Archive LiveRead-only public record · No ads · No tracking
CASE / CASINO PANELS EXPOSED
Casino Panels Exposed: Somebody Built This For Them
A technical file on fake gaming panels, support infrastructure, and the usual downstream claims of innocence.
File 013·Panel report·7 min read·Editorial mirror
Public record copy. Brand names withheld, public accreditation numbers preserved. If the body below says “we”, that means the original publisher, not this mirror. TER only preserves, redacts, and re-contextualizes.
The Casino Scam Playbook: How All 4 Panels Operate
Every operation in this investigation follows the same core playbook: build a fake casino or sports betting platform, recruit "workers" (affiliates) through [REDACTED], lure victims with promises of free bonuses, then trap them with a mandatory "verification deposit" that can never be withdrawn. The victim's money is split between the worker and the panel operator.
What makes this investigation unique is that all four operations were preserved in THE ENABLERS REGISTRY's ScamIntelLogs archive — complete with internal [REDACTED] chats, admin panel dumps, configuration files, victim databases, and source code. Every claim below is backed by primary evidence.
Shared DNA
All four panels share: IANA #1910 protection, Russian-speaking operators, [REDACTED]-based recruitment, the "verification deposit" scam model, template variables like %sum_verif% for deposit amounts, and overlapping domains ([REDACTED] appears in BOTH OFEDREX and Olympus).
Operation OFEDREX: 383 Victims Across 30+ Countries
OFEDREX, also known as WinSystems and [REDACTED] Casino, is the most documented operation in this investigation. A full admin database dump revealed 383 individual victims across 30+ countries with India leading at 20.1%.
383
Verified Victims
22
Possibly phishing Domains
20.1%
From India
30+
Countries Hit
The operation used promo codes to track affiliate performance. Code "DREAM" alone brought in 115 victims. Code "LRX774" generated 61 victims.
Leaked credentials found in configuration files:
Email: lancerbuy777@project.com
Password: holabol1337
Super account keyword: ximerawork
— OFEDREX admin configuration dump
Debug Mode Left Enabled
The entire Laravel PHP backend was running with APP_DEBUG=true in production, exposing full stack traces, database queries, and internal paths to anyone who triggered an error. This is amateur-hour security that tells you everything about the operators' skill level.
LuxardGambling operates as a Panel-as-a-Service (PaaS) with 70% commission to workers. What sets it apart is its industrial-scale use of celebrity deepfakes and its brazenly documented playbook published on GitBook.
The operation uses deepfakes of at least 12 celebrities including Elon Musk, MrBeast, Jake Paul, Neymar, and others to create fake endorsement videos. Sports results are inflated by +35% to create the illusion of "guaranteed wins" — a fictional sportsbook called "Crazy Odds" with impossible odds.
"The victim (mammoth) sees inflated coefficients and believes they can predict outcomes. Once they deposit the verification amount, they can never withdraw. The money flows up."
— LuxardGambling GitBook documentation
Deepfake Factory
12+ celebrity deepfakes including Elon Musk, MrBeast, Jake Paul, Neymar, and Travis Scott. Victims are shown fake endorsement videos before being directed to the platform.
Mammoth Hunting
Workers call victims "mammoths" (мамонт). Full trafficking pipeline: fake ad → deepfake video → registration → verification deposit → withdrawal block.
Casino scam pipeline flowchart: from diversion and celebrity endorsement through payment processing to victim
Olympus Panel: The AI Chatbot Trap
Olympus Panel (Syndicate Casino) deployed across 16 domains from a central admin at [REDACTED]. Its distinguishing feature: "Alice," an AI-powered chatbot deployed on every casino instance to engage victims in real-time conversation and guide them toward the $50 minimum verification deposit.
Workers receive 70% commission. The admin panel HTML dumps show full victim tracking with deposit amounts auto-filled using template variable %sum_verif%.
Domain Overlap Detected
The domain [REDACTED] appears in BOTH the OFEDREX and Olympus databases, suggesting either shared infrastructure, the same operators running multiple panels, or affiliates cross-selling between platforms.
Indicators of Compromise
Domain
Status
[REDACTED]
Admin Panel
[REDACTED]
Taken Down
[REDACTED]
Shared w/ OFEDREX
BitXLucky: The Scam That Scams Scammers
BitXLucky is the most cynical operation in our archive. Built on Next.js/NestJS, it presents itself as a casino PaaS platform recruiting workers — but registrations from victims never appear in the worker panel. Workers: 0. Every single victim registration is silently redirected to the operator, cutting affiliates out entirely.
This is a meta-scam: a scam tool that steals from its own scammers.
Proof Is In The Typos
The admin panel is riddled with spelling errors: "saport" (support), "Warkers" (Workers), "Logi" (Login), "Postsuk" (Postback). These aren't just typos — they're fingerprints of a hastily built fraud tool by non-native speakers.
Server IPs discovered in configuration: 77.110.103.90, 176.46.152.13:3000, 77.221.151.196. Unlike the other panels, BitXLucky didn't even bother hiding behind IANA #1910 consistently — raw server IPs were exposed in API responses.
No legitimate casino asks for a "verification deposit." No real platform needs deepfake celebrity endorsements. If you encounter any of these platforms — report immediately.
