Home » Topics » Investment Scams » Fraudulent Cryptocurrency Receiving Addresses Linked to https://www.changciiya.v

Tagged: 

  • This topic is empty.
  • Creator
    Topic
  • November 23, 2024 at 5:31 pm #4239 Reply
    Manju Ram
    Participant

      Type of Scam: Investment Scam

      Receiving Addresses:

      0x5fbe32483b8b4874b3963dc520de2ec51634edc0
      0x1f34db5e26a7687f6ce99fe5da606ae4eb168253
      0xa68e12a0759c4c2588b9069c8e3d5092defdab5b
      0x260548ee4ce6f83acae5df8899ff1ae438f1a747

      Blockchain: Ethereum

      Amount Loss: $88,716.00

      Open-Source Intelligence Analysis: Preliminary Findings on Fraudulent Activities Associated with changciiya.vip

      Current Website:
      The investigation focuses on the website changciiya.vip identified as part of fraudulent activities. The website’s content and functionality were reviewed as of August 6, 2024. The findings indicate a professional layout designed to target victims, employing modern web standards to maintain credibility.

      Domain and Hosting Information
      Registrar: Gname.com Pte. Ltd.
      Nameservers: share-dns.com, share-dns.net, hosted by Gname.com Pte. Ltd.
      ISP: Amazon CloudFront, providing the hosting for the domain.
      No MX (mail exchange) records were found, indicating that the website does not rely on associated email services for communication or scams.

      Technical Analysis
      The domain employs several frameworks and technologies:

      Frameworks: ASP.NET, indicating reliance on Microsoft’s web application development tools. Detected activity dates range from April 2023 to July 2024.
      Mobile Optimization: Implementations for mobile compatibility and scaling (Apple mobile web clips, viewport meta tags) were identified, supporting a responsive web design.
      Web Servers: Microsoft IIS 10, showcasing server infrastructure based on Windows systems.
      Document Standards: HTML5 and UTF-8 encoding were used, ensuring compatibility with modern browsers.

      Key Observations
      The website leverages robust hosting and technical frameworks that enhance legitimacy while masking fraudulent activities. Amazon CloudFront’s distributed architecture adds a layer of anonymity to the operation, making it harder to pinpoint physical server locations.

      Recommendations

      A subpoena is suggested for:

      Registrar (Gname.com Pte. Ltd): To obtain ownership and registration details.
      Amazon CloudFront: To trace hosting and server information that could reveal the IP origin.
      Microsoft: To provide insights into the use of ASP.NET and IIS services linked to this domain.

    • Creator
      Topic
    Reply To: Fraudulent Cryptocurrency Receiving Addresses Linked to https://www.changciiya.v
    Your information:




    Scroll to Top