- This topic is empty.
-
Topic
-
Type of Scam: Investment Scam
Receiving Addresses:
0x5fbe32483b8b4874b3963dc520de2ec51634edc0
0x1f34db5e26a7687f6ce99fe5da606ae4eb168253
0xa68e12a0759c4c2588b9069c8e3d5092defdab5b
0x260548ee4ce6f83acae5df8899ff1ae438f1a747Blockchain: Ethereum
Amount Loss: $88,716.00
r0b7sabd1z3cb5u7lv7n94n2a42lmnqv.png" alt="" />
Open-Source Intelligence Analysis: Preliminary Findings on Fraudulent Activities Associated with changciiya.vip
Current Website:
The investigation focuses on the website changciiya.vip identified as part of fraudulent activities. The website’s content and functionality were reviewed as of August 6, 2024. The findings indicate a professional layout designed to target victims, employing modern web standards to maintain credibility.Domain and Hosting Information
Registrar: Gname.com Pte. Ltd.
Nameservers: share-dns.com, share-dns.net, hosted by Gname.com Pte. Ltd.
ISP: Amazon CloudFront, providing the hosting for the domain.
No MX (mail exchange) records were found, indicating that the website does not rely on associated email services for communication or scams.Technical Analysis
The domain employs several frameworks and technologies:Frameworks: ASP.NET, indicating reliance on Microsoft’s web application development tools. Detected activity dates range from April 2023 to July 2024.
Mobile Optimization: Implementations for mobile compatibility and scaling (Apple mobile web clips, viewport meta tags) were identified, supporting a responsive web design.
Web Servers: Microsoft IIS 10, showcasing server infrastructure based on Windows systems.
Document Standards: HTML5 and UTF-8 encoding were used, ensuring compatibility with modern browsers.Key Observations
The website leverages robust hosting and technical frameworks that enhance legitimacy while masking fraudulent activities. Amazon CloudFront’s distributed architecture adds a layer of anonymity to the operation, making it harder to pinpoint physical server locations.Recommendations
A subpoena is suggested for:
Registrar (Gname.com Pte. Ltd): To obtain ownership and registration details.
Amazon CloudFront: To trace hosting and server information that could reveal the IP origin.
Microsoft: To provide insights into the use of ASP.NET and IIS services linked to this domain.