Looking at some subdomains using
aquatone I noticed
http://█████/ I clicked it and then started navigating the page, if I go to this link:
https://█████████/██████████wireframes/admin/round12/tsp_0-awarded.html it is completely valid and shows some information that I'm unsure it should be online, it also shows me logged in as a user
Main Index Page
Office & TSPor use this link
If this is sensitive data - it should be restricted to only people who need to access it no the whole internet, there are certain action where it prompts for a password.
If this is somehow supposed to be up I would like to self-close as to not affect my current profile
Information disclosure, possibly a dev environment left open but unsure.