ScanMalware.com

Security Scan Report: bafkreih2mmra2wq5wmz5jvv7nioytbpcmiz6etuxgubikjm4t47mu4zziu.ipfs.dweb.link

Site favicon
Submitted: Oct 22, 2025, 8:51:24 AMCompleted: Oct 22, 2025, 8:54:00 AMpubliccompleted
Loading additional data...

Summary

This website contacted 26 IPs in 3 countries across 6 domains to perform 7 HTTP transactions. The main domain is bafkreih2mmra2wq5wmz5jvv7nioytbpcmiz6etuxgubikjm4t47mu4zziu.ipfs.dweb.link.

Submitted URL: https://bafkreih2mmra2wq5wmz5jvv7nioytbpcmiz6etuxgubikjm4t47mu4zziu.ipfs.dweb.link/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing page likely harvesting credentials

Risk Factors
IPFS-hosted content containing a password input field
Credential harvesting pattern: password field without username
Impersonation of a legitimate service (Webmail) on a non‑official domain
Domain age information unavailable

Details

Page Title

Webmail

Scan Type

public

Language

🇺🇸

English

(57% confidence)

Category

e-commerce shopping

(41%)

Domain Information

Within the .link top-level domain, 'bafkreih2mmra2wq5wmz5jvv7nioytbpcmiz6etuxgubikjm4t47mu4zziu.ipfs.dweb.link' is registered, featuring subdomain 'bafkreih2mmra2wq5wmz5jvv7nioytbpcmiz6etuxgubikjm4t47mu4zziu.ipfs'. The registrable portion 'dweb' spans 4 characters holding 1 vowel versus 3 consonants. Word splitting yields 2 words: d, web. Expect 2 characters per word on average. Most frequently, 'd' shows up in Catalan. You will also see it in Breton and Chinese (Zhuyin) contexts.

Screenshot

Security scan screenshot of https://bafkreih2mmra2wq5wmz5jvv7nioytbpcmiz6etuxgubikjm4t47mu4zziu.ipfs.dweb.link/

Page Load Overview

1.29s
Total Load Time
7
HTTP Requests
6
Domains
218 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:57%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:57%
Script Type:Latin
HTML Lang Attribute:en
Text Length:151 chars
Detector Agreement:100%

Website Classification

Primary Category

e-commerce shopping41% confidence
Type: static
Method: ml+structural

All Detected Categories

e-commerce shopping
41%
technology software
27%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7142.250.186.42United States
AS15169GOOGLE
2104.17.25.14United States
AS13335CLOUDFLARENET
1209.94.90.3United States
AS40680PROTOCOL
1142.250.185.234United States
AS15169GOOGLE
1104.21.11.28United States
AS13335CLOUDFLARENET
1142.250.185.195United States
AS15169GOOGLE
045.43.142.7United Kingdom
AS16276OVH SAS
0209.94.90.2United States
AS40680PROTOCOL
0142.250.186.163United States
AS15169GOOGLE
0172.67.165.22United States
AS13335CLOUDFLARENET
726--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T125C3B7707BF5764F07BD89016A5E1BE0DAF799470D927087632CFAC82B94C48D9EA270

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:iaTVPOzPocCmtMAUjOaMNN8YgCcYh7zw42GX6IE3EqdxvGqgFtmVNYcmpQpukmHx:K1r8Y37MN73V7V/kBx

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:122527:MwBkSnIkQRggcBRhGGNCMgAEIAChdMYPQAcCAEKGFAUJBsgBIhcOlxK4UR8yQBbcYkCLJBDqoFYAyCQMTAIQEuEo4ihGFCQA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e6fefce4f8f0
Perceptual Hash:f6a6cc9999886666
Difference Hash:100c4c32104c0000
Wavelet Hash:f8f8e0f8f8e0f0c0
Color Hash:#2d4386

Other Hashes

Crop Resistant:100c4c32104c0000,d0283202642028c0

Scan History

Scan history not available

Unable to load historical scan data