ScanMalware.com

Security Scan Report: bafkreihgb6nwzsdnmk64f3f6g4sseh4m52sfmlpy5hctcyc4bogfyj4xly.ipfs.dweb.link

Submitted: Dec 4, 2025, 12:43:30 PMCompleted: Dec 4, 2025, 12:44:29 PMpubliccompleted
Loading additional data...

Summary

This website contacted 32 IPs in 3 countries across 10 domains to perform 24 HTTP transactions. The main domain is bafkreihgb6nwzsdnmk64f3f6g4sseh4m52sfmlpy5hctcyc4bogfyj4xly.ipfs.dweb.link.

Submitted URL: https://bafkreihgb6nwzsdnmk64f3f6g4sseh4m52sfmlpy5hctcyc4bogfyj4xly.ipfs.dweb.link/

The Cisco Umbrella rank of the primary domain is #174,969 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

7
Risk Score

High risk phishing page hosted on IPFS, likely harvesting credentials.

Risk Factors
IPFS-hosted content with login form
Untrusted domain with low Cisco Umbrella ranking
Credential harvesting form (email field) on suspicious site
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

technology software

(49%)

Domain Information

The domain 'bafkreihgb6nwzsdnmk64f3f6g4sseh4m52sfmlpy5hctcyc4bogfyj4xly.ipfs.dweb.link' uses the .link top-level domain with subdomain 'bafkreihgb6nwzsdnmk64f3f6g4sseh4m52sfmlpy5hctcyc4bogfyj4xly.ipfs'. The registrable portion 'dweb' spans 4 characters holding 1 vowel versus 3 consonants. Segmentation suggests two words: d, web. Median word length is two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bafkreihgb6nwzsdnmk64f3f6g4sseh4m52sfmlpy5hctcyc4bogfyj4xly.ipfs.dweb.link/

Page Load Overview

0.39s
Total Load Time
24
HTTP Requests
10
Domains
106 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
Text Length:590 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software49% confidence
Type: dynamic
Method: ml+structural+ocr_tiebreaker

All Detected Categories

technology software
49%
documentation technical
41%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1162.149.158.90Arezzo, Tuscany, Italy
AS31034Aruba S.p.A.
3209.94.90.2United States
AS40680PROTOCOL
2142.250.184.195United States
AS15169GOOGLE
2192.178.170.95United States
AS15169GOOGLE
1151.101.193.229San Francisco, California, United States
AS54113FASTLY
1142.250.185.106United States
AS15169GOOGLE
1104.18.11.207United States
AS13335CLOUDFLARENET
1151.101.194.137San Francisco, California, United States
AS54113FASTLY
1104.17.24.14United States
AS13335CLOUDFLARENET
1104.18.10.207United States
AS13335CLOUDFLARENET
2432--

Detected Technologies4

IPFS
40%
HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T156236B3CA220C8BDD9B36A7BFCE46B15C058DF53EDD5B6C4346E80862FE157A70106A6

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:qf7x4reI7j8Hk0rV/IE913qXwIpbkvXXcp9X7QgIYYhGjjjGaWno59NNRQSstdlN:vjGaB59NN+3x1WzErapM

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:49002:KUCBAFTAgpmigKIKIVKRaCQkNVAv0AASDQhAChSYD0sIUisiEPuAQ6EBREIxIikhg4gQcykA2FCAAICiAFVzRSlBkcCEIsEB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:cecec2fedacadbcf
Perceptual Hash:f531389999ad6169
Difference Hash:1a1a0604321a121b
Wavelet Hash:cac6c2dec2c0d3c7
Color Hash:#361f93

Other Hashes

Crop Resistant:1a1a0604321a121b

Scan History

Scan history not available

Unable to load historical scan data