bafkreifjwfze2ce74zbj6xilrzf3wixlub5w7ixt2iofzkd72vtndj7c2a.ipfs.dweb.link
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of bafkreifjwfze2ce74zbj6xilrzf3wixlub5w7ixt2iofzkd72vtndj7c2a.ipfs.dweb.link
This URL is an IPFS gateway address served through the dweb.link infrastructure, which is commonly used to access content stored on the InterPlanetary File System. The hostname itself appears to be a content identifier rather than a conventional branded domain, and the page metadata references an IPFS service worker gateway operated within the broader Protocol Labs ecosystem.
However, the visible page content in this scan does not behave like a typical informational IPFS gateway page. Instead, it presents a generic "EmailLogin" form asking for an email address and mailbox password, with minimal branding and no clear indication of a legitimate service provider. Based on the screenshot and classifications, this specific hosted content appears to be using decentralized web infrastructure to present what may be a credential-harvesting page rather than a normal website or application.
Safety Assessment for bafkreifjwfze2ce74zbj6xilrzf3wixlub5w7ixt2iofzkd72vtndj7c2a.ipfs.dweb.link
Multiple security signals indicate elevated risk at the time of this scan. The URL was flagged by 16 out of 91 security engines, and several web-classification sources categorized it as phishing or fraud-related. The screenshot also shows a generic email login prompt requesting a mailbox password, which is a common pattern associated with credential theft, especially when presented on an unbranded content-addressed subdomain rather than an official mail provider domain.
A malware scan also produced a suspicious result and identified one flagged page element, which adds supporting concern, although such heuristic findings are generally lower confidence on their own. In addition, the domain's IP address is listed on one mail-reputation blocklist; that signal is weaker than phishing detections, but it does add a small amount of negative context rather than indicating a fully clean reputation.
Based on the combination of multi-engine phishing detections, fraud-related categorization, and the credential-collection behavior visible in the screenshot, this website may pose potential risks to visitors.
Technical Description
The site is delivered over HTTPS with a valid Let's Encrypt certificate that, at the time of this scan, was set to expire on 2026-08-21. It is served through Cloudflare infrastructure, with hosting attributed to Protocol Labs and an IP address located in San Francisco, United States. The nameservers are on Cloudflare, and DNSSEC appears to be unsigned.
From a technical perspective, the use of IPFS gateway hosting can make abusive content harder to attribute and remove quickly compared with a conventional website. The page metadata describes a legitimate IPFS gateway bootstrap page, but the rendered content shown in the screenshot differs materially from that description, which may indicate that the gateway is serving user-published content that should be treated cautiously.
Share your experience with this website. Was it safe? Did you encounter any issues?