bafkreibym46z7vd4aovjmufkopyilxkmhu2nm4iucykhgvplzo5pmnw52i.ipfs.dweb.link
Category: Malicious
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of bafkreibym46z7vd4aovjmufkopyilxkmhu2nm4iucykhgvplzo5pmnw52i.ipfs.dweb.link
This URL is hosted under the ipfs.dweb.link gateway, which is commonly used to serve content from the InterPlanetary File System (IPFS), a decentralized file-hosting network. The page metadata references an IPFS service worker gateway operated through infrastructure associated with Protocol Labs, and the domain itself appears to be a content-addressed IPFS resource rather than a conventional branded website with a human-readable domain name.
However, the visible page content in this scan does not resemble a normal gateway information page. Instead, it presents a simple "EmailLogin" form asking for an email address and mailbox password, with minimal branding and generic wording such as "Secure Mail Server." Based on the screenshot and domain structure, this appears to be a credential-collection page delivered through an IPFS gateway rather than an official email provider login portal.
Safety Assessment for bafkreibym46z7vd4aovjmufkopyilxkmhu2nm4iucykhgvplzo5pmnw52i.ipfs.dweb.link
Multiple independent signals indicate elevated risk at the time of this scan. The URL was flagged by 18 out of 91 security engines, and several web-classification sources categorized it as phishing, fraud, or otherwise malicious. The screenshot also shows a generic email login form requesting a mailbox password on a long, non-branded IPFS gateway URL, which is a common pattern associated with credential-harvesting pages rather than legitimate account portals.
A malware scan also reported a suspicious object associated with the page, although that specific heuristic finding is lower confidence on its own than the broader multi-engine phishing consensus. In addition, the domain's IP address is listed on one mail-reputation blocklist, which is a weaker signal than phishing detections but still worth noting. While some major threat databases were clean at the time of this scan, the combination of the phishing-themed page content and the relatively high number of security-engine detections materially increases concern.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid Let's Encrypt SSL certificate and is served through Cloudflare-backed infrastructure, with hosting attributed to Protocol Labs and an IP address located in San Francisco, United States. The domain has existed for several years, uses Cloudflare nameservers, and DNSSEC appears to be unsigned.
From a technical perspective, the key concern is not the TLS setup but the nature of the hosted content. The scanned page appears to be an IPFS-hosted login form on a content-addressed subdomain, and one scanned URL path was flagged as suspicious. This kind of decentralized hosting can make abusive pages more difficult to track or remove quickly, even when the underlying gateway infrastructure itself is legitimate.
Share your experience with this website. Was it safe? Did you encounter any issues?