ScanMalware.com

Security Scan Report: ipfs.io

Site favicon
Submitted: Dec 4, 2025, 12:44:31 PMCompleted: Dec 4, 2025, 12:45:21 PMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main domain is ipfs.io.

Submitted URL: https://ipfs.io/ipfs/bafkreidwkmvfevreagm7fkietz3m32crnuderjz73tkfhdsvwzg6xqnu6u

The Cisco Umbrella rank of the primary domain is #104,019 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 93%

8
Risk Score

High‑risk phishing page harvesting credentials on IPFS.

Risk Factors
Credential collection (email and password) on an IPFS gateway
Impersonation of a well‑known brand (DHL) on a low‑reputation domain
Password‑protected document prompt used as social engineering lure
Domain age information unavailable

Details

Page Title

DHL | Tracking System

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(74%)

Domain Information

The domain name 'ipfs.io' uses the British Indian Ocean Territory country-code top-level domain (.io) with no subdomain. Its registrable label 'ipfs' stretches across 4 characters containing 1 vowel alongside three consonants. Segmentation suggests two words: i, pfs. Average segment length settles at two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ipfs.io/ipfs/bafkreidwkmvfevreagm7fkietz3m32crnuderjz73tkfhdsvwzg6xqnu6u

Page Load Overview

0.36s
Total Load Time
6
HTTP Requests
5
Domains
64 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:144 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software74% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
74%
government public service
56%
documentation technical
53%
adult content
31%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
635.186.213.112United States
AS396982GOOGLE-CLOUD-PLATFORM
1172.217.18.14United States
AS15169GOOGLE
1104.18.25.163United States
AS13335CLOUDFLARENET
1185.93.2.248Paris, Île-de-France, France
AS60068Datacamp Limited
1209.94.90.1United States
AS40680PROTOCOL
0104.18.24.163United States
AS13335CLOUDFLARENET
02606:4700::6812:19a3United States
AS13335CLOUDFLARENET
02a00:1450:4001:800::200eFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
02606:4700::6812:18a3United States
AS13335CLOUDFLARENET
02602:fea2:2::1United States
AS40680PROTOCOL
611--

Detected Technologies4

IPFS
40%
HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T178F1975529F308212513E07D2FFBA2043622D007598ADDA97FDC5398CFCEE5599B27C9

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:kk9vK3BFa99UFZ5rdyJ3HwWGrWwHmrz2FtViWCmLjIjYMj:p0FasFAHorWwHmCFtVtLjIjD

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:7879:g6YDgQUNiAGWUJ0ACAnCEC0DUOQYWFZBQANnUKNUAIJQBACzHhQFATLUYAnADEIoInBXZLASj0NMBwJHGhgDJKU6IRASDIBI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00263e3e3e3e3e1c
Perceptual Hash:87727c585a6968da
Difference Hash:60dcd4cce0d4d4e8
Wavelet Hash:003e3e3e3e3e3e0c
Color Hash:#361f93

Other Hashes

Crop Resistant:a92d4d99816d6db2,60dcd4cce0d4d4e8,0008647032320800

Scan History

Scan history not available

Unable to load historical scan data