PCrisk.com
bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link favicon

bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link

Category: Phishing

Scanned: May 14, 2026, 03:49 PM UTC · First seen: May 14, 2026 · Threat Engines: 15 / 92 · Times Scanned: 1
5 / 100 Trust Score Based on scan findings at the time of analysis
Potentially Dangerous
0 - High Risk50 - Moderate100 - No Threats
Fresh scan recommended
Last scanned 23 days ago - security status may have changed since then.
Not scanned has not been scanned yet. Hit Scan Now to check it.

Scans can take up to 5 minutes to complete. Please keep this tab open - we'll redirect you to the report when it's ready.

Failed
Scan unavailable
Scan failed
Protect yourself from potentially harmful websites
Combo Cleaner's real-time web protection module actively blocks access to scam, phishing & malware-infected websites.
★★★★★ 4.8 / 5 Recommended by PCrisk.com editors Windows · Mac · Android · iOS
Download Combo Cleaner Free scan · no signup

To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.

Screenshot of bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link Captured May 14, 2026
https://bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link
Screenshot of bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link
This website has been flagged as potentially harmful
Screenshot blurred for safety. Multiple security engines flagged potential threats at the time of scanning.
9 years (dweb.link)
Not Ranked - This website does not appear in the Tranco top list
Flagged by 15 of 92 engines
✓ Valid (TLS)
Protocol Labs
San Francisco, United States
@helia/service-worker-gateway/3.3.1#HEAD@a1c3b15
Unknown
209.94.90.3
Domain & WHOIS Information
Registrar CSC Corporate Domains, Inc.
Registered February 24, 2017 (dweb.link)
Expires February 24, 2027
Name Servers tate.ns.cloudflare.com
DNSSEC Unsigned
Hosting Protocol Labs
This is a subdomain of dweb.link. The WHOIS data above belongs to the parent domain, not to bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link. The actual creation date of this subdomain is unknown and could be much more recent than the parent.
Reputation & Threat Check 92 security engines checked
15
15 of 92 engines flagged this website Flagged by 15 security vendors at the time of scanning
Not flagged Flagged
Flagged by 15 of 92 engines
Direct Threat Database Sources
Google Not listed Spamhaus DBL Not listed SURBL Listed Spamhaus ZEN Not listed Barracuda Not listed SpamCop Not listed Spamhaus ZRD Not listed URLhaus Not listed Phishtank Not listed QBMA Not listed
View detailed engine results on VirusTotal
File Scan Summary Powered by Quttera Engine
3 files scanned
No threats
2
Low Risk
0
Medium Risk
0
High Risk
1
No threats Low Risk Medium Risk High Risk
bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link/# 11.7 KB Flagged: high risk
code.jquery.com/jquery-3.2.1.slim.min.js 68.0 KB No threats
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js 47.8 KB No threats
Quttera flagged high risk files - is this your website?
Investigate and remove potential threats with Quttera
Remove Malware

Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.

External Links & Domains
11
External Links
5 Flagged
0
Iframes
Clean
11
Referenced Domains
5 Flagged
10
Flagged Resources
Detected
bafybeibusvqm3e73ahgyhttqud3p3vhxaqh5fbtftjgibzsjegsprsulx4.ipfs.w3s.linkFlagged: Generic Malicious Object
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.linkFlagged: Generic Malicious Object
bafybeidf5fw6gmcl7xh3ytqn53u7vmg2cfhynrbmhkwhxvcizz5rtdbyxq.ipfs.w3s.linkFlagged: Generic Malicious Object
bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.linkFlagged: Generic Malicious Object
bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.linkFlagged: Generic Malicious Object
https://bafybeibusvqm3e73ahgyhttqud3p3vhxaqh5fbtftjgibzsjegsprsulx4.ipfs.w3s.link/desktop.cssFlagged: Generic Malicious Object
https://bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/xdesktop.cssFlagged: Generic Malicious Object
https://bafybeidf5fw6gmcl7xh3ytqn53u7vmg2cfhynrbmhkwhxvcizz5rtdbyxq.ipfs.w3s.link/styles.min.cssFlagged: Generic Malicious Object
https://bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link/jquery-ui.cssFlagged: Generic Malicious Object
https://bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link/framework.cssFlagged: Generic Malicious Object
https://bafybeibusvqm3e73ahgyhttqud3p3vhxaqh5fbtftjgibzsjegsprsulx4.ipfs.w3s.link/desktop.cssFlagged: Generic Malicious Object
https://bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.link/xdesktop.cssFlagged: Generic Malicious Object
https://bafybeidf5fw6gmcl7xh3ytqn53u7vmg2cfhynrbmhkwhxvcizz5rtdbyxq.ipfs.w3s.link/styles.min.cssFlagged: Generic Malicious Object
https://bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.link/jquery-ui.cssFlagged: Generic Malicious Object
https://bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.link/framework.cssFlagged: Generic Malicious Object
http://roundcubeplus.com/Not flagged
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jsNot flagged
https://code.jquery.com/jquery-3.2.1.slim.min.jsNot flagged
https://email.powweb.com/roundcube/skins/larry/images/favicon.icoNot flagged
https://logodix.com/logo/2075101.pngNot flagged
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.jsNot flagged
bafybeibusvqm3e73ahgyhttqud3p3vhxaqh5fbtftjgibzsjegsprsulx4.ipfs.w3s.linkFlagged: Generic Malicious Object
bafybeicvuk4mb6tdtpe7yxnckrewbgyimqr5hbp67dhzjjg5mkgo2t2eey.ipfs.w3s.linkFlagged: Generic Malicious Object
bafybeidf5fw6gmcl7xh3ytqn53u7vmg2cfhynrbmhkwhxvcizz5rtdbyxq.ipfs.w3s.linkFlagged: Generic Malicious Object
bafybeig5evukk2lmpa2bdjinbdd6bgqonnqhx7xvqbkbrlqiy4v3vv5n5u.ipfs.w3s.linkFlagged: Generic Malicious Object
bafybeihbjgeaixczn7cx54jxs55tothzeaururwppolrtid7agdsbvhupm.ipfs.w3s.linkFlagged: Generic Malicious Object
cdnjs.cloudflare.comNot flagged
code.jquery.comNot flagged
email.powweb.comNot flagged
logodix.comNot flagged
maxcdn.bootstrapcdn.comNot flagged
roundcubeplus.comNot flagged
bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link Overview

Description of bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link

This URL appears to be an IPFS-hosted page delivered through a public gateway rather than a conventional branded website. The page shown in the screenshot presents itself as a generic "Webmail" login portal with username and password fields, a "Session Expired" message, and text referencing IMAP authentication and quarantined messages. It also references Roundcube-related assets, which suggests it may be imitating or repurposing a webmail interface.

Based on the domain structure and page content, this does not appear to be a normal corporate homepage or established consumer service. Instead, it appears to be a single-purpose login page hosted on decentralized storage infrastructure, with no clear operator identity shown on the page. The use of an IPFS content identifier in the hostname and the lack of visible organizational branding make attribution difficult based on available data.

Safety Assessment for bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link

Multiple scan signals indicate elevated risk at the time of this scan. The URL was flagged by 15 out of 92 security engines, with many of those detections classifying it as phishing or malicious. The page content also matches a common credential-harvesting pattern: a sparse webmail login form, urgency-themed messaging about session expiry and quarantined messages, and no clear evidence of a legitimate mail provider identity.

The malware scan also reported malicious findings associated with the page and several linked IPFS-hosted resources. While blacklist databases listed in the scan were clean at the time of review, that does not outweigh the broader multi-engine phishing consensus and the suspicious login-focused content shown in the screenshot. The combination of decentralized hosting, generic webmail branding, and credential-entry prompts may increase the likelihood that the page is intended to collect usernames and passwords.

Based on these findings, this website may pose potential risks to visitors.

Technical Description

The site is served over HTTPS with a valid Let's Encrypt certificate that was valid at the time of this scan. It resolves to infrastructure associated with Protocol Labs and uses the server banner "@helia/service-worker-gateway/3.3.1#HEAD@a1c3b15," which is consistent with an IPFS gateway setup. The domain uses Cloudflare nameservers, and DNSSEC appears to be unsigned.

From a security perspective, the main concern is not the TLS setup but the hosting model and page behavior. IPFS gateway URLs can make operator identification and takedown more difficult, and this page pulls multiple external CSS resources from other IPFS gateway hostnames that were also flagged by malware scanning. The domain itself is old, but because this is content-addressed gateway hosting, the age of the parent domain is less reassuring than it would be for a conventional standalone website.

HTTP Redirect Chain
400 https://bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.inbrowser.link/
Website Insights
Not Ranked
Tranco Rank
Not in Top 1M
Visitors Unknown
Category: Phishing
Rank History (30 days)
No rank data available
1 cookie detected
Essential1
Analytics0
Advertising0
Social0
0 1st party cookies
1 3rd party (tracker)
Dispute This Score For website owners
Believe this score is inaccurate?
If you are the website owner and believe the scan results contain errors or false positives, you can submit a dispute for manual review. Our team typically responds within 1-2 business days.
You will be asked to verify your email before the dispute can be processed.
By submitting this form, you confirm that the information provided is accurate. Disputes are reviewed manually and results may take up to 48 hours to update.
One more step..
To submit your dispute for bafkreifki2x2ookbrn2vujr5dnx5tjeg77legdonbtfy2vhul2dt64yely.ipfs.dweb.link, please click the verification link we just emailed you. Once verified, we'll review it within 1–2 business days.
This report was generated automatically and is provided for informational purposes only. Results are based on a point-in-time scan and may contain false positives or incomplete data. This does not constitute a security audit or certification. No vendor in the market can guarantee a 100% detection rate. If you believe this report is inaccurate, please submit a dispute.
Similar Recently Scanned
mrauthtool.com screenshot
mrauthtool.com
Potentially Suspicious 39/100
blexta.com screenshot
blexta.com
Potentially Dangerous 5/100
allegrolokalnie.pl-598190248124.xyz
Potentially Dangerous 5/100
distribution-reprogramation.com screenshot
distribution-reprogramation.com
Potentially Dangerous 5/100
kleinanzeigen-deutsch.de-supsrvc8732367.info
Potentially Dangerous 19/100
owa.itineraryupdate.com screenshot
owa.itineraryupdate.com
Potentially Dangerous 5/100
appchsbb.partnersbbswisspassch.com screenshot
appchsbb.partnersbbswisspassch.com
Potentially Dangerous 19/100
greeninvestmentgroup.073202.com screenshot
greeninvestmentgroup.073202.com
Potentially Dangerous 19/100

Share your experience with this website. Was it safe? Did you encounter any issues?