Summary of Vital Information:
Scam URL: bexio7.vip
Receiving Addresses:TLX3hrhobNJFtDBCcbp29qvedRyqEhaQ1x
0x4a0cc86295d8a8de36034696d4ffc4d6129f1072
TWTsJVm6x9AdymE5aNtqM9PApE3hqr5T4B
TN9b2gDzDnZeCwLL4eGSPjTgwRKKZSpyXD
Cryptocurrency Used: USDT (Tether)
Loss Amount: €14,271
Type of Scam: Fraudulent investment platform soliciting funds through misleading promises.

Title: Warning: Scam Alert for bexio7.vip – Critical Findings from OSINT Investigation

If you’ve been affected by the scam involving bexio7.vip, here’s what we’ve uncovered so far. This investigation reveals a web of deceptive practices aimed at defrauding individuals, and we’re sharing all the relevant details to assist victims and help further investigations.

The domain bexio7.vip is registered through Gname.com Pte. Ltd., with nameservers a.share-dns.com and b.share-dns.net, also hosted by the same registrar. The absence of MX records indicates no functional email communication tied to the domain, which is a red flag for phishing or fake business websites.

The IP address of the site is hosted by Amazon.com, specifically utilizing services in their Mumbai region. While this might suggest legitimacy, scammers often abuse cloud hosting platforms to conceal their true identities. Our analysis suggests that traffic may be routed through a VPN or proxy service, geolocating activity to India. However, this may not reflect the actual location of the operators, given the high likelihood of obfuscation techniques.

Technically, the site uses an nginx web server and has a history of Let’s Encrypt SSL certificates. While this might make the site appear secure to visitors, the certificates are improperly configured, with a “Common Name Invalid” issue detected in April 2024. This indicates potential misrepresentation or improper server validation, consistent with fraudulent activity.

Links to other domains remain unclear, but the site’s infrastructure suggests it may be part of a larger network of scams. These operators rely on technical configurations that make tracing them challenging, but entities like Amazon and Gname could hold critical data that could aid in uncovering their identities if subpoenaed.

If you have encountered transactions, emails, or any form of contact from bexio7.vip, or if you’ve come across similar scams with overlapping infrastructure, please share your insights. Together, we can piece together the puzzle and hold these bad actors accountable. Stay cautious, and let us know if you need guidance on reporting or recovering from the scam.