# qfsgesaravault.com.gesaraqfsvault.com — SUSPICIOUS

> Warning: qfsgesaravault.com.gesaraqfsvault.com is linked to phishing. Avoid sharing personal or financial info and stay cautious online.

## Summary
PhishDestroy identifies qfsgesaravault.com.gesaraqfsvault.com as a medium-risk generic phishing domain. It masquerades as a crypto marketplace under the name "Quantum Financial System," attempting to deceive users into divulging sensitive information such as account credentials or financial details. This type of threat commonly targets individuals interested in cryptocurrency trading, leveraging trust in crypto platforms to facilitate fraud.

The domain resolves to the IP address 198.23.156.130 and was registered through TUCOWS, INC. Notably, the domain's creation date is set in the future (August 17, 2025), which may indicate suspicious or manipulated registration details. The site has been taken offline and appears on at least one security blocklist. VirusTotal analysis shows that 3 out of 95 security vendors flagged this domain, reinforcing its potentially harmful nature.

Users are strongly advised to avoid visiting this domain or engaging with any content or communications associated with it. Never provide personal, login, or financial information on suspicious websites, especially those claiming to offer crypto trading services without verified legitimacy. Employ updated antivirus software and enable browser security features to block phishing attempts. If you have interacted with this domain, consider changing your passwords and monitoring your accounts for unusual activity.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: dead (HTTP 403)
- Page title: Home - Quantum Financial System - A crypto buy and sell marketplace

## Domain Intelligence
- Registered: 2025-08-17 12:09:44
- Expires: 2026-08-17 12:09:44
- Registrar: Tucows Domains Inc.
- Country: CA
- IP: 198.23.156.130
- IP Country: US
- IP City: Buffalo
- IP Org: AS36352 HostPapa
- Nameservers: ns1.host-forest.com ns2.host-forest.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 3 vendors flagged
  Vendors: ["CRDF", "Gridinsoft", "Seclookup"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199257b-797b-756e-9d93-5c7e8021d0ef.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/f475b4df-2737-4957-9e3e-8c8281b86397
- PhishDestroy: https://phishdestroy.io/domain/qfsgesaravault.com.gesaraqfsvault.com/
- LLM endpoint: https://phishdestroy.io/domain/qfsgesaravault.com.gesaraqfsvault.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/qfsgesaravault.com.gesaraqfsvault.com/
Last updated: 2026-03-19