I wasn’t chasing a bounty this time.
This time, the thrill was different — I wanted to earn a Letter of Appreciation from LG.

Not a bug bounty. Not a write-up trophy. Just a clean, solid find. Something they’d remember.

Because when you’re dealing with a brand like LG — where polish meets production — you know there’s more beneath the surface.

So, I did what I do best: opened my recon toolkit, fired up some intuition, and started hunting for cracks in the logic.

My recon game started with a weapon I absolutely love: ShrewdEye.

It pulls out subdomains like magic — raw, downloadable, no UI fluff.

wget https://shrewdeye.app/domains/<domain_name>.txt

The file dropped, and with it came hundreds of subdomains — some dormant, some suspicious, and a few… just alive enough to be dangerous.

I filtered down the list for targets with 200 OK responses.

And then I saw it.

A subdomain I won’t name here (you know the drill), but let’s just call it:

xyz.redacted.lg.com

It wasn’t just alive.
It was buzzing — login flows, invitation systems, beta-looking dashboards just like every other normal web-app

The kind of place where real bugs hide in real logic.