bafkreig5vx6vfnqbg7zvesjo33mqzs2mvgatdknjxuif7hcxybqrh6vmty.ipfs.dweb.link
Category: Information Technology, Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Quttera Web Malware Removal is a paid subscription service. Pricing, plans, and trial availability are set by Quttera. Quttera is operated by Quttera Ltd, an independent third-party company unrelated to RCS LT. PCRisk.com may earn a referral commission when users sign up through this link.
Description of bafkreig5vx6vfnqbg7zvesjo33mqzs2mvgatdknjxuif7hcxybqrh6vmty.ipfs.dweb.link
This URL is an IPFS gateway address served through the dweb.link infrastructure, which is commonly used to access content stored on the InterPlanetary File System. The page metadata references an "IPFS Service Worker Gateway," suggesting the underlying host is part of a decentralized content-delivery setup rather than a conventional standalone website with a branded domain name.
However, the visible page content at the time of this scan does not appear to match a normal technical gateway landing page. Instead, it presents a generic "EmailLogin" form requesting an email address and mailbox password, with minimal branding and no clear identification of a legitimate service provider. Based on the domain structure, hosting context, and page presentation, this specific IPFS-hosted page appears to be using decentralized web infrastructure to deliver a credential-collection interface.
Safety Assessment for bafkreig5vx6vfnqbg7zvesjo33mqzs2mvgatdknjxuif7hcxybqrh6vmty.ipfs.dweb.link
Multiple independent security signals indicate elevated risk at the time of this scan. The URL was flagged by 16 out of 91 security engines, and several web-classification sources categorized it as phishing or fraud-related content. The screenshot also shows a generic email login prompt asking visitors to enter their mailbox password, which is a common pattern associated with credential-harvesting pages, especially when it appears on an unbranded IPFS gateway URL rather than an official mail provider domain.
A malware scan also produced a low-confidence suspicious finding on one page resource, and the domain's IP address is listed on one mail-reputation blocklist. That DNS-based listing is a weaker signal than direct phishing detections, but it still adds some caution. At the same time, several major threat databases were clean at the time of this scan, which can happen with newly rotated or decentralized phishing content.
The domain itself is old because it belongs to shared gateway infrastructure, so age alone does not reduce concern for the specific content being served from this path. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid Let's Encrypt SSL certificate with expiry in August 2026, and traffic appears to be served through Cloudflare-backed infrastructure associated with Protocol Labs. The resolved server IP is 209.94.90.2, geolocated to San Francisco, United States. Nameservers are hosted on Cloudflare, and DNSSEC is unsigned.
From a technical perspective, the use of HTTPS is positive for transport encryption, but it does not validate the trustworthiness of the page content. The combination of decentralized IPFS delivery, a long hash-based subdomain, and a generic credential form may make attribution and takedown more difficult than with a traditional hosted website.
Share your experience with this website. Was it safe? Did you encounter any issues?