# bafkreidc5owqhqffk566izwslyhcdn5jczscuf2vppv37h7sb4e66usxhi.ipfs.dweb.link — MALICIOUS

> Avoid bafkreidc5owqhqffk566izwslyhcdn5jczscuf2vppv37h7sb4e66usxhi.ipfs.dweb.link. This domain hosts a phishing page pretending to be a professional email login.

## Summary
PhishDestroy identifies bafkreidc5owqhqffk566izwslyhcdn5jczscuf2vppv37h7sb4e66usxhi.ipfs.dweb.link as a high-risk generic phishing domain mimicking a professional email sign-in page. The domain's deceptive title aims to lure users into credential theft.

Technical indicators reveal the domain was registered on November 29, 2021 via CSC Corporate Domains, Inc. It resolved to IP address 209.94.90.3 and appeared on one security blocklist. VirusTotal flags it with 15 out of 95 security vendors detecting malicious activity, confirming its threat status.

Currently, the domain is offline and no longer resolving, indicating a takedown or abandonment. Users should remain vigilant against similar phishing attempts utilizing decentralized web IPFS gateways and avoid providing credentials on suspicious sites.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 410)
- Page title: Sign in - Professional Email

## Domain Intelligence
- Registered: 2021-11-29 09:33:03
- Registrar: CSC Corporate Domains, Inc.
- Country: US
- IP: 209.94.90.3
- IP Org: Cloudflare CDN
- Nameservers: ["clarissa.ns.cloudflare.com", "tate.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "DNS8", "Emsisoft", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Netcraft", "OpenPhish", "Trustwave", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c87dd-1c5e-7088-9724-be5c51bc5318.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/3a033c86-d788-40a9-8a01-29bb36b2d65b
- Wayback Machine: https://web.archive.org/web/https://bafkreidc5owqhqffk566izwslyhcdn5jczscuf2vppv37h7sb4e66usxhi.ipfs.dweb.link
- PhishDestroy: https://phishdestroy.io/domain/bafkreidc5owqhqffk566izwslyhcdn5jczscuf2vppv37h7sb4e66usxhi.ipfs.dweb.link/
- LLM endpoint: https://phishdestroy.io/domain/bafkreidc5owqhqffk566izwslyhcdn5jczscuf2vppv37h7sb4e66usxhi.ipfs.dweb.link/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bafkreidc5owqhqffk566izwslyhcdn5jczscuf2vppv37h7sb4e66usxhi.ipfs.dweb.link/
Last updated: 2026-03-19