EN ES PT
Back to Stats

Visual Capture

No screenshot available

Detection Info

http://luqmanlegal.com/said/servicio.html
Detected Brand
Aruba.it
Country
Italy
Confidence
99%
HTTP Status
200
Report ID
cf2cfea9-84a…
Analyzed
2026-01-26 13:58
Final URL (after redirects)
https://luqmanlegal.com/said/servicio.html

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1327196709294743E04D5C3D8B7A17F2A27C28195E742096993EACB2E8FD7E50DC01DE9
CONTENT ssdeep
48:GjPCeNmTNMgEMFIiGy5a9O/qIXmQJIkQSqyBhor9ak1mrQ9GEj3sJRp7ic1dqQr:GjiERlynmQKyzK2usfBqK

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
d71a5d2a772a5522
VISUAL aHash
00fffffffffffffe
VISUAL dHash
28004d686810010e
VISUAL wHash
001c2434e7dbf9e0
VISUAL colorHash
07000038040
VISUAL cropResistant
309964694810010e,00000288988c4208

Code Analysis

Threat Level BAJO

🔬 Threat Analysis Report

• Threat: No threat detected
• Target: Not applicable
• Method: Not applicable
• Exfil: No data exfiltration
• Indicators: The domain seems legitimate and matches the brand shown in the screenshot.
• Risk: LOW - Legitimate domain for Aruba.it

🔐 Credential Harvesting Forms

📤 Form Action Targets

  • py.html

📊 Risk Score Breakdown

Total Risk Score
0/100

Contributing Factors

Credential Harvesting
Credential harvesting detected with 1 form(s) capturing sensitive data

🔬 Comprehensive Threat Analysis

Threat Type
Unknown Threat
Target
Aruba.it users (Italy)
Attack Method
credential harvesting forms
Exfiltration Channel
HTTP POST to backend
Risk Assessment
LOW - Automated credential harvesting with HTTP POST to backend

🏢 Brand Impersonation Analysis

Impersonated Brand
Aruba.it
Official Website
Unknown
Fake Service
Fraudulent service portal

Fraudulent Claims

⚔️ Attack Methodology

Primary Method: Credential Harvesting

Victim enters credentials into 1 fake form. Form data is captured via JavaScript or backend submission and transmitted to attacker's server for account compromise.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
luqmanlegal.com
Registered
2005-05-06 22:28:27+00:00
Registrar
ENOM, INC.
Status
Active (older domain)

Hosting Information

Provider
ENOM, INC.
ASN

🤖 AI-Extracted Threat Intelligence

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.