Security Scan Report: dems.ag

Site favicon
Submitted: Jul 1, 2026, 12:38:56 AMCompleted: Jul 1, 2026, 12:40:28 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 4 domains to perform 2 HTTP transactions. The main domain is dems.ag and was registered NaN years ago.

Submitted URL: https://dems.ag/profile/phil-weiser/

AI Security Verdict

Moderate Risk

Confidence: 88%

5
Risk Score

Domain dems.ag is flagged as a known attacker; despite no credential forms, the primary domain IoC and critical JS obfuscation warrant a high‑risk classification.

Risk Factors
Primary domain IoC (known attacker)
Unranked / low‑reputation domain
Critical JavaScript obfuscation score
Safety Factors
Domain age >7 years (well‑established)
No password, disguised‑password, or payment fields
No malicious YARA matches detected
No network IDS alerts
Established domain (2895 days old) with no strong malicious indicators — risk clamped from 7 to 5
Domain age information unavailable

Details

Page Title

Phil Weiser - Democratic Attorneys General Association

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government public service

(87%)

Domain Information

Domain 'dems.ag' uses the .ag country-code top-level domain without a subdomain. Count 4 characters in 'dems' containing 1 vowel alongside 3 consonants. Word splitting yields two words: dem, s. Median word length comes out to 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://dems.ag/profile/phil-weiser/

Page Load Overview

3.46s
Total Load Time
45
HTTP Requests
17
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:5,023 chars
Detector Agreement:80%

Website Classification

Primary Category

government public service87% confidence
Type: spa
Method: ml+structural

All Detected Categories

government public service
87%
corporate
35%
news/blog
30%
social media
15%

Detected Features

Articles
OG: article
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
12142.251.13.97Google · CDNUnited States
AS15169Google LLC
11108.138.7.16Cloudfront · CDNUnited States
AS16509Amazon.com, Inc.
113.174.46.80Cloudfront · CDNUnited States
AS16509Amazon.com, Inc.
11141.193.213.11United States
AS209242Cloudflare London, LLC
454--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15433E8F395D86C3B42A382E6B7267218D56B901BEB404940F1FE87BD6FD2DA1C69314C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:9cz3fE9PJclVzAhCxADjVs1Kt8bOe49bWse/uo0sCrx/DY5V:9yfE9PJEzA3cKt8bOe49bWse/mx/DK

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:51616:EEAgkiSQSOAKaMiY+AKFIRiLwbQSMQ6ISGCHEKMTfALRDGMQFAK6AqCAYAVGXWqQDwgk9FvcQWGAQSRBJYHAFcCQMfNhCEMw

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:007070705000ff00
Perceptual Hash:c0403f3d3ea738f8
Difference Hash:5da5a5a5a5b55bcd
Wavelet Hash:007c79717151ff25
Color Hash:#271f93

Scan History

Scan history not available

Unable to load historical scan data