Title: Fraudulent Activity Report – Fseq Group (https://fseqgroup.co)

Type of Scam: Fraudulent cryptocurrency withdrawal scheme.

Lost Amount: $21,163.

Receiving Addresses:

Bitcoin (BTC): 1E7onHfN5PjXwgrrBzgEAEXRuDPdSf1S4u
Ethereum (ETH): 0xB76aFEb01c6AE2946451dFAaaCDC12425303dD88

Platform Involved: Fseq Group (https://fseqgroup.co).

Description: Victim attempted to withdraw cryptocurrency funds from the fraudulent Fseq Group platform. Funds were retained under false pretenses and transferred to the listed receiving addresses. Suspected fraudulent activity aimed at stealing deposited crypto assets.

Alert: Investigating https://fseqgroup.co/ – Possible Crypto Scam

If you’ve come across the website https://fseqgroup.co/, you might be dealing with a fraudulent operation. Our OSINT investigation has uncovered critical details that link this domain to suspicious activities, and we urge anyone with additional information to come forward and help expand our understanding of this scam.

As of October 2, 2024, the website was active, and we captured a screenshot to document its appearance. Initial investigations revealed that the domain is registered through NameSilo, LLC, a registrar often used in questionable operations due to its privacy-focused services. The nameservers associated with the site—jean.ns.cloudflare.com and doug.ns.cloudflare.com—are hosted by Cloudflare, Inc., a company that provides security and CDN services, often used to mask the true origins of malicious sites. The mail exchange (MX) record for the domain links to mx.submail.cn, which may suggest connections to a Chinese-based email service, further pointing to its geographic alignment.

Geolocation tracing of the DNS addresses for this domain pinpointed activity in China. While this doesn’t conclusively prove the physical location of the perpetrators, it offers a significant clue about the operational base of this scheme. The website’s IP address is also hosted by Cloudflare, indicating efforts to obscure its precise location and the entities behind it.

If you’re investigating this case or suspect you’ve been affected, these technical details—registrar, nameservers, MX record, and geolocation—can provide a starting point for further analysis. The association with Chinese infrastructure, combined with the use of Cloudflare, is a common tactic among crypto scams to evade direct attribution and legal accountability.

This is an ongoing investigation, and more evidence is needed to build a complete profile of those responsible. If you have encountered https://fseqgroup.co/, interacted with its operators, or experienced fraudulent activities related to it, please share your findings. Detailed transaction logs, communication records, or screenshots can help piece together the full scope of this operation. Together, we can uncover the truth and prevent others from falling victim.