ScanMalware.com

Security Scan Report: bafkreidgj4xynqzqjqux6ijujy35wusflibw36ndpwo3qbcng75a3v63xm.ipfs.dweb.link

Submitted: Oct 21, 2025, 8:38:50 PMCompleted: Oct 21, 2025, 8:39:33 PMpubliccompleted
Loading additional data...

Summary

This website contacted 22 IPs in 3 countries across 6 domains to perform 7 HTTP transactions. The main domain is bafkreidgj4xynqzqjqux6ijujy35wusflibw36ndpwo3qbcng75a3v63xm.ipfs.dweb.link.

Submitted URL: https://bafkreidgj4xynqzqjqux6ijujy35wusflibw36ndpwo3qbcng75a3v63xm.ipfs.dweb.link/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing page designed to harvest mailbox passwords.

Risk Factors
IPFS-hosted content with a password field
Credential harvesting form lacking a username field
Impersonation of a webmail service on a non‑official domain
Domain age information unavailable

Details

Page Title

Webmail

Scan Type

public

Language

🇺🇸

English

(57% confidence)

Category

e-commerce shopping

(41%)

Domain Information

The domain name 'bafkreidgj4xynqzqjqux6ijujy35wusflibw36ndpwo3qbcng75a3v63xm.ipfs.dweb.link' uses the .link top-level domain, featuring subdomain 'bafkreidgj4xynqzqjqux6ijujy35wusflibw36ndpwo3qbcng75a3v63xm.ipfs'. The core label 'dweb' covers 4 characters split between 1 vowel and three consonants. It segments into two words: d, web. Median word length is two characters. 'd' is most common in Catalan usage. Usage also turns up in Breton and Chinese (Zhuyin) contexts.

Screenshot

Security scan screenshot of https://bafkreidgj4xynqzqjqux6ijujy35wusflibw36ndpwo3qbcng75a3v63xm.ipfs.dweb.link/

Page Load Overview

6.02s
Total Load Time
7
HTTP Requests
6
Domains
218 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:57%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:57%
Script Type:Latin
HTML Lang Attribute:en
Text Length:151 chars
Detector Agreement:100%

Website Classification

Primary Category

e-commerce shopping41% confidence
Type: static
Method: ml+structural

All Detected Categories

e-commerce shopping
41%
technology software
27%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7142.250.186.42United States
AS15169GOOGLE
0209.94.90.2United States
AS40680PROTOCOL
0104.17.25.14United States
AS13335CLOUDFLARENET
0104.17.24.14United States
AS13335CLOUDFLARENET
045.43.142.2United Kingdom
AS16276OVH SAS
0142.250.186.163United States
AS15169GOOGLE
0172.67.165.22United States
AS13335CLOUDFLARENET
02a00:1450:4001:82b::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
045.43.142.3United Kingdom
AS16276OVH SAS
0209.94.90.3United States
AS40680PROTOCOL
722--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T154C3B6707BF5764F07BD89016A5E1BE0DAF799470D927487632CFAC82B94C48D8EA270

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:iaTVPO3PocCmtMAUjOaMNN8YgCcYh7zw42GX6IE3EqdxvGqgFtmVNYcmpQpukmHl:u1r8Y37MN73V7V/kBl

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:122632:gYSKpiYL9LV3ELTwsGDgxsFKhQMIRgBCC1M6ctAQFYAkogYpAjQCzkAEYBjoZA0BUBJJMylkCTALBUxMHujK7SBg8GCAYKXh

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e6fefce4f8f0
Perceptual Hash:f6a6cc9999886666
Difference Hash:100c4c32104c0000
Wavelet Hash:f8f8e0f8f8e0f0c0
Color Hash:#a0e06c

Other Hashes

Crop Resistant:100c4c32104c0000,d0283202642028c0

Scan History

Scan history not available

Unable to load historical scan data