should have known...
"All the members of team running this program are part of the security community and many of us actively submit to other bug bounty programs..."
and they still somehow failed to "better define" the scope of the bounty program from day 0? either they are all incompetent or someone is full of shit.
