1. Home
  2. Bug Bounty Programs
  3. Playtika
HackerOne · Bug Bounty

Playtika Bug Bounty Program

Complete guide to Playtika's bug bounty program on HackerOne. View in-scope assets, reward amounts, response times, and tips for finding vulnerabilities.

Program Overview

Playtika runs a bug bounty program on HackerOne. The program has 65 in-scope assets and is managed by HackerOne's triage team.

65
In-Scope Assets
1d
Avg Response
98%
Efficiency
2h
Avg Bounty Time
8d
Avg Resolve

In-Scope Assets

AssetTypeMax SeverityEligible
*.bingoblitz.comWILDCARDCriticalBounty
*.boardkingsgame.comWILDCARDCriticalBounty
*.caesarsgames.comWILDCARDCriticalBounty
*.gop3.nlWILDCARDCriticalNo Bounty
*.governorofpoker.comWILDCARDCriticalNo Bounty
*.houseoffun.comWILDCARDCriticalBounty
*.monopoly-poker.comWILDCARDCriticalBounty
*.playticorp.comWILDCARDCriticalBounty
*.playtika.comWILDCARDCriticalBounty
*.playwsop.comWILDCARDCriticalBounty
*.redecor.comWILDCARDCriticalBounty
*.serious.liWILDCARDCriticalBounty
*.seriously.comWILDCARDCriticalBounty
*.slotomania.comWILDCARDCriticalBounty
*.wooga.comWILDCARDCriticalBounty
1116488672APPLE_STORE_APP_IDCriticalBounty
1200391796APPLE_STORE_APP_IDCriticalBounty
1215220850APPLE_STORE_APP_IDCriticalBounty
1223338261APPLE_STORE_APP_IDCriticalBounty
1413287364APPLE_STORE_APP_IDCriticalBounty
1438744533APPLE_STORE_APP_IDCriticalBounty
1448884851APPLE_STORE_APP_IDCriticalBounty
1474700 (Steam app id)OTHERCriticalBounty
1508620125APPLE_STORE_APP_IDCriticalBounty
1510325826APPLE_STORE_APP_IDCriticalBounty
447553564APPLE_STORE_APP_IDCriticalBounty
480523695APPLE_STORE_APP_IDCriticalBounty
529996768APPLE_STORE_APP_IDCriticalBounty
586634331APPLE_STORE_APP_IDCriticalBounty
594802437APPLE_STORE_APP_IDCriticalBounty
603097018APPLE_STORE_APP_IDCriticalBounty
645949180APPLE_STORE_APP_IDCriticalBounty
654671575APPLE_STORE_APP_IDCriticalBounty
719525810APPLE_STORE_APP_IDCriticalBounty
868013618APPLE_STORE_APP_IDCriticalBounty
975035622APPLE_STORE_APP_IDCriticalBounty
9nqwjwnqjj5nWINDOWS_APP_STORE_APP_IDCriticalBounty
Tier 1OTHERCriticalBounty
Tier 1 StudiosOTHERCriticalBounty
Tier 2OTHERCriticalBounty
Tier 3OTHERCriticalBounty
air.com.buffalo_studios.newflashbingoGOOGLE_PLAY_APP_IDCriticalBounty
air.com.playtika.cvsGOOGLE_PLAY_APP_IDCriticalBounty
air.com.playtika.slotomaniaGOOGLE_PLAY_APP_IDCriticalBounty
bestfiends.comURLCriticalBounty
com.Seriously.BestFiendsGOOGLE_PLAY_APP_IDCriticalBounty
com.Seriously.PhoenixGOOGLE_PLAY_APP_IDCriticalBounty
com.bigblueparrot.pokerfriendsGOOGLE_PLAY_APP_IDCriticalBounty
com.jellybtn.boardkingsGOOGLE_PLAY_APP_IDCriticalBounty
com.jellybtn.cashkingmobileGOOGLE_PLAY_APP_IDCriticalBounty

Showing 50 of 65 in-scope assets. View all on HackerOne.

Out-of-Scope Assets

  • *.awards.slotomania.com
  • *.justfall.lol,*.justplay.lol,*.1v1.lol
  • 1v1.lol
  • com.youdagames.gop3multiplayer
  • id877638937
  • sm-php-smid-dsa.slotomania.com,sm-php-smid.slotomania.com,sm-php-smid-va2.slotomania.com,vs-fb-php-p1.playtika.com,sm-php.playtika.com

Tips for Hacking Playtika

  1. Read the policy — Understand what's in scope, out of scope, and any specific testing restrictions before you start.
  2. Enumerate the attack surface — Use subdomain enumeration and directory bruteforcing to map all accessible endpoints.
  3. Focus on high-impact bugs — Look for SQL injection, SSRF, and IDOR vulnerabilities first.
  4. Test authentication flows — Check for OAuth misconfigurations and CSRF in login/signup flows.
  5. Write clear reports — Include steps to reproduce, impact assessment, and suggested remediation. Use Burp Suite to capture evidence.

Frequently Asked Questions

How do I start hacking Playtika?

Sign up on HackerOne, read the program policy carefully, review the in-scope assets listed above, and start testing. Always stay within scope and follow responsible disclosure guidelines.

Does Playtika pay bounties?

Yes, Playtika offers monetary rewards for valid security vulnerabilities.

What types of vulnerabilities does Playtika accept?

Playtika accepts reports for vulnerabilities found in their 65 in-scope assets. Common accepted vulnerability types include XSS, SQL injection, SSRF, IDOR, authentication bypass, and RCE. Check the program policy for specific exclusions.

Similar Programs on HackerOne

Blend Labs

HackerOne · Bug Bounty · 1 assets

Hotmart (VDP)

HackerOne · VDP · 1 assets

Xiaomi

HackerOne · Bug Bounty · 65 assets