Comment by cookiengineer
8 months ago
Look up "www.crimeflare.org/cfs.html" in the web archive on http port 82.
This guy ran a DNS for years to prove it until he disappeared. Lots of nazi websites, ddoxing sites, crime networks, conspiracy sites, ransomware groups and russian misinformation campaigns that he uncovered.
Honestly I don't see another way to gather the data necessary for this otherwise. You have to have the DNS data to be able to imply intent.
How crimeflare worked: https://www.marketingscoop.com/tech/piercing-the-cloudflare-...