# personal-projects-help.appwrite.network — MALICIOUS

> personal-projects-help.appwrite.network is a high-risk phishing domain impersonating Adobe. Stay vigilant and avoid interaction with this site.

## Summary
PhishDestroy identifies personal-projects-help.appwrite.network as an active phishing domain impersonating Adobe. The site leverages the trusted Adobe brand under the guise of a "PDF Viewer" page to deceive users into divulging sensitive information. This campaign presents a high risk to users due to its convincing brand impersonation and active status.

The domain was registered recently on February 22, 2026, through GoDaddy.com, LLC using Appwrite as the registrar. It resolves to IP address 151.101.195.52 and is flagged by 23 out of 95 security vendors on VirusTotal. Additionally, the domain appears on three security blocklists, indicating recognized malicious activity. The infrastructure points to a coordinated effort to exploit Adobe’s brand reputation.

Currently, personal-projects-help.appwrite.network remains active and continues to pose a threat. Users and organizations are strongly advised to block access to this domain and educate personnel about this phishing attempt. Continuous monitoring and updating of security defenses are essential to mitigate exposure to this ongoing Adobe brand impersonation campaign.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Adobe
- Page title: PDF Viewer

## Domain Intelligence
- Registered: 2026-02-22 15:15:04
- Registrar: GoDaddy.com, LLC
- Country: US
- IP: 151.101.195.52
- IP Org: Cloudflare CDN
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Certainly / Certainly Intermediate R1

## Detection Status
- VirusTotal: 23 vendors flagged
  Vendors: ["Abusix", "ADMINUSLabs", "alphaMountain.ai", "Cluster25", "CRDF", "CyRadar", "DNS8", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "G-Data", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Netcraft", "OpenPhish", "SOCRadar", "Sophos", "Trustwave", "URLQuery", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishDestroy"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019c85a0-e56d-749a-8e02-b36178b60f0d.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/6dafdd79-9849-42ee-8dab-b591e9bf63f0
- Wayback Machine: https://web.archive.org/web/https://personal-projects-help.appwrite.network
- PhishDestroy: https://phishdestroy.io/domain/personal-projects-help.appwrite.network/
- LLM endpoint: https://phishdestroy.io/domain/personal-projects-help.appwrite.network/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/personal-projects-help.appwrite.network/
Last updated: 2026-03-19