ScanMalware.com

Security Scan Report: bafybeicakljrcne7ikzpdmshde2j5kof5arq2ywfu3j7vzutwmub32mgrq.ipfs.dweb.link

Submitted: Nov 16, 2025, 5:20:17 PMCompleted: Nov 16, 2025, 5:20:33 PMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main domain is bafybeicakljrcne7ikzpdmshde2j5kof5arq2ywfu3j7vzutwmub32mgrq.ipfs.dweb.link and was registered NaN years ago.

Submitted URL: https://bafybeicakljrcne7ikzpdmshde2j5kof5arq2ywfu3j7vzutwmub32mgrq.ipfs.dweb.link/

The Cisco Umbrella rank of the primary domain is #174,969 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

Phishing page impersonating Naver, hosted on IPFS – high risk.

Risk Factors
IPFS‑hosted content with credential‑harvesting form
Brand impersonation of Naver on a low‑ranking, unrelated domain
Password field on a domain that is not the official Naver site
Domain age information unavailable

Details

Page Title

Naver Sign in

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

social media network

(84%)

Domain Information

The domain name 'bafybeicakljrcne7ikzpdmshde2j5kof5arq2ywfu3j7vzutwmub32mgrq.ipfs.dweb.link' uses the .link top-level domain; it also runs on subdomain 'bafybeicakljrcne7ikzpdmshde2j5kof5arq2ywfu3j7vzutwmub32mgrq.ipfs'. The second-level label 'dweb' is 4 characters long split between 1 vowel and 3 consonants. It segments into 2 words: d, web. Expect 2 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bafybeicakljrcne7ikzpdmshde2j5kof5arq2ywfu3j7vzutwmub32mgrq.ipfs.dweb.link/

Page Load Overview

2.86s
Total Load Time
6
HTTP Requests
4
Domains
134 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:374 chars
Detector Agreement:100%

Website Classification

Primary Category

social media network84% confidence
Type: webapp
Method: ml+structural

All Detected Categories

social media network
84%
corporate business
67%
technology software
46%
documentation technical
26%
corporate
25%

Detected Features

Login Form
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6104.18.11.207United States
AS13335CLOUDFLARENET
0216.58.206.74United States
AS15169GOOGLE
0209.94.90.3United States
AS40680PROTOCOL
0209.94.90.2United States
AS40680PROTOCOL
023.201.244.241Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
02606:4700::6812:bcfUnited States
AS13335CLOUDFLARENET
02606:4700::6812:acfUnited States
AS13335CLOUDFLARENET
02602:fea2:2::3United States
AS40680PROTOCOL
0142.250.185.106United States
AS15169GOOGLE
02a00:1450:4001:828::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
612--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10A13B43296A4203EB237C96276A67BDD35208113C5178F2DF55E77B48F868E62933B84

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:ZRfh0Yr0fFihiyaGf+n4K/D1Ei137XKfGvdC:Dhw14GvdC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:42481:IFmXLmIMhEQARuDEoaAaDIEIMQEQgsAYRBUSrBggoGMZTEEIACBkiqEkSIVwaRCBcZBiCAiqQ4CSahjkmACpgKyAiUtEJVgA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7e7ffe7e7ffe7ff
Perceptual Hash:a366cc9933339999
Difference Hash:0c0c104d0c100c00
Wavelet Hash:20200404e7e7e7ff
Color Hash:#d27992

Other Hashes

Crop Resistant:0c0c104d0c100c00

Scan History

Scan history not available

Unable to load historical scan data