Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
http://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev/sweetjan.html
Detected Brand
Adobe PDF
Country
International
Confidence
100%
HTTP Status
200
Report ID
123e997d-9da…
Analyzed
2026-01-02 18:58
Final URL (after redirects)
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev/sweetjan.html
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1DC61413350002E1E3A32D1A4AFECB71126D1E441D59E2984B1EC67CF9AD4DE7F497268 |
|
CONTENT
ssdeep
|
48:ndqbpBAbbAuYpdLpctRo6wnbTlus5Cx2gEItxLl56of66f2bbi+Lnuk5:nYAbbAuS8GvCNt75lKiUj |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
80395d67272e2dad |
|
VISUAL
aHash
|
185c5c6c74747c7c |
|
VISUAL
dHash
|
f090b1adada4a4a4 |
|
VISUAL
wHash
|
087c5c6c7c647c7c |
|
VISUAL
colorHash
|
07000038000 |
|
VISUAL
cropResistant
|
f090b1adada4a4a4,f189c1c1c1c1c1c1 |
Code Analysis
Risk Score
86/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Card Stealer
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Credential harvesting phishing targeting PDF viewers.
• Target: Adobe PDF users, especially those opening shared PDF files.
• Method: Fake login form overlayed on document to steal email and password.
• Exfil: Unknown, likely custom API based on domain and obfuscation.
• Indicators: Domain mismatch (not adobe.com), free hosting (r2.dev), obfuscated JavaScript, email/password form.
• Risk: HIGH - Immediate credential theft.
🔒 Obfuscation Detected
- fromCharCode
- unescape
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Adobe
http://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev/sweetjan....
Apr 06, 2026
PDF Online
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev/sweetjan...
Feb 17, 2026
Adobe PDF (Impersonation)
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev/sweetjan...
Feb 17, 2026
Adobe PDF
http://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev/sweetjan....
Jan 14, 2026
PDF
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev/sweetjan...
Jan 07, 2026
Scan History for pub-3b2161932db04c4eaa01be3fb152244b.r2.dev
Found 9 other scans for this domain
-
http://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev...
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.de...
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.de...
http://pub-3b2161932db04c4eaa01be3fb152244b.r2.dev...
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.de...
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.de...
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.de...
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.de...
https://pub-3b2161932db04c4eaa01be3fb152244b.r2.de...
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.