ScanMalware.com

Security Scan Report: bafkreiaq3pljos4ltygvhnewtlebhqwsqymrhxjb6e4xbx34z5m6dewyp4.ipfs.dweb.link

Submitted: Dec 8, 2025, 2:51:50 PMCompleted: Dec 8, 2025, 2:52:15 PMpubliccompleted
Loading additional data...

Summary

This website contacted 13 IPs in 5 countries across 6 domains to perform 17 HTTP transactions. The main domain is bafkreiaq3pljos4ltygvhnewtlebhqwsqymrhxjb6e4xbx34z5m6dewyp4.ipfs.dweb.link and was registered NaN years ago.

Submitted URL: https://bafkreiaq3pljos4ltygvhnewtlebhqwsqymrhxjb6e4xbx34z5m6dewyp4.ipfs.dweb.link/

The Cisco Umbrella rank of the primary domain is #174,969 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing page impersonating Microsoft, hosted on IPFS.

Risk Factors
IPFS‑hosted content containing a password field (credential harvesting)
Impersonation of Microsoft services on an untrusted domain
Low ranking in Cisco Umbrella for a site claiming a well‑known brand
Login form action points to the same IPFS URL (no legitimate backend)
Noindex meta tags absent, allowing search engine indexing of phishing page
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(68% confidence)

Category

technology software

(29%)

Domain Information

You're looking at domain 'bafkreiaq3pljos4ltygvhnewtlebhqwsqymrhxjb6e4xbx34z5m6dewyp4.ipfs.dweb.link' on the .link top-level domain; it also runs on subdomain 'bafkreiaq3pljos4ltygvhnewtlebhqwsqymrhxjb6e4xbx34z5m6dewyp4.ipfs'. Count 4 characters in 'dweb' with one vowel and three consonants. Segmentation suggests two words: d, web. Average segment length settles at two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bafkreiaq3pljos4ltygvhnewtlebhqwsqymrhxjb6e4xbx34z5m6dewyp4.ipfs.dweb.link/

Page Load Overview

11.64s
Total Load Time
17
HTTP Requests
6
Domains
243 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:68%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:68%
Script Type:Latin
Text Length:99 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software29% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
29%
social_media
25%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
562.149.158.90Arezzo, Tuscany, Italy
AS31034Aruba S.p.A.
1172.217.168.74United States
AS15169GOOGLE
1142.250.185.202United States
AS15169GOOGLE
1142.250.184.195United States
AS15169GOOGLE
137.157.2.250Denmark
AS198622Adform A/S
1209.94.90.2United States
AS40680PROTOCOL
12a00:1450:4001:830::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
12a0b:7e00:101:907::7Denmark
AS198622Adform A/S
1209.94.90.3United States
AS40680PROTOCOL
12602:fea2:2::3United States
AS40680PROTOCOL
1713--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13BB24A3CB231C88D9D73A63BFCA82B15D1449E53FDD9A2C4342D40C62FE196AB5147EA

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:6fii8qZKvJiHDCFNG/lf1BOhaPsgWQVTQIWY:e+FNG/PIkOIWY

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:25142:DqmImbEIAACVGAQIBGKgAFCTYCAEAmNmBXiKdUCAoWBM26mAU8QhkCElgAwEQggXwIKIDABVlRwSETNyA0AAaygIHQgEFAAk

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffd387c7c7efffff
Perceptual Hash:b33cccc7339a9c30
Difference Hash:04161b1f1c180008
Wavelet Hash:510381818484fcfc
Color Hash:#a3d22d

Other Hashes

Crop Resistant:04161b1f1c180008

Scan History

Scan history not available

Unable to load historical scan data