# bafkreihhqmsab3s2vhiyta2er32smfqnzp4sqd7g67a6s5cg6xm77wbgdm.ipfs.dweb.link — MALICIOUS

> Warning: The domain bafkreihhqmsab3s2vhiyta2er32smfqnzp4sqd7g67a6s5cg6xm77wbgdm.ipfs.dweb.link is a high-risk phishing site. Avoid interaction.

## Summary
PhishDestroy identifies the domain bafkreihhqmsab3s2vhiyta2er32smfqnzp4sqd7g67a6s5cg6xm77wbgdm.ipfs.dweb.link as a generic phishing threat. It was registered recently and associated with deceptive activity.

Technical signals include registration through CSC Corporate Domains, Inc., presence on a security blocklist, and detection by multiple security vendors. The domain resolves to IP 209.94.90.2 and was flagged for phishing risks.

Currently, the domain is offline and returns a "410 Gone" response, indicating takedown or suspension. Users should avoid this domain to prevent potential phishing exposure.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 410)
- Page title: 410 Gone

## Domain Intelligence
- Registered: 2026-02-21 07:01:08
- Registrar: CSC Corporate Domains, Inc.
- Country: US
- IP: 209.94.90.2
- IP Org: Cloudflare CDN
- Nameservers: ["clarissa.ns.cloudflare.com", "tate.ns.cloudflare.com"]
- SSL Issuer: Let's Encrypt / E7

## Detection Status
- VirusTotal: 15 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CyRadar", "Ermes", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "G-Data", "Kaspersky", "Lionic", "Netcraft", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019bdb7e-91a8-7534-8009-643aeec98901.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/1e350a54-622f-47af-8dbf-2c5b76061574
- PhishDestroy: https://phishdestroy.io/domain/bafkreihhqmsab3s2vhiyta2er32smfqnzp4sqd7g67a6s5cg6xm77wbgdm.ipfs.dweb.link/
- LLM endpoint: https://phishdestroy.io/domain/bafkreihhqmsab3s2vhiyta2er32smfqnzp4sqd7g67a6s5cg6xm77wbgdm.ipfs.dweb.link/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bafkreihhqmsab3s2vhiyta2er32smfqnzp4sqd7g67a6s5cg6xm77wbgdm.ipfs.dweb.link/
Last updated: 2026-03-19