Report - www.amazon-securelogin.in/accounts

Report Overview

Visited public
2025-04-05 11:56:24
Tags
URL
www.amazon-securelogin.in/accounts
Finishing URL
www.amazon-securelogin.in/accounts
IP / ASN
172.104.251.198
#63949 Akamai Connected Cloud
Title
amazon-securelogin.in

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.amazon-securelogin.in	unknown	2023-12-04	2023-12-04	2023-12-04	2.0 kB	31 kB	139.162.174.209
www.google.com	7	1997-09-15	2015-05-10	2025-04-02	452 B	145 kB	142.250.74.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-05	medium	amazon-securelogin.in	Sinkholed
2025-04-05	medium	amazon-securelogin.in	Sinkholed
2025-04-05	medium	amazon-securelogin.in	Sinkholed
2025-04-05	medium	amazon-securelogin.in	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	www.amazon-securelogin.in/_static/deliver.js?nonce=3498571	ScriptElement	25 kB	2025-04-03	2025-04-23
Pretty URL www.amazon-securelogin.in/_static/deliver.js?nonce=3498571 IP 139.162.174.209 ASN #63949 Akamai Connected Cloud Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-03 14:45 Last Seen2025-04-23 10:53 Times Seen41 Hash 3e53c3594719e664504f6ea95ad62d70 44855d237d1669c71b1e8a4502ff4a284fd07c72 9c5c5df1e15422e511e4b55b7be003458a8bf53e1fb4c60344b8f63adb00d316 Loading...

	www.google.com/adsense/domains/caf.js?abp=1&abpgo=true	ScriptElement	144 kB	2025-03-28	2025-04-10
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&abpgo=true IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-28 13:36 Last Seen2025-04-10 11:31 Times Seen1750 Hash 698f5eeee5da9d608f93a8a51d14d6a2 a002bcb0e78bbde6cc5fbcd0d3ffaf5400902651 776f3a6ceab6ba4fbba75b5d9a4bc6e69701c2efa661e77c4f28d2a460ecb06f Loading...

HTTP Transactions (5)

URL IP Response Size

www.amazon-securelogin.in/_d

139.162.174.209

200 OK

834 B

URL POST
www.amazon-securelogin.in/_d
IP
139.162.174.209:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://www.amazon-securelogin.in/accounts
Certificate
IssuerLet's Encrypt
Subjectamazon-securelogin.in
Fingerprint42:BB:44:C9:ED:FF:F1:A8:E2:CF:6A:86:72:46:8D:BC:C0:6B:14:28
ValidityMon, 17 Feb 2025 02:24:52 GMT - Sun, 18 May 2025 02:24:51 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (966), with no line terminators
Size
834 B (834 bytes)
Hash
7c09aa174e6aa2b8d75f05be5529ef12
b210b6d7e129c9a06cd877a9893ebbe26f86efe2
d810fd2007950f14bc724301f146c5b549c6d31a770233094de938d8f1b97707

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_d HTTP/1.1
Host: www.amazon-securelogin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amazon-securelogin.in/accounts
Content-Type: application/json
Content-Length: 324
Origin: https://www.amazon-securelogin.in
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.27.1.1
date: Sat, 05 Apr 2025 11:56:04 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
set-cookie: session_id=74667661413cf5abb3e0a19290c32e87; Max-Age=86400; Path=/; HttpOnly; SameSite=Lax
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

www.amazon-securelogin.in/apple-touch-icon.png

139.162.174.209

404 Not Found

159 B

URL GET
www.amazon-securelogin.in/apple-touch-icon.png
IP
139.162.174.209:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://www.amazon-securelogin.in/accounts
Certificate
IssuerLet's Encrypt
Subjectamazon-securelogin.in
Fingerprint42:BB:44:C9:ED:FF:F1:A8:E2:CF:6A:86:72:46:8D:BC:C0:6B:14:28
ValidityMon, 17 Feb 2025 02:24:52 GMT - Sun, 18 May 2025 02:24:51 GMT

File type
HTML document, ASCII text, with no line terminators
Size
159 B (159 bytes)
Hash
b229a9f61c61e41f5ea18be905e13a68
bf58507fcf53ddef7ba324f9847d3276869af288
584deb60bbe911fc8cbb16a294822a81de0ffc616eda9552f145fe9e9c65a362

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.amazon-securelogin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amazon-securelogin.in/accounts
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: openresty/1.27.1.1
date: Sat, 05 Apr 2025 11:56:04 GMT
content-type: text/html
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.com/adsense/domains/caf.js?abp=1&abpgo=true

142.250.74.68

200 OK

144 kB

URL GET
www.google.com/adsense/domains/caf.js?abp=1&abpgo=true
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://www.amazon-securelogin.in/accounts
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint40:5C:81:99:DA:01:36:FE:E4:60:2B:67:51:3D:C2:62:8D:9A:38:47
ValidityThu, 20 Mar 2025 11:20:31 GMT - Thu, 12 Jun 2025 11:20:30 GMT

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
144 kB (144128 bytes)
Hash
698f5eeee5da9d608f93a8a51d14d6a2
a002bcb0e78bbde6cc5fbcd0d3ffaf5400902651
776f3a6ceab6ba4fbba75b5d9a4bc6e69701c2efa661e77c4f28d2a460ecb06f

HTTP Headers

GET /adsense/domains/caf.js?abp=1&abpgo=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amazon-securelogin.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 05 Apr 2025 11:56:04 GMT
expires: Sat, 05 Apr 2025 11:56:04 GMT
cache-control: private, max-age=3600
etag: "9977720444182567670"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.amazon-securelogin.in/accounts

139.162.174.209

200 OK

3.3 kB

URL User Request GET
www.amazon-securelogin.in/accounts
IP
139.162.174.209:443
ASN
#63949 Akamai Connected Cloud

Certificate
IssuerLet's Encrypt
Subjectamazon-securelogin.in
Fingerprint42:BB:44:C9:ED:FF:F1:A8:E2:CF:6A:86:72:46:8D:BC:C0:6B:14:28
ValidityMon, 17 Feb 2025 02:24:52 GMT - Sun, 18 May 2025 02:24:51 GMT

File type
HTML document, ASCII text, with very long lines (3446), with no line terminators
Size
3.3 kB (3278 bytes)
Hash
d3d01e9b09ef8f6e2030955404dbff6d
646a503625abf765ac2d3a2713a46b84916dfe94
da6c637bc492b9ca538dab70cc9c8c54ffb986f3f80f40885ac64953e7cf86dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /accounts HTTP/1.1
Host: www.amazon-securelogin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.27.1.1
date: Sat, 05 Apr 2025 11:56:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

www.amazon-securelogin.in/_static/deliver.js?nonce=3498571

139.162.174.209

200 OK

25 kB

URL GET
www.amazon-securelogin.in/_static/deliver.js?nonce=3498571
IP
139.162.174.209:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://www.amazon-securelogin.in/accounts
Certificate
IssuerLet's Encrypt
Subjectamazon-securelogin.in
Fingerprint42:BB:44:C9:ED:FF:F1:A8:E2:CF:6A:86:72:46:8D:BC:C0:6B:14:28
ValidityMon, 17 Feb 2025 02:24:52 GMT - Sun, 18 May 2025 02:24:51 GMT

File type
C++ source, ASCII text
Size
25 kB (25211 bytes)
Hash
3e53c3594719e664504f6ea95ad62d70
44855d237d1669c71b1e8a4502ff4a284fd07c72
9c5c5df1e15422e511e4b55b7be003458a8bf53e1fb4c60344b8f63adb00d316

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_static/deliver.js?nonce=3498571 HTTP/1.1
Host: www.amazon-securelogin.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amazon-securelogin.in/accounts
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.27.1.1
date: Sat, 05 Apr 2025 11:56:04 GMT
content-type: application/javascript
last-modified: Thu, 03 Apr 2025 12:14:12 GMT
vary: Accept-Encoding
etag: W/"67ee7b94-627b"
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL POST

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers