EN ES PT
Back to Stats

Visual Capture

No screenshot available

Detection Info

https://luqmanlegal.com/said/servicio.html
Detected Brand
Aruba.it
Country
Italy
Confidence
95%
HTTP Status
200
Report ID
becfc687-2a7…
Analyzed
2026-01-26 13:58

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1917174709294743E08D5C3DCB7A17F2A27D28195E742086DA3EACB6E8FD7E50DC019E9
CONTENT ssdeep
48:GjPCeNmTNMgEMFIiGy5a9O/qIXmQJIkQSqyBhor9ak1qnQ9GEjDsJRp7ic1dqQr:GjiERlynmQKyzKGysfBqK

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
d71a5d2a772a5522
VISUAL aHash
00fffffffffffffe
VISUAL dHash
28004d686810010e
VISUAL wHash
001c2737e7cbddc4
VISUAL colorHash
07000038040
VISUAL cropResistant
309964694810010e,00000288988c4208

Code Analysis

Threat Level BAJO

🔬 Threat Analysis Report

• Threat: Information disclosure.
• Target: Aruba.it customers.
• Method: Displaying order details. No data exfiltration possible because no form submissions.
• Exfil: N/A
• Indicators: Payment details
• Risk: LOW - only order information is shown.

🔐 Credential Harvesting Forms

📤 Form Action Targets

  • py.html

📊 Risk Score Breakdown

Total Risk Score
0/100

Contributing Factors

Credential Harvesting
Credential harvesting detected with 1 form(s) capturing sensitive data

🔬 Comprehensive Threat Analysis

Threat Type
Unknown Threat
Target
Aruba.it users (Italy)
Attack Method
credential harvesting forms
Exfiltration Channel
HTTP POST to backend
Risk Assessment
LOW - Automated credential harvesting with HTTP POST to backend

🏢 Brand Impersonation Analysis

Impersonated Brand
Aruba.it
Official Website
Unknown
Fake Service
Fraudulent service portal

Fraudulent Claims

⚔️ Attack Methodology

Primary Method: Credential Harvesting

Victim enters credentials into 1 fake form. Form data is captured via JavaScript or backend submission and transmitted to attacker's server for account compromise.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
luqmanlegal.com
Registered
2005-05-06 22:28:27+00:00
Registrar
ENOM, INC.
Status
Active (older domain)

Hosting Information

Provider
ENOM, INC.
ASN

🤖 AI-Extracted Threat Intelligence

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.