ScanMalware.com

Security Scan Report: bhg-inc.s3.us-east-2.amazonaws.com

Submitted: Nov 3, 2025, 10:50:22 AMCompleted: Nov 3, 2025, 10:51:54 AMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 1 country across 2 domains to perform 4 HTTP transactions. The main domain is bhg-inc.s3.us-east-2.amazonaws.com.

Submitted URL: https://bhg-inc.s3.us-east-2.amazonaws.com/bhgfinancial.html

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Page impersonates Microsoft on an unranked S3 domain – high‑risk phishing, do not trust.

Risk Factors
Brand impersonation of Microsoft on a non‑official, unranked domain
Use of cloud storage (Amazon S3) for a page that mimics a Microsoft security verification flow
Domain appears to be newly created (no age data), increasing suspicion
Domain age information unavailable

Details

Page Title

Microsoft Secure Document Sharing - Security Verification

Scan Type

public

Language

🇺🇸

English

(55% confidence)

Category

documentation technical

(69%)

Domain Information

The domain 'bhg-inc.s3.us-east-2.amazonaws.com' uses the commercial generic top-level domain (.com) and includes subdomain 'bhg-inc.s3.us-east-2'. The core label 'amazonaws' covers 9 characters containing four vowels alongside 5 consonants. It segments into 3 words: amazon, aw, s. Median word length is two characters. 'amazonky' most often appears in Czech. It also appears in Slovak and Croatian contexts. Net impression: Czech phrase.

Screenshot

Security scan screenshot of https://bhg-inc.s3.us-east-2.amazonaws.com/bhgfinancial.html

Page Load Overview

6.73s
Total Load Time
4
HTTP Requests
2
Domains
6 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:55%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:55%
Script Type:Latin
Text Length:267 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical69% confidence
Type: static
Method: ml+structural

All Detected Categories

documentation technical
69%
technology software
42%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
03.5.132.135Columbus, Ohio, United States
AS16509AMAZON-02
0134.199.207.56Douglasville, Georgia, United States
AS14061DIGITALOCEAN-ASN
03.5.131.132Columbus, Ohio, United States
AS16509AMAZON-02
03.5.130.189Columbus, Ohio, United States
AS16509AMAZON-02
03.5.130.3Columbus, Ohio, United States
AS16509AMAZON-02
052.219.105.34Columbus, Ohio, United States
AS16509AMAZON-02
03.5.130.162Columbus, Ohio, United States
AS16509AMAZON-02
03.5.132.209Columbus, Ohio, United States
AS16509AMAZON-02
052.219.111.242Columbus, Ohio, United States
AS16509AMAZON-02
052.219.98.18Columbus, Ohio, United States
AS16509AMAZON-02
411--

Detected Technologies2

Amazon Web Services
40%
Amazon S3
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1B5B1731B556A101065D3B0A87BA3B2492B659903B10B9A1C3ECC5288DFCEF89D9F73DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:KosY0nzPg6yZ6DVnfAtsyUShhZ8EmjlsL/pkz4iN8TMgK3yJOFoijmQz9z4:KY0zPg6yZ6DVf2syUShhZe4/Oz4iN8T/

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:5587:GmA4BBHQAXO4QJAPEQQMACQAAgAUAAeAAEgAEBFLOwBAAJEACDGKphKEMQACxSYIAIBAQQEkAJVQcBEiqBLuUMMAOiMMEIAY

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e7e7e7e7e7ff
Perceptual Hash:b366cc9998663333
Difference Hash:00080c0c0c0c0c00
Wavelet Hash:1b0307030307070f
Color Hash:#bad22d

Other Hashes

Crop Resistant:00080c0c0c0c0c00

Scan History

Scan history not available

Unable to load historical scan data