# xmrwallet.cc — Escape Domain #1

## WHOIS
| Field | Value |
|-------|-------|
| **Registered** | 2026-02-04 |
| **Expires** | 2034-02-04 (8 years prepaid) |
| **Registrar** | PDR Ltd. d/b/a PublicDomainRegistry.com |
| **Status** | clientTransferProhibited |
| **Nameservers** | NS1.DDOS-GUARD.NET · NS2.DDOS-GUARD.NET |

## Hosting
| Field | Value |
|-------|-------|
| **IP** | 185.129.100.248 |
| **ASN** | AS57724 — DDOS-GUARD LTD |
| **Country** | 🇷🇺 Russia — Rostov-na-Donu |

## Key Facts
- Registered **2026-02-04** — days after our investigation became public
- Paid **8 years in advance** (until 2034) — not a temporary backup
- DDoS-Guard nameservers + DDoS-Guard IP = full abuse-resistant stack
- PublicDomainRegistry.com (PDR) is known for lax abuse handling
- Abuse contact: **abuse@publicdomainregistry.com**

## Report
- abuse@publicdomainregistry.com
- https://www.virustotal.com/gui/domain/xmrwallet.cc
- https://safebrowsing.google.com/safebrowsing/report_phish/