Amazon S3
Amazon S3 is AWS’s object-storage service, frequently used to host static websites and assets directly. ScanMalware detects it from the AmazonS3 server header and characteristic bucket URL patterns.
Static S3 hosting is cheap and disposable, making it a recurring home for phishing pages and malware payloads. A site served straight from an S3 bucket warrants a closer look at its content and the bucket’s exposure.
Commonly deployed alongside Amazon S3
Of the 7,694 public scans where Amazon S3 was detected, these are the technologies most often present on the same site. The share is the percentage of Amazon S3 sites that also ran each one.
| Technology | Category | Share of Amazon S3 sites |
|---|---|---|
| Amazon Web Services | wappalyzer | 100% |
| Amazon CloudFront | wappalyzer | 55.96% |
| HSTS | wappalyzer | 38.34% |
| Google Analytics | wappalyzer | 23.62% |
| Open-Graph-Protocol | miscellaneous | 21.9% |
| Google Tag Manager | wappalyzer | 19.38% |
| jQuery | wappalyzer | 17.93% |
| HTTP/3 | wappalyzer | 16.41% |
| Cloudflare | wappalyzer | 15.64% |
| X-UA-Compatible | miscellaneous | 14.73% |
| PoweredBy | miscellaneous | 13.4% |
| JQuery | miscellaneous | 12.98% |
| Google-Analytics | miscellaneous | 11.62% |
| Cloudflare Bot Management | wappalyzer | 10.96% |
How ScanMalware detects Amazon S3
Amazon S3 is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that Amazon S3 is present, but how it is being used. Open the full search interface for Amazon S3 →
Recent public scans featuring Amazon S3
A rolling sample of recent public scans where Amazon S3 was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| https://arlolastimage-z1.arlo.com | 2026-06-16 |
| Moonfrog Labs – Leading game design for delightful experiences! https://moonfroglabs.com | 2026-06-16 |
| Log in | Web https://app2.highwire.com | 2026-06-16 |
| Church Educational System https://ceslogin.org | 2026-06-16 |
| https://t4540ijinugkklgbm2pt.s3.eu-west-1.amazonaws.com/ACRzSpb7K | 2026-06-16 |
| La Opinión Austral | Diario de Santa Cruz. Leé las Noticias de hoy en La Opinión Austral. Información actualizada las 24 horas de Santa Cruz, Río Gallegos, Caleta Olivia, Las Heras, Pico Truncado, El Calafate, Deseado, Argentina y el mundo en tiempo real. https://laopinionaustral.com.ar | 2026-06-16 |
| https://cdn.hswstatic.com | 2026-06-16 |
| https://trjs2.mediafin.be | 2026-06-16 |
Frequently asked questions about Amazon S3
- Does using Amazon S3 mean a website is unsafe?
- No. Amazon S3 is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using Amazon S3 can be perfectly safe or actively malicious.
- How many sites using Amazon S3 has ScanMalware scanned?
- Amazon S3 has been detected in 7,694 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with Amazon S3?
- Across scanned sites, Amazon S3 is most often seen alongside Amazon Web Services, Amazon CloudFront and HSTS. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.