SafeMode - Analysis: crackaf-bubbles-frontend.vercel.app

Visual Capture

Screenshot of crackaf-bubbles-frontend.vercel.app

Detection Info

http://crackaf-bubbles-frontend.vercel.app/nfts/collections/0x11304895f41C5A9b7fBFb0C4B011A92f1020EF96

Detected Brand

Unknown

Country

Unknown

Confidence

100%

HTTP Status

200

Report ID

8f73c951-296…

Analyzed

2026-06-12 10:17

Final URL (after redirects)

https://crackaf-bubbles-frontend.vercel.app/nfts/collections/0x11304895f41C5A9b7fBFb0C4B011A92f1020EF96

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1F91352B18280796F43775BC2A212A7FF30A7712EDFDF2A5193F493E46385EA1D811489
CONTENT ssdeep	384:PVL40Pq2fDIH1RUkj4AnBEuoiCsmsxyQdqq6:PVLX6VRaABnCsmsAE6

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	d39b0e6c6c32928f
VISUAL aHash	01fffeeef1000000
VISUAL dHash	13d0dcdcc3d4d4d4
VISUAL wHash	81fffffff3000000
VISUAL colorHash	16000030000
VISUAL cropResistant	353d333be2927252,afebababcf2c3d6d,13d0dcdcc3d4d4d4

Code Analysis

Risk Score 100/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔒 Obfuscation Detected

atob
fromCharCode
unicode_escape
js_packer
base64_strings

🎯 Kit Endpoints

/nfts/collections
/nfts/collections/0x11304895f41C5A9b7fBFb0C4B011A92f1020EF96#items
/nfts/collections/0x11304895f41C5A9b7fBFb0C4B011A92f1020EF96#traits
/nfts/collections/0x11304895f41C5A9b7fBFb0C4B011A92f1020EF96#activity

📡 API Calls Detected

POST
logs
https://www.google.com/ccm/geo
stats
account
proxy

📊 Risk Score Breakdown

Total Risk Score

100/100

Contributing Factors

Active Phishing Kit

Detected kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info

Code Obfuscation

JavaScript code obfuscated using 224 technique(s) to evade detection

🔬 Comprehensive Threat Analysis

Threat Type

Banking Credential Harvester

Target

General public

Attack Method

obfuscated JavaScript

Exfiltration Channel

Unknown

Risk Assessment

CRITICAL - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
224 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand

Generic Phishing

Official Website

N/A

Fake Service

Banking/payment service

⚔️ Attack Methodology

Primary Method: Credential Harvesting

Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.

Secondary Method: JavaScript Obfuscation

Malicious code is obfuscated using 224 techniques to evade detection by security scanners and make reverse engineering more difficult.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain

crackaf-bubbles-frontend.vercel.app

Registered

Unknown

Registrar

Unknown

Status

Hosting platform (subdomain)

Hosting Information

Provider

Unknown

ASN

🤖 AI-Extracted Threat Intelligence

Scan History for crackaf-bubbles-frontend.vercel.app

Found 10 other scans for this domain

https://www.crackaf-bubbles-frontend.vercel.app ?

http://crackaf-bubbles-frontend.vercel.app/nfts/co... Bubbles (Impersonation) Jun 12, 2026 10:18

http://crackaf-bubbles-frontend.vercel.app/blindbo... ? Jun 12, 2026 10:18

http://crackaf-bubbles-frontend.vercel.app/nfts/co... PancakeSwap Jun 12, 2026 10:18

http://crackaf-bubbles-frontend.vercel.app/nfts/co... Bubbles Jun 12, 2026 10:18

http://crackaf-bubbles-frontend.vercel.app/nfts/au... Bubbles Jun 12, 2026 10:18

http://crackaf-bubbles-frontend.vercel.app/farms/h... Bubbles Jun 12, 2026 10:18

http://crackaf-bubbles-frontend.vercel.app/nfts/co... ? Jun 12, 2026 10:18

http://crackaf-bubbles-frontend.vercel.app/nfts/co... PancakeSwap Jun 12, 2026 10:17

http://crackaf-bubbles-frontend.vercel.app/blindbo... ? Jun 12, 2026 10:17