bafkreiac2jv3nypiod3oolnpoj4sz4xqchyh3n4miy6wbmwj23yrn7ksnm.ipfs.dweb[.]link
Category: Information Technology, Suspicious
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of bafkreiac2jv3nypiod3oolnpoj4sz4xqchyh3n4miy6wbmwj23yrn7ksnm.ipfs.dweb[.]link
This URL appears to be an IPFS gateway page served through the dweb.link domain, rather than a conventional branded website with a clear organizational identity. The long content-addressed subdomain suggests the page is tied to decentralized web content hosted via IPFS infrastructure, and the hosting details point to infrastructure associated with Protocol Labs. Based on the visible page content, the site presents itself as an "EmailLogin" portal asking visitors to enter an email address and mailbox password.
The page does not appear to provide normal business, product, or informational content. Instead, it shows a minimal login form with generic wording such as "Secure Mail Server" and "Please enter your mailbox password to continue," which may indicate an attempt to collect credentials rather than provide a legitimate standalone service. No clear operator branding, company identification, or service-specific context is visible in the screenshot.
Safety Assessment for bafkreiac2jv3nypiod3oolnpoj4sz4xqchyh3n4miy6wbmwj23yrn7ksnm.ipfs.dweb[.]link
Multiple independent security signals raise concerns about this URL at the time of this scan. It was flagged by 13 out of 92 security engines, with several classifying it as phishing or fraud-related, and multiple web-classification sources also categorized it as suspicious or phishing-related. In addition, one blacklist database listing was present, although some other blacklist checks were clean.
The screenshot further increases concern because the page appears to be a generic email credential prompt hosted on an IPFS gateway domain rather than on a recognizable mail provider's official domain. A page asking for an email address and mailbox password without clear provider branding or account context may be consistent with credential-harvesting behavior. While one malware scan reported no flagged files, that result does not outweigh the broader phishing-related detections and the deceptive-looking login interface.
Based on these findings, this website may pose potential risks to visitors, particularly anyone considering entering email login credentials.
Technical Description
The domain uses a valid Let's Encrypt SSL certificate with an expiry date in 2026, which indicates encrypted transport is available, but HTTPS alone does not establish legitimacy. The site is hosted on infrastructure associated with Protocol Labs and resolves through Cloudflare nameservers. DNSSEC appears to be unsigned, and the web server software was not identified in the scan data.
From a technical perspective, the URL structure is notable because it uses a long IPFS content identifier under the dweb.link gateway. This setup can make attribution and takedown more difficult than with a typical centralized website. The page also loads common third-party assets from public content delivery networks, and one scanner noted a generic malicious-object pattern tied to the page URL itself rather than to a downloaded file.
Share your experience with this website. Was it safe? Did you encounter any issues?