ScanMalware.com

Security Scan Report: mez.ink

Site favicon
Submitted: Oct 11, 2025, 9:42:51 AMCompleted: Oct 11, 2025, 9:44:00 AMpubliccompleted
Loading additional data...

Summary

This website contacted 81 IPs in 3 countries across 11 domains to perform 54 HTTP transactions. The main domain is mez.ink and was registered NaN years ago.

Submitted URL: https://mez.ink/xupdatenow

AI Security Verdict

Low Risk

Confidence: 58%

2
Risk Score

Site appears legitimate but displays a brand on an unranked domain; monitor for any changes.

Risk Factors
Brand name BellMTS displayed on an unranked domain mez.ink (potential brand impersonation)
Safety Factors
Domain has been registered for over 3 years
No malicious Indicators of Compromise detected
No credential or payment forms present
Domain age information unavailable

Details

Page Title

BellMTS (xupdatenow) | Mezink

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

adult content

(60%)

Domain Information

The domain 'mez.ink' uses the .ink top-level domain while skipping any subdomain. The second-level label 'mez' is 3 characters long split between one vowel and 2 consonants. Tokenizing the label suggests 1 word: mez. Median word length is three characters. Most frequently, 'mez' shows up in Breton. It also appears in Czech and Esperanto contexts.

Screenshot

Security scan screenshot of https://mez.ink/xupdatenow

Page Load Overview

18.04s
Total Load Time
54
HTTP Requests
11
Domains
453 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:95 chars
Detector Agreement:100%

Website Classification

Primary Category

adult content60% confidence
Type: spa
Method: ml+structural

All Detected Categories

adult content
60%
cryptocurrency blockchain
50%
technology software
45%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
54142.250.181.251United States
AS15169GOOGLE
0104.18.5.46United States
AS13335CLOUDFLARENET
0142.250.185.99United States
AS15169GOOGLE
0142.250.186.35United States
AS15169GOOGLE
074.125.71.157United States
AS15169GOOGLE
0104.16.80.73United States
AS13335CLOUDFLARENET
0104.18.4.46United States
AS13335CLOUDFLARENET
0142.250.185.123United States
AS15169GOOGLE
0216.239.34.36United States
AS15169GOOGLE
0216.239.32.36United States
AS15169GOOGLE
5481--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T189032991781C11386A2BF784E9C9771C9115B412BF5588B8E24E0C49E9D7FEC3BB6E83

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:BiBKGX0rGV4xksc64Jysq7v5AALGqdZMY9QJpClVAh3vIrwkY42TiqR54zIRkPTP:Bilebx/c64Jysq7v5RqHphGllhF5xHJ5

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:37713:ZG1RoLwJS4DmCGNkABAUGEJFFBdSjsA6BaNDAEEeEBwlg5BLoTgFRgCkkCAlBKQq4ZkAj1ACEGiaNkh7waYA3AFCjBCoKDKE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data