov
ingress.local
intm.amwager.com
irmp.caa.com
is.giftsnideas.com
is.pickupflowers.com
is.winestogift.com
jj203.equitablebank.ca
js.content.ea.com
jytrnq.cm-cic.com
kyc.cgex.com
kyc.usend.com
ln.meudigio.com.br
lnservice.q5id.com
log.betdaq.com
log.dsx.uk
log.open.investorsbank.com
login.eki-net.com
loyaltyprogram.latam.com
lpo.unionbank.com
lsdp.lotto.com
m-profiling.cibc.com
m-profiling.simplii.com
m.vnforapps.com
meiodepagamento.campanhaporto.com.br
membership-device.secured-igaming-services.com
metrix.firstam.com
metrix.us.ovhcloud.com
mnt.sbisec.co.jp
mobile-content-f.autozone.com
mobile-tmx.ssisurveys.com
mobilecontent.projectdrgn.com
mobsessions.worldremit.com
mohegansuncasino.com
moneyhub.hrblock.com.au
mptmcontent.e-i.com
muziwakk.goinsuredaily.co.uk
mx.cm.com
mx.cmtelecom.com
nav.sciencedirect.com
nline-metrix.net
ocs.ameriprise.com
ola2.tdameritrade.com
ops.ritani.com
optm.optus.com.au
pafms.ocbc.com
pages.fiduciarytrust.com
pages.franklintempleton.com
paiement.cb4x.fr
payments.direct.playstation.com
pf.intuit.com
piafapp.poste.it
platform.uniclick.com.mx
pn1927.adambank.com
pn1927.coutts.com
pn1927.couttscrowndependencies.com
pops-f.publix.com
portal-fp.threatmetrix.com
portal.threatmetrix.com
portal.threatmetrix.eu
portal.threatmetrix.us
pov.spectrum.net
profile.cash1loans.com
profiling.qacitizensbankonline.com
profiling1.tmxcyber.com
profiling2.tmxcyber.com
public-check3-at.test.tiaa-cref.org
qa.threatmetrix.com
qa.verify.metlife.com
r.hokodo.co
rauth.chubb.com
rba.login.agentmessagecenter.optum.com
rba.login.mahix.org
rba.login.myconnections.com
rba.phub-im.uhg.com
registro.almacenesrayco.com
regstat.betfair.com
regstat.paddypower.com
res.pay.ionos.com
rewardspay.com
rhino.gocardless.com
royalairmaroc.com
rsx.afterpay.com
s4.partner.yoomoney.ru
scdn.lendup.com
scdn.missionlane.com
sec.hikaritv.net
sec.lin101.mail.goo.ne.jp
sec.login.mail.goo.ne.jp
sec.login.ocn.ne.jp
sec.login.sdnp.ntt.ocn.ne.jp
sec.mypage.ntt.com
sec.plala.or.jp
secure.paylado.com
secure.rtrcdn.com
secure3.segpay.com
securecheckout.halloweencostumes.com
secured.netflix.com
service.riverscontent.com
site.syspay.com
sptbb.pilates.com
src.ebay-us.com
src0.mydoterra.com
src0.myvoffice.com
ssafp.samsclub.com
ssisurveys.com
sso.threatmetrix.com
sso.threatmetrix.eu
st10.sofi.com
stats.badoostats.com
sub-a.crossmeetz.com
sunshine.lillypulitzer.com
svc2.sc.com
t-analytics.com
t.demo.lumindigital.com
t.digitalbanking.uoficreditunion.org
t.ebank.mscu.net
t.ebranch.hfcuvt.com
t.lebara.ch
t.myaccounts.shellfcu.org
t.mydigital.jfcu.org
t.olb.interracu.com
t.online.acutx.org
t.online.firstsouth.com
t.online.vsecu.com
t.online.westerlyccu.com
t.onlinebanking.american1cu.org
t.onlinebanking.consumerscu.org
t.sunrise.ch
t.us.williamhill.com
t.yallo.ch
t1.musthird.com
t1.tacdn.com
t42rsn90.uplift.com
tags.dazn.com
tags.emirates.com
tags.intertops.eu
tags.ipp-services.eu
tags.unicefusa.org
teknosa.com
thm.v.me
thm.visa.com
thm12.visa.com
thmep.bitbay.net
thmx.turo.com
threatmetrix.bancupo.com
threatmetrix.com
tienmat.homecredit.vn
tm-analytics.bluevine.com
tm-out.cardinalcommerce.com
tm.baubap.com
tm.bdc-cdn.com
tm.beachbody.com
tm.benevity.org
tm.betano.bg
tm.betano.com
tm.betano.de
tm.betano.pt
tm.cbd.ae
tm.clearcover.com
tm.credithealth.nab.com.au
tm.creditsimple.co.nz
tm.creditsimple.com.au
tm.cybersource.com
tm.directly.com
tm.goldennuggetcasino.com
tm.gumtree.com.au
tm.kotak.com
tm.nowfinance.com.au
tm.okinushub.com
tm.paysafecard.com
tm.regionstest.com
tm.remit2india.com
tm.reserve.tokyodisneyresort.jp
tm.secure.freee.co.jp
tm.signedpay.com
tm.stoiximan.com.cy
tm.stoiximan.gr
tm.summit-services.ca
tm.telecharge.com
tm.uship.com
tm2.signedpay.com
tm4.debsdemo.com
tma.caffeine.tv
tmalnrsc.clearme.com
tmck.milestonegoldcard.com
tmcontent.imvu.com
tmcontent.motusbank.ca
tmetrix.my.chick-fil-a.com
tmi.my529.org
tmnt.sbisec.co.jp
tmo.gameplusapp.com
tmrpe.astrazeneca.com
tms.neteller.com
tms.paysafe.com
tmt.houzz.com
tmuat.kotak.com
tmx.bestbuy.com
tmx.gotobilling.com
tmx.kijiji.ca
tmx.paratika.com.tr
tmx.rnd.gemaltodigitalbankingidcloud.com
tmx.uptodate.com
tmx.vinci-autoroutes.com
tmx.zijasecure.com
tmxapi.globalsources.com
tmxcyber.com
tracking.psecu.com
trinidad.sears.com
trst.closingstream.com
trust.gyft.com
tsaian.verizonwireless.com
tulips.metrobankonline.co.uk
tx.homecredit.co.id
tx.n11.com
tx.suncoastcreditunion.com
txcontent.iherb.cn
txcontent.iherb.com
txn.allianzlife.com
txsec.walmartmcapp.ca
uafms.ocbc.com
uat.cmprofile.cards.citidirect.com
unclaimedproperty.findmassmoney.com
v.invest.goldman.com
v.marcus.co.uk
v.marcus.com
v.sagasavings.co.uk
valcontent.securustech.net
venus.chegg.com
verify.metlife.com
verify.newdaycards.com
verify.newdaycards.combackend.pin-up.devbackend.pin-up.devcontent.allstate.com
verify.philippineairlines.com
vir.purepoint.com
vlscppe.microsoft.com
voto.provident.pl
w-profiling.cibc.com
w-profiling.simplii.com
w3.amegybank.com
w3.calbanktrust.com
w3.nbarizona.com
w3.nsbank.com
w3.providerpay.com
w3.tcboregon.com
w3.tcbwa.com
w3.vectrabank.com
w3.zionsbank.com
wookie.omegaxl.com
wp.kroger.com
ww3.fundingstream.com
ww3.marlincapitalsolutions.com
www.1of1.skipcash.app
www.app392.gerberlife.com
www.assets.werally.co
www.assets2.thefirstclub.com
www.cda.thecardservicescenter.com
www.cdn.bambusystems.com
www.cdn.gusto.com
www.cdn.joom.com
www.cdn.onlinepaysecure.com
www.cdn2.moneycorp.com
www.cdna.cofidis.be
www.cdna.kpers.org
www.cdna.lottohelden.de
www.cdnb.cashcentral.com
www.cdncy.jmbullion.com
www.cdncy.providentmetals.com
www.cdncy.silver.com
www.cnt.patpat.com
www.content.alterna.ca
www.content.alternabank.ca
www.content.americanfirstfinance.com
www.content.berluti.com
www.content.biggerbooks.com
www.content.bnl.it
www.content.bookmob.ca
www.content.certifid.com
www.content.clubpremier.com
www.content.covantagecu.org
www.content.dwd.wisconsin.gov
www.content.ecampus.com
www.content.heidipay.com
www.content.hellobank.it
www.content.ifpsoyyo.co
www.content.knetbooks.com
www.content.kylottery.com
www.content.listsource.com
www.content.lotto.pl
www.content.mercadolibre.com
www.content.mercadolibre.com.mx
www.content.mercadopago.com
www.content.moni.com.ar
www.content.mycoseva.com
www.content.pachirapay.com
www.content.paynearme.com
www.content.pmbank.com
www.content.qlinkwireless.com
www.content.realquest.com
www.content.rias.co.uk
www.content.sfbli.com
www.content.sheerid.com
www.content.southcrestbank.com
www.content.statefarm.com
www.content.usps.com
www.content1.esdiacapi.com
www.content2.instacart.com
www.contentinfo.tcdrs.org
www.contentservices.greentrustcash.com
www.contentservices.zurvita.com
www.creditcheck.digitecgalaxus.ch
www.css.bitcasino.io
www.css.slots.io
www.csservice.aircanada.com
www.customer.homedepot.com
www.cybersource.shoplineapp.com
www.d.mlcdn.com.br
www.debs.my100bank.com
www.deviceauth.dmv.ca.gov
www.devicecontent.icuracao.com
www.df.allsaints.com
www.df.greenmangaming.com
www.dfp.garmin.com
www.dfp.s-budget-mobile.at
www.dfp.t-mobile.at
www.dfp.telering.at
www.donor.cafamerica.org
www.dpcontent.locationsmart.net
www.fpcn.bpsgameserver.com
www.gesa.mfoundry.com
www.goecf.hm.com
www.hint-tmdp.opendoor.com
www.hooru.regence.com
www.idhtm.bb.com.br
www.im2.personalloans.pnc.com
www.im2.prod.amount.com
www.im2.regions.prod.amount.com
www.imagesmx.cdscdn.com
www.imagestm.bossrevolution.com
www.img.kittykuddly.com
www.img.nuskin.com
www.img02.pensionfund.org
www.img2.massageenvy.com
www.img2.moneylion.com
www.img4.cargurus.com
www.img4.instarem.com
www.img4.nbpa.com
www.imgl2.hardrockcasino.com
www.intm.amwager.com
www.is.giftsnideas.com
www.jj203.equitablebank.ca
www.kyc.cgex.com
www.kyc.usend.com
www.lnservice.q5id.com
www.log.betdaq.com
www.log.dsx.uk
www.log.open.investorsbank.com
www.loyaltyprogram.latam.com
www.meiodepagamento.campanhaporto.com.br
www.membership-device.secured-igaming-services.com
www.metrix.us.ovhcloud.com
www.mobilecontent.projectdrgn.com
www.muziwakk.goinsuredaily.co.uk
www.ops.ritani.com
www.optm.optus.com.au
www.paiement.cb4x.fr
www.pn1927.adambank.com
www.pn1927.coutts.com
www.pops-f.publix.com
www.profile.cash1loans.com
www.profiling1.tmxcyber.com
www.profiling2.tmxcyber.com
www.r.hokodo.co
www.registro.almacenesrayco.com
www.rhino.gocardless.com
www.rsx.afterpay.com
www.s4.partner.yoomoney.ru
www.scdn.lendup.com
www.secure.paylado.com
www.secure.rtrcdn.com
www.securecheckout.halloweencostumes.com
www.service.riverscontent.com
www.site.syspay.com
www.sptbb.pilates.com
www.src0.mydoterra.com
www.st10.sofi.com
www.t-analytics.com
www.t42rsn90.uplift.com
www.tags.unicefusa.org
www.thmep.bitbay.net
www.thmx.turo.com
www.threatmetrix.bancupo.com
www.tienmat.homecredit.vn
www.tm.bdc-cdn.com
www.tm.nowfinance.com.au
www.tm.okinushub.com
www.tm.paysafecard.com
www.tm.signedpay.com
www.tm.summit-services.ca
www.tm2.signedpay.com
www.tm4.debsdemo.com
www.tma.caffeine.tv
www.tmcontent.motusbank.ca
www.tmo.gameplusapp.com
www.tmrpe.astrazeneca.com
www.tmx.paratika.com.tr
www.tmx.rnd.gemaltodigitalbankingidcloud.com
www.tmx.uptodate.com
www.tmx.vinci-autoroutes.com
www.tmx.zijasecure.com
www.trst.closingstream.com
www.txsec.walmartmcapp.ca
www.valcontent.securustech.net
www.verify.philippineairlines.com
www.vir.purepoint.com
www.wp.kroger.com
www.ww3.fundingstream.com
www4.macys.com
ydkwim.targobank.de
yr3ioxw.hoaresbank.co.uk
@ZacharyHampton
Copy link

Great release, thank you.

@ACK-J
Copy link
Author

ACK-J commented Jul 17, 2023

@ZacharyHampton Port Authority gained a large number of new users in a short amount of time. Would you mind if I ask where you heard of my extension? Was it a podcast episode, youtube video, etc... I'm happy people are using it I just have no idea who promoted it.

@ZacharyHampton
Copy link

@ZacharyHampton Port Authority gained a large number of new users in a short amount of time. Would you mind if I ask where you heard of my extension? Was it a podcast episode, youtube video, etc... I'm happy people are using it I just have no idea who promoted it.

I don't use Port Authority, nor did I find this gist from it. I am currently making a ThreatMetrix solver, so I was trying to find sites to test my solution on. I came across this gist from Google and found it useful. The Shodan script doesn't work anymore, but manually pasting the domains from the txt file above, helped see different sites that had or still have TMX.

@ACK-J
Copy link
Author

ACK-J commented Jul 17, 2023

Got it, thanks anyways and good luck on your ThreatMetrix solver. Keep me updated!

@ACK-J
Copy link
Author

ACK-J commented Jul 17, 2023

@ZacharyHampton Also I just looked into the shodan query and found a work around. I will update the script [edit. updated]
https://www.shodan.io/search?query=isp%3A%22ThreatMetrix+Inc.%22+port%3A443+Bad+Request

@ZacharyHampton
Copy link

Hey, @ACK-J, I wrote the solver, check it out here: https://github.com/ZacharyHampton/tmx-solver/tree/master

@ACK-J
Copy link
Author

ACK-J commented Aug 22, 2023

@ZacharyHampton Wow, awesome work! I'll add your solver in the description of Port Authority

@ZacharyHampton
Copy link

@ACK-J Sounds good, thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment