Amazon CloudFront
Amazon CloudFront is AWS’s content-delivery network, fronting static assets and full sites from edge locations worldwide. It is identified from the Via and X-Amz-Cf-* response headers it adds.
CloudFront is inexpensive and quick to provision, which makes it common on both legitimate sites and short-lived phishing and malware infrastructure. Its presence is a hosting fact, not a safety judgement.
Commonly deployed alongside Amazon CloudFront
Of the 14,031 public scans where Amazon CloudFront was detected, these are the technologies most often present on the same site. The share is the percentage of Amazon CloudFront sites that also ran each one.
| Technology | Category | Share of Amazon CloudFront sites |
|---|---|---|
| Amazon Web Services | wappalyzer | 100% |
| HSTS | wappalyzer | 36.86% |
| Amazon S3 | wappalyzer | 30.67% |
| HTTP/3 | wappalyzer | 19.08% |
| Google Analytics | wappalyzer | 17.8% |
| Google Tag Manager | wappalyzer | 17.67% |
| Open-Graph-Protocol | miscellaneous | 16.82% |
| X-UA-Compatible | miscellaneous | 14.95% |
| Script | miscellaneous | 13.8% |
| PoweredBy | miscellaneous | 11.76% |
| jQuery | wappalyzer | 11.26% |
| MetaGenerator | miscellaneous | 8.45% |
| Google-Analytics | miscellaneous | 8.27% |
| Cloudflare | wappalyzer | 7.99% |
How ScanMalware detects Amazon CloudFront
Amazon CloudFront is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that Amazon CloudFront is present, but how it is being used. Open the full search interface for Amazon CloudFront →
Recent public scans featuring Amazon CloudFront
A rolling sample of recent public scans where Amazon CloudFront was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| https://static.sunbit.com | 2026-06-15 |
| CrazyGames https://8-ball-pool-wyr.game-files.crazygames.com | 2026-06-15 |
| https://goldendragoncity.com | 2026-06-15 |
| EMB Gerencia | Tecnologías y Comunicaciones en Chile https://gerencia.cl | 2026-06-15 |
| 403 Forbidden https://app-risksmartapp-api-tenant.826351825809.risksmart.link | 2026-06-15 |
| https://thumbnail.smartnews-ads.com | 2026-06-15 |
| Employee Referrals https://1brd.com | 2026-06-15 |
| 403 Forbidden https://cdn.okezone.com | 2026-06-15 |
Frequently asked questions about Amazon CloudFront
- Does using Amazon CloudFront mean a website is unsafe?
- No. Amazon CloudFront is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using Amazon CloudFront can be perfectly safe or actively malicious.
- How many sites using Amazon CloudFront has ScanMalware scanned?
- Amazon CloudFront has been detected in 14,031 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with Amazon CloudFront?
- Across scanned sites, Amazon CloudFront is most often seen alongside Amazon Web Services, HSTS and Amazon S3. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.