A new FinTelegram forensic report maps strong technical links between Betzter and a wider casino platform environment through shared telemetry, byte-identical application assets, and direct SPTPub infrastructure markers. The report stops short of alleging common legal ownership, but identifies significant compliance, data-protection, and payment-transparency questions that merit regulatory and provider-side scrutiny.
2-Minutes Briefing
FinTelegram is making available for download its new report, “SPTPub Platform Cluster and the Betzter Network: A Technical Correlation Analysis.” The report presents the results of a passive OSINT correlation scan of 17 online casino domains and focuses on reproducible technical links between Betzter, several related casino brands, and a broader SPTPub-linked platform environment.
The analysis is based exclusively on public technical artefacts. No login was performed, no account was created, no deposit or payment flow was initiated, and no authentication endpoint or non-public system was accessed during the investigation. Across the completed evidence run, FinTelegram recorded 711 deduplicated technical markers, 55 hashed public assets, 559 certificate-transparency rows, and 133 URLScan references.
Download the SPTPub Report here.
Key Findings
- Betzter, Aphrodite, Gambiva, MadCasino, and Dracula were found to share core telemetry and deployment markers, including the same FullStory organisation ID, the same Sentry project, the same InvisibleSport and Pusher hosts, and a byte-identical Livewire application bundle.
- Four reference domains, namely BCGame, PlayGlobal, Spartibet, and RoxCasino, expose direct SPTPub API or start-host integrations tied to the stable cluster marker
c7818b61, which is consistent with a shared multi-tenant platform structure. - Betzter’s public application layer contains player-linked telemetry markers such as
Player.uuid,Player.email, private player-account channel patterns, and the event markerPlayerAccountUpdatedBalance, indicating a detailed player-event and telemetry architecture. - Betzter’s recovered Sentry Replay configuration showed
maskAllInputs false,maskAllText false, andblockAllMedia false, which raises material questions about session replay, identity-linked profiling, and GDPR-grade data governance. - The endpoint
api.sptpub.comwas observed resolving to159.69.41.140and159.69.41.141in Hetzner AS24940, making it the strongest current direct non-Cloudflare infrastructure lead in the dataset. - Despite extensive public checks, no confirmed cashier provider, PSP, merchant ID, gateway ID, connector ID, route UUID, acquirer, or Apple Pay merchant association was identified for Betzter, leaving the payment route as a documented and highly relevant disclosure gap.
Compact report description
The report identifies technical risk indicators, not proven wrongdoing. It establishes a strong technical relationship between several named domains through shared telemetry identifiers, direct platform markers, and byte-identical public assets, but it does not establish common legal ownership, beneficial ownership, or any regulatory breach as a matter of law.
From a compliance perspective, the relevance is clear. The findings raise questions about cross-brand telemetry aggregation, session replay, player profiling, opaque platform tenancy, and undisclosed payment-routing structures, all of which are directly relevant to regulators, payment institutions, hosting providers, and data-protection authorities.
The most decisive next evidence is likely held by providers rather than by further passive scanning. According to the report, the key disclosure targets are SPTPub, FullStory, Sentry, Pusher, Hetzner, and any payment or cashier providers that hold tenant records, account ownership data, routing metadata, and settlement information.
Whistleblower call
FinTelegram encourages whistleblowers with additional information on SPTPub, Betzter, Softon Ltd, InvisibleSport, NovaFlick, related casino brands, platform tenancy, payment routing, PSP relationships, acquirers, telemetry ownership, or internal compliance concerns to submit material securely via Whistle42.
Particularly valuable are internal contracts, onboarding records, merchant-routing data, tenant and Brand ID mappings, PSP and acquirer correspondence, telemetry account ownership records, hosting-provider disclosures, and communications with regulators or service providers.
