ScanMalware.com

Security Scan Report: goo.su

Redirected to: https://proxette.cc/payouts/

Site favicon
Submitted: Nov 2, 2025, 4:37:24 PMCompleted: Nov 2, 2025, 4:39:12 PMpubliccompleted
Loading additional data...

Summary

This website contacted 301 IPs in 9 countries across 109 domains to perform 278 HTTP transactions. The main domain is proxette.cc.

Submitted URL: https://goo.su/lifOmw?/ZFQ/

Effective URL: https://proxette.cc/payouts/Redirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Site shows multiple malicious Indicators of Compromise and deceptive crypto mining claims; treat as high‑risk and avoid.

Risk Factors
Malicious IP address associated with the site
Excessive redirects (7) indicating possible redirect abuse
Unranked domain with no established reputation
Likely newly registered domain used for financial deception
Promised cryptocurrency earnings without legitimate service
Domain age information unavailable

Details

Page Title

Bitcoin Mining

Scan Type

public

Language

🇺🇸

English

(44% confidence)

Category

cryptocurrency

(60%)

Domain Information

Within the .su country-code top-level domain, 'goo.su' is registered while skipping any subdomain. The core label 'goo' covers 3 characters split between 2 vowels and 1 consonant. Segmentation suggests one word: goo. 'goo' most often appears in Indonesian. You will also see it in Malay and Czech contexts. Taken together, it feels Indonesian with single-word simplicity.

Screenshot

Security scan screenshot of https://goo.su/lifOmw?/ZFQ/

Page Load Overview

61.59s
Total Load Time
278
HTTP Requests
109
Domains
1.2 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:44%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:44%
Script Type:Latin
Text Length:3,553 chars
Detector Agreement:67%

Website Classification

Primary Category

cryptocurrency60% confidence
Type: static
Method: structural

All Detected Categories

cryptocurrency
60%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
27813.32.99.118New York, New York, United States
AS16509AMAZON-02
037.230.131.22Amsterdam, North Holland, Netherlands
AS200197Hybrid Adtech Sp.z.o.o.
037.0.127.199Moscow, Moscow, Russia
AS61400Start2 LLC
0139.45.228.140Russia
AS57304JSC RetnNet
0130.193.54.247Russia
AS200350Yandex.Cloud LLC
0176.114.85.200Moscow, Moscow, Russia
AS50340JSC Selectel
0193.232.150.150Russia
AS48061Limited Liability Company GPM Digital Technologies
0208.93.169.131Amsterdam, North Holland, Netherlands
AS46244WEBMD-IDC1-AS
0213.171.19.214Russia
AS56694LLC Smart Ape
0193.3.184.137Russia
AS50214QWARTA LLC
278301--

Detected Technologies5

PasswordField
100%
Nuxt.js
50%
Node.js
50%
Ubuntu
40%
Vue.js
30%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10B43E674A2B0027EA49F8FF9FC74AB69609A925ED1538199B3BCC3A41FC7CA4BD14450

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:0ND7nuTMS+BWnQ+y9fK4jR0LYT8w2YYNDljaj6iej6cj6njnj6eoJj6Bj603Z77+:E7nzkbcCaqsYceJjFuZ77Gp

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:56431:AYqICsAZMCigxgKSqEAXTFCJQRNCRAEh2MACCqApAQBOGcGEQBYEEzcAERAYAQpO6NmYsDMRCBAAFRWAImxQRZkFKFGAKugC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00183c3c3c3c0000
Perceptual Hash:999b26673163cccc
Difference Hash:cc30323232307114
Wavelet Hash:003f3e3e3c3c3c00
Color Hash:#87c5bb

Other Hashes

Crop Resistant:8e8eb6aeb28e86b0,cc30323232307114

Scan History

Scan history not available

Unable to load historical scan data