# bafybeiehcvedf3comafxuz6kt2s4zuswrcq6oxffnsvl6wpm7dawy245te.ipfs.dweb.link — MALICIOUS

> Safety warning: bafybeiehcvedf3comafxuz6kt2s4zuswrcq6... is a generic phishing threat. It was flagged by 15 VirusTotal vendors.

## Summary
PhishDestroy has identified bafybeiehcvedf3comafxuz6kt2s4zuswrcq6oxffnsvl6wpm7dawy245te.ipfs.dweb.link as an active, high-risk generic phishing domain. This domain presents a significant security threat, likely attempting to steal credentials or sensitive information through deceptive means.

Technical analysis reveals several indicators of malicious activity. 15 of 95 security vendors on VirusTotal flag this domain as malicious. The domain resolves to IP address 209.94.90.2 and was registered through CSC Corporate Domains, Inc. on February 24, 2017. It is currently included on 3 security blocklists, including OpenPhish, PhishingDB, and OISD. The SSL certificate was issued by Let's Encrypt.

Given the active status, high-risk designation, and multiple security flags, immediate caution is advised. Users should avoid interacting with this domain or any content it hosts. Refrain from entering any personal information, login credentials, or financial details. It is crucial to verify any links associated with this domain through reputable sources like PhishDestroy before accessing them.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2017-02-24 01:05:27
- Registrar: CSC Corporate Domains, Inc.
- IP: 209.94.90.2

## Detection Status
- VirusTotal: 15 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["OpenPhish", "PhishingDB", "OISD"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/domains/bafybeiehcvedf3comafxuz6kt2s4zuswrcq6oxffnsvl6wpm7dawy245te.ipfs.dweb.link
- PhishDestroy: https://phishdestroy.io/domain/bafybeiehcvedf3comafxuz6kt2s4zuswrcq6oxffnsvl6wpm7dawy245te.ipfs.dweb.link/
- LLM endpoint: https://phishdestroy.io/domain/bafybeiehcvedf3comafxuz6kt2s4zuswrcq6oxffnsvl6wpm7dawy245te.ipfs.dweb.link/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/bafybeiehcvedf3comafxuz6kt2s4zuswrcq6oxffnsvl6wpm7dawy245te.ipfs.dweb.link/
Last updated: 2026-04-10