ScanMalware.com

Security Scan Report: www.google.com

Redirected to: https://s3.us-east-1.amazonaws.com/dd-west-5.console.aws.amazon.com003/MonotomicXindex.html?websrc=ylRlmOMIEUfoqiNcmgD3pTzt9k6YWKhBMSE3X0tTR5nkZp9iObR6djUlhMNZgPmtTfnskNI6fn19XzMBXOl9EwZnYufvwgiJH4i6bcpSoaJRmh49I9Q7wPjqcSbJmFHMDZHFbIvSOEnXKhBss60hlcg466mHjP4IJsiiz8Nu7eYtId6FUxhv8pqDv7olXYqSeglS6kz03s8C1HgXAFoJyz2hNyqxRMJxNMEAmE79A28mNeii3jUGjBRcyXm0S38rNwUYN7iAkmMPNNuoWcIMUyB44dl8zyp68nKa2tMmNYJoDV&dispatch=955&id=777949#

Submitted: Mar 1, 2026, 6:30:28 AMCompleted: Mar 1, 2026, 6:31:52 AMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 1 country across 5 domains to perform 22 HTTP transactions. The main domain is s3.us-east-1.amazonaws.com and was registered NaN years ago.

Submitted URL: https://www.google.com/url?q=https%3A%2F%2Fs3.us-east-1.amazonaws.com%2Fdd-west-5.console.aws.amazon.com003%2FMonotomicXindex.html%23

Effective URL: https://s3.us-east-1.amazonaws.com/dd-west-5.console.aws.amazon.com003/MonotomicXindex.html?websrc=ylRlmOMIEUfoqiNcmgD3pTzt9k6YWKhBMSE3X0tTR5nkZp9iObR6djUlhMNZgPmtTfnskNI6fn19XzMBXOl9EwZnYufvwgiJH4i6bcpSoaJRmh49I9Q7wPjqcSbJmFHMDZHFbIvSOEnXKhBss60hlcg466mHjP4IJsiiz8Nu7eYtId6FUxhv8pqDv7olXYqSeglS6kz03s8C1HgXAFoJyz2hNyqxRMJxNMEAmE79A28mNeii3jUGjBRcyXm0S38rNwUYN7iAkmMPNNuoWcIMUyB44dl8zyp68nKa2tMmNYJoDV&dispatch=955&id=777949#Redirected

The Cisco Umbrella rank of the primary domain is #1 of the top 1 million websitesTop 100 Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing page that harvests credentials via JavaScript on Amazon S3 – avoid and report.

Risk Factors
Credential exfiltration detected in JavaScript
Password fields served from cloud storage (S3) – phishing behavior
Anti‑analysis techniques (devtools and right‑click blocking)
Impersonation of a webmail login page
Redirect from a reputable domain to a cloud storage URL
Domain age information unavailable

Details

Page Title

Webmail - Login

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government public service

(26%)

Domain Information

The domain name 'www.google.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'www'. The second-level label 'google' is 6 characters long with three vowels and three consonants. Tokenizing the label suggests 1 word: google. The median word length lands at six characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.google.com/url?q=https%3A%2F%2Fs3.us-east-1.amazonaws.com%2Fdd-west-5.console.aws.amazon.com003%2FMonotomicXindex.html%23

Page Load Overview

2.15s
Total Load Time
22
HTTP Requests
5
Domains
368 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:286 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service26% confidence
Type: dynamic
Method: ml+structural+ocr_tiebreaker

All Detected Categories

government public service
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2104.17.24.14United States
AS13335Cloudflare, Inc.
218.165.122.125United States
AS16509Amazon.com, Inc.
218.165.122.88United States
AS16509Amazon.com, Inc.
2151.101.65.229United States
AS54113Fastly, Inc.
2104.17.25.14United States
AS13335Cloudflare, Inc.
254.231.160.200Ashburn, Virginia, United States
AS16509Amazon.com, Inc.
252.216.59.120Ashburn, Virginia, United States
AS16509Amazon.com, Inc.
218.165.122.25United States
AS16509Amazon.com, Inc.
218.165.122.13United States
AS16509Amazon.com, Inc.
2151.101.193.229United States
AS54113Fastly, Inc.
2211--

Detected Technologies10

X-UA-Compatible
100%
PasswordField
100%
JQueryv3.6.0
100%
Bootstrapv4.0.0
100%
Cloudflare
50%
Amazon Web Services
40%
Amazon S3
40%
jsDelivr
20%
cdnjs
20%
Lodash
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T116D2C75969F744405653F0B83E9FA1053A36800B9C0ECD0C7EAC574CEFA5E75A9B2FA8

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:EdFQLag2IFuz7Q7RO5fg66Jd1MRY7kPVLdhWHlnCNSyrNe3+Fs3Vdt1ZqL:EdFEd2IFq666Jd1MRYAEnmohDfqL

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:28646:ERAEDUoaAI1KQCQQMCoSUANCKiQJogGgQCScYRJyIkYRIOgMIYHEWRCCATBkQUF5AjFkUAIRLCZCDB6IPQoKl4AKICBULKCG

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003c0c0c30000000
Perceptual Hash:d5996666333331cc
Difference Hash:0a225a5a22020202
Wavelet Hash:ecf8e8e80e0e0e0e
Color Hash:#79d2b2

Other Hashes

Crop Resistant:0a225a5a22020202

Scan History

Scan history not available

Unable to load historical scan data