By In the ever-evolving realm of cybercrime, one bulletproof service provider has captured our attention—AnonRDP.com. Recently spotlighted in Telegram groups such as “Spamhaus” (@spamcops) and “B F R e p o V 3 C h a t” (linked to BreachForums), this bulletproof service has become a notorious name among cybercriminal circles. Its presence is further evidenced by advertisements on Deep Web forums like BreachForums, Hack Forums, Nulled, Patched.
The domain AnonRDP.com was registered with Tucows Domains Inc on 4 October 2023. Interestingly, the entity is expanding its digital footprint with another domain, anonmail.club, registered via NameSilo LLC on 19 May 2024. This domain’s nameservers are hosted with asurahosting.com (Asura Hosting is a subsidiary of Aquiryn, LLC, Wyoming, United States).
AnonRDP.com offers a range of bulletproof services, including bulletproof VPS/RDP and dedicated servers in the Netherlands, as well as anonymous VPS/RDP solutions in select countries such as the Netherlands, France, and the United States. Their bulletproof web hosting, powered by Plesk, and domain registrar services (operating as resellers of Eranet) further underscore their expansive reach in the cyber underground.
Our investigation has now peeled back the layers of this murky entity, revealing that the operator behind AnonRDP.com is Yashvir Keshave, originally hailing from Mauritius. During our deep dive, a detailed map of servers, domains, subdomains, and associated infrastructure providers was uncovered.
This exploration not only unearths the complex network behind AnonRDP.com but also underscores the continual challenges faced by the cybersecurity community in tracking and countering bulletproof services that cater to cybercriminals.
Domain & Servers Infrastructure
During the investigation, the below servers, domains / subdomains and infrastructure providers were discovered.
| Server / Service provider | Notes |
| 195.206.234.56 (hostname: lg-phoenix.anonrdp.com), hosted with UAB Linama, Lithuania; transit provider: Leaseweb USA, Inc, Phoenix | N/A |
| 192.95.8.47, OVH SAS, Canada | SSL CommonName: status.anonrdp.com CNAME: reports.hetrixtools.com |
| 154.216.17.49, Shenzhen Katherine Heng Technology Information Co., Ltd, Hong Kong | Banner: 220 server15090.anonrdp.com |
| 154.216.20.55, Shenzhen Katherine Heng Technology Information Co., Ltd, Hong Kong | Banner: 220 server17828.anonrdp.com |
| 198.251.81.66, PONYNET, United States | anonmail.club Server: LiteSpeed |
Mapping the Online Accounts
Our investigation uncovered the below online accounts connected with AnonRDP.
| Platform | Username / ID | Notes |
| Telegram (username) | @anonrdp_team / 6813989237 | Registered: December 2023 |
| Telegram (bot) | @anonrdp_support_bot / 6772658950 | Registered: December 2023 |
| Telegram (group) | AnonRDP_com / -1002030113032 | 582 members |
| TOX | N/A | ID listed on anonrdp.com |
| Session | N/A | ID listed on anonrdp.com |
| blackhatworld.com | AnonRDP | Registered: 29 December 2023 |
| hackforums.net | AnonRDP / 5451242 | N/A |
| Patched.to | AnonRDP / 208020 | Registered: 5 November 2023 |
| blackbones.net | AnonRDP | Registered: 9 March 2025 |
| Breachforums.st | AnonRDP / 58716 | Registered: 31 October 2023 |
Exposing the Breach Trail
Our investigation into leaked datasets has revealed an email address—anonrdp@gmail.com—that appears to be associated with AnonRDP. Below is a summary table detailing the leaked datasets and the corresponding information identified during our research.
| Leaked Dataset | Notes |
| RaidForums 2020 | Email: anonrdp@gmail.com DOB: 31-5-1995 Nickname: iSentryMBA |
| Cracked.to 2019 | Email: anonrdp@gmail.com Nickname: kevinbyapple |
| Breached.vc 2023 | Email: anonrdp@gmail.com Password: a****** |
| Wakanim 2022 | Email: anonrdp@gmail.com Registered IP: 102.112.13.253 (Mauritius Telecom Ltd) Nickname: yashvirgaming Country: Mauritius |
| Gravatar 2023 | Email: anonrdp@gmail.com Nickname: mrroyos |
Further analysis of password pivot data associated with anonrdp@gmail.com uncovered an additional email address: yashvirbins03@gmail.com. Below is a summary table outlining the leaked records for this email address.
| Leaked Dataset | Notes |
| Breached.vc 2023 | Email: yashvirbins03@gmail.com Password: a****** |
| Netflix | Email: yashvirbins03@gmail.com Password: a****** |
The email anonrdp@gmail.com was identified to be registered on the below online platforms.
| Platform | Username / ID | Details |
| ID: 115481689328282269339 | N/A | |
| Chess.com | Yashvirgaming / 105567456 | Registered: 19 December 2020 Profile Url: chess.com/member/yashvirgaming Country: Mauritius |
| Myfitnesspal.com | YashvirGaming / 128926239993789 | Registered: 9 November 2020 |
| Smule | Anonrdp / 2592604928 | Profile Url: smule.com/anonrdp |
| PayPal | N/A | N/A |
| Plex.tv | anon922 / 2c87d188269c0737 | N/A |
| Dropbox | AABgcq5nnEEj-2_y69TlmrHRYTdzslBZoEA | Name: Kesh Av |
| Quora | Kesh-Av-5 / 919347574 | Name: Kesh Av Location: Quatre Bornes, Mauritius |
| AliExpress | KeshAv_3251562735 / 1648841059 | Name: K***h A.
|
The email yashvirbins03@gmail.com was not found to be registered on online platforms.
Further investigations into the username “yashvirgaming” have uncovered a wide online presence, as summarized in the table below.
| Platform | Username / ID | Details |
| YouTube | YashvirGaming / UCLweHOQSJw_kT_p1kZctCGg | Registered: 3 March 2020 Email: yashvirgamingpro@gmail.com Name: Yashvir Gaming Profile Url: youtube.com/channel/UCLweHOQSJw_kT_p1kZctCGg Linking to: – instagram.com/officialyashvirgaming – twitter.com/yashvir__gaming – t.me/officialyashvirgaming – discord.com/invite/7QFCFuyAZw NowPayments donation: nowpayments.io/donation/yashvirgaming PayPal donation: keshavecaussy “J7 Prime Repairing” paypal.com/paypalme/keshavecaussy StreamLabs donation: streamlabs.com/yashvirgaming/tip Featured YouTube channel: officialyashvirgaming Profile Url: youtube.com/@officialyashvirgaming |
| YouTube | Officialyashvirgaming | Registered: 8 May 2023 Email: ishowspeedplaysfortnite@gmail.com Linking to: – bio.link/yashvirgaming – cash.app/$YashvirGaming (inactive) – t.me/officialyashvirgaming – facebook.com/groups/svbconfigsmaker – paypal.me/dmyashvirgaming (“Bhooshan Dewkee”) Admins of Facebook group “svbconfigsmaker” – yashvirgaming.info – Yashveer KC (ID: 100089623027697) – ikeshavecaussy (“Keshave Caussy”) – yashveercaussy (“Yashvir Yashvir”, Mauritius) |
| Steam | 76561199056893936 | Name: Yashvir Gaming Profile Url: steamcommunity.com/id/YashvirGaming/ |
| Snapchat | Yashvirgaming | Name: Yashvir Gaming |
| GitHub | YashvirGaming / 64865096 | Registered: 5 May 2020 Profile Url: github.com/YashvirGaming Bio: “Currently making Windows App Api, Android Api, iOS Api Configs. Akamai Generating HTTP Data Sensors Bypass & a little of Coding too”. |
| Twitch | YashvirGaming / 175428130 | N/A |
| Telegram | Yashvirgaming / -1001218851139 | Links to: – t.me/privatecombolist – RDP stealer (t.me/rdpstealer) |
| Discord | YashvirGaming | N/A |
| Pastebin | Yashvirgaming | Registered: 13 April 2021 Link: pastebin.com/u/Yashvirgaming |
| Keybase | yashvirgaming | Profile Url: keybase.io/yashvirgaming/ Linking to: – @YashvirGamingAdmin (ID: -1001630975396) on Telegram – OfficialYashvirGamingConfigs (ID: -1001674238062) on Telegram Bio: “I’m a config maker and combolist dumper I create iOS & Android Api Config’s for Openbullet, Silverbullet etc Paid configs accepted too”. |
| Trello | Yashvirgaming / 5f0b711f61e893329f8d8f3c | Registered: 12 July 2020 Profile Url: trello.com/u/yashvirgaming |
| Imgur | YashvirGaming / 123841575 | Registered: 12 February 2020 Profile Url: imgur.com/user/YashvirGaming Description: screenshots of cracked accounts, including Netflix |
| YashvirGaming / 5vht43oo | Registered: 11 March 2020 Profile Url: reddit.com/user/YashvirGaming/ Moderator of /r/svbconfigmaker (subreddit) Linking to: – YashvirGaming (YouTube) – Officialyashvirgaming (YouTube) – Officialyashvirgaming (Instagram) – discord.com/invite/7QFCFuyAZw (Discord) – yashvirgamingconfigs (Tik Tok) – yashvirgaming.info (Facebook) – yashvir__gaming (X.com) Description: posted in Mauritius-related and AliExpress-related subreddits | |
| PayPal | Yashvirgaming / MSE8SHBX5UXE4 | Name: Yashvir Gaming
|
| Tik Tok | Yashvirgaming / 7107107123469370373 | Registered: 25 October 2022 Profile Url: tiktok.com/@Yashvirgaming Location: Mauritius |
| Gravatar | Yashvirgaming | Name: YashvirCrackinGod Bio: “Hello I’m a legit Rocketr.net & Selly.GG Seller, I sell HQ Combos, Paid Proxies, eBooks Cracking, Configs, Accounts VPNS, Accounts Netflix , Spotify in bulk & at cheap prices”. |
| Chess.com | Yashvirgaming / 105567456 | Registered: 19 December 2020 Registered email: anonrdp@gmail.com Location: Mauritius |
The email yashvirgamingpro@gmail.com was identified to be registered on a PayPal account, linked to the phone number: +2305 *** 804 (Mauritius country code). The email ishowspeedplaysfortnite@gmail.com was found to be registered on a PayPal account, connected with the phone number: +2305 *** 327 (Mauritius country code).
Payment Processors Linked to AnonRDP.com
During the investigation, AnonRDP.com was identified to be using NowPayments.io (payment service provider based out of the Netherlands) for facilitating cryptocurrency transactions. We have noticed that NowPayments.io has been listed as a payment donation option on the YouTube account “YashvirGaming”. We have identified that AnonRDP.com is using the KYC-compliant cryptocurrency exchange, ChangeNoW.io (37jdMXYbvg3dKzJ4pGSYiABiXoBy4putZq) to receive payments related to illicit services.
Conclusion
Yashvir Keshave (A.K.A. “YashvirGaming”) is highly involved in the underground ecosystem of config creation, cracking tools, and digital account trading. With a presence across YouTube, GitHub, Telegram, and other platforms, he has effectively built a brand that merges content creation with illicit monetization. His consistent use of the “YashvirGaming” identity, coupled with donation links and social accounts tied to real names and Mauritius-based activity, reveals a calculated effort to profit from cybercriminal services while maintaining a visible online persona.
