# www.spinha.app — SUSPICIOUS

> PhishDestroy identifies www.spinha.app as a fresh Amazon-brand phishing lure hosted on 99.84.152.79 with 0/95 VirusTotal detections.

## Summary
PhishDestroy has flagged www.spinha.app as an active generic-phishing domain that impersonates Amazon to harvest login credentials and payment details. The site currently resolves to 99.84.152.79, which is served over an Amazon SSL certificate—an attempt to appear trustworthy—and remains undetected by every antivirus engine on VirusTotal with 0 out of 95 detections at the time of writing.  

Created very recently, www.spinha.app exploits cheap, recently expired domains to bypass reputation filters; it also relies on Amazon’s certificate to trick cautious users into overlooking subtle misspellings or suspicious redirects. Because the domain is only hours or days old, traditional blocklists and domain-reputation services have yet to catch up, leaving even updated browsers and endpoint agents vulnerable to first-contact compromise.  

If you visited www.spinha.app accidentally, cease entering any data immediately and close the tab. Next, run a full antivirus scan and change any passwords you may have typed on the page. Report the incident to Amazon’s anti-phishing team via their official reporting form and to your organization’s security help-desk if you were on a corporate device. Disable browser autofill for now and consider resetting cookies tied to amazon.com or payment sites you may have accessed from the same browser session.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: REGISTRAR_NOT_FOUND
- IP: 99.84.152.79

## Detection Status
- VirusTotal: 0 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/765bc8fe-2596-4896-9f57-df360b6ea6d4
- PhishDestroy: https://phishdestroy.io/domain/www.spinha.app/
- LLM endpoint: https://phishdestroy.io/domain/www.spinha.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/www.spinha.app/
Last updated: 2026-03-27