Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
http://ipfs.io/ipfs/bafkreif6h3ajzv77tfpy2eblhv3ixxmspptqcwlfwhspm63r7fhxvww2se
Detected Brand
Adobe PDF
Country
International
Confidence
100%
HTTP Status
200
Report ID
35960b42-01cā¦
Analyzed
2026-02-11 11:40
Final URL (after redirects)
https://ipfs.io/ipfs/bafkreif6h3ajzv77tfpy2eblhv3ixxmspptqcwlfwhspm63r7fhxvww2se
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T19771413390001E1F2A76D194BFECB70116D0A441C59E2A8471EC23DFAAE5DE7F487359 |
|
CONTENT
ssdeep
|
48:n2qbpBAbbAuYpdLpctRo6wnbTlaP0s5CxvClI6oIn66f2bbi+LnuW6kMI5:n1AbbAuS8GeC4lISnKiU8b0 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
803b5d67272e8d8d |
|
VISUAL
aHash
|
086c7d647c7c7c7c |
|
VISUAL
dHash
|
d09cb18da9a4a4a4 |
|
VISUAL
wHash
|
006c5d647c7c7c7c |
|
VISUAL
colorHash
|
07000038000 |
|
VISUAL
cropResistant
|
d09cb18da9a4a4a4,f0c6c0c0c0c0c0c0 |
Code Analysis
Risk Score
100/100
Threat Level
ALTO
ā ļø Phishing Confirmed
š£ Credential Harvester
š£ OTP Stealer
š£ Card Stealer
š£ Personal Info
š¬ Threat Analysis Report
ā¢ Threat: Credential Phishing
ā¢ Target: Adobe PDF Users
ā¢ Method: Malicious login form
ā¢ Exfil: Email and Password
ā¢ Indicators: Impersonation, credential request
ā¢ Risk: HIGH
š Obfuscation Detected
- fromCharCode
- unescape
š Risk Score Breakdown
Total Risk Score
90/100
Contributing Factors
Credential Harvesting
Direct request for email and password. This is the primary phishing technique.
Impersonation
Mimics the Adobe PDF brand to trick users.
š¬ Comprehensive Threat Analysis
Threat Type
Banking Credential Harvester
Target
Adobe PDF users (International)
Attack Method
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
ā ļø Indicators of Compromise
- Kit types: Credential Harvester, OTP Stealer, Card Stealer, Personal Info
- 16 obfuscation techniques
š¢ Brand Impersonation Analysis
Impersonated Brand
Adobe PDF
Official Website
https://www.adobe.com/acrobat/online/pdf-reader.html
Fake Service
PDF viewer
āļø Attack Methodology
Primary Method: Credential Harvesting
The attacker is using a fake login form to collect user's email address and password. The form is likely hosted on a phishing domain designed to mimic Adobe's.
š Infrastructure Indicators of Compromise
Domain Information
Domain
None
Registered
None
Registrar
None
Status
None
š¤ AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Adobe
https://pdfprotected-doc-kitsune-22feb6.netlify.app/?naps
May 21, 2026
Adobe PDF (implied)
https://ipfs.io/ipfs/bafkreif6h3ajzv77tfpy2eblhv3ixxmspptqcw...
Mar 18, 2026
Adobe PDF (Likely)
https://ipfs.io/ipfs/bafkreif6h3ajzv77tfpy2eblhv3ixxmspptqcw...
Mar 14, 2026
Unknown
http://ipfs.io/ipfs/bafkreif6h3ajzv77tfpy2eblhv3ixxmspptqcwl...
Mar 13, 2026
Adobe PDF
https://ipfs.io/ipfs/bafkreif6h3ajzv77tfpy2eblhv3ixxmspptqcw...
Jan 07, 2026
Scan History for ipfs.io
Found 10 other scans for this domain
-
https://bafybeifucnntp2tzvo2smmgd2nrz2anlih4bapzou...
https://bafybeidainj73npe2kepzldqmuwzes5stwbgtu2pb...
https://bafybeidzv5orafwm4qq7m5wdptagbyyaksssolxhe...
https://bafybeiby3jwvxj44lno5pu2qjn5ezh5mlm4fkoy4q...
https://bafybeiaz6xbudbilnb4a52kkl2ffapf7oim253s7i...
https://bafybeieqilhn5yjrdt2cs46bglcamzimrcgbfuvq3...
https://bafkreidpy5pr2m6yvnk6v7ry7tu5lydi2rkd5reft...
https://bafybeih4lunv4ykv3qnx3n4c2c3d3gl5vlonz34ui...
http://ipfs.io/ipfs/bafybeibo7ht7ythkoucqnhcd4lzr5...
https://bafybeicfvmv4fni2inofzgesr4hc754scsn2zsohf...
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.