ScanMalware.com

Security Scan Report: mezha.net

Site favicon
Submitted: Oct 15, 2025, 10:47:20 PMCompleted: Oct 15, 2025, 10:48:59 PMpubliccompleted
Loading additional data...

Summary

This website contacted 69 IPs in 2 countries across 16 domains to perform 134 HTTP transactions. The main domain is mezha.net and was registered NaN years ago.

Submitted URL: https://mezha.net/eng/bukvy/us-capitol-police-investigate-offensive-symbol-in-congressman-dave-taylor-s-office/

AI Security Verdict

Confirmed Scam

Confidence: 92%

9
Risk Score

Confirmed phishing scam due to brand impersonation and circular redirect.

Risk Factors
Circular redirect (strong indicator of URL manipulation)
Brand impersonation on an unranked, low‑reputation domain
UNRANKED domain claiming a major brand
Domain age information unavailable

Details

Page Title

US Capitol Police Investigate Offensive Symbol in Congressman Dave Taylor’s Office | Ukraine news - #Mezha

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

news/blog

(100%)

Domain Information

The domain 'mezha.net' uses the network infrastructure generic top-level domain (.net) without a subdomain. The registrable portion 'mezha' spans 5 characters split between 2 vowels and 3 consonants. Tokenizing the label suggests two words: me, zha. Median word length is 2.5 characters. 'me' is most common in Estonian usage. You will also see it in Albanian and Spanish contexts. Overall, 'mezha.net' reads as Estonian.

Screenshot

Security scan screenshot of https://mezha.net/eng/bukvy/us-capitol-police-investigate-offensive-symbol-in-congressman-dave-taylor-s-office/

Page Load Overview

37.82s
Total Load Time
134
HTTP Requests
16
Domains
2.4 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:21,607 chars
Detector Agreement:100%

Website Classification

Primary Category

news/blog100% confidence
Type: spa
Method: structural

All Detected Categories

news/blog
100%
corporate
70%

Detected Features

Articles
OG: article
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
66216.239.32.36United States
AS15169GOOGLE
1216.239.34.36United States
AS15169GOOGLE
13.5.139.234Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
1188.114.96.3United States
AS13335CLOUDFLARENET
1216.58.206.46United States
AS15169GOOGLE
1142.250.184.225United States
AS15169GOOGLE
1188.114.97.3United States
AS13335CLOUDFLARENET
1142.250.185.238United States
AS15169GOOGLE
1157.240.0.6Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
1216.58.206.68United States
AS15169GOOGLE
13469--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T142C30733428D082A0163C6C6E16073E9D24F887BF5515686B5FF4A25E7C2DB7B8633AD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:m0mkHD/JLl1GSgbEwwfqUtQqUtbvFTBN2cFTBNhtU1FtUGpmrupmwJRe5:WbEwwfqUtQqUtbvFTBN2cFTBNhtU1FtU

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:127591:ZCqZ3B86gEADB0g0SAyuCBAAgKFpJWQOBDUGQrhRoJw20BiephAeEAAGBALLQtMgg6oQTARMC8xEIhA/dAChhAySaAAYEhEg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7ffe3e1e1e1ff
Perceptual Hash:e7969861c2c99c9b
Difference Hash:634e7c4b4b4b4b4b
Wavelet Hash:bfa38fa1a1a1a1a3
Color Hash:#bfae40

Other Hashes

Crop Resistant:634e7c4b4b4b4b4b,f8f8f127a4989894,72b3b1b1e1a8f0e8

Scan History

Scan history not available

Unable to load historical scan data