ScanMalware.com

Security Scan Report: bafkreihdshffayi4fwbyd5evjo5nhgma5pi4fhnsqfmgiq7ccqiysvpicu.ipfs.dweb.link

Submitted: Nov 27, 2025, 9:25:08 AMCompleted: Nov 27, 2025, 9:26:13 AMpubliccompleted
Loading additional data...

Summary

This website contacted 28 IPs in 2 countries across 8 domains to perform 12 HTTP transactions. The main domain is bafkreihdshffayi4fwbyd5evjo5nhgma5pi4fhnsqfmgiq7ccqiysvpicu.ipfs.dweb.link.

Submitted URL: https://bafkreihdshffayi4fwbyd5evjo5nhgma5pi4fhnsqfmgiq7ccqiysvpicu.ipfs.dweb.link/

The Cisco Umbrella rank of the primary domain is #174,969 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Confirmed phishing scam hosted on IPFS with credential harvesting.

Risk Factors
IPFS‑hosted page containing a password field
Credential‑harvesting form on a newly created, unranked domain
Impersonation of a webmail service on a non‑official domain
Absence of noindex meta tag (allows indexing of phishing page)
Domain age effectively 0 days (critical new domain)
Domain age information unavailable

Details

Page Title

Mail

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(32%)

Domain Information

Within the .link top-level domain, 'bafkreihdshffayi4fwbyd5evjo5nhgma5pi4fhnsqfmgiq7ccqiysvpicu.ipfs.dweb.link' is registered, featuring subdomain 'bafkreihdshffayi4fwbyd5evjo5nhgma5pi4fhnsqfmgiq7ccqiysvpicu.ipfs'. Count 4 characters in 'dweb' holding one vowel versus three consonants. Breaking it apart gives 2 words: d, web. Median word length comes out to two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bafkreihdshffayi4fwbyd5evjo5nhgma5pi4fhnsqfmgiq7ccqiysvpicu.ipfs.dweb.link/

Page Load Overview

0.45s
Total Load Time
13
HTTP Requests
8
Domains
117 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:193 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam32% confidence
Type: webapp
Method: ml+structural

All Detected Categories

phishing scam
32%
documentation technical
30%
adult content
28%
news media journalism
28%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
13172.64.147.188United States
AS13335CLOUDFLARENET
2151.101.130.137San Francisco, California, United States
AS54113FASTLY
2209.94.90.2United States
AS40680PROTOCOL
2216.58.206.42United States
AS15169GOOGLE
1104.18.11.207United States
AS13335CLOUDFLARENET
1142.250.186.74United States
AS15169GOOGLE
1104.18.40.68United States
AS13335CLOUDFLARENET
1104.18.10.207United States
AS13335CLOUDFLARENET
1104.17.24.14United States
AS13335CLOUDFLARENET
0209.94.90.3United States
AS40680PROTOCOL
1328--

Detected Technologies3

PasswordField
100%
JQueryv2.2.4
100%
Bootstrapv4.0.0
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T11464D76CB920349D7836C92FF0C0BA9392549C43F5668EB3F62F24C48F9556916B3F1A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:Akoxylkn2vOl1xI2CAQg0TFkfFynHmI1iT7Hq:Ako+Gl1xI2CAQT3iT7K

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:332105:qACKAGtRbrgFABAUaIAFGSkoYgQdkAHkANRZXCKxRA4jghBirJsURaZAgSDYcOgJRBMNICAYdJEBFAFWIP6wD0AgLMgAAyJR

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7c3ffc3c3ffff
Perceptual Hash:b19ece659a9a3164
Difference Hash:000e0e2296962a0c
Wavelet Hash:ffc1c1c1c1c181f7
Color Hash:#2d8686

Other Hashes

Crop Resistant:000e0e2296962a0c,000830b2b2300c20

Scan History

Scan history not available

Unable to load historical scan data