ScanMalware.com

Security Scan Report: goo.su

Redirected to: https://bitenve.cc/payouts/

Submitted: Oct 29, 2025, 11:42:39 AMCompleted: Oct 29, 2025, 11:46:10 AMpubliccompleted
Loading additional data...

Summary

This website contacted 332 IPs in 9 countries across 119 domains to perform 483 HTTP transactions. The main domain is bitenve.cc and was registered NaN years ago.

Submitted URL: https://goo.su/DdD0g?/ZHc/

Effective URL: https://bitenve.cc/payouts/Redirected

AI Security Verdict

Low Risk

Confidence: 72%

2
Risk Score

Low‑risk site with multiple redirects and a new domain, but no credential or payment harvesting observed.

Risk Factors
Newly registered domain (<90 days)
Excessive number of redirects (5)
Safety Factors
No malicious Indicators of Compromise matches found
No password, login, or payment collection fields present
Domain age information unavailable

Details

Page Title

Bitcoin Mining

Scan Type

public

Language

🇺🇸

English

(44% confidence)

Category

cryptocurrency

(60%)

Domain Information

The domain 'goo.su' uses the .su country-code top-level domain and has no subdomain. The registrable portion 'goo' spans 3 characters holding two vowels versus one consonant. Breaking it apart gives one word: goo. Average segment length settles at 3 characters. Most frequently, 'goo' shows up in Indonesian. Usage also turns up in Malay and Czech contexts.

Screenshot

Security scan screenshot of https://goo.su/DdD0g?/ZHc/

Page Load Overview

12.97s
Total Load Time
483
HTTP Requests
119
Domains
1.3 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:44%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:44%
Script Type:Latin
Text Length:3,553 chars
Detector Agreement:67%

Website Classification

Primary Category

cryptocurrency60% confidence
Type: static
Method: structural

All Detected Categories

cryptocurrency
60%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
48193.3.184.137Russia
AS50214QWARTA LLC
2594.183.185.165Fremont, California, United States
AS56971Cgi Global Limited
12193.3.184.27Russia
AS50214QWARTA LLC
937.9.64.225Russia
AS13238YANDEX LLC
8185.65.149.228Russia
AS51115HLL LLC
6146.75.122.208Frankfurt am Main, Hesse, Germany
AS54113FASTLY
6185.15.175.133Russia
AS43226Data Storage Center JSC
594.139.255.28Asbest, Sverdlovsk Oblast, Russia
AS208677Cloud.ru
587.250.250.119Russia
AS13238YANDEX LLC
4172.67.145.58United States
AS13335CLOUDFLARENET
483332--

Detected Technologies5

PasswordField
100%
Nuxt.js
50%
Node.js
50%
Ubuntu
40%
Vue.js
30%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14743E77462B0027EA49F8FF9FC74ABA5609A925ED1538199B3BCC3B41FC7CA4BE14450

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:cNDQnuTMS+BWI6Z9Lb+ekdwhYq4E29Wgbi+aj6iej6cj6njnj6eoJj6Bj603Z77E:cQnzfqJKTuir9F2+FuZ77Fe

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:56436:EQCoGwxQE5CKagAVBagYBA6wUAQQLjVQZQgDzAU8gGLCtAQRhAMAEMUsBjPHAETdSBAAi6MBiAZAECcQsAagEdAALgpAMZE8

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00183c3c3c3c0000
Perceptual Hash:999b26673163cccc
Difference Hash:cc30323232307114
Wavelet Hash:003cbcbcfcfc3c00
Color Hash:#c5af87

Other Hashes

Crop Resistant:8e8eb6aeb28e86b0,cc30323232307114

Scan History

Scan history not available

Unable to load historical scan data