ScanMalware.com

Security Scan Report: bafkreifrb66wcrbtnlc65vwx3iezbgdpfamu32pa34deqasv44da3bz5ze.ipfs.dweb.link

Submitted: Oct 22, 2025, 8:24:56 AMCompleted: Oct 22, 2025, 8:26:52 AMpubliccompleted
Loading additional data...

Summary

This website contacted 22 IPs in 3 countries across 6 domains to perform 7 HTTP transactions. The main domain is bafkreifrb66wcrbtnlc65vwx3iezbgdpfamu32pa34deqasv44da3bz5ze.ipfs.dweb.link.

Submitted URL: https://bafkreifrb66wcrbtnlc65vwx3iezbgdpfamu32pa34deqasv44da3bz5ze.ipfs.dweb.link/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing page designed to harvest mailbox passwords

Risk Factors
IPFS-hosted content with credential collection form
Password-only field indicates credential harvesting
Brand impersonation (Webmail) on a non‑official domain
Unranked, likely newly registered domain
Domain age information unavailable

Details

Page Title

Webmail

Scan Type

public

Language

🇺🇸

English

(57% confidence)

Category

e-commerce shopping

(41%)

Domain Information

The domain 'bafkreifrb66wcrbtnlc65vwx3iezbgdpfamu32pa34deqasv44da3bz5ze.ipfs.dweb.link' uses the .link top-level domain; it also runs on subdomain 'bafkreifrb66wcrbtnlc65vwx3iezbgdpfamu32pa34deqasv44da3bz5ze.ipfs'. The registrable portion 'dweb' spans 4 characters with 1 vowel and three consonants. Word splitting yields two words: d, web. Expect 2 characters per word on average. The linguistic tilt is Catalan for 'd'. Usage also turns up in Breton and Chinese (Zhuyin) contexts.

Screenshot

Security scan screenshot of https://bafkreifrb66wcrbtnlc65vwx3iezbgdpfamu32pa34deqasv44da3bz5ze.ipfs.dweb.link/

Page Load Overview

74.40s
Total Load Time
7
HTTP Requests
6
Domains
218 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:57%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:57%
Script Type:Latin
HTML Lang Attribute:en
Text Length:151 chars
Detector Agreement:100%

Website Classification

Primary Category

e-commerce shopping41% confidence
Type: static
Method: ml+structural

All Detected Categories

e-commerce shopping
41%
technology software
27%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7104.17.24.14United States
AS13335CLOUDFLARENET
0142.250.186.163United States
AS15169GOOGLE
0104.17.25.14United States
AS13335CLOUDFLARENET
0209.94.90.3United States
AS40680PROTOCOL
0172.67.165.22United States
AS13335CLOUDFLARENET
045.43.142.2United Kingdom
AS16276OVH SAS
0142.250.185.234United States
AS15169GOOGLE
02606:4700:3035::6815:b1cUnited States
AS13335CLOUDFLARENET
02606:4700::6811:190eUnited States
AS13335CLOUDFLARENET
02602:fea2:2::2United States
AS40680PROTOCOL
722--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A7C3B6707BF5764B07BD89116A5E1BE0DAF789470D927487632CFAC82F94C48D8EA270

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:FaTVPOwPocCmtMAUjOaMNN8YgCcYh7zw42GX6IE3EqdxvGqgFtmVNYcmpQpukmHf:w1r8Y37MN73V7V/kBf

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:122751:Go0DE0ACmGCEJhABCEENAkgiMFPSRAjAFhwDhRq06a5ANFEMIcAugEj8dQACHCRaxAQKQ5M2cQQMByCBDDDRC00hApGiEgCE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e6fefce4f8f0
Perceptual Hash:f6a6cc9999886666
Difference Hash:100c4c32104c0000
Wavelet Hash:f8f8e0f8f8e0f0c0
Color Hash:#e06ce0

Other Hashes

Crop Resistant:100c4c32104c0000,d0283202642028c0

Scan History

Scan history not available

Unable to load historical scan data