Report - qfssecure.com/wallets.html

Report Overview

Submitted URL
qfssecure.com/wallets.html
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-04 11:10:26
Access
public
Website Title
Final URL
Tags
crypto phishing
urlquery detections
Phishing - Generic Crypto/Wallet

Detections

urlquery
92
Network Intrusion Detection
0
Threat Detection Systems
190

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
app.uniswap.org	263369	2018-11-26	2020-07-01	2023-05-31	527 B	42 kB	104.18.22.54
appwalletconnects.org	unknown	unknown	2021-07-14	2021-07-14	927 B	0 B	0.0.0.0
qfssecure.com	unknown	2023-05-20	2023-05-20	2023-06-04	46 kB	3.0 MB	188.114.96.1
code.jquery.com	634	2005-12-10	2012-05-21	2023-06-03	437 B	31 kB	69.16.175.42
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-03	1.3 kB	2.8 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-03	1.5 kB	57 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-04	medium	qfssecure.com/
2023-06-03	medium	qfssecure.com/wallets.html

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-06-04	medium	appwalletconnects.org
2023-06-04	medium	appwalletconnects.org

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-19 20:55:27 Times Seen259907 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	qfssecure.com/WalletAPI_wallets_files/js1.js.download	1.7 kB	2023-03-07	2024-04-10
Pretty URL qfssecure.com/WalletAPI_wallets_files/js1.js.download IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:16 Last Seen2024-04-10 07:37:16 Times Seen68 Hash 6ff36530d3c29b985ea36421b40c8f31 c8cba9b526cbbb6368059f2c3c8a7be8ffa8913c 4feadfbdd29d2e637431d17dcf2f72f96ac56051bc6c04757a3cf161a8a1f83b Loading...

	qfssecure.com/WalletAPI_wallets_files/js2w.js.download	4.8 kB	2023-03-17	2023-06-26
Pretty URL qfssecure.com/WalletAPI_wallets_files/js2w.js.download IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:28:38 Last Seen2023-06-26 20:35:38 Times Seen9 Hash 9b7a9e4ac8c45bc33cf42e673ffdae5f 08fae2e6b1be0a1524f10efe1680c9513bbd4440 2c92a15d1cda383a969bc1059962305fbd35c8e7995fe00b684cc63ca523bdb5 Loading...

	qfssecure.com/wallets.html	771 B	2023-04-23	2023-06-26
Pretty URL qfssecure.com/wallets.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-23 07:23:39 Last Seen2023-06-26 20:35:37 Times Seen4 Hash 68f59f8882b77f67ac17f6ab9dac2b20 31ee6adef85d9851711fc3f01b3faa9be122ab29 f58ab45a8cdae096c7baabbe9fb625394e904ad2c2f3085f706738219698dcd6 Loading...

	qfssecure.com/wallets.html	4.5 kB	2023-04-23	2023-06-26
Pretty URL qfssecure.com/wallets.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-23 07:23:39 Last Seen2023-06-26 20:35:37 Times Seen4 Hash 8deb134963769b6ef1331958fd920be3 8bd48f05c56cfc0e70bc3c16d070b326451e9dc4 6d2cf5dce728adeb4f84243173e78fd827a58e078e2fd06f9aa8bf37ecf4a621 Loading...

HTTP Transactions (104)

URL IP Response Size

qfssecure.com/WalletAPI_wallets_files/ledgerwallet-c56784b26234a389632687a36d548d4.png

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/ledgerwallet-c56784b26234a389632687a36d548d4.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size
1.0 kB (1014 bytes)
Hash
0982fa34a74cf600550726d644c3d226
c28e858e15efba6d6ba98c932260a75bcbf484b4
53a2a6318e9dfa7f51637a97c78445c788d3ef1f079195d3e07e82caf47892fa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/ledgerwallet-c56784b26234a389632687a36d548d4.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 1014
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:04:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2F12XB5NlxyGf%2FlGRxiqqsufYK8%2B23a6o%2FgCgcVoLWtRoLldq8ODQ6t0Sf%2F8vV0LpVXp3nC3Dl6tAl9Sv81pWGA%2BxJ7AP5UyikX9hw1JhOLgp8EdhSvnQawk%2B4hhsqR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c5fb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/meta.png

188.114.96.1

200 OK

43 kB

URL GET HTTP/3
qfssecure.com/meta.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (43308 bytes)
Hash
69ce6b56bbc9953dfb4aecebdf88729b
c82b63da5dba9b1166b748f22d361a65d42ede34
905e608a2f4aeaa6aad215988f7e3426a935986b0adb556cf2e1e548748f0a7b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /meta.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 43308
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Sun, 14 Nov 2021 15:00:59 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAJTfx6dCPS68%2BfP5g4%2BbJEabXM7SmcYgwltJ6W0h92%2FvUV%2FRde3bxuWS0t%2B64s182mmyZVe75FCMCmHfUvcKZPHXdp41T60x8g5nDixN8rBOPYCJyRHkYRSKs53i0Hw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c58b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/iogo.jpg

188.114.96.1

200 OK

39 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/iogo.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 78x78, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 1280x789, components 3\012- data
Size
39 kB (38639 bytes)
Hash
854a424ad9e76ec0e4459288718b8f95
d8c3718ff43bf84b84bbd23f5f72223110817cf1
3909d0caae132d70a750dfedfe1383bcbc2f8f23b8e39d35e74d5131ab3eb58c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/iogo.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 38639
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:36:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SITTLOLLRQsdxKNHRq4jV2JRwM%2BwLNJ9Pv36cJiP5prT5RNv%2BvJ%2FxhpCDJdVzn5tlfrM8Q3RUHAXf0dEhTEnrZpY2baCCno3UAsiUXiqtyGVpO7ltppUurtAji%2BHQM7q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c51b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/trust.png

188.114.96.1

200 OK

27 kB

URL GET HTTP/3
qfssecure.com/trust.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26907 bytes)
Hash
66f8777532931d9c09b633344981a6a9
45e040b51f16d8bd53c219bc53c228c9616ea228
a58785e444b7cbbbfa612aa6b0c9e090cfd4334960ffcc797f295fa2f0b7e32d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /trust.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 26907
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Sun, 14 Nov 2021 15:01:15 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBYS5CsVOLsn%2Ffs2yiCt9db3Kc2C2MBS9QP53Q7adf%2F4QB4ZVVLObfMyWfx%2BvTn8laWzDDjaKT404zfs3YCg72U%2Bwq30tWqwDssz8M6JmHBsnoIz6ndB73OpzZirdxcL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c4bb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/stagazer.jpg

188.114.96.1

200 OK

4.9 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/stagazer.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
4.9 kB (4853 bytes)
Hash
14fba9d5ef8ee08743be321c13498ed7
62b4f175a367a45ea1f23dfd8bb1995921159842
a3c85fc3d21fcc0a7507e7a38da6d319c1ead1d22944d70501df39a3d69f0104

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/stagazer.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 4853
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Tue, 12 Oct 2021 03:09:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycpBxGVhgzbOZMF8B7AOMJSlo4WX8%2Fli95uytaZj95c1X4uKfG%2F5jOC0gJg97DG0Bs6LQzuVkFaDBwAG686xaje2oifofNH9QeLkRAQN%2BdGC%2BIc09ybAiDWR5La6A1wt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c5cb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/oasis.png

188.114.96.1

200 OK

1.8 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/oasis.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 192 x 192, 4-bit colormap, non-interlaced\012- data
Size
1.8 kB (1845 bytes)
Hash
986617601de9b57fafa15018bf613caa
3932606a8dca64791ab62010181c1a26e92960ba
cae8ccea330188746bb8593b1cff63e73d18f5eb31f5eda933fb4ca52c002d55

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/oasis.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 1845
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Tue, 12 Oct 2021 03:27:42 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MF5dZklAXIKfvuAqF2%2BwgEstyNoKU%2FZlV9wyspIb9BB6DnfGgT2yOLAr%2BwFRsU3pqLQ9v1YV%2BB56paKG%2FgjHs1vDAPhVfXf7ib3H%2BQ66VWkwLn%2FAyPA18CDfK99q1xLo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c5db4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/phantom.jpg

188.114.96.1

200 OK

6.3 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/phantom.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Size
6.3 kB (6319 bytes)
Hash
dc8543d6d5afb7a1b8371f0849447cbd
1a8524d542b2a8f2b1228fd93ca92a87062d5af5
e191d7411a4272d2587966baafda1b5f3d68e0c10d95d1a6c316ad44298cb7c7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/phantom.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 6319
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Tue, 12 Oct 2021 03:37:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2BWSm3WKLrM%2FWIt7rbyNtO2dvQe0InkM7IC6VHdB17UV7j6%2F%2BXTSqxTRbyP3dia6lo8V3RREfaHuRiiegoLOsxWDHZ74tkXOcQyw%2FWlnQWEEuAEN%2FeZ6SeVANj6CTEK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c5eb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/tron-20fg49jbfj9488dhvd76975js73648.png

188.114.96.1

200 OK

8.8 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/tron-20fg49jbfj9488dhvd76975js73648.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
8.8 kB (8837 bytes)
Hash
4e5407c9b7d3c707891670bebc3dc2f5
c876e0c240590e77697e3acd9a552fba029f0273
87252a117baf1a2b7e1642136a920b9075bf0b4e732fd8e7c8b14d8d0461b423

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/tron-20fg49jbfj9488dhvd76975js73648.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 8837
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:16:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ser8gCZ%2BMxu0SMXtBNe2nkDroT5gdH73BS6y%2FIxeFvCpLbFso2Qfnm1UuPmELvYRgPaZ5CVFBWuV7jB2wv8fsCmxvJqx0r%2F8R9O3cUG%2BrhVUJQV%2BOjGsDJfL1HWBmxMs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c60b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/imtoken-fd8c7c52dac6101568954e7448a49202.png

188.114.96.1

200 OK

16 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/imtoken-fd8c7c52dac6101568954e7448a49202.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Size
16 kB (16524 bytes)
Hash
f0df9d44f9959b4f153a81fe5050e051
18baeb6efd7b6f929432a2d20fd5858c225c2c1b
f0c3ec0a5a55984c9d9f25774bbea242596b5d976a65579f6ebaf82002a360c6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/imtoken-fd8c7c52dac6101568954e7448a49202.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 16524
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:36:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HDapxmgDwfV1qxFL9cULFXHwW3e1EJ90uBJipwc4BZ4VDBYvnxdUasd6szHbYBegB%2FSB0K2TTCecuPMuzWn0ZPzO9GTT261ryXTXwK527pZWBb6wHftgUgRXBQ3d%2BO7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c85b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/success.gif

188.114.96.1

200 OK

266 kB

URL GET HTTP/3
qfssecure.com/success.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
GIF image data, version 89a, 284 x 278\012- data
Size
266 kB (265538 bytes)
Hash
a1057dcb644d8729f4f76b2032f21743
a682718730e4b235ae73134c24c0c9e0ba992537
d36e9356cff831f19ad7e05881c5309491aca041af6063e9dfd390c5c778bc11

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /success.gif HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/gif
content-length: 265538
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:27 GMT
last-modified: Sat, 13 Nov 2021 22:10:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgDqVNyrkKn0FbjCxXJ%2BpQK6FmBc2bLxUnybt4JWRgv5Dc8CzmaFPgn1C%2BTZUJ8tLp5K4Z42T0%2F1ceropam932gUmQ6fLQNxdXq1l1AaUWwe3jMk%2FHQK94JO9H3%2F9wJt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c4eb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/atomic-4c02d2b33cf091fd83c7a49819394e41.png

188.114.96.1

200 OK

123 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/atomic-4c02d2b33cf091fd83c7a49819394e41.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1800 x 1800, 8-bit colormap, non-interlaced\012- data
Size
123 kB (123157 bytes)
Hash
5615862ea7831a623e802c7e0e0aa088
dfe853ca3a4d56c25e88eef043cb8033dd614199
b8301578f01f78cb9b3a609ac8fb0b920e68422115476c9dfa3ce15879ad5625

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/atomic-4c02d2b33cf091fd83c7a49819394e41.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 123157
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:36:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCAqRuOrMaft3IrZabL1wJEel5ZFT1XTnNBlA0X23OlmpbRYSNMZl2CFErOjcIfzQsDgud7jM4YnnO2q3Kfnm22DYG%2BkrLRrypBupSOtRS9EBdWQ20G%2BUUktU%2BRaKK3q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c57b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/rainbow-207dda8d66f8ffc00a21e4fcc5ce0a73.png

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/rainbow-207dda8d66f8ffc00a21e4fcc5ce0a73.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 420 x 420, 8-bit colormap, non-interlaced\012- data
Size
22 kB (22036 bytes)
Hash
b2521ef2692ac7c8802b1d17d494f2e8
ba4a36fe55376d0b43410230ece5b99d7e57504e
2e4a7b4b020e2822694880cdecc65e35972e7f961db8596912f92b8fe2af1d40

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/rainbow-207dda8d66f8ffc00a21e4fcc5ce0a73.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 22036
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:36:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZE9aU7MhAGFVRuRmeJUmRdicxKTdQwgIdKRIblD6JqdkM%2BlN7kCWLbxAV6B1GrFIcJzkgHwU15SC0gbQAjKLHLj7%2FenaWa0dMR9COe2TR68znUYs%2BwpaK2kOAcOWIhD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c5ab4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/anchor.png

188.114.96.1

200 OK

4.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/anchor.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 360 x 300, 4-bit colormap, non-interlaced\012- data
Size
4.6 kB (4586 bytes)
Hash
0262f0c64d1dee169d7f0efb5ab090c5
2f871b600cdb960fe88d65e09559d93ce89fb648
02aa8d821fcaf612c624e9fe5244895feedbdfc5784642799d745e75ca4ee86b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/anchor.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 4586
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:36:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC%2FvPHrVMiLUNAkbjSUHeH4BxW5KFbbABuzNIQ7vptM6Jcz7KMYidAzyP%2BvNS7UhYVj4oEqdal5bCHTZ3EnmbY46WNjR2A9Qk7HvXHc9jjC7g8%2F98E6NnakY0LFkRyyl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c86b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/onto-983003d35fe32bf916f9eda381f138f7.png

188.114.96.1

200 OK

8.4 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/onto-983003d35fe32bf916f9eda381f138f7.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
8.4 kB (8388 bytes)
Hash
9747beb608ad621d9602901df58d7d8e
59f8e6d6874a8214caf31036b2584afcc50e835e
10340ccc4fce1c9ad810ff8aae7405699f57a7f41f411c593b7a6962ff945975

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/onto-983003d35fe32bf916f9eda381f138f7.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 8388
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:27 GMT
last-modified: Mon, 26 Jul 2021 11:36:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7L6tYFW%2BmaVRlAbg0VizHJlFYxUMrYHEs89bwcqOf8A8R998Qy1yuHz725lshHCrIysU3kMkkI5f3X84TIwtm%2FXXwft6XTjiqhu2BU1ttHPB%2FhYe6e1bUgBeNGU7AhE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c82b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/tokenpocket-57a4a886cc644e5237ac1558226154cb.png

188.114.96.1

200 OK

6.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/tokenpocket-57a4a886cc644e5237ac1558226154cb.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1025 x 1025, 8-bit colormap, non-interlaced\012- data
Size
6.6 kB (6590 bytes)
Hash
442235cb72d9e15c295369041e396e73
726d60d9c09f48b8268b0323b4f41845c18c0c6c
7d29d77c8e6e0425979ff3712689a22bc8a8c07d2653da57c620a828b5944203

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/tokenpocket-57a4a886cc644e5237ac1558226154cb.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 6590
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLaK5ZAlVE4eb13v9pB6lkW3IsTkfyhi7yfpURQh6YFhgCvDThBqeEMFO5HqzzaYXRGhd%2FQTCMyr03pAAmgzlpETrvlamKW6ID3bXtFwhP5HkIui2%2F1fYHSPH2B0FH7l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c92b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/math-wallet-9e2256cfa5aad3b33af05f3fee4dc9ef.png

188.114.96.1

200 OK

31 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/math-wallet-9e2256cfa5aad3b33af05f3fee4dc9ef.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Size
31 kB (30923 bytes)
Hash
8ef1856a4f6cb16038b2608bf32c6bdd
477f99be9dd16d7ad84ec6f0451a9d9baea92391
d5d2cfce4b759fc1d2e19f4d2b5800935934defaf6cb7eb09550aeebb8f45405

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/math-wallet-9e2256cfa5aad3b33af05f3fee4dc9ef.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 30923
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXdKT5BmqPsyPdggWooIFZoOGZwXNJdadJRoa%2BRvJikGwX5AHXGMx6Dkb4RYKcZfhX3QJCVwPE7bbMNaB7oNvdRWjKxMKP%2FTdaGoo4QjNCt5DSi7lCA1HYFueJTDxfBa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c90b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/walletconnect-937864acv3dh637ajhd634583.jfif

188.114.96.1

200 OK

4.9 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/walletconnect-937864acv3dh637ajhd634583.jfif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Size
4.9 kB (4930 bytes)
Hash
a5b10015bccdb9fd3bd4fab991df1a77
990aa322ec12abdf340d9ebd1f0c58fd7010c789
cc3d45d4e2bea197ba54583e311e50c9254b9b93936f2780d9481d95cdf0a7c3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/walletconnect-937864acv3dh637ajhd634583.jfif HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: application/octet-stream
content-length: 4930
last-modified: Wed, 28 Jul 2021 14:33:36 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c657NEjDGRfBpzfbD1RN2YlCrUZ6EK%2FE%2BMelTcxFE%2FQQ03gctepVm7WwpvYSh1v9SHPuvyYelJY9NnM1WLBgQo7vig1kNwmvM1seJDACTr%2FvB8HvE%2Bqbwz8PJ0PFbiz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fba3f5c55b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/crypto-4cbeac57421fb3ca2573db2cf448169a.png

188.114.96.1

200 OK

27 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/crypto-4cbeac57421fb3ca2573db2cf448169a.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
27 kB (27261 bytes)
Hash
500937c7bb85e0bb58e5043461f80b9f
a4a541efa9c55735354bc8ba8b929abfbd947b38
663d35a3d897c47e87516ff63f3913ef3025c3b13b01ad056d00ba856172d8b7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/crypto-4cbeac57421fb3ca2573db2cf448169a.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 27261
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:36:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efP5qQQqeoQrxIS8WLWD1S%2FsjvvHzqQr41eSB%2Fq8mUIsbvZFjBJK1zTMuMRgnFq1Ivh%2B0Oo9XjorDy46T1D8x8TwnMDDNX4DVtfjAjT7Ms2%2FbRmyOEaXxwQ%2F9AnAoqyF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c5bb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/sollet.jpg

188.114.96.1

200 OK

2.5 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/sollet.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size
2.5 kB (2495 bytes)
Hash
ac407e382bd580858707e414a1e4ceeb
74afd2d5e9c46073c929037995af0cd79188ac57
2c1b94bc9eb293e6a3747f7d2092e8ba5e78aa505c95c74dac38d552de1d9dd8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/sollet.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 2495
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Tue, 12 Oct 2021 03:39:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C6JTXl%2BHeSZXtzhLLcrUDBvU9I%2BC4EsQLeVABzhiI1DdjYshYP4RsQ5yBxqu3bL5qsAleWVX8aldoMcGkgDbuZTOY5Dx3ZPRLU4FQIiVxLt43rJR4xJpuc9tMROYImw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f5c66b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/solflare.png

188.114.96.1

200 OK

3.8 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/solflare.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
3.8 kB (3779 bytes)
Hash
b4d373c93274cb824e225faa4f24ba56
14421090239bbfb525d08dc913573bd848061174
87da59ecd0bb7dbd395b7e45e9f379ec6120db6529362f3c6a5c535b179f1cdd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/solflare.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 3779
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Tue, 12 Oct 2021 03:45:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h949q%2BtrU5n4%2BWtZbzA6XBbA%2FIcKeF6P6QEoOUuIyQAb65aJjuIXVUOgdB9FTLHak%2BQAZMHaa4N5yF%2F4rfN4SCK4L7P4OVB8Gm4EQxothSRXeGznXemzaoMDfT15HUFD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c6eb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/yoroi.webp

188.114.96.1

200 OK

17 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/yoroi.webp
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
17 kB (17178 bytes)
Hash
1b2a8c6c9a78f175a3e83d8bb94db700
690b2a75207ae27242bfa58a5af748ea234dad2a
0dc5816f1e847bff68aed4f74ebba5427be905f5c059ac13e71ec327a94d4851

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/yoroi.webp HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/webp
content-length: 17178
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Tue, 12 Oct 2021 03:46:30 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmC7Um5sDugDP6LlW9Swzeu8FqD13bV47pwlCrAvmhOc9j6hyeWCnCiN34oiBvlIWp2E4uSJYmg2XLHkmwFHcM1CpzNKELc2PGQST7I7L8UQCpxXz5rGhZ3vf%2FTBwR%2BS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c6fb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/bitpay-1573dd6c95eb38386f181048663590d0.jpg

188.114.96.1

200 OK

7.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/bitpay-1573dd6c95eb38386f181048663590d0.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Size
7.6 kB (7554 bytes)
Hash
5c1f0b3baa9072f7d0d76066fa67cb54
f5ec960f111ef16ee27b1c1e1b4a0c0b4e530c17
6a3def54dde9303756979ae76f8f310509488bb9559be873c54a4ca4bf23a8be

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/bitpay-1573dd6c95eb38386f181048663590d0.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 7554
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cv3LSmCXc6eKYVNNwUV8%2BhEvoQfb1Wxc%2BLyVtUinXbhiRSZpi7YrfnaPcHoiwZKEJnCrMWHSQXNuAG1jaru7e%2F5%2Fic%2BmmvnBBHbfuAVTRsJkoEg6US3CdYC5Y0T1KZRB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c91b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/maiar.png

188.114.96.1

200 OK

36 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/maiar.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (35963 bytes)
Hash
b0877d28e416ec23c239a7e10e2f397f
fa9125bacbed52a0b96bc27be6b34dfa18451644
e2a3b0d3f1792998c5422fd090791ac37fe460fb86f3f0127f170ae74557e6f6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/maiar.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 35963
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:27 GMT
last-modified: Mon, 26 Jul 2021 11:37:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A33Sj5yVJXI%2Bv4xyHGsnJFqn7lXgxw8Krk3jYuEUf7FGk6sjTvSW8AlieD%2BWOrXbEHMreESQjJoCcyby%2FfJrTF%2F%2FXUDFWdnhrPvyv2E%2FI%2BRWU4F8jLsluQEOEzrCMtb6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c8fb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/ledgerlive-9fe387e571fb42ed5cdf08e29bc920ed.png

188.114.96.1

200 OK

7.4 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/ledgerlive-9fe387e571fb42ed5cdf08e29bc920ed.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 460 x 460, 8-bit colormap, non-interlaced\012- data
Size
7.4 kB (7417 bytes)
Hash
b61380d1d625acd5236637674ef89540
bbc2345ca11d7753af9027df2e975b83d58cde71
12ce508093871afde606fac87247346fd775a111efd0e6aba9208bcfa63641d4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/ledgerlive-9fe387e571fb42ed5cdf08e29bc920ed.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 7417
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYAT4Ut%2BlNG1PBd72SmY6I2pnpvctR7AaDyIDHWFPU61fpfO4EJS3VcbnH4qRkBJ6k7JLh7iLHhz30t%2Bb3QfKKdi%2Ftomck947AWtBtI6lSu5NGx02vNBG7z8VuFAaSad"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f6c93b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/walleth-b60336f8dd9ea86285408cb4f96634d1.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/walleth-b60336f8dd9ea86285408cb4f96634d1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10649 bytes)
Hash
0332a155bdf19b17b6a8f3d51441a11d
0acc86472737ec2cc4b8d5e8293af973bf0c9e3b
37d02e6539ffef6542a6d5706b7739c2a6daa87a3407837e34a2f7b985cf449f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/walleth-b60336f8dd9ea86285408cb4f96634d1.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 10649
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POumImQJqyi%2BYkLc%2FsleA4EIY4yoXMcEP%2FvKJuBoai229ymgR%2FUe7Z18%2BCuRwY7B7oahi%2F7x9AsibzK4SnEFziuVYDOzkYqMl9JDk3uAR6kH17gqkmRU%2FKJj2n0Ny7xR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cadb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/authereum-32f3939207b77c1837547d5ed4f86110.png

188.114.96.1

200 OK

7.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/authereum-32f3939207b77c1837547d5ed4f86110.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 596 x 596, 8-bit colormap, non-interlaced\012- data
Size
7.6 kB (7633 bytes)
Hash
3bf9c889b1978ce4246a0770a9330dbc
602d749051e8ab141f848ac779356bb72080d5e1
536118ed978930e9f559116dbe47e2d926bcbcdc68ccd66c09f35a233aac7180

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/authereum-32f3939207b77c1837547d5ed4f86110.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 7633
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPO9%2FWFDWVVU5GfmkneMblETdptv%2FUauuEMNu01CiANTZ0nqUjE7KnaqNpU%2FwkHiFR1UeRXS0dMPQs8c5NBt4aIHRtBIdZF5NwHzm3ifhjh%2Fwk5G5%2FXJ4YIOzSzxEQ0O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8caeb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/mykey-7419df5270c0406c80cba19fa5165923.png

188.114.96.1

200 OK

7.2 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/mykey-7419df5270c0406c80cba19fa5165923.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Size
7.2 kB (7192 bytes)
Hash
c62edd4dd8392f1d69385ef8e92e3a0f
fd35d200521818573aceabc9f199cc8652cbec82
4bdc954d148ff3602de6e063814d9104faa7d2ef8d0cd9592fc2752be97d61ae

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/mykey-7419df5270c0406c80cba19fa5165923.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 7192
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRFwbXuu3GhJOQE8xO0%2FQooTcVC6wb5dgqeOyAnJ42e3%2BZTedTcDhbgHn4Naev7YSWUaYvM%2FvaI5SUcUAdzdCdRFJkkFgD4f0aWsxbGw2%2BPEdx%2FcopSH4UaDnN8uY04p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cb0b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/trustvault-9031a67f82293fc50ead978f936cfff3.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/trustvault-9031a67f82293fc50ead978f936cfff3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 900 x 900, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11036 bytes)
Hash
99334068bec9a6b45932d401f7afaa6c
bfca20025e7689fe4f269d3558ce809eef0382df
c8cd51c2b6e389f70a3dac8e163d106a3bfd6d9d19a91f76548c02cf33aeac19

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/trustvault-9031a67f82293fc50ead978f936cfff3.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 11036
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjiBjZRTRyBfqjLotSEWUztzGvxAgjWMP8Wq%2BFu01lHAuSvM%2Fp9tmteueKQ8e9LxC2oOsEepOZTilwsWv2EYZEEer%2BeFRLktzA26gF8kdUvdCqRb4x4i2WCw%2BqO6%2FpTz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cb2b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/coin98-c5b50adaceaf474e48ef1dad150d0829.png

188.114.96.1

200 OK

63 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/coin98-c5b50adaceaf474e48ef1dad150d0829.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 560 x 559, 8-bit colormap, non-interlaced\012- data
Size
63 kB (63204 bytes)
Hash
d26fff041871f323018c7b301a694c7b
bd6011749dbffcff4609af30450c7a4eac94c79c
2a35248b8c44e32680931b3218a99fef1ffa8b7b8a8770018c5e885d49500f29

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/coin98-c5b50adaceaf474e48ef1dad150d0829.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 63204
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kr7sgyKg8b5gnyg%2FOI7A7N3F4LfRZIoPYSnp6onCE2Xe77tD8lZpcpeOgPZBW9dMypV70ie5nclPQe5GEi79mXQvoNrJo2osogrMSuzCyWZnWrXrzf4U4q3wTLUzkGf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cbcb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/coolwallet-s-cc612ee7a151c1863293fcc69dd0f677.png

188.114.96.1

200 OK

4.1 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/coolwallet-s-cc612ee7a151c1863293fcc69dd0f677.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 346 x 346, 8-bit colormap, non-interlaced\012- data
Size
4.1 kB (4064 bytes)
Hash
ab8305fccae0ad703631eb8edd7432bf
f1cbee5fc46ba2cabca26357cc00c999d0edf7d6
3d259a231e036c77da9eb5def6ce778085eda636fc627cfdc608b3eaa9e9f804

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/coolwallet-s-cc612ee7a151c1863293fcc69dd0f677.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 4064
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHqz90JONpxsGZlcpo5uchYNxSIZpJl7IgjrBbJNiAKvl%2F2ceT8hO%2FqcWJL5e3yuHMXc5VtKnMwBEdzN%2FQeOiT4D3YlVjgeRsUpD%2F41SYKYmbajlr%2FTEENnNo3C6%2FFE1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cc0b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/dcentwallet-f0bdbaec0837431b87ac9886bb22dfd5.png

188.114.96.1

200 OK

8.0 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/dcentwallet-f0bdbaec0837431b87ac9886bb22dfd5.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
8.0 kB (8033 bytes)
Hash
47e2ad4467a524690e3a9a199cfea8eb
5c3d98c88e570f9779d3ba328c11442cf20b8921
1fcbee125b4a2221d3828710e5534d4259c6df3fd9fc84d63d9a12b338fe301e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/dcentwallet-f0bdbaec0837431b87ac9886bb22dfd5.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 8033
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvAHTWhWi1w40qb7B34PWV4JwIeYQdMl6QcACl0ItHAIr4DP1Iu9y%2BtJ%2Fwob%2B8ff%2B4WPLUzJwB8O5cgnmOlWThz%2Fsg7NGdaj4TqQcIV0RcWCyzXiuaZWJlL1UpHj0uvD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cbeb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/zelcore-d4c1a7a444b95612f6373f0b536b6ccb.png

188.114.96.1

200 OK

45 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/zelcore-d4c1a7a444b95612f6373f0b536b6ccb.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 2001 x 2002, 8-bit colormap, non-interlaced\012- data
Size
45 kB (45396 bytes)
Hash
6b0fcf3084e61d672d0f39c0c8bc4845
c5a90ebda934c04e524eabcaab5d4a9e5be8aa53
27db3752a4289c09b2a3f970487ee860daa7288f04cf3e3d7cbb8961272a3e68

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/zelcore-d4c1a7a444b95612f6373f0b536b6ccb.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 45396
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyvyshB4m%2BhFUqGpCMD05%2FwKz7VYSdiOnlNBZWUq%2BdUXQmGwAhYoLLkbPFTYrL8RMmWkyztLWXWC8NzS46v2uE458XyYllvZfssmK2PD5B3k%2FWxBt8nWmBCF2zmlTsqv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cbfb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/coinomi-7eecd68e38d78752d68b7232bd9c58d9.jpg

188.114.96.1

200 OK

14 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/coinomi-7eecd68e38d78752d68b7232bd9c58d9.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Size
14 kB (14122 bytes)
Hash
ecd4d927ed747e9b340b45410665ec6a
f9a65b0a40924bf79caf2e3ffddf2586fdb26b4a
72e14e276e668c5c0126853543d6205dec0dc5f7aeebb6634b7f631aa125f157

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/coinomi-7eecd68e38d78752d68b7232bd9c58d9.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 14122
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:27 GMT
last-modified: Mon, 26 Jul 2021 11:37:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjbSgylkLn9afZwEF2OhDOGe5RJXZbTETNjZ14Hr%2FygX475xxaPQX9ioevTvIQ%2F4VLm71RKvHDk%2B%2Bqvy0pCAt1D3jMnRfoR%2Bk%2BlHE91ZijipZy%2FXhMBge2N1PZbeiP98"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cbdb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/gridplus-8cedce167d37ddaa02f2afdf55841d8c.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/gridplus-8cedce167d37ddaa02f2afdf55841d8c.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10787 bytes)
Hash
7eb9fb15a7d94157d461824e8c6c9fe4
0f10545dd2d557171450e84343d952c45f93123b
1aa5719d35592a108d797be1d29cad8b08a9f8741ed5fd1df611c95df088b1b7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/gridplus-8cedce167d37ddaa02f2afdf55841d8c.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 10787
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuGNEtnXIQdnPyrxPZyi17PL9KHShw0blS6V4m%2BiF%2FjkKRWDEsvV349X7cvlQ9S8ioiOZWwxRbZNgzNKK62piRJVEttjiBI32OdR1kT%2BufmS%2BvjHTZZBsGLWAJlaN9Ci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba3f8cc1b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/cybavowallet-16e7e96f2e3df01fe2170da5267774b5.png

188.114.96.1

200 OK

140 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/cybavowallet-16e7e96f2e3df01fe2170da5267774b5.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
140 kB (140157 bytes)
Hash
e32f670b6af5624d8724e2196b3d4379
4d83f118b5c7618a80d9109c5d843b2891789f00
b690836dac57a2a985b8bf613d478e1b554fcfdf7baf42c4ebdf49b298fe15eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/cybavowallet-16e7e96f2e3df01fe2170da5267774b5.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 140157
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vWVh%2BUGWzC1U8PwzTHspoLf1tC6yZbGXOznB69r1pDD3t7DLlBj9h7uk3ncXsSnDKQYFkHlTtGdp9nCq7ooNvuHr4RIq6aYny2ZBNmURfyYz6ZIjv0m7hLRm9HrCznE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405defb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/wazirx-logo-rounded.9bff9f42.png

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/wazirx-logo-rounded.9bff9f42.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
12 kB (11806 bytes)
Hash
9ba2192a5a41f8ce3274d1c94d7db369
1d3892ba1f63610e89bc1d0d10a04451d1a9bffb
7686521d3e7bca651a2090b7c874f8509206e0ff525dd47664ae2a5bc0adf2e8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/wazirx-logo-rounded.9bff9f42.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 11806
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:27 GMT
last-modified: Mon, 26 Jul 2021 11:37:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Fp2UyWuhhoq4efCdQNgVnaL8SYL%2FTl7ol9lzkAJVn%2BWymfc7RBpWFGN8rtzQoiixc7HrVabcxcAv9ZQigBcDShkhoWa%2FtNTcmITeug8aAw9n%2B9IhtHFkmwAxRG2qeqa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405df2b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/safepal-1022b40e2ea3a4a6bb19cf6ff28d8b92.png

188.114.96.1

200 OK

17 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/safepal-1022b40e2ea3a4a6bb19cf6ff28d8b92.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 338 x 338, 8-bit colormap, non-interlaced\012- data
Size
17 kB (16695 bytes)
Hash
3eeb70e42da8860540cd540f5565909c
42d381e05b34f7e86e56a15204d81792fdae6a49
85da9acb383b073e3b7192692307cbec8226bf87573da4f345765f03010fa678

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/safepal-1022b40e2ea3a4a6bb19cf6ff28d8b92.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 16695
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcAj%2BZKJ5HMQtUK1OBSZbZ6QaAcHSkIKS%2FdbhSFJEVwApDz5t5Oei52qqMKZPa8UIW3%2BOTN0UCOHWuhSHrNlUgSTr4fs2XEvzVUfriJAu5p8yN9Y2wFmvdXflNVK0MW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405debb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/infinito-wallet-68da061495160c96f4bcb5e70e612fdd.png

188.114.96.1

200 OK

5.3 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/infinito-wallet-68da061495160c96f4bcb5e70e612fdd.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 227 x 228, 8-bit colormap, non-interlaced\012- data
Size
5.3 kB (5332 bytes)
Hash
1b7bc4d69d08a6c0ddf62b97296c0f36
93f5777cb640b1967e29e5bc057cbcd9ab55919b
6410f0205a4c47eef380a616cdb3facabc8337846ec06394d36a3f6c2345601f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/infinito-wallet-68da061495160c96f4bcb5e70e612fdd.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 5332
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjYyO05ae0USx8Ntx0cXi6mqNltNd69b5JoOYErOuMKNlr%2FZlbAiM4DLRDSybmDwL36SEkWl6xCeq%2BMasQnAAMxO7xYP54GsY3%2BKoKpbFwIfCwihJ6Fm2W9mGHRiNKsd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405df0b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/wallet.io-198f396de22fe25eb370f46544abe69d.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/wallet.io-198f396de22fe25eb370f46544abe69d.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11274 bytes)
Hash
6936b6160bc96fcfe6f17ef68a5791cd
88b8151ef1cb6c9b34e6d364038bb9e264276b37
2c181af611618f9787aec5272ab2097b7a62ae3a1a853b4ca0ef3757272aab4e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/wallet.io-198f396de22fe25eb370f46544abe69d.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 11274
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZxSCC8vijfVgcHHlqCZ%2FmtZem2d9AdDO%2BOBKPFvenGggsk%2FV7dHrNOOUwIXEtwv29U5bxWZP1pqsXYugZjrM%2FjwbtKdvf3yC9v0Z0jw5EHQGHXvR7lFFrCiCJgS6Y5C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405df7b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/infinity-wallet-48e78bc97f96bad14ee6b781423a69ea.png

188.114.96.1

200 OK

17 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/infinity-wallet-48e78bc97f96bad14ee6b781423a69ea.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 939 x 939, 8-bit colormap, non-interlaced\012- data
Size
17 kB (16780 bytes)
Hash
d42d0ddb4d1cb8a5f4312b3dca0c19ce
d55a5a0333f739be3d4dd89ce5e5747e53b451b7
4d1ad0895c520cf08837d57c4fb47695a9201d710f90f15750b67113831eba5d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/infinity-wallet-48e78bc97f96bad14ee6b781423a69ea.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 16780
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYJzopIMZ0KgeJPUTko9EBsR4HhMeouQxK9wcR2eBS5g%2FJUgEs4D0QWj%2FMOBnAdCN3rjj6X5q35Hdax2L3y5sJx88avbdfzcDADWWQFIQPriMWBEdKZjgMQfHJo7EtCY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405dfbb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/ownbit-0b6b21e40acf2fa0f85d2c5ce38c4c51.png

188.114.96.1

200 OK

41 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/ownbit-0b6b21e40acf2fa0f85d2c5ce38c4c51.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 532 x 532, 8-bit colormap, non-interlaced\012- data
Size
41 kB (40585 bytes)
Hash
e8315763d1717aeebd75864bfe07d7d2
d78755727d54f4c0cb25a24a4907571d9d5850b7
820ce188e231cdb04cd4a1b4b5f66babc0690a730914a67535d5752f2a53fca6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/ownbit-0b6b21e40acf2fa0f85d2c5ce38c4c51.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 40585
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPhGDngC7rfb%2FG7OBZKG9zQz1Z%2F%2BIuTLgb%2FKwJbf%2F8igyonlmGyfxNS2WXAlBoMKUT8ZfGzzmJlSR2XF03lXUimZt0J7N%2BGZKlDTffA5rSZ8qnFMcAM0Mr%2BkYqnA0XAm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405df5b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/easypocket-436ea3270a7bf77c02a880bfc70d0ee8.jpg

188.114.96.1

200 OK

5.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/easypocket-436ea3270a7bf77c02a880bfc70d0ee8.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Size
5.6 kB (5625 bytes)
Hash
7de1955aa2f99c18e7cd406f13acfe01
74b84eb6f355cf673db6ba3ef82ae689a648ce42
7d1f310427268c947d775c0446b1ef416ad38d43a98dc7aeb877e56c28c044d5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/easypocket-436ea3270a7bf77c02a880bfc70d0ee8.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 5625
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXKaFpRPjYPtbf4E7mlOs%2FRUqdN%2BFLah9LzgPiXrVXUqzCLuiJy6qT4unk8PzW6qzsxV45KxUbJQwu%2FCU08ysTCnlqoQDWEOuQFgUf0yRN2kayqPXZ2Z0xyyuVbIrzuS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405df8b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/sparkpoint-5c0d3a4ab850a7ee2a3f03e215b68f2c.png

188.114.96.1

200 OK

17 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/sparkpoint-5c0d3a4ab850a7ee2a3f03e215b68f2c.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17260 bytes)
Hash
ca3fe0eed06b6231639c5ee96fe85bbb
ede1e38841e18072b65b0c4160bcb99272b86ffb
501f77f1bf6b2df8fb07504bfd369de4406276e886ee1c4b2adadf5dd11a34d2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/sparkpoint-5c0d3a4ab850a7ee2a3f03e215b68f2c.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 17260
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iL0PTe7Lq7Q%2FtCl6ikIz72Q95FzF%2FCVrVfN1283orcV46A4tR3XA93qY89KA5hmjAg8MxstJrLlKxICrQTQd6YCxlfosYXgNIwinAS30%2Fzf3WWh%2FF5IwNHVdISDm38K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405df3b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/viawallet-ae1502eddf4d2ed89abd36907dd3ae8a.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/viawallet-ae1502eddf4d2ed89abd36907dd3ae8a.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11314 bytes)
Hash
c8b38eaa1c15a39d22e66b29fbb31b02
3d6791b76a2fae2450436a00b9cadf800acc2db1
84a278ea7d8477744a805fa935bda7e8ede51e7c39b5f4ba193a784000ce6471

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/viawallet-ae1502eddf4d2ed89abd36907dd3ae8a.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 11314
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSF3dRmXkRtGIKpiMYquHCTNO%2Bk%2BikYjXg6EdiVfODx6m0FwYtBrilZVSPm3GvuUAbXnPo7BfNUjgHrUGCzYsvH1JBJ1omvra9HPkszNntc575zv9Ej0PcdUnjvu7P8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e08b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/bitkeep-387b0ca7da4cf322f44c70c23064c529.png

188.114.96.1

200 OK

7.2 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/bitkeep-387b0ca7da4cf322f44c70c23064c529.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Size
7.2 kB (7226 bytes)
Hash
baf9f6d8d1b4ae2b8e085edaef7629ee
d6906ae73610f7679495760a48a82e705b5257a6
4f1047f6fe8115cecc59ad226c8714d496446f564703f6c6128dd28168f89fd1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/bitkeep-387b0ca7da4cf322f44c70c23064c529.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 7226
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1grkdsuapHxiJ%2B9Y33Fn5pA5Bd2QhP2ER9384U3WOqUciPHKsbhLGvvKowjIWCDZ%2FBvxDolpiBxsi%2F1pKIeGx7Kg78pS2YI%2BDhHQJ3Scz5y983jtKisz5BByrD7jwql"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e00b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/vision-928292fe642172a18e62feb5eaa2d639.png

188.114.96.1

200 OK

93 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/vision-928292fe642172a18e62feb5eaa2d639.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
93 kB (92570 bytes)
Hash
3b090704566275aaddc163286674d259
b34308c27d71a60099928a295cc325b693ee3255
9843c186d2321c9f833fbecbf153a22b1e7644960573f5e8b95868cd3401a61f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/vision-928292fe642172a18e62feb5eaa2d639.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 92570
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j16HYZdba5ExDxz93CGo6zCqcdFeRrHm98yGhFxCKuf%2BZs4rMxSctsJrcEWu7MAYws2rtwpKyVlaNirY3r1%2Ba%2FDK%2BoOCrFhE454AOy2zXUc85UbrQpeHIj1Qn9zD6wSx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e04b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/peakdefi-2e1d4f97cc1a737a9aa765b3748ff315.png

188.114.96.1

200 OK

9.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/peakdefi-2e1d4f97cc1a737a9aa765b3748ff315.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 250 x 250, 8-bit colormap, non-interlaced\012- data
Size
9.6 kB (9621 bytes)
Hash
5977ec47a88ab5335ff142753d995494
0773cefb903c837d860cdd2e6a31545340e22c24
14ccbc0661aac1a3a603e124e1bb4e951968dd0171f7006182dc868ae85c79b8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/peakdefi-2e1d4f97cc1a737a9aa765b3748ff315.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 9621
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqOZ936Qhi9wjQUZ7zurcRIWyREQoxxCrnoS%2FHhyQ3mu14YBLHSo5FTZT3xakKezDyvW3M3%2FUa%2F3p3XX9csU%2BQgedDZqYipbmZV8oCSvkreP9u0%2FWrgb15oLm%2FiL7%2BAI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405dfdb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/cosmosstation.png

188.114.96.1

200 OK

3.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/cosmosstation.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 567 x 567, 8-bit colormap, non-interlaced\012- data
Size
3.6 kB (3578 bytes)
Hash
404d042308fa1677cf8cc84ea09de2d8
cf18b29f6daa5e4c9b1779fd4a172f4c3f1d43cd
2f7eb19d196e5b38b884be42a70e37e55a4005384a05559d686ef94133f88983

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/cosmosstation.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 3578
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXe1y1dCW68S2RQjnqXuFK0kck%2Fx%2Fj4so%2FUkwRFV7fD1QrElwPTpM9e9Of5Ss2yA0oKxibfK7uzIsFg%2F8EShGP%2B%2F5TF0BN7ML3mIIdXdosWzIsY1X%2FAbXHyzBKUYuQYm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e02b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/graph.jpg

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/graph.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Size
12 kB (11795 bytes)
Hash
38ef74bf4b0242a948c52ff3a9754e41
67e21e59f6087ead5d551ed5d8ff7052c4ca9ea5
ceacd7aa1d3d773f5ec4fbdd345b856c08c06a94dbaad5cb1c57fa37026104af

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/graph.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 11795
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye92Nfdu2bkdFBhGNP8SiS6YM0yJfZTzXmr1lPv59JVKs0ND1VSWre5V5qtKxtvzKEJLSmfZqnAUC%2BANrGERan2pvUmPeeeD422MJSu2EogmXp%2F6Wwmr3Azq%2FkPxj9s0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e0cb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/kardachain.png

188.114.96.1

200 OK

2.0 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/kardachain.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
2.0 kB (2042 bytes)
Hash
3a45660943765c4ee8992a4118e24cf2
72fc8652de92a655f4da4832d75c4d6ac3c641cd
1433bff2fdf11ccb19773e344ab07ef3330a059e3bbb7fcad61c31de4c19c5e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/kardachain.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 2042
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79%2FWwzTFnGNJxlKXKwgs4MyzKdT9K64FupoGdC%2F6N3Po7N0hEvF%2BnPAQ3xEcvhQFIRRPYXjeDRCVp1xv3qJPgweJMVFimzAOnThiEfApbG9mBWAwHVAmbhNhqDkUO4cW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e10b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/keplr.png

188.114.96.1

200 OK

8.2 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/keplr.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 800 x 800, 8-bit colormap, non-interlaced\012- data
Size
8.2 kB (8189 bytes)
Hash
c30ca26ba11357d6b41fe261dae82dcb
1040fafc710e3eff3ffc3b30e7d440ad7d03b848
ebd23cea17832a2f15de84578be2b4585d577d1ad95c501fbccc30c3035ca734

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/keplr.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 8189
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td7ioqJulUK4e0bP5Rfg6FomhRarV1Hy86qpn5asRqSXIfITAwZik4wdnt0F7%2FwQ30ZMDeCY01tQR33ejxzA671dnVQkvWg0dwgezSWc2vm8kuvyBoZ8Q9o48E1s4LXZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e0bb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/blockchain-logo.png

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/blockchain-logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
12 kB (11781 bytes)
Hash
335e0da6439d61d0f94a913a67707c71
c45fb1d7a6a6fd7be7928f565910aa6e913f5690
7f8ca27957b9c11eb5258bc322ccfe39c1fd540886f003650c228b20613a4574

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/blockchain-logo.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 11781
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHoE6QfCEXNSeq0wye%2F3McyZEDbVjEQf7NdzFVRjz0JprxnUDP7vYQ5MEYFoAG7RXHQ56ywuBUGvT4GoGcZHozXchvq%2FLdhp9EV%2FhEwGd4MXcHFrYRv%2Fjg7ljrlCJFel"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e22b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/bsc-logo.png

188.114.96.1

200 OK

23 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/bsc-logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 338 x 338, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (22565 bytes)
Hash
473b05a2b26173f477aa4fe36ddcf36a
449c7aaded7ff019d25cbc983ddba1b00f49b34c
25450d45cb0f88f0312d658ce75e537cf9b6c9dd5c6d7b905710c1afe5dbeb9d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/bsc-logo.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 22565
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOWbBCx%2Bcr4xwijlkJPSMAiohWPGt1FCCyqlIp%2FpdjB26LIF8YFf5mzCYc00%2FEYcEvYFC6cpLGvLce4fzQLSmvKFmDq%2F%2BT2uFPdFt%2By5Jf%2BFJH9R56PYM4qljNDxJyZT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e26b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/aktionariat-c5784b26234a389632687a36d2fb3258.png

188.114.96.1

200 OK

26 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/aktionariat-c5784b26234a389632687a36d2fb3258.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
26 kB (25942 bytes)
Hash
e8e7b60e78fc0239336f5188667d0281
216fb719dc1e60ddf159f58af7a8f27bebdbfe85
8b2480d2c4cfbec760ef72c539d35415d27d11ab0d8bc719bdb7184b86b4e05f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/aktionariat-c5784b26234a389632687a36d2fb3258.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 25942
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oB22SDkYPfhRyQhpJRDKSqdV%2BxWXHae39oa0%2FT84%2Fog18mCNLaiuQpo98YKGLuYzaVhqYJRF%2FNrQo4l%2BRN68rDUXTrn%2BGhRduoq1v26baysWwaJRTbXEZYc8IXtvwju1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e20b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/mewwallet-3cd4k85fhv8495kbfjhdh8745e6g4.png

188.114.96.1

200 OK

4.1 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/mewwallet-3cd4k85fhv8495kbfjhdh8745e6g4.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 224 x 224, 8-bit colormap, non-interlaced\012- data
Size
4.1 kB (4116 bytes)
Hash
534888eb89708e2b553fb825a637f80b
6e1369f65c70ec9d347fece9aebaa92da8143a5a
40763d8e7e90c66a5857bd5d098f0b4e685103f730c3d74460638b0d634069d5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/mewwallet-3cd4k85fhv8495kbfjhdh8745e6g4.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 4116
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:10:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA7M4WqHBxUtNlqjfczHnNPt2OSLNUc4%2BnwuHlZW3QhLBMjSjenc3MfZHH8IAnuEhvHAhaEABFie9Utc97PmBReRtzxt8hI0BkoBWzIj5nVoG5sx9EexZkogGfbg%2BAec"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e25b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/coinbase-9238dgdufr784893d6t3b7758d78.png

188.114.96.1

200 OK

2.8 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/coinbase-9238dgdufr784893d6t3b7758d78.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 299 x 168, 8-bit colormap, non-interlaced\012- data
Size
2.8 kB (2821 bytes)
Hash
1327459f5f6e665950f9ad7ad793b829
09036396109228012d489732e9b0e3d74f0ad160
1f5de9782b9f85efb87cf3284e1679fab0d4415e5a7541af622a3990829e4fdc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/coinbase-9238dgdufr784893d6t3b7758d78.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 2821
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:13:42 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eL8vEzC4icu6Vrbw2DA4eHiYvRofgttYcDH5qD%2FnlTo8Z3ZdMLYGNTNw1v5%2Fl%2BMaMQd50Gh6fsnNJep9er6tDvT9lEeDI9JXvQwKJL4sK3anygqcyG0MpZR4Jr3juX68"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e1eb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/polkadot-3v3h39648dhdjgdgyi647856s6r8fjd.png

188.114.96.1

200 OK

57 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/polkadot-3v3h39648dhdjgdgyi647856s6r8fjd.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 90 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
57 kB (56918 bytes)
Hash
d534a392ea4b8531a90d7a36203f8323
f317ffb44eebcb3ebac239cf633ced38d8e78536
ead0e09f6ac19f6cde1eeeabed70b72d1ac34b792927aabb46f8a049f1846292

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/polkadot-3v3h39648dhdjgdgyi647856s6r8fjd.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 56918
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:17:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkonlP%2FYB9uNEADL8WFH3OrUixX3scnZl7rXh%2B6SoFEos4RuItJwcemvhDskSXlu5VVMgBGfLSYd1U8xgpfEeOygZ0YuQblwmqEaVCJKODKWMHE%2BT40ZPsBpIyfeyXTe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e2db4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/enjin-9df87574fj479475a347sjd7456.png

188.114.96.1

200 OK

2.2 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/enjin-9df87574fj479475a347sjd7456.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2184 bytes)
Hash
a40c12c6dae7c0889f1d9dfa645aea86
2d3281fde232b1a28955b4798191a6461b7f1774
1a98eb9ae649c8334b33a972140ec741f57fe90f1e64a05345f75068bf6af373

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/enjin-9df87574fj479475a347sjd7456.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 2184
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:27 GMT
last-modified: Wed, 28 Jul 2021 14:24:30 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4wEFzsb9D63pT%2FdQ1hUvy%2B5WIbP4a3elIzDalV8pPh6pfUZEKGi1y0HxbEVig7wihQiuSDI5clyGLYYaFYPc559eJ5WbkncWNLuUIWl14LK1ZqaEs67h%2BerMN%2F1JXhe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e2cb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/digitex-b28459asd4756453sr846755.png

188.114.96.1

200 OK

2.0 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/digitex-b28459asd4756453sr846755.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Size
2.0 kB (2036 bytes)
Hash
ecad48613b921a6f33f9869ca6bb3335
e60d83392156f3fa1aec1fdc90b7075949bb39e0
e9ee4ab9adf4cdae9bdf620dbe7103acd5544cd883320ec3f9ce30b8051791a9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/digitex-b28459asd4756453sr846755.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 2036
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:26:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKXMx22gwlXQh0dT1rzu571TouYetdntZe2fhScpI96NKr5BTa%2F3hJkC4N3SjMdzhb33izNhhfHFX4Cmu6wksi%2FS7lX7j7exuk5MpNV3Q7XH%2Frt%2FceJUmwFHpfOy0KAz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e27b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/portis-c475o465adf7476783797sddr6e7.png

188.114.96.1

200 OK

4.5 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/portis-c475o465adf7476783797sddr6e7.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 170 x 297, 8-bit colormap, non-interlaced\012- data
Size
4.5 kB (4475 bytes)
Hash
68f04b9e9901e9f493d7c31a8b21d998
96b4fa17894bf5953c790db6eef655e3f7a9124c
781e68d97a226db1a967f5f9d54c4c22a9574dd7b7946d6741546e626f120a3a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/portis-c475o465adf7476783797sddr6e7.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 4475
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:27:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V3dhua5VO0rwpmP%2FcrJ%2BaZd4IPABlRei0sCLYTVW1dnW4HLUf1zRsIRmYpf%2BebHgtcY5HqMqQff4WKVKUT0s7BKGiVoPL%2B5KD3lUn3%2BlDkN5vBGLRQOBUlblIn6wmEB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e2ab4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/formatic-65834658ad765shg4957bf9757.png

188.114.96.1

200 OK

789 B

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/formatic-65834658ad765shg4957bf9757.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
789 B (789 bytes)
Hash
3aff21a5f9cdaf35967bd23a9c60ae88
def985c6d543624f426b36fd2e37b82aa1b8ae83
29f9451ebfe13768622bbb139e05aaa567f6154fca620968dde283b1d1710014

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/formatic-65834658ad765shg4957bf9757.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 789
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:29:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BOo%2BxCPczFQemT%2BcyMTCFaxTmMpEfgbTogIF81uZrGNVJk0bkN64SfZwEY%2BzRr4yoMIhjxqFeJJc35hTr8f7woanhRqDit4Q1YAfP1wN3dVQazUca5gQRS4wQqGPkXs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e2fb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/exodus-93475acb78465784a74sj84955d202750.png

188.114.96.1

200 OK

1.8 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/exodus-93475acb78465784a74sj84955d202750.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 266 x 190, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1816 bytes)
Hash
0b0ef8e8918a55b35e08b41a9e120c56
bc6d6857d98fe7b098e0715aefc91d08999b33bc
48d5493865f8294c8df68b49e5fdab7bc57fed8d5ebf1e958fe7802eba36b930

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/exodus-93475acb78465784a74sj84955d202750.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 1816
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:30:32 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J90IKwqeMlzx9BmUcf9wZI8Mri2vvM9CJ0fqTE7QUACcFqjXpSvOLCIoVNabag1kz9KWZIjMHB0X81c0ALPTRXWjbPqo1yIkKcM6EtOcoxTfhmofm4CzRKG86s4sDl6j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e32b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/defiat-08978ad479164bc134se364919db.png

188.114.96.1

200 OK

2.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/defiat-08978ad479164bc134se364919db.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 244 x 206, 8-bit colormap, non-interlaced\012- data
Size
2.6 kB (2596 bytes)
Hash
26d946f1ad20d425cae33e451d6820cd
018cd0bbc2bfe90efc0275bac193e0402a6b19b5
5341a0eb6face02ae8327d9faff55bcc5f282ea3aa60d2fad200cba5855dc831

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/defiat-08978ad479164bc134se364919db.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 2596
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:31:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B0XvnLc63FuxdBUqD%2Bc3Q876Qf0SWkPoNL83MsQIJ8OBwAtKs8anDnmCCEeUdgL9vZafSEQ4%2FKZAkFaz9IZZw9l2q6M98QTItaxEkQCbxieeahZgADf%2BUjpSVa5O0Ir"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e2eb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/skale-0981bc1364ad8456kjdbh48395s784.png

188.114.96.1

200 OK

1.7 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/skale-0981bc1364ad8456kjdbh48395s784.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1741 bytes)
Hash
60257856a0f73b9e21b526ef125c16da
8795aca5fd0dfc481331e61ba2a71613f23cf86d
a947978f2f3ed8834b75240074b0119d44ee3987573e6a47b1dc5ea8fd68b88a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/skale-0981bc1364ad8456kjdbh48395s784.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 1741
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:32:20 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYDhZDGJ1w7WQFBklPxvrvQRmy1C%2Br8afek1eTcjCNFeb2qLmn3mOsyreBApMbhh1rRtxgv8ZC7bRvG3IqeNHHcoICj70qMsdiGzUvOpG7lYxpnBwoTQN%2FHzgTen1BxJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e30b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/brandprotcol-1937ab13782agd7823974%27.png

188.114.96.1

200 OK

1.9 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/brandprotcol-1937ab13782agd7823974%27.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Size
1.9 kB (1880 bytes)
Hash
9c789495f744a4bd8de51b0d25897563
3ecc342c04189267e91c6126e37abb731801d864
88093213d07f7cb982b947e9e269630702da39788425dbb082ea0ac4c6b243e4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/brandprotcol-1937ab13782agd7823974%27.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 1880
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:27 GMT
last-modified: Wed, 28 Jul 2021 14:36:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdsdNRP3%2F37AQDlkaCg4WlntnBdXOvaVv2jedn%2FYMkTf95laVu29G3PEAxsAeaZse1YIx56KnqBl0dSQ6JqZrnh3sCWJpur5IwNtRdAJ7UPcg9UzyFwuK0ShjixI1yIs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e35b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/harmony.png

188.114.96.1

200 OK

68 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/harmony.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 2000 x 1995, 8-bit colormap, non-interlaced\012- data
Size
68 kB (68479 bytes)
Hash
6b180c21bb489df15ab322b75cfb5f3e
4ab3a4753478de2ecc6bc6300c99212f960736ad
b9fa237940121a5a9ee286ec1faf16f1013e33681c55bb66808808b3eed86fef

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/harmony.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 68479
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m842X65MNxTiJAGJxzZ61y6tGRtm8PeQRta8ytvmSI1aQcAn3OqFwm3c4MrzueprXUoG%2FX5oEkHJ6fQR8c%2Bib2PIzJfTNQmvYvjiW3k8MUi0bcR1WFn1ATZaWYXljRmb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e0db4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/iconex.png

188.114.96.1

200 OK

6.7 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/iconex.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
6.7 kB (6694 bytes)
Hash
3b93d9538fe6a4f5d74238ca23e37070
037afd5e7b59d8d9427ef086d5402e5a50355f28
038d9256ead54592006735be4fa78312b0609bb222d141c09c95e8201fef347a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/iconex.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 6694
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:08 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BbEIfTgidJNkkhAGfqbS4hyl2KY%2FyTVHEvA3R10v%2F%2BNV%2Fbuse%2BRYO%2BWE9WcnJcUsOyQyqgdQnHYyNYZnnYPwaOaPPNHiNwmwy4qlmSASsy%2BtPce%2FinfdXGPUD1wfIOq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e0ab4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/fetch.jpg

188.114.96.1

200 OK

3.1 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/fetch.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x512, components 3\012- data
Size
3.1 kB (3123 bytes)
Hash
7f0aa532fd60cf5af4619629b239a76e
b9bde53a6546b3ad3eaacd7efac048acea4813e3
35f9e1ec44c891655f7b11fab9f08d42d21746c0d277e6fdedb586e5c8b73ceb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/fetch.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 3123
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cE3S1%2FeH2TYgNd8r1xPLelDSuiy0U9Q2zB9nMHWyEiYB39KaBa1OMVHY9msFLwXoI7DhIxteMMK10qMLxrP%2FPP8hB%2BNKeu7R5EF4F3IUZjELyqV0PFoD6umxCjoUDnyW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e19b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/xdc-9a98bff95dffc41869b8e77912a6cc54.png

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/xdc-9a98bff95dffc41869b8e77912a6cc54.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 600 x 600, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12100 bytes)
Hash
3422f769d0333523b8de1783c120dde2
1340bbb5612f944c0aa91b077b917d3621251518
71e8e7be4ca33f76c3fdcc4e901b5122c803a38839d991bf85909931ae3263df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/xdc-9a98bff95dffc41869b8e77912a6cc54.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 12100
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5sPxnV9Fsf1lPAhLcemCfmJDQaf2czj6EyqLRshGdIpHFh4S5El3HQpd%2BmW%2Fy7BqzabJrFOQ0d5QCWrDDQsMUAZShq4XKrJFTg7cMpcq4Vg9vuvaJAby3XNFGXBJfDs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e15b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/unstoppable-0d3474dcd7572ac2080b0f4ce632dfac.png

188.114.96.1

200 OK

6.6 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/unstoppable-0d3474dcd7572ac2080b0f4ce632dfac.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 320 x 320, 8-bit colormap, non-interlaced\012- data
Size
6.6 kB (6558 bytes)
Hash
d01b142caf1f55bb8f9130b14401bdf6
af0440ebd1b74e7a567b261a917cd25f51a69622
ac4dd9c4c99afaa2c2ef08c401feeaebf3a0ceac2e6cc01289daa67b5ba9ef62

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/unstoppable-0d3474dcd7572ac2080b0f4ce632dfac.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 6558
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqcJSdy2NKkXgV052ciIr9coLis6mj%2FfCFOwfKiCixiJ6WdYvwmIn73FVlVzPRtgoKU7H6IiNt518xolPEj8KfrOwRZYM7TPQvglbiCs1BF2sNphJXLQSRXZAhGuLI%2BJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e18b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/meetone-01093db7d99e3e6cf5cca68b616f8255.jpg

188.114.96.1

200 OK

18 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/meetone-01093db7d99e3e6cf5cca68b616f8255.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Size
18 kB (17624 bytes)
Hash
f2456ba68e1bdd5d53dd5b5eef562921
0d32bff54274fc101bb0888b6db8d25c4def0945
2ecb5d0da52ba47ba519a3573e53811f3ea819d84d2d8d92a581aef5c100be49

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/meetone-01093db7d99e3e6cf5cca68b616f8255.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 17624
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezngy%2FFwC%2Fg%2BQH9Lr5PgVMFFmCG3Nmj%2B4cuGeyMdxAB2kTFp26cwL94m9bdGH0eLHOXOc%2FCKDFY2VQFW1ZsLe5G3kKAdZDDGduf1n2MJ0ARwHfg%2B6hy6aCaZlD6dB9xw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e14b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/dok-a32c522e109217cc2a1a2a310f3c9bf7.png

188.114.96.1

200 OK

6.0 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/dok-a32c522e109217cc2a1a2a310f3c9bf7.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 460 x 460, 8-bit colormap, non-interlaced\012- data
Size
6.0 kB (5967 bytes)
Hash
09b986ff5f0d42dbb6d699f4346a8e96
daf24f272a2e893771daa66fe3ed044b6a6d56ac
5d37ac28f1a68ef5350099437f75851fd8c97e3bfb49fa78d2f6e57f856c792d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/dok-a32c522e109217cc2a1a2a310f3c9bf7.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 5967
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:27 GMT
last-modified: Mon, 26 Jul 2021 11:37:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLZSX0D0O4kCTwk18PjQELt%2Be8F5RdhymaAob5MFl9W2E7vTht3gVFWP5HIPxO3CG2IF0s5%2FHVBaCAguryJEzrobcwbH%2FLtZ5kABIfb%2BGDJF2kNOF6nYQMi1VOw6L7jh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e17b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/atwallet-2611d814a50a964b89d5f8bc1e5cb3a0.png

188.114.96.1

200 OK

17 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/atwallet-2611d814a50a964b89d5f8bc1e5cb3a0.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
17 kB (16957 bytes)
Hash
c74318ffce0700799c6d01663d6a991c
d8439428dfbf0cc8ae284fa1bcfd2d0f1b24246e
627aeea61959b31a6aa6f5d3bc454e885935b8de00b3cdfc856bca95619b4859

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/atwallet-2611d814a50a964b89d5f8bc1e5cb3a0.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 16957
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2go5VfZci%2FCgCfL%2Fcqt%2FU9mTkjlJLy%2FWPISeHGQm7I6mG4VVy5XFi7JO8MjHd8OIlg%2FA5Df07snGuOqo5U1taS7PTf7NzfWX2kmQm8DC%2BRO%2Fg%2FW6GnipiE3xEKHNkHu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e1bb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/morixwallet-aa7d607cf9ad52afeb3b7c83e5f34eba.png

188.114.96.1

200 OK

23 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/morixwallet-aa7d607cf9ad52afeb3b7c83e5f34eba.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size
23 kB (23228 bytes)
Hash
fbb73aee20a5a62f0d3194549d1f540d
b929ef44db26d0c4c7b3d05c14abedbf7216d014
d5434779dbda107074254ac1d5796197c5611f3e9481d45dd2df52d7d85c6912

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/morixwallet-aa7d607cf9ad52afeb3b7c83e5f34eba.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 23228
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jzckq%2FWXI4S1VeAZAHnr7kTyOjJbiW5UYkZkSF7ek8eOMjowJGKCJ4s8zvDABaWcL7iCYCfhZyFmpLCtjA%2FiJqcFYhmljT3IDqndnxrdiuznwRYF66rbwDEkq%2FtZRdx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e1db4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/midas-wallet-5c5057d972ca621414f077541845fc61.png

188.114.96.1

200 OK

10 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/midas-wallet-5c5057d972ca621414f077541845fc61.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 916 x 807, 8-bit colormap, non-interlaced\012- data
Size
10 kB (10149 bytes)
Hash
13b46b98fbb85588726598c62944c92d
8f7e333344d1e44edafb88e5d33f27e9d8b34c9e
55f5e1cafa6d56b09610509f452f993c3f2f9b0dac1217dd3245964d9e03e79b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/midas-wallet-5c5057d972ca621414f077541845fc61.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 10149
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVplAZ8dd7B6WDHY7bxNU8V1L5kf5WoOvJ1NpbTSQi7igJX4humn1JCZxpSewRZy9GgbL4AZK62GGBGUmyGM0bfBajS6UCFyhsBo8jMtlOf%2Bn4DvtIz%2F3LSNu%2BZzQ04S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e1ab4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/keyringpro-830b2c0ee1db401dd64c2899eaf2adb3.png

188.114.96.1

200 OK

26 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/keyringpro-830b2c0ee1db401dd64c2899eaf2adb3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 900 x 900, 8-bit colormap, non-interlaced\012- data
Size
26 kB (25892 bytes)
Hash
73de0559b186341586412385e3fd1443
3aa91ddd56d71047ad43cff928f1ee17c074e50a
7f926b400154c1118a0cf47cf0b18ccf973613336419466d61d4f4c3a1cc3617

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/keyringpro-830b2c0ee1db401dd64c2899eaf2adb3.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 25892
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:37:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4Xu9KUs1tmUTlz1flRp9ZUHBoxCuXcX%2FWzFmds0ulXEPPBFPnmlYlqkK2YwML3yq4SBI6uJldct1Oc4tqVZ1kpM8U9jWrvxoqepC6cyRz6WmmWE%2BAZ73s3jToK4oQq0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e1cb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/eos-c3759bb3294as37592947sd7374556.png

188.114.96.1

200 OK

59 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/eos-c3759bb3294as37592947sd7374556.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 100 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (59332 bytes)
Hash
b034a9ca464ae9537bc985d9cbe9a71f
646076d1afdc860bb6d88a33d1059d386cc5d8fe
16c2e84c1a092a3599e58912474fcf2e254d5e50b120740fb2758f7ff0a74179

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/eos-c3759bb3294as37592947sd7374556.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 59332
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:37:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu3v5KgmPyVW%2FoZe7mvyyUOJ6Xy6fQvkfMxTEV8Qk4p6ZcMMdTy8%2FHHrA%2FBdNs9vCDbPio7hxi%2BHcNA%2FL6O5NDQ%2BsA4TZbyiml7ChN1kJHcdxuhZDqPbOHrLDyJcNCk2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e3ab4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/wax-7769ux34siou493749sj37836982hd.png

188.114.96.1

200 OK

104 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/wax-7769ux34siou493749sj37836982hd.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
104 kB (103817 bytes)
Hash
915fd1673c3941ec26fd1868db22462a
6e9f2ba871c4cc08c67d527ab86cd42a282665f9
b7b8acfa657d08862ecd9a932eaf0d04ec961a75fab3d0f382bb9ad6338a0e16

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/wax-7769ux34siou493749sj37836982hd.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 103817
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:38:46 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Li2ZtuWFWsHLuHsac0d2%2FYcbjGVsEDl7JyQaUBgScf9VMLTrP1jzTj0zB6jmoTngAOUS%2F9Q6I7CuWjvt%2FHhkzLNHs6EPQcLqbcx3QgTPqXv%2FJn%2FzsE1xCPWF5Jf1shOW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e34b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/aave-4d44deud94d84kdd74895djh4786588748.jfif

188.114.96.1

200 OK

8.2 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/aave-4d44deud94d84kdd74895djh4786588748.jfif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 424x119, components 3\012- data
Size
8.2 kB (8230 bytes)
Hash
99562b8075366fbf260c80c5176dcb79
a45fb32e01bcdea2b102cda4d7042f8655204e51
1bb5a6da896364299675df86d852c87c571b42de523b08a4199f4dd52f9a989f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/aave-4d44deud94d84kdd74895djh4786588748.jfif HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: application/octet-stream
content-length: 8230
last-modified: Wed, 28 Jul 2021 14:21:44 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7w%2FBbAvGoFAft0aBcUKPpXBfTK1Hk2ji%2FPRm9964ztbfuB3tOJl0RyQv94iq4tNhEDKTcKxNoNHwuLTqCWQ1Z%2FCwUgY0yl1tWSEek1D5IY0j74cyXZDqtBZ8SZ8MKYt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fba405e29b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/zilliqa-373488680927ash7634a2363787a6.png

188.114.96.1

200 OK

62 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/zilliqa-373488680927ash7634a2363787a6.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
62 kB (62035 bytes)
Hash
35170ea00375a0b17f7668550491d438
95df2707071561f8d241684cfbf3fdbc2d1b0f2c
56ff6521e3259647ab34091886e374f770d8c9d9ea3fb46f1ebd090e30b6f7b5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/zilliqa-373488680927ash7634a2363787a6.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 62035
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:39:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdvXGv%2B9pNnDniIB4Xcr80IpWFiCjZ7hLRkfLOvsGjasbwMtNPq6qvYfzi1wjJc6LmRPwqjnjn7IudTQIMgt6O6k%2F7J7HKKvfs6VEC0kOinA2TsVCChEYoR96IKA%2B0Ep"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba405e37b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/monero-1272skh3478ae487sk4959a231047a.png

188.114.96.1

200 OK

56 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/monero-1272skh3478ae487sk4959a231047a.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (56322 bytes)
Hash
9b3e90cb9e2c0325577b0f5082008cbd
ec1d21ad4fee7006bc464bb2705349bd9726207c
4c62e1f97099a3a9f46950748f23e9fde530ba76bdda4985e7f0b461b83c0e35

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/monero-1272skh3478ae487sk4959a231047a.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 56322
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:40:46 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBt%2FJMJSXVHnONW%2FURK27LMruKAuz%2F%2FOVDrMW9ApeNPzyp2%2BKjNRMhQKd96J7qt1BzOBNd9IwwfYN4bG0w8aV%2F11cCi0F0spC%2ByMq5G%2FoOgbC7qlxsP8z%2FexuA6bzUnF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba406e48b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/klever-a1384d82z92391la7338974a3846.jpg

188.114.96.1

200 OK

15 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/klever-a1384d82z92391la7338974a3846.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 67x66, components 3\012- data
Size
15 kB (14554 bytes)
Hash
639d43609e011ddad8ac8a5782db3c9c
df4b7092099aebfe89755c04ca98e7bfdaac436b
4c8961756b5141359b118536e6fe0a79aa4537473328a15fcbdc0c9abe1118f9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/klever-a1384d82z92391la7338974a3846.jpg HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/jpeg
content-length: 14554
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:41:32 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vs5Lg5Tx59UOliHY0dX%2FI5OyuSIIypzT4DhFkxurY1Q8Fit%2F385%2BMs5hGQ75qmlhHTA9%2FHRqqObUeTYpD%2FpxKtlUewhf1vLwya4VO8y86wZkym509E9SPmVfahItgS1B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba406e4ab4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/neon-asjdb19dhd94mf9834q19312482dh762.png

188.114.96.1

200 OK

72 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/neon-asjdb19dhd94mf9834q19312482dh762.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 200 x 207, 8-bit/color RGBA, non-interlaced\012- data
Size
72 kB (72364 bytes)
Hash
56830f226bce4c63ecc47d78571aabc8
ae388511f1b503afe4cbffa25845752a6a82320a
e9102afcca24c2ff301a34b0d32670ab071f6d6a537ff90ce9b6f4b9223841b8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/neon-asjdb19dhd94mf9834q19312482dh762.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 72364
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:42:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2eLcwRp4WHd7RptItveWF4XHw04EY08IFGGDNpfyaZ%2B6UCuV8Gqtt35XCvPOWZFE%2FollZD1FU59Vb3ux5PDlXykJS4RpUf8Zi%2FOC5eXR53QoHSAIryjCW5t19D8sPEy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba406e46b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/theta-b1837n287a9327348a2goi63193.png

188.114.96.1

200 OK

2.0 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/theta-b1837n287a9327348a2goi63193.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
2.0 kB (2021 bytes)
Hash
d3b8a29762378d3dc543e75aaec1843f
36f551898df512a6106ee8611478f4e608520b96
28ce0c03848f9a516e4064bb20fb56ad2329c85f1589971c8f1513df074991d4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/theta-b1837n287a9327348a2goi63193.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 2021
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:43:38 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZ%2Fm73iBN%2F%2BPU2EE7F62RmZ%2FT7iRq2CR1KXBrBHepK2WerOw7qqxd2EMljdFlwCBW4k5ezxHk%2BQZl%2Bj0pkowMvRkMJiF97Pe3JeTAGT2jr%2FVdTi3ZyJGYH5FKY1kMYDL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba406e49b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/tomochain-27398473jsi347y8320486845382hd873.png

188.114.96.1

200 OK

3.1 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/tomochain-27398473jsi347y8320486845382hd873.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size
3.1 kB (3077 bytes)
Hash
0d30ee2aaa6616115bd965e257759486
2f560c16586268ebbf0dcf1c47a99604babea75e
8ce52bbd971296ac45ee8d93b9cbc0e3cd63a174fe6f3d9e00923a5c3afe10bd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/tomochain-27398473jsi347y8320486845382hd873.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 3077
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:44:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bj25sKeLd4NGXgc0Ye6E%2F5sCQs3ZrJp2bv2GBy1KG8WKo9R0giNYxUIFh15Ra9pv3TijZglzhMer%2BgXN9UNVKiN%2BlURxW0F9PSX6brbpW%2FCeL9h8Bll%2B8fD3uG6z7882"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba406e45b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/jaxx-1983a28374kh83849adv8236416a7364.png

188.114.96.1

200 OK

6.7 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/jaxx-1983a28374kh83849adv8236416a7364.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 440 x 300, 8-bit colormap, non-interlaced\012- data
Size
6.7 kB (6713 bytes)
Hash
d839f6d4b65c2f8986e28868a26c9bc2
419247a42f392334503f38a7030dd1e0f3d74063
8f963afbf2660000352bd429dbe177973305b273fa9c7e516894ca6368555f2d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/jaxx-1983a28374kh83849adv8236416a7364.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 6713
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:45:20 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUPCaY7LBYf%2F%2BUJIa3tce7prm6%2BQ0di%2FNimyu9GzkVuynwXaP91QnAD94rUVftPzR4CBqK%2BZrRYitRMTSaxE8ZAWwHKbn1pxuVX7QKkSDLzu4%2FdDt5DI9Cj%2FbaHe8Gpc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba406e53b4f1-OSL
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-3.6.0.min.js

69.16.175.42

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qfssecure.com
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685877007.dop012.sk1.t,1685877007.cds223.sk1.hn,1685877007.cds210.sk1.c
X-Firefox-Spdy: h2

qfssecure.com/WalletAPI_wallets_files/elrond-47656a634a873udg739a947594.png

188.114.96.1

200 OK

28 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/elrond-47656a634a873udg739a947594.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28265 bytes)
Hash
dc3c8ef6ea602b6c78ac91e5d489c8a2
9084b7e9b7609280f80a7c154387801f0c05da74
7ec5498d314414e9fed7025542c8d95d00ab9e32232e1c3026657874d04e7d3f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/elrond-47656a634a873udg739a947594.png HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: image/png
content-length: 28265
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Wed, 28 Jul 2021 14:46:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FViF0%2BMJziFB4ul8TzvIXkQt9iQyuP6ADK9BU4eq3QGfgqi21OXwtvzRJf75MVyDyG2X6%2BhXp0ehxOqMB18bqqQjXMyzqb45x3yTBaJK5wRtPlvp9P4Tt9%2Fd0qsszEJV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d1fba406e4fb4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/js1.js.download

188.114.96.1

200 OK

1.7 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/js1.js.download
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
ASCII text
Size
1.7 kB (1708 bytes)
Hash
6ff36530d3c29b985ea36421b40c8f31
c8cba9b526cbbb6368059f2c3c8a7be8ffa8913c
4feadfbdd29d2e637431d17dcf2f72f96ac56051bc6c04757a3cf161a8a1f83b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/js1.js.download HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: application/octet-stream
content-length: 1708
last-modified: Tue, 27 Jul 2021 13:28:10 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc33W6sgaAJ8%2BjU%2F17iLQU3osQahmWb45HYaz4axTVz0TFDzWHoWaIf6NQsYBghFq2j7dAADU%2B79llh1iiL7Vhot8rnzebs4h8GRTFntFBT2sjPe7FpubtZMBuVG%2FtgL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fba406e51b4f1-OSL
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/js2w.js.download

188.114.96.1

200 OK

4.8 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/js2w.js.download
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
ASCII text, with CRLF line terminators
Size
4.8 kB (4846 bytes)
Hash
9b7a9e4ac8c45bc33cf42e673ffdae5f
08fae2e6b1be0a1524f10efe1680c9513bbd4440
2c92a15d1cda383a969bc1059962305fbd35c8e7995fe00b684cc63ca523bdb5

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/js2w.js.download HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: application/octet-stream
content-length: 4846
last-modified: Wed, 28 Jul 2021 04:38:30 GMT
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UFUWcKE7Q8DW4%2Fq9dzKNXR900A7T%2FY9MVbB97nzm%2Ffo%2Fh%2B0Nk1e%2BzzY6U0j9LC6rjbjJ0QTSNeK38VDhd408NB%2F%2FCtnYFlRSD6nDJ%2B3L%2FDm7ILz30Akl8fdFVBfaLhW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fba406e4cb4f1-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 11:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 11:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZOIHQ.woff2

142.250.74.35

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZOIHQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18076, version 1.0\012- data
Size
18 kB (18076 bytes)
Hash
ad513518b8de790106aefb37f7304835
c0f06121be08d11af3437bab4886a700c3c15f56
951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea

HTTP Headers

GET /s/dmsans/v6/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qfssecure.com
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:51:05 GMT
expires: Thu, 30 May 2024 00:51:05 GMT
cache-control: public, max-age=31536000
age: 382743
last-modified: Thu, 05 Nov 2020 22:00:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 11:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2

142.250.74.35

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18244, version 1.0\012- data
Size
18 kB (18244 bytes)
Hash
171ccc885c8deb88a0f3b55096584514
508db0c1eaca7d0d4af54598d17e57467a8d503b
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d

HTTP Headers

GET /s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qfssecure.com
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:40:13 GMT
expires: Thu, 30 May 2024 00:40:13 GMT
cache-control: public, max-age=31536000
age: 383395
last-modified: Thu, 05 Nov 2020 22:00:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2

142.250.74.35

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18296, version 1.0\012- data
Size
18 kB (18296 bytes)
Hash
fde3d0124cb7ec9415ce2b8ebaf89118
ae93664d7ab4ef117c6171cd6c0ce13d29637b72
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5

HTTP Headers

GET /s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qfssecure.com
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18296
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:31:35 GMT
expires: Wed, 29 May 2024 21:31:35 GMT
cache-control: public, max-age=31536000
age: 394713
last-modified: Thu, 05 Nov 2020 22:00:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c8c4fd34484b10881179e1a092434fd9
b37e3b04da5ba68bf533fcff188ac29b8eb27b3e
e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Jun 2023 11:10:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.uniswap.org/static/media/Inter-roman.var.90e8f61d.woff2

104.18.22.54

200 OK

42 kB

URL GET HTTP/2
app.uniswap.org/static/media/Inter-roman.var.90e8f61d.woff2
IP
104.18.22.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerLet's Encrypt
Subjectapp.uniswap.org
Fingerprint89:7A:6B:BF:B3:88:54:D8:50:9F:DE:58:0E:7A:A5:D9:12:A0:47:38
ValidityFri, 26 May 2023 03:08:26 GMT - Thu, 24 Aug 2023 03:08:25 GMT

File type
data
Size
42 kB (41497 bytes)
Hash
5ea9cb1b119e47db7166b693ae9df76d
e2574157e3907965083e89fc242f38d44d638b74
485d4886cadf5f1578acabc7df29246fc11dccacaedb41d6f574f3d69b4a5e49

HTTP Headers

GET /static/media/Inter-roman.var.90e8f61d.woff2 HTTP/1.1
Host: app.uniswap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qfssecure.com
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Jun 2023 11:10:08 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
link: <https://www.google-analytics.com/>; rel="preconnect"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poHTKRloW%2FCNEvYAGjo471tu5ZH55nkOvKT18B8JjSnbQcZCrDxTI7GCGMr4GvqXIj7Azi7Xm8flkZf4CYb5NGnAuM42%2BYeN%2BKjexcb4fvwc79zL8JKXEXwRHV1OUGfAfBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 04 Jun 2023 15:10:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com 'unsafe-inline'; report-uri https://uniswaplabs.report-uri.com/r/t/csp/reportOnly
server: cloudflare
cf-ray: 7d1fba45fe4ab521-OSL
X-Firefox-Spdy: h2

qfssecure.com/main2.css

188.114.96.1

200 OK

17 kB

URL GET HTTP/3
qfssecure.com/main2.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
ASCII text
Size
17 kB (17125 bytes)
Hash
0617951383714bde40519aec06314f2a
034f6dfbf68ffc2b652a6885eea9ffb0c8e74c23
b49130150fd3dc6e42d0a817055feb95e9970f9c4433b96906e77bdfa7fa3362

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /main2.css HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Sat, 13 Nov 2021 22:10:18 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdNGqxCuOH0YElW3WVKOt7EPEgdoxObcQUZalBWnhh%2FqVzFHvmYGYronwh5aTaUXSsCoGTpF5AANB0UN%2F3Cn%2Bbbdkq2I1f5fTBZung42gP8%2BjoCh%2BW7N%2FRZnloyau2B0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fba3f5c50b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qfssecure.com/WalletAPI_wallets_files/style.css

188.114.96.1

200 OK

54 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
ASCII text, with very long lines (334), with CRLF line terminators
Size
54 kB (54043 bytes)
Hash
3230c185e4d4580e7a44670b49efb39b
331d179ba8489a1cbb1598855d52d84e594fe0d8
f5e8529043ba33ffe305597469b5d40a62cfd8d96f67a1b97de388a0df0aba1c

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/style.css HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:36:54 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpjSls11ijq8d2Tv5HEXdTe3pIw9naNpgIL5Z6bk381jjpBVF9h7VVSgcDTPAEREX2JWtrSoENuaBKBjZFeC32pEVdpmMiGWqYZ2CPlT6pJbox%2BuLyeihwczotGlDgJD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fba3f5c53b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

appwalletconnects.org/WalletAPI_wallets_files/saved_resource.html

0.0.0.0

0 B

URL GET
appwalletconnects.org/WalletAPI_wallets_files/saved_resource.html
IP
0.0.0.0:0
ASN
#0

Requested by
https://qfssecure.com/wallets.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /WalletAPI_wallets_files/saved_resource.html HTTP/1.1
Host: appwalletconnects.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

qfssecure.com/WalletAPI_wallets_files/main.css

188.114.96.1

200 OK

545 kB

URL GET HTTP/3
qfssecure.com/WalletAPI_wallets_files/main.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qfssecure.com/wallets.html
Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
ASCII text, with very long lines (65494), with CRLF line terminators
Size
545 kB (545127 bytes)
Hash
31f928474fc96cdb2048b143dd4d64bb
531ba30d09240fcba067fa445aabcfbc82eeba25
034d2cc6b9c7fe7d7a0f5656f0c513f5c33b20ea66dea2e2bc367f237d247b92

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /WalletAPI_wallets_files/main.css HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/wallets.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 Jun 2023 11:10:07 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 11 Jun 2023 00:28:26 GMT
last-modified: Mon, 26 Jul 2021 11:36:54 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 38501
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wpa6zbvett3WAIU239qdcfIWJer8RsH4rQKZgMKpvaQHZ1CPv7kNZARe4NZY2E%2BFEF5aUysGj6iVQJ7hW4HYVntQlvjGP5hJfaeYBxa5l2Qe6L3tNnWLN4umuM63cAJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fba3f4c46b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

appwalletconnects.org/WalletAPI_wallets_files/metamask.023762b6.html

0.0.0.0

0 B

URL GET
appwalletconnects.org/WalletAPI_wallets_files/metamask.023762b6.html
IP
0.0.0.0:0
ASN
#0

Requested by
https://qfssecure.com/wallets.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /WalletAPI_wallets_files/metamask.023762b6.html HTTP/1.1
Host: appwalletconnects.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qfssecure.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

qfssecure.com/wallets.html

188.114.96.1

200 OK

236 kB

URL User Request GET HTTP/2
qfssecure.com/wallets.html
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectqfssecure.com
Fingerprint01:37:B2:20:D4:77:B0:DE:E4:A1:91:59:EF:24:71:15:03:CE:FE:61
ValidityThu, 25 May 2023 20:34:14 GMT - Wed, 23 Aug 2023 20:34:13 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11519), with CRLF line terminators
Size
236 kB (235745 bytes)
Hash
c98d08af8c6f482d086e3705c2d4e124
f4d184cdb6ef64507487c22b033ba7859e1bb4df
2fd18eec76884938faea46da320ee036fe1a8495d1c9701ae19506966fe1ce38

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /wallets.html HTTP/1.1
Host: qfssecure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 Jun 2023 11:10:06 GMT
content-type: text/html
last-modified: Mon, 17 Apr 2023 22:04:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrsGfg0IrN501wr%2FA5Bb8vYrFSfY3SLa2L3Xy7LVund8gKGoKyXdq%2F7dBWzDhclnl8dyN1hO84Qt4HjUirK4Ul2iSUsJcmR1nZ%2BP3GimwEvSy2seiLDb4jCZXR3KP8Bl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1fba3bac37b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (104)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash