ScanMalware.com

Security Scan Report: recochecks3.s3.us-east-1.amazonaws.com

Redirected to: https://secure-ledger-restore.com/

Submitted: Oct 15, 2025, 8:19:52 PMCompleted: Oct 15, 2025, 8:20:57 PMpubliccompleted
Loading additional data...

Summary

This website contacted 19 IPs in 1 country across 3 domains to perform 15 HTTP transactions. The main domain is secure-ledger-restore.com and was registered NaN years ago.

Submitted URL: https://recochecks3.s3.us-east-1.amazonaws.com/recovery.html

Effective URL: https://secure-ledger-restore.com/Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Brand‑new domain impersonating Ledger; classified as a confirmed phishing scam.

Risk Factors
Brand impersonation of Ledger on a newly registered domain
Critical domain age (0 days)
UNRANKED domain in Cisco Umbrella
Domain name deliberately mimics a known brand
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by Cloudflare bot protection. Our scanner was challenged or blocked during access.

Page Title

Just a moment...

Scan Type

public

Language

🇺🇸

English

(51% confidence)

Category

technology software

(64%)

Domain Information

You're looking at domain 'recochecks3.s3.us-east-1.amazonaws.com' on the commercial generic top-level domain (.com); it also runs on subdomain 'recochecks3.s3.us-east-1'. The core label 'amazonaws' covers 9 characters containing 4 vowels alongside 5 consonants. Breaking it apart gives 3 words: amazon, aw, s. The median word length lands at two characters. 'amazonky' most strongly signals Czech. Secondary signals appear in Slovak and Croatian.

Screenshot

Security scan screenshot of https://recochecks3.s3.us-east-1.amazonaws.com/recovery.html

Page Load Overview

8.89s
Total Load Time
15
HTTP Requests
3
Domains
1 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:51%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:51%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:368 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software64% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
64%
documentation technical
34%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
15104.21.65.218United States
AS13335CLOUDFLARENET
7104.18.95.41United States
AS13335CLOUDFLARENET
5172.67.193.105United States
AS13335CLOUDFLARENET
1104.18.94.41United States
AS13335CLOUDFLARENET
154.231.162.58Ashburn, Virginia, United States
AS16509AMAZON-02
016.15.219.181Ashburn, Virginia, United States
AS14618AMAZON-AES
052.216.220.2Ashburn, Virginia, United States
AS16509AMAZON-02
016.15.184.47Ashburn, Virginia, United States
AS14618AMAZON-AES
052.217.202.74Ashburn, Virginia, United States
AS16509AMAZON-02
054.231.204.122Ashburn, Virginia, United States
AS16509AMAZON-02
1519--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1E1925C775906201F623B0FF73069F7949124E284E701A3EEF5A7DE588BC890B56627F8

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:Va+t9yIPl2boVmJkEqdBP4tqKwLLeD52UktifbyznyOaMfIsTrM7EvRKeyVVXn0:U+tcq4brJkx8tEyN2zq277TA2rMT7V30

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:19577:QQjQGWAQJiUjBSmNAQEpCCgcoAKUBHMRxADGAh7GgPQhRDAPEAkIFYGCrJHAialJAgAiPoGgYAAQoTRCIWpKTipSGgNCEnDE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:cfc7c7c3ffffffe7
Perceptual Hash:b03086cec7c9cfcc
Difference Hash:081c161e0000000c
Wavelet Hash:3f030f0330303800
Color Hash:#3a5b78

Other Hashes

Crop Resistant:081c161e0000000c

Scan History

Scan history not available

Unable to load historical scan data