Target: tesla.com
Normally searching for PDFs with the base domain will return many manuals, guides, and detail sheets in many languages, as expected. Most notable results out of those come from the subdomains service.tesla.com and ir.tesla.com
service.tesla.com mentions:
All users with a Tesla Account can browse published catalogs for their country, for the following information: Diagrams, Part Numbers/Descriptions, Sales Requirements
Some links:
- https://service.tesla.com/docs/ModelY/ElectricalReference/prog-52/interactive/pdf/index_print.pdf
- https://service.tesla.com/docs/Public/epc/UserGuide/SPEC_EXT_137658-00-D_01_SUMITOMO_TO_RJ45.pdf
- https://service.tesla.com/docs/ModelS/ElectricalReference2012/s-lhd-sop9/2016.3_ModelS_LHD_Release.pdf
ir.tesla.com is their Investor Relations site. It has a lot of information about their investors.
The documents that site:ir.tesla.com filetype:pdf fetches don't seem to be accessible directly on the site, atleast on face value.
Some links:
- https://ir.tesla.com/_flysystem/s3/sec/000195004724008368/000195004724008368-gen.pdf
- https://ir.tesla.com/_flysystem/s3/sec/000177136423000001/000177136423000001-gen.pdf
- https://ir.tesla.com/_flysystem/s3/sec/000083423722009097/us88160r1014_031122-gen.pdf
Links:
- https://service.tesla.com/docs/ServiceBulletins/External/SB/Damper_Sort5081_1027461-00-G_v2_(1).xlsx
- https://service.tesla.com/docs/ServiceBulletins/External/SB/Damper_PN_Checker_For_SB-20-31-004_and_005.xlsx
- https://service.tesla.com/docs/ServiceBulletins/External/SB/CLAIM_FORM_DEALER_EN_foam_detachment_Model_Y.xlsx
- https://service.tesla.com/docs/ServiceBulletins/External/SB/CLAIM_FORM_DEALER_EN_foam_detachment_Model_3.xlsx
Seems to be two forms, a protected product number lookup sheet, and a list of serial numbers whose dampers are suspected to be defective
site:tesla.com ext:ods gives bing chilling (as the only result) https://www.tesla.com/sites/default/files/downloads/zh_TW/%E5%A0%B1%E5%BB%A2%E6%8F%9B%E6%96%B0%E8%BB%8A%E6%98%8E%E7%B4%B0%E8%A1%A8.ods
Some letter templates, and surveys, in different languages:
- https://www.tesla.com/sites/default/files/support/Ihr-Umweltbonus/2-Widerspruch-gegen-Aufhebung.docx
- https://www.tesla.com/sites/default/files/downloads/en_HK/apartment_residents_survey_EN_HK_2.docx
- https://www.tesla.com/sites/default/files/support/Ihr-Umweltbonus/A-umwelt.docx
- https://digitalassets.tesla.com/tesla-contents/raw/upload/EV_Installation_HOA_Request.docx
site:tesla.com filetype:odt OR filetype:fodt returned 0 results
site:tesla.com filetype:ppt OR filetype:pptx OR filetype:odp OR filetype:fodp PPT(X)/ODP files were not found.
site:tesla.com filetype:txt returns the site's robots.txt and a file called security.txt containing information on where to report vulnerabilities.
The pricebook is a json file with csv extension. The next two links seem to be some sort of hourly electricity demand profile. The last one is interesting, it has a list of all possible error codes given by their diagnostic tool.
Links:
- https://www.tesla.com/configurator/pricebook?pricebook=MS_US
- https://www.tesla.com/sites/default/files/downloads/US-fully-electrified-demand-profile-part-2.csv
- https://www.tesla.com/sites/default/files/downloads/US-fully-electrified-demand-profile-part-1.csv
- https://fleet-api-files-prd.tesla.com/alert_dictionary.csv
The notable results from partners.tesla.com and toolbox.tesla.com are properly gatekept by a login page. Even all results from site:partners.tesla.com and site:toolbox.tesla.com are inaccessible.
site:tesla.com inurl:content yields more manuals and... job openings! (many links now return 404) :(
site:tesla.com inurl:admin - no result (ie., no portals/panels found)
site:tesla.com inurl:login - yields publicly accessible Tesla account login portals (like the gatekeeping one aforementioned). Additionally, this gives results from feedback.tesla.com that leads to Tesla's Microsoft adfs and organization account login portals:
site:feedback.tesla.com gives one feedback form and the rest lead to the same identity provider select link shown above.
site:tesla.com intitle:"login", site:tesla.com intitle:"panel", site:tesla.com inurl:"panel", site:tesla.com intitle:"portal", site:tesla.com inurl:"portal" all yield results already seen/irreleveant results.
site:tesla.com inurl:dashboard fetches some unique endpoints:
The inside.tesla.com/en-US/learning/dashboard site redirects to the Microsoft Account login page for Tesla organization, the warp.tesla.com/dashboard site redirects to the older Microsoft Active Directory Federation Services (adfs) login page.
site:tesla.com inurl:auth fetches more endpoints:
All of which redirect to auth.tesla.com (Tesla account login page)
site:tesla.com intitle:"index of" yields nothing (aimed at finding directory listings like this: https://docs.oasis-open.org/]
site:tesla.com inurl:old yields one result: https://tesla.com/en_MY/support/referral-program-old
site:tesla.com inurl:test shows results about test drives, and not any leftover test directories on site.
site:tesla.com inurl:dev yields one new endpoint that also points to the ADFS login page. Other than that, nothing of interest.
site:tesla.com inurl:"prod" fetches two seemingly broken pages, which look like the page you will get after you sign in (judging by the 's Tesla, which looks like it takes a name before it, and the account management options)
This page doesn't exist in other languages (say, en_US. It returns 404)
site:tesla.com inurl:"config" yields just one result, which seems to be the subscription agreement that will be displayed when you try to sign up for "Drive Anywhere" on a Tesla app: https://www.tesla.com/app-assets-config/pdf/Drive_Anywhere_Agreement.pdf
site:tesla.com (ext:env OR ext:yml OR ext:yaml OR ext:toml OR ext:config OR ext:conf OR ext:xml) returns 0 results. Clean
site:tesla.com "api" returned many things about their Fleet API, but going to the 6th or 7th page of the result, we start seeing PDF files regarding Damage Disclosure
These PDFs do not seem to have personally identifiable information other than the vehicle serial numbers.
site:tesla.com filetype:log - 0 results.
site:tesla.com inurl:"log" - "Log Technician, Field Reliability Engineering"
site:tesla.com inurl:"logs" - a single press release and nothing else
site:tesla.com inurl:error - Gives login error pages in many locales
site:tesla.com "stacktrace" - 0 results.
site:tesla.com "promise" (result of an asynchronous operation in js) - very mysterious result that redirects to tesla account login page: https://tesla.com/en_NZ/file/son-man-promise-familyjpg
Other than that its all results about their empty promises to customers.
site:tesla.com intext:"email" We have many regional service phone lines and email addresses in the search results. This is publicly available information and is of no interest to us (unless we are making a very useless excel sheet of all tesla support regions and email addresses.)
If we go back to our ir.tesla.com subdomain, we'll get TONS of contact info from all the investor documentation, letters and legal documents on there. I will attach screenshots of a few. As it is out of the scope of this exercise, I won't be opening any of those PDFs to search for contacts. I will only post screenshots here of indexed search results.
site:ir.tesla.com filetype:pdf email OR Contact
site:tesla.com ext:env as we've already seen, returns 0 results.
site:tesla.com "src" no relevant results
site:tesla.com inurl:repo OR inurl:repository 0 results
site:tesla.com inurl:git 0 results
site:tesla.com ext:py OR ext:c OR ext:java OR ext:rs OR ext:js OR ext:kt well we tried
site:tesla.com ".git" OR ".gitignore" OR ".svn" pulls stuff from Fleet API documentation. No leaked source code here
If you really think about it, the whole site is still open source ¯\_(ツ)_/¯
Google's reward for me completing this task:
