ScanMalware.com

Security Scan Report: bafybeihbo652zq6qfhwwinhwzxjvanc2j6kppmw64laujdergwekj5wlre.ipfs.dweb.link

Site favicon
Submitted: Dec 1, 2025, 10:27:51 AMCompleted: Dec 1, 2025, 10:28:30 AMpubliccompleted
Loading additional data...

Summary

This website contacted 28 IPs in 2 countries across 16 domains to perform 19 HTTP transactions. The main domain is bafybeihbo652zq6qfhwwinhwzxjvanc2j6kppmw64laujdergwekj5wlre.ipfs.dweb.link.

Submitted URL: https://bafybeihbo652zq6qfhwwinhwzxjvanc2j6kppmw64laujdergwekj5wlre.ipfs.dweb.link/newor.html/

The Cisco Umbrella rank of the primary domain is #174,969 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Confirmed phishing scam; high‑risk site harvesting credentials.

Risk Factors
IPFS‑hosted content with password field
Credential‑harvesting form on a newly registered domain
Brand impersonation on an unranked/untrusted domain
Domain age information unavailable

Details

Page Title

Webmail :: Welcome to Webmail

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(35%)

Domain Information

Domain 'bafybeihbo652zq6qfhwwinhwzxjvanc2j6kppmw64laujdergwekj5wlre.ipfs.dweb.link' uses the .link top-level domain, featuring subdomain 'bafybeihbo652zq6qfhwwinhwzxjvanc2j6kppmw64laujdergwekj5wlre.ipfs'. The registrable portion 'dweb' spans 4 characters with one vowel and three consonants. Tokenizing the label suggests two words: d, web. Expect 2 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bafybeihbo652zq6qfhwwinhwzxjvanc2j6kppmw64laujdergwekj5wlre.ipfs.dweb.link/newor.html/

Page Load Overview

0.59s
Total Load Time
19
HTTP Requests
16
Domains
92 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:357 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software35% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
35%
adult content
34%
documentation technical
32%
news media journalism
27%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9209.94.90.2United States
AS40680PROTOCOL
1104.18.10.207United States
AS13335CLOUDFLARENET
165.254.250.40United States
AS29873BIZLAND-SD
1104.17.24.14United States
AS13335CLOUDFLARENET
1151.101.66.137San Francisco, California, United States
AS54113FASTLY
1142.250.186.106United States
AS15169GOOGLE
0209.94.90.3United States
AS40680PROTOCOL
0104.17.25.14United States
AS13335CLOUDFLARENET
0151.101.130.137San Francisco, California, United States
AS54113FASTLY
0104.18.11.207United States
AS13335CLOUDFLARENET
1928--

Detected Technologies4

IPFS
40%
HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data