A new layer of payment obfuscation has surfaced with the domain checkout.pliromy.com, acting as a silent bridge for high-risk transactions. Our initial analysis suggests this stealth gateway is closely tied to a recently formed Indian corporate shell and a network of shadowy traffic directors like puretransfer.io.
Analysis & Context: Peeling Back the Pliromy Network
In the continuous game of cat-and-mouse between regulators and offshore merchants, disposable payment gateways are the tools of choice. Our investigation reveals that checkout.pliromy.com functions as a masking rail designed to facilitate high-risk depositsโlikely for online gambling or unauthorized offshore trading platformsโwhile keeping the ultimate beneficiary hidden from European and global banking oversight.
When users attempt to make a deposit, traffic analysis shows they are often bounced between traffic aggregators like mellifera.tech, the payment processor puretransfer.io, and ultimately routed through the pliromy.com environment. This multi-hop architecture is a classic “red flag” designed to confuse acquiring banks and bypass merchant category code (MCC) blocks.
Domain Ownership and Technical Red Flags:
- Attribution & Ownership: While the exact WHOIS data for
pliromy.comis heavily shielded by privacy proxies. Shell companies like this are frequently used by offshore syndicates to secure merchant accounts and banking access under the guise of “publishing” or “software” activities. - Registrar & ISP: The domain infrastructure operates behind standard offshore privacy shields. It utilizes proxy registration services (such as Withheld for Privacy/NameCheap) and routes its DNS through content delivery networks like Cloudflare (acting as the ISP/host) to hide the true physical location of the servers processing these payments.
- Registration Date: Consistent with the incorporation of its suspected Indian corporate alter-ego, the domain infrastructure was deployed in early-to-mid 2024, marking it as a freshly minted rail built specifically for this current wave of processing.
Ecosystem Summary
| Domain | Domain Data | Known Connections | Role |
| checkout.pliromy.com | Reg: ~Mid 2024 Registrar: Proxy Shielded ISP: Cloudflare | puretransfer.io, virtpay.net puretransfer.io, cyberpay.link, payabl.com, mellifera.tech,csp-project.com | Primary Masking Rail / Checkout Node |
| Pliromi Payment Solutions (OPC) | Inc: April 2024 (India) Dir: Ravinder Singh Chandowk | pliromy.com (Suspected) | Corporate Shell / Merchant Account Holder |
Export to Sheets
Call to Action: Help Us Unmask the Operators
FinTelegram is calling on payment industry insiders, former employees of high-risk PSPs, and whistleblowers with access to offshore banking records to step forward. We need actionable intelligence to connect the dots on this network:
- The Beneficial Owners: Who is the true offshore operator behind the Indian entity Pliromi Payment Solutions and the
pliromy.comdomain? - The Settling Banks: Which Indian or international acquiring banks are settling the funds processed through
checkout.pliromy.comandpuretransfer.io? - The Merchant Clients: Which specific casino or broker brands are utilizing this gateway for their European or Asian deposits?
If you have processing agreements, internal emails, or bank statements relating to Pliromy or PureTransfer, please share them with us. Your identity is guaranteed absolute protection. Submit your tips securely via our whistleblower platform.
