Security Scan Report: s3.us-east-1.amazonaws.com

Submitted: Feb 25, 2026, 10:55:48 AMCompleted: Feb 25, 2026, 10:57:04 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 1 country across 8 domains to perform 1 HTTP transaction. The main domain is s3.us-east-1.amazonaws.com and was registered NaN years ago.

Submitted URL: https://s3.us-east-1.amazonaws.com/dd-west-5.console.aws.amazon.com003/webby.html

The Cisco Umbrella rank of the primary domain is #21 of the top 1 million websitesTop 100 Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing page on AWS S3 collecting credentials – avoid and report.

Risk Factors
Credential harvesting form on cloud storage URL
Phishing IDS alert (high severity)
Cross‑origin data submission to unrelated domain
Impersonation of a webmail login page
Domain age information unavailable

Details

Page Title

Webmail Login

Scan Type

public

Language

🇪🇸

Spanish

(43% confidence)

Category

social_media

(50%)

Domain Information

Within the commercial generic top-level domain (.com), 's3.us-east-1.amazonaws.com' is registered and includes subdomain 's3.us-east-1'. The second-level label 'amazonaws' is 9 characters long split between four vowels and 5 consonants. Segmentation suggests 3 words: amazon, aw, s. Median word length comes out to 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://s3.us-east-1.amazonaws.com/dd-west-5.console.aws.amazon.com003/webby.html

Page Load Overview

5.08s
Total Load Time
21
HTTP Requests
8
Domains
186 KB
Total Size

Language Analysis

Primary Language

🇪🇸Spanish
Code: es
Confidence:43%
Script:Latin
Direction:ltr

Detection Details

Language Code:es
Detection Confidence:43%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,245 chars
Detector Agreement:100%
Language mismatch: Declared as en but detected as es

Website Classification

Primary Category

social_media50% confidence
Type: webapp
Method: structural

All Detected Categories

social_media
50%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7104.18.0.22United States
2162.241.27.10United States
AS46606Unified Layer
216.15.183.114United States
2151.101.2.137United States
2172.217.16.170United States
2104.18.10.207United StatesUnknown
2104.17.25.14United StatesUnknown
2104.18.11.207United States
AS13335Cloudflare, Inc.
218--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T135D2E7135889108B91134DD9BED80A2D2A29D35399570EC9B17E269ACFC3FCDE8D730B

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:4dLUuuRzdNU/+iUWD/ZmXg8cOM+l6NEvRFzwKraH/YPn1:sUvdNU/V/TZmXg8UNEvRxBraH/YP1

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:30806:AgrqF8WBBgCA6iMCjAjCEMawsYCASQOAjwlAgxphOQGSqMAKZIA4CoqlMgAAglBskFlWSBAKwCURxC+KAwUCAIVVDRgThAAk

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7e7e7e3ffffffff
Perceptual Hash:b33399cc64666699
Difference Hash:0c0c0c0e16080000
Wavelet Hash:e4e4e4c024243c3c
Color Hash:#b887c5

Other Hashes

Crop Resistant:0c0c0c0e16080000

Scan History

Scan history not available

Unable to load historical scan data