Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://bonaturo.com/arruba/aruba/
Detected Brand
Aruba
Country
Italy
Confidence
95%
HTTP Status
200
Report ID
e4769a88-46e…
Analyzed
2026-01-22 11:25
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T179C1EFB050119D3B05FBA8D866B52F1A91D2D246CE33124BB7ED87E90BCFD0ACE52650 |
|
CONTENT
ssdeep
|
96:NxgTtu9tuiQ895GZV6UP8UY8o8YiJY/lPwPP08lTGep:NxgTc9tazl4v8lVp |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b83890cbc7c74769 |
|
VISUAL
aHash
|
ffc3c3e7fbfbffff |
|
VISUAL
dHash
|
2eb69e0e12120002 |
|
VISUAL
wHash
|
00000020030b0f0f |
|
VISUAL
colorHash
|
070000001c0 |
|
VISUAL
cropResistant
|
2eb69e0e12120002,78604038a44cdad2 |
Code Analysis
Risk Score
63/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🔬 Threat Analysis Report
• Threat: Credential harvesting phishing kit
• Target: Aruba customers in Italy
• Method: Fake login form stealing credit card details
• Exfil: Data sent to unknown server
• Indicators: Domain mismatch, sensitive information request, obfuscated JavaScript
• Risk: HIGH - Immediate credential theft
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- fromCharCode
📤 Form Action Targets
- ./
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Aruba
http://idxbillings-567804.com/it-26/
Jun 10, 2026
Banca Sella
https://idxbillings-567804.com/sr-x912/
Jun 10, 2026
Banca Sella
https://chipcars.com.ar/rossi/aruba/
Jun 09, 2026
Aruba.it
https://chipcars.com.ar/jqaa/aruba/
Jun 08, 2026
Banca Sella
https://chipcars.com.ar/skizo/aruba26/
Jun 08, 2026
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.