ScanMalware.com

Security Scan Report: ipfs.io

Submitted: Dec 13, 2025, 7:21:17 PMCompleted: Dec 13, 2025, 7:21:51 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main domain is ipfs.io and was registered NaN years ago.

Submitted URL: https://ipfs.io/ipfs/bafkreib2cqhbmdlndvysuw2wupfzgatxtqmca7k5xw5r6blplo4mbygzam

The Cisco Umbrella rank of the primary domain is #104,019 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 85%

7
Risk Score

High‑risk phishing page hosted on IPFS, likely attempting to harvest credentials.

Risk Factors
IPFS‑hosted login page (high‑risk hosting for credential harvesting)
Presence of password field on an untrusted IPFS gateway
Low Cisco Umbrella ranking for a site claiming to be a mail portal
Domain age information unavailable

Details

Page Title

Login to your Mail Portal

Scan Type

public

Language

🇺🇸

English

(39% confidence)

Category

social_media

(50%)

Domain Information

Within the British Indian Ocean Territory country-code top-level domain (.io), 'ipfs.io' is registered. Count 4 characters in 'ipfs' split between one vowel and 3 consonants. It segments into 2 words: i, pfs. Expect 2 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ipfs.io/ipfs/bafkreib2cqhbmdlndvysuw2wupfzgatxtqmca7k5xw5r6blplo4mbygzam

Page Load Overview

2.19s
Total Load Time
3
HTTP Requests
2
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:39%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:39%
Script Type:Latin
Text Length:174 chars
Detector Agreement:67%

Website Classification

Primary Category

social_media50% confidence
Type: webapp
Method: structural

All Detected Categories

social_media
50%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3185.111.111.157Frankfurt am Main, Hesse, Germany
AS212238Datacamp Limited
0209.94.90.1United States
AS40680PROTOCOL
02602:fea2:2::1United States
AS40680PROTOCOL
02400:52e0:1a00::1346:1Chicago, Illinois, United States
AS200325BUNNYWAY, informacijske storitve d.o.o.
34--

Detected Technologies4

IPFS
40%
HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1BC32545734F215291667A0767BDBB3013630E0076549E8057DAC63EA8FC6E86DAE33CE

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:UDvDyI8usr7pK0VcUnyiUFkJPZ5hccF2fAAiZLihF9siP7sSAAirqAAiWsdTs6Wv:wFinqTixi2QsSTieTiWsdTs/iqi8hZT/

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:11805:OWMCe0wABI0JEAKEjFAAggShEQLsogoAFKFBIAiwiq5pgIC4ZFU2ASAHIIkkoIKjoXYGBiAwCkMGBvYaAAAYFSUFABulAAQJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffe7e7e7e7ffff
Perceptual Hash:b326cc9933666699
Difference Hash:0c004d4d4d4d000c
Wavelet Hash:0f0f272707070f0f
Color Hash:#d2ac2d

Other Hashes

Crop Resistant:0c004d4d4d4d000c,8280a0a0a0a08082,a080a0e060a080a0,b2716896f0e861b2

Scan History

Scan history not available

Unable to load historical scan data