Whistleblower Alert: Revolut Card Evidence Links BigClash Deposit To Anonymous MixFind Payment Descriptor!

Spread financial intelligence

Spread financial intelligence

FinTelegram has received new player evidence indicating that MixFind is not merely an anonymous website for identifying unfamiliar card charges. A screenshot reviewed by FinTelegram shows the domain embedded directly in the merchant descriptor of a Revolut card transaction allegedly initiated through the cashier of the BigClash online casino. The Revolut transaction details identify the recipient as: TCP*mixfind.com, Dublin

According to the whistleblower, the BigClash deposit was routed through play1.payment.sale before appearing in the Revolut account under the MixFind descriptor. The evidence materially strengthens the hypothesis that MixFind forms part of an active casino payment, merchant-descriptor and transaction-reconciliation architecture. However, the legal merchant, payment facilitator, processor and acquiring bank behind the transaction have not yet been independently identified.

A possible connection to the Cyprus-regulated payment institution Payabl remains under investigation and requires acquirer-level confirmation.


Key Findings

  • MixFind appeared in a live card descriptor: The Revolut screenshot identifies the recipient as TCP*mixfind.com, Dublin.
  • The player links the transaction to BigClash: The whistleblower says the payment originated from a deposit made through the BigClash casino cashier.
  • A payment redirect was observed: The player identified play1.payment.sale as the URL displayed during the payment journey.
  • MixFind claims access to transaction data: Its portal says it can cross-reference millions of transactions and retrieve merchant, contact and receipt information.
  • MixFind remains anonymously operated: Its legal documents identify the operator only as โ€œCompanyโ€ and provide no company name, registration number, address or jurisdiction.
  • The Payabl connection is unconfirmed: Earlier FinTelegram research concerned the similar but different domain play1.payments.sale and associated it with Payabl-related infrastructure.
  • The screenshot does not prove fraud: The whistleblower alleges fraudulent payments, but the submitted evidence alone does not establish whether the transaction was unauthorized, misleadingly described or otherwise unlawful.

The New Revolut Evidence

MixFind.com payment descriptor in the Big Clash casino

The screenshot submitted to FinTelegram shows a Revolut card-transaction detail page with the following information:

To: TCP*mixfind.com, Dublin

It also displays a masked card number and a transaction authorization code.

The appearance of mixfind.com within the merchant descriptor is significant. It indicates that the domain was not merely discovered later by the player while searching for customer support. Instead, MixFind was incorporated into the payment information transmitted through the card-processing chain and displayed by the issuing institution.

The reference to โ€œDublinโ€ should not be interpreted as proof that MixFind is legally incorporated or physically established in Ireland. Merchant-location fields may reflect information configured by a merchant, payment facilitator, processor or acquirer.


From Payment Lookup Portal To Descriptor Layer

FinTelegram chart showing the anonymously operating payment support portal MixFind

MixFind publicly presents itself as a Payment Support Portal. It asks users who do not recognize a charge to submit their name, email address, the first six and last four digits of their card, the transaction date and the exact amount. The portal claims that its system cross-references โ€œmillions of transactionsโ€ and can provide the merchant name, contact information and receipt associated with a payment.

MixFindโ€™s Terms describe the service as a billing-inquiry tool for card charges executed by its โ€œauthorized billing partners.โ€ The Terms simultaneously claim that MixFind is not a financial institution and does not process payments through the portal. The operator is identified only as โ€œCompanyโ€; the sole contact disclosed is an email address.

Its Privacy Policy is more revealing. MixFind says inquiry data may be transmitted to the merchant, payment gateway or acquiring bank associated with a charge. It also claims to process data for transaction reconciliation, dispute support, fraud prevention and regulatory compliance. These statements suggest that MixFind is positioned close to one or more operational layers of the payment chain:

MixFind Skrill payment to illegal offshore casino
  • merchant-descriptor management;
  • transaction reconciliation;
  • merchant-support routing;
  • gateway or acquirer inquiries;
  • dispute and chargeback handling;
  • payment-facilitator infrastructure.

FinTelegram had previously identified mixfind.com as the named payee in a Skrill Prepaid Mastercard verification screen during a separate casino payment review. The new Revolut evidence indicates that the earlier observation may not have been an isolated occurrence.


The BigClash Payment Route

The whistleblower told FinTelegram that the transaction resulted from a deposit made through the BigClash casino cashier.

BigClashโ€™s current Terms do not name the company operating the website. They refer only to the โ€œCompany.โ€ The Terms state that financial operations may be processed directly by the Company, by a payment-system operator or by a third party designated by the Company.

The BigClash Privacy Notice likewise identifies the โ€œoperator of this websiteโ€ as the data controller without providing the operatorโ€™s legal name. It confirms that player data may be shared with payment providers and financial institutions for deposits, withdrawals, KYC and AML purposes.

Based on the available evidence, the provisional payment architecture is:

BigClash casino cashier
โ†’ play1.payment.sale or another hosted payment page
โ†’ unidentified processor or payment facilitator
โ†’ merchant descriptor TCP*mixfind.com
โ†’ MixFind transaction-support or reconciliation layer
โ†’ unidentified acquirer and settlement chain

This architecture remains a working hypothesis. FinTelegram has not yet obtained the merchant ID, Acquirer Reference Number, acquirer BIN or settlement information required to identify the regulated entities involved.


The Payabl Question

The whistleblower suspects that the payment route may be connected to Payabl and says that both Payabl and MixFind have been contacted. Payabl CY Limited is authorized as a payment institution by the Central Bank of Cyprus under licence number 115.1.2.9/2018. In 2023, FinTelegram reported on several high-risk payment domains, including:

play1.payments.sale

At the time, Similarweb and Urlscan observations indicated that the domains were attributable to or associated with Payabl-related infrastructure. FinTelegram expressly stated that it was not claiming that the domains were registered by Payabl or used for unlawful purposes. The present whistleblower report refers instead to:

play1.payment.sale

The difference between payment and payments is material. It may be a transcription error, a separate domain or a related infrastructure component. The exact URL must be confirmed through browser history, screenshots, redirect logs or a screen recording.

Consequently, FinTelegramโ€™s current assessment is:

The reported payment route resembles infrastructure previously associated with Payabl, but Payablโ€™s participation in the specific BigClash transaction has not been independently established.

Confirmation would require evidence such as:

  • Acquirer Reference Number;
  • Retrieval Reference Number;
  • merchant ID;
  • acquirer name and BIN;
  • Merchant Category Code;
  • 3-D Secure authentication records;
  • payment gateway logs;
  • processor or settlement records.

Compliance Assessment

The evidence creates a significant transparency issue. MixFind asks consumers to submit a combination of personal and payment-related information while failing to identify the legal entity responsible for collecting and processing that data. Its Privacy Policy refers to a โ€œCompany,โ€ authorized billing partners, merchants, gateways, acquiring banks and a supposed compliance team, but does not disclose who any of these parties are.

The concern becomes more serious when the same anonymous domain appears directly in card descriptors arising from casino deposit flows. The central compliance question is therefore no longer merely: Who operates MixFind?

It is now:

Which casinos, merchants, payment facilitators, processors and acquiring banks use MixFind as part of their live payment and transaction-support infrastructure?


Share Information

FinTelegram is seeking additional information from players, payment insiders, PSP employees, fraud analysts, compliance officers and acquiring-bank staff. We are particularly interested in:

  • statements showing TCP*mixfind.com or related descriptors;
  • BigClash deposit confirmations;
  • screenshots or recordings of the complete cashier journey;
  • evidence involving play1.payment.sale or play1.payments.sale;
  • ARN, RRN, merchant ID, MCC and acquirer information;
  • responses from MixFind, BigClash, Payabl or Revolut;
  • merchant details returned by the MixFind lookup portal;
  • documents identifying MixFindโ€™s operator or authorized billing partners;
  • evidence linking MixFind to additional casinos or high-risk merchants.

Please redact full card numbers, security codes, passwords and identification documents before submitting material through Whistle42.


Right of Reply

FinTelegram invites MixFind, BigClash, Payabl and any other involved payment provider to provide clarification and documentation concerning:

  1. the legal entity operating MixFind;
  2. MixFindโ€™s authorized billing partners;
  3. the reason mixfind.com appears in live card descriptors;
  4. the merchant of record behind the BigClash transaction;
  5. the processor, gateway and acquiring bank involved;
  6. any relationship between MixFind and Payabl;
  7. the use of play1.payment.sale or play1.payments.sale;
  8. the legal entity operating BigClash.

Any verified response will be reviewed and appropriately reflected in FinTelegramโ€™s reporting.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Stay Connected

9,906FansLike
48FollowersFollow
2,130FollowersFollow
- Advertisement -spot_img

Latest Articles