# branch-main-9dfef01.appwrite.network — MALICIOUS

> Beware of branch-main-9dfef01.appwrite.network, a high-risk domain impersonating Adobe. Learn why this site is unsafe and how to protect yourself online.

## Summary
PhishDestroy identifies branch-main-9dfef01.appwrite.network as a high-risk phishing domain involved in brand impersonation targeting Adobe. The site mimics Adobe’s branding with a misleading page titled "View File || Online Reader," aiming to deceive users into divulging sensitive information.

This domain resolves to IP address 151.101.67.52 and was registered through GoDaddy.com, LLC on June 28, 2022. It has been flagged by 19 security vendors on VirusTotal and appears on two separate security blocklists, underscoring its malicious intent and widespread recognition by cybersecurity entities.

Currently, the domain is offline, reducing immediate risk to users. However, users are advised to remain cautious of similar URLs and avoid interacting with suspicious links claiming to be Adobe-related. Continuous monitoring and blocking of this domain type are recommended to prevent potential data breaches and phishing attacks.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Adobe
- Page title: View File || Online Reader

## Domain Intelligence
- Registered: 2022-06-28 00:00:00
- Expires: 2027-06-28 00:00:00
- Registrar: GoDaddy.com, LLC
- Country: US
- IP: 151.101.131.52
- IP Org: Cloudflare CDN
- Nameservers: rosalyn.ns.cloudflare.com renan.ns.cloudflare.com
- SSL Issuer: Certainly / Certainly Intermediate R1

## Detection Status
- VirusTotal: 19 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "CRDF", "CyRadar", "Ermes", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "Phishing Database", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019ad21d-ad77-746f-b9e4-8f1486cce87d.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/0de7a511-2745-4b72-aa0a-9d8bef73bb14
- Wayback Machine: https://web.archive.org/web/https://branch-main-9dfef01.appwrite.network
- PhishDestroy: https://phishdestroy.io/domain/branch-main-9dfef01.appwrite.network/
- LLM endpoint: https://phishdestroy.io/domain/branch-main-9dfef01.appwrite.network/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/branch-main-9dfef01.appwrite.network/
Last updated: 2026-03-19