ScanMalware.com

Security Scan Report: 57ll.win

Site favicon
Submitted: Jan 6, 2026, 6:53:10 PMCompleted: Jan 6, 2026, 6:55:05 PMpubliccompleted
Loading additional data...

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 243 HTTP transactions. The main domain is 57ll.win and was registered NaN years ago.

Submitted URL: https://57ll.win/

AI Security Verdict

High Risk

Confidence: 82%

7
Risk Score

Likely phishing site on a brand‑new domain – avoid providing any login information.

Risk Factors
Brand‑new domain (<7 days) – high likelihood of malicious use
Login prompts on a newly registered, unranked domain
Lack of any visible legitimate content or branding
Potential credential harvesting despite no form detected by scanner
Domain age information unavailable

Details

Page Title

57ll

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate

(50%)

Domain Information

Domain '57ll.win' uses the .win top-level domain without a subdomain. Its registrable label '57ll' stretches across 4 characters split between 0 vowels and 2 consonants, plus 2 digits. Breaking it apart gives 2 words: 57, ll. Expect two characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://57ll.win/

Page Load Overview

16.53s
Total Load Time
75
HTTP Requests
5
Domains
4.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:4 chars
Detector Agreement:0%

Website Classification

Primary Category

corporate50% confidence
Type: dynamic
Method: structural

All Detected Categories

corporate
50%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
12172.67.173.212United States
AS45090
7163.181.58.166Sweden
AS24429
7188.114.96.3United States
AS13335CLOUDFLARENET
7104.18.3.36United States
AS13335CLOUDFLARENET
7104.26.10.53United States
AS13335CLOUDFLARENET
7104.21.47.230UnknownUnknown
7172.67.74.77United States
AS13335CLOUDFLARENET
7104.18.2.36United States
AS13335CLOUDFLARENET
7124.221.80.91UnknownUnknown
7118.25.42.241Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
7510--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1CF84D865A055118ABA37CB66C2CC9A1C563CE623C1530DDDB28A341E8FC3ED933E7766

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:Aq1ZmgcaqjDCfeisnHV3sCC4eGnwmXNVUNfI1Oc:Aq1ZajDcsqGnwmGfI1Oc

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:371128:LC3BQI64MBABEhVzqBGHdRYEMh8CbQQ1gIQZAOAALGQAjAhRCRjUQs6AAIsJsSqBlFBVE4ysoAhagoAwMUAgAmAu4VgDDqos

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3818181800000000
Perceptual Hash:ccccc633339989ce
Difference Hash:322032320c000000
Wavelet Hash:3c381c1c00000000
Color Hash:#78733a

Other Hashes

Crop Resistant:322032320c000000

Scan History

Scan history not available

Unable to load historical scan data