MalwareTips
Security Review

Is passwords.ddns.info legit or a scam?

Our verdict:Suspicious· 55/100

Self-hosted Vaultwarden password manager on a free DDNS domain with no verifiable business identity or contact details.

Top reasons
Free dynamic DNS subdomain (*.ddns.info) commonly abused for malware C2 and unauthorized remote access.No business registration, company name, or legal entity associated with the domain.No contact email, phone number, or postal address visible on the page or in WHOIS.
passwords.ddns.infoScanned 4h ago
Post Facebook
0
Trust score
SUSPICIOUS
Heuristics 87·MT 42
Category tags
self-hosted servicedynamic dns72% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/0
All engines report clean
Domain Age
25 years old
Registered Oct 4, 2001
MT Intelligence
Suspicious
Moderate likelihood · 72% confidence
SUSPICIOUS

Warning signs detected

Self-hosted Vaultwarden password manager on a free DDNS domain with no verifiable business identity or contact details. Several risk indicators suggest caution. This site might be legitimate — but treat it as unverified until you can independently confirm.

Website Preview

Screenshot of passwords.ddns.info
LIVE RENDER
passwords.ddns.info

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Moderate scam likelihoodengineMT · Guardiantrust42/100
MT AgentLive web researchVisual inspection
0%
Confidence
The page title and minimal content match Vaultwarden, an open-source Bitwarden server implementation commonly self-hosted by individuals. Our antivirus network and browser blocklists show no detections, and the domain has been registered for nearly 25 years, which is consistent with a long-standing personal project. However, the use of a free dynamic DNS subdomain (*.ddns.info) combined with the complete absence of business registration, contact email, phone, or postal address raises operational concerns. DDNS domains are frequently abused for malware command-and-control infrastructure, and while this particular hostname has no scam reports or complaints in public databases, the lack of any identifying information makes it impossible to verify who operates the service or establish accountability if something goes wrong. The page appears to be a legitimate self-hosted instance rather than a phishing clone, but the infrastructure choices and anonymity create moderate risk.
Full dossier
Analysis complete

Page Content

The page displays only a title 'Vaultwarden Web' with minimal body text. This is consistent with a self-hosted Vaultwarden instance that may still be loading or awaiting user interaction. Vaultwarden is a legitimate, open-source Rust implementation of the Bitwarden password manager, commonly deployed by individuals for personal password storage.

Infrastructure

The domain uses a free dynamic DNS provider (ddns.info) rather than a traditional registered domain. The hosting IP (104.152.130.24) has zero abuse reports and a clean reputation score. SSL is valid and issued by Let's Encrypt. However, DDNS subdomains are frequently flagged in enterprise security contexts because they are associated with dynamic residential IPs and are commonly used for unauthorized remote-access tools and malware C2 infrastructure.

Domain History

The domain was registered approximately 24.7 years ago (9014 days), suggesting a long-standing personal project rather than a recently-spun-up phishing site. The registrar is PublicDomainRegistry.com, and WHOIS privacy protection is disabled.

Web Reputation

No scam reports, complaints, or malware detections were found for this hostname in public databases. Independent review aggregators returned no data. However, the complete absence of business registration, contact email, phone number, or postal address means there is no verifiable operator identity or accountability mechanism.

Risk Factors
5
  • Free dynamic DNS subdomain (*.ddns.info) commonly abused for malware C2 and unauthorized remote access.
  • No business registration, company name, or legal entity associated with the domain.
  • No contact email, phone number, or postal address visible on the page or in WHOIS.
  • Minimal page content and no identifying information about the operator or service purpose.
  • DDNS infrastructure often triggers security alerts in enterprise environments due to association with residential IPs and potential unauthorized access tools.
Positive Signals
5
  • Domain registered 24.7 years ago, consistent with a long-standing personal project.
  • Valid SSL certificate issued by Let's Encrypt with 53 days remaining.
  • Hosting IP has zero abuse reports and a clean reputation score.
  • Page title and content match legitimate open-source Vaultwarden software; no clone or phishing indicators detected.
  • No scam reports, complaints, or malware detections found in public databases.
AI Recommendation
If you recognize this as your own self-hosted Vaultwarden instance, it is safe to use. If you encountered this domain unexpectedly or do not recognize the operator, do not enter credentials or sensitive information. Consider using a traditional password manager with verified business registration and transparent contact information instead.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for passwords.ddns.info, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
24 yrs
Registered Oct 2001
Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
No scam reports found
No complaints, no negative coverage turned up in our sweep.
Key findings
7 headline facts from open-web research
  • Domain passwords.ddns.info has been registered for approximately 24.7 years (9014 days)
  • Page title is "Vaultwarden Web", consistent with a self-hosted instance of Vaultwarden, the unofficial Rust implementation of the Bitwarden password manager
  • No mentions of the exact domain in scam reports, complaints, malware analyses, or security blacklists were found
  • ddns.info is a free dynamic DNS provider subdomain; such domains are commonly used for personal self-hosted services (including Vaultwarden, Nextcloud, etc.) but are also frequently abused by malware for C2 due to easy registration and IP c
  • No business name, company registration, or contact details located for this specific hostname
  • General security note: DDNS domains like *.ddns.info often trigger alerts in enterprise environments as they are associated with dynamic residential IPs and potential unauthorized remote access tools
  • No positive user reviews, forum discussions, or public references to this specific hostname were located
Research summary
Narrative write-up from our AI analyst, grounded on the facts above

We searched scam-report databases, consumer-review sites, and general web sources for passwords.ddns.info and found no scam reports, complaints, or malware analyses. No business registration or company information was located. The domain appears to be a personal self-hosted Vaultwarden instance rather than a commercial service, which explains the absence of business registration and public reviews. However, the lack of any identifying information or contact details prevents verification of the operator's identity or intent.

Antivirus Engines

Clean pass · verified
Clean across 0 engines

We cross-check every URL against our antivirus network of 0 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious0Harmless0Engines
Clean
Kaspersky
Not in pass
Bitdefender
Not in pass
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Not in pass
Fortinet
Not in pass
Google Safebrowsing
Not in pass
Emsisoft
Not in pass

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Domain History
Age25 years old
RegistrarPDR Ltd. d/b/a PublicDomainRegistry.com
RegisteredOct 4, 2001
ExpiresOct 4, 2026
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · E7
ExpiresAug 2, 2026 (53d)
Self-signedNo
Hosting & Technology
HostingMVT Broadband
Server locationUS
Web serveropenresty

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPMVT Broadband
Usage typeFixed Line ISP

Proceed with caution

Our automated review flagged enough risk that you should treat this site as unverified.

  • Treat passwords.ddns.info as unverified

    Do not enter credentials or send money until you have independently verified the business.

  • Verify the business through independent channels

    Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.

  • Never use irreversible payment methods

    Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.

  • Share your experience

    If you have additional context, drop a comment below or post on the MalwareTips forum.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review marked passwords.ddns.info as suspicious. Several warning signs were detected; it may still turn out legitimate, but you should verify it through independent channels before trusting it with money or credentials.
  • passwords.ddns.info currently scores 55/100 on our trust scale. We found enough warning signals to recommend caution. Verify the site through independent channels before entering credentials or money.
  • Yes. passwords.ddns.info presents a valid TLSv1.3 certificate issued by Let's Encrypt · E7, expiring in 53 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • passwords.ddns.info is 24.7 years old, registered on 10/4/2001 through PDR Ltd. d/b/a PublicDomainRegistry.com. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • No. All 0 antivirus engines in our malware network report passwords.ddns.info as clean.
  • No. passwords.ddns.info is not currently listed on the major browser blocklist feeds that modern browsers use.
  • passwords.ddns.info resolves to an IP operated by MVT Broadband in US (usage type: Fixed Line ISP). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 9, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around passwords.ddns.info have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·passwords.ddns.info
SUSPICIOUS

This domain hosts a Vaultwarden password-manager interface on a free dynamic DNS subdomain. While the page itself is legitimate open-source software, the combination of a DDNS address, lack of business registration, and absence of contact information makes it difficult to verify legitimacy or establish accountability.

If you recognize this as your own self-hosted Vaultwarden instance, it is safe to use. If you encountered this domain unexpectedly or do not recognize the operator, do not enter credentials or sensitive information. Consider using a traditional password manager with verified business registration and transparent contact information instead.

AV engines
0
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Suspicious reports

Browse all reports
Suspicioustrust50
cadcr.buzz
38m ago
Read the review
Suspicioustrust64
batcave.biz
40m ago
Read the review
Suspicioustrust62
lumifydropsstg.wpengine.com
2h ago
Read the review
Suspicioustrust49
twf.cc
2h ago
Read the review
Suspicioustrust73
crazyegg.com
3h ago
Read the review
Suspicioustrust49
kynvale.com
3h ago
Read the review
Suspicioustrust66
dailymail.com
3h ago
Read the review
Suspicioustrust52
aijiaox.com
3h ago
Read the review
Suspicioustrust52
livarodesign.com
3h ago
Read the review
Suspicioustrust63
filester.me
3h ago
Read the review
Suspicioustrust61
sdn002binsir.h2h.my.id
4h ago
Read the review
Suspicioustrust52
ems-ycfms-aden.moeenautomation.com
4h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.