ScanMalware.com

Security Scan Report: ledgarcom-starts.weebly.com

Site favicon
Submitted: May 6, 2026, 8:19:47 PMCompleted: May 6, 2026, 8:21:20 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 59 HTTP transactions. The main domain is ledgarcom-starts.weebly.com and was registered NaN years ago.

Submitted URL: https://ledgarcom-starts.weebly.com/

The Cisco Umbrella rank of the primary domain is #12,328 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 88%

9
Risk Score

The site pretends to be Ledger's official download page, uses heavy JS obfuscation and triggers critical malware alerts, indicating a confirmed brand‑impersonation scam.

Risk Factors
Brand impersonation
Critical IDS malware/C2 alerts
Highly obfuscated JavaScript
Use of third‑party CDNs without clear purpose
Domain age information unavailable

Details

Page Title

Ledger.com/start - Ledger Live Download | Official Site® - Ledger.com/start - Ledger Live Download | Official Site®

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(83%)

Domain Information

The domain 'ledgarcom-starts.weebly.com' uses the commercial generic top-level domain (.com) and includes subdomain 'ledgarcom-starts'. The core label 'weebly' covers 6 characters with two vowels and 4 consonants. Word splitting yields 2 words: wee, bly. Median word length comes out to 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ledgarcom-starts.weebly.com/

Page Load Overview

14.21s
Total Load Time
37
HTTP Requests
5
Domains
907 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:5,053 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software83% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
83%
cryptocurrency blockchain
72%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1044.235.214.49Boardman, Oregon, United States
AS16509Amazon.com, Inc.
974.115.51.8United States
AS27647Weebly, Inc.
9146.75.121.46Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
9142.250.154.97United States
AS15169Google LLC
374--

Detected Technologies8

JQueryv1.8.3
100%
Google-AnalyticsvClassic
100%
Cloudflare Bot Management
55%
PHP
50%
MySQL
50%
Cloudflare
40%
Weebly
20%
Google Analytics
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T159F2F9DDF66D6B340B360296F3A573EFF87ED459EA4188D8E5F6803A11C5E8052309CA

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:lIRIOITIwIgIEKZgNDfIwIGI5IZJ7SfIRIOITIwIgIfKZgNDfIwIGI5IVJ7SdUPa:lIRIOITIwIgIEKZgNDfIwIGI5IZJ7Sfp

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:36160:SLVIAQ0goGCEGACEEAEM3IiAEEqJIS1qEQGC4gBBADmr/VFSgIQHOYiAGkJIAIacDCQFQqMyZQBqkQIYAGCmDDgCMgWSWbER

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffc3c3c3c3ffff
Perceptual Hash:b179c6c631fb2065
Difference Hash:480e9e9e9e961ed6
Wavelet Hash:e6e6c3c3c3c3c303
Color Hash:#bc79d2

Other Hashes

Crop Resistant:480e9e9e9e961ed6,3430383cbcbc9c0d,fef9e9e1e1a6e4e9,9a9a9ada9adacaca

Scan History

Scan history not available

Unable to load historical scan data