bafkreic4i6dcf3l7fjwy3ehkxfjsunhd6j3kh4ycikdney3pzg5jrjbrxy.ipfs.dweb.link
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of bafkreic4i6dcf3l7fjwy3ehkxfjsunhd6j3kh4ycikdney3pzg5jrjbrxy.ipfs.dweb.link
This URL appears to be an IPFS-hosted web page delivered through a public gateway on the dweb.link domain rather than a conventional branded website. The page title and screenshot indicate a generic "EmailLogin" interface that asks visitors to enter an email address and mailbox password, with minimal branding and no clear identification of an organization, service provider, or legitimate operator.
Based on the visible content, the page does not appear to function as a normal informational site, business homepage, or consumer service portal. Instead, it presents a simple credential-entry form labeled as a secure mail server, which may be intended to collect login details. Because it is hosted via decentralized content infrastructure and lacks clear ownership signals, attribution to a specific operator is not evident from the available data.
Safety Assessment for bafkreic4i6dcf3l7fjwy3ehkxfjsunhd6j3kh4ycikdney3pzg5jrjbrxy.ipfs.dweb.link
Multiple security signals raise concern about this page. At the time of this scan, 16 out of 92 security engines flagged the URL, largely with phishing-related verdicts. The screenshot also shows a generic email-password collection form with no recognizable provider branding, no supporting navigation, and no visible trust indicators beyond generic wording such as "Secure Mail Server," which is a pattern commonly associated with credential-harvesting pages.
At the same time, some other checks were clean: the malware scan did not identify flagged files, and the listed blacklist databases did not report the URL at the time of this scan. However, those clean results do not outweigh the relatively broad multi-engine phishing consensus and the highly suspicious page design. The use of an IPFS gateway can also make abusive content more difficult to attribute or remove quickly.
Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site is served over a valid Let's Encrypt certificate and appears to be fronted by Cloudflare, with hosting associated with Protocol Labs infrastructure and an IP address in San Francisco, United States. The domain uses Cloudflare nameservers and the parent gateway domain is several years old, but the specific content path is an IPFS object identifier rather than a traditional standalone domain. DNSSEC appears to be unsigned.
From a security perspective, the main concern is not the TLS setup but the application-layer behavior: a bare credential form requesting mailbox passwords without clear service identification. The page loads a small number of external assets from common content delivery networks and shows no flagged iframes or malicious files in the provided scan, but the phishing-oriented detections from multiple security engines remain the more significant signal at the time of this scan.
Share your experience with this website. Was it safe? Did you encounter any issues?