ScanMalware.com

Security Scan Report: bafybeiamo2yli2vn6dvjshqwwvj3armjgxlo7ftkclqthmz5bvcdvitmui.ipfs.dweb.link

Submitted: Nov 21, 2025, 4:19:17 PMCompleted: Nov 21, 2025, 4:20:22 PMpubliccompleted
Loading additional data...

Summary

This website contacted 17 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main domain is bafybeiamo2yli2vn6dvjshqwwvj3armjgxlo7ftkclqthmz5bvcdvitmui.ipfs.dweb.link.

Submitted URL: https://bafybeiamo2yli2vn6dvjshqwwvj3armjgxlo7ftkclqthmz5bvcdvitmui.ipfs.dweb.link/

The Cisco Umbrella rank of the primary domain is #174,969 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Confirmed phishing site impersonating Naver login on an IPFS gateway.

Risk Factors
IPFS hosting with credential collection
Brand impersonation of Naver
New/unregistered domain
Low reputation ranking
Login form on untrusted domain
Domain age information unavailable

Details

Page Title

네이버 : 로그인

Scan Type

public

Language

🇰🇷

Korean

(80% confidence)

Category

corporate business

(52%)

Domain Information

The domain name 'bafybeiamo2yli2vn6dvjshqwwvj3armjgxlo7ftkclqthmz5bvcdvitmui.ipfs.dweb.link' uses the .link top-level domain; it also runs on subdomain 'bafybeiamo2yli2vn6dvjshqwwvj3armjgxlo7ftkclqthmz5bvcdvitmui.ipfs'. Its registrable label 'dweb' stretches across 4 characters with 1 vowel and three consonants. Splitting it apart reveals two words: d, web. Median word length is 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bafybeiamo2yli2vn6dvjshqwwvj3armjgxlo7ftkclqthmz5bvcdvitmui.ipfs.dweb.link/

Page Load Overview

1.02s
Total Load Time
7
HTTP Requests
4
Domains
237 KB
Total Size

Language Analysis

Primary Language

🇰🇷Korean
Code: ko
Confidence:80%
Script:Hangul
Direction:ltr

Detection Details

Language Code:ko
Detection Confidence:80%
Script Type:Hangul
HTML Lang Attribute:ko
Text Length:297 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate business52% confidence
Type: webapp
Method: ml+structural

All Detected Categories

corporate business
52%
technology software
40%
social media network
39%
corporate
25%

Detected Features

Login Form
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7209.94.90.2United States
AS40680PROTOCOL
423.201.244.241Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
1209.94.90.3United States
AS40680PROTOCOL
1151.101.66.137San Francisco, California, United States
AS54113FASTLY
1125.209.233.21South Korea
AS23576NAVER Cloud Corp.
0125.209.233.29South Korea
AS23576NAVER Cloud Corp.
02602:fea2:2::3United States
AS40680PROTOCOL
0151.101.194.137San Francisco, California, United States
AS54113FASTLY
02a04:4e42::649United States
AS54113FASTLY
02a04:4e42:600::649United States
AS54113FASTLY
717--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17742C850A5ED4C37012381DAB0E8BBA854FF0E34D7194891F6FF4A316F93D81792A5B6

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:1Z5CxBCx/CbrtIU8x9Fa9cFGFFp9EFGKcL3pGK3AFK3UKLwKRmK4rwjCvC3OkoLI:b5CxBCx/CbrtIhFa9cFGFFp9EFGKcL3/

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:12284:SKYhJAUArUAEgAEMGwHBAGPYGApMUGgAbl1RYgFQAAIpWhI0bKIAogoLsADJIoWAhhYBxw0REoBESQEqBJoACCQTGrYihAEM

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data