urlscan.io logo urlscan.io
SecurityTrails logo

fafafa888.5lwin.win Open in urlscan Pro
2606:4700:3037::6815:3deb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aaavk.cc/
Effective URL: https://fafafa888.5lwin.win/
Submission: On January 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3037::6815:3deb, located in United States and belongs to CLOUDFLARENET, US. The main domain is fafafa888.5lwin.win.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time fafafa888.5lwin.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
2 20.255.217.49 8075 (MICROSOFT...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
23 7
3    2606:4700:3030::6815:4949 (United States)

ASN13335 (CLOUDFLARENET, US)
aaavk.cc
www.aaavk.cc
2    20.255.217.49 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.5lwin00.com
2    2606:4700:3035::6815:372f (United States)

ASN13335 (CLOUDFLARENET, US)
www.5lwin0.com
2    2606:4700:3030::6815:3001 (United States)

ASN13335 (CLOUDFLARENET, US)
www.5lwin.vip
4    2606:4700:3037::6815:3deb (United States)

ASN13335 (CLOUDFLARENET, US)
www.5lwin.win
fafafa888.5lwin.win
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.5lwin.site
Domain Requested by
2 fafafa888.5lwin.win www.aaavk.cc
fafafa888.5lwin.win
2 www.5lwin.site www.aaavk.cc
2 www.5lwin.win www.aaavk.cc
fafafa888.5lwin.win
2 www.5lwin.vip www.aaavk.cc
2 www.5lwin0.com www.aaavk.cc
2 www.5lwin00.com www.aaavk.cc
2 www.aaavk.cc www.aaavk.cc
1 aaavk.cc 1 redirects
23 8

This site contains no links.

Subject Issuer Validity Valid
aaavk.cc
WE1		 2025-01-01 -
2025-04-01		 3 months crt.sh
5lwin00.com
WR1		 2024-11-06 -
2025-02-04		 3 months crt.sh
5lwin0.com
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
5lwin.vip
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
5lwin.win
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
5lwin.site
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.5lwin.win/?affiliateCode=fafafa888
Frame ID: 4E2658E8E9C0399E7F9CA7D741774B5A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://aaavk.cc/ HTTP 301
    https://www.aaavk.cc/ Page URL
  2. https://fafafa888.5lwin.win/ Page URL

Page Statistics

23
Requests

61 %
HTTPS

83 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

15 kB
Transfer

26 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aaavk.cc/ HTTP 301
    https://www.aaavk.cc/ Page URL
  2. https://fafafa888.5lwin.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://aaavk.cc/ HTTP 301
  • https://www.aaavk.cc/

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.aaavk.cc/
Redirect Chain
  • https://aaavk.cc/
  • https://www.aaavk.cc/
20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.aaavk.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e237b29161311cd9ee1896bd91a3cb80a8d8dfcc1f765276b44417a48fdf51
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8fc5287e1d349763-FRA
content-encoding
zstd
content-type
text/html
date
Fri, 03 Jan 2025 18:47:36 GMT
last-modified
Wed, 18 Dec 2024 10:39:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8x4LOLDFNdoWx4whVM1GdUyzjnZ%2B%2B72nkfvum3lR%2FPpGTZ%2Fc%2FBT7sh3jV7WVIGWO3IcEUzwWmXuoX7pglB6euoUF3fGR%2Fe2D79ldcm9dCCPTXyGA8z8EogPDZsnB3rdbEaJ5QvsWLNa8FXk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=7261&min_rtt=6482&rtt_var=1489&sent=9&recv=13&lost=0&retrans=0&sent_bytes=5131&recv_bytes=2343&delivery_rate=569359&cwnd=255&unsent_bytes=0&cid=981537b90ae815ba&ts=831&x=0"
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
max-age=3600
cf-ray
8fc5287dccf39763-FRA
content-length
167
content-type
text/html
date
Fri, 03 Jan 2025 18:47:35 GMT
expires
Fri, 03 Jan 2025 19:47:35 GMT
location
https://www.aaavk.cc/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wI8hifrr8t91fjvCMwRcyGTasgaWHuv6YQqIkyiyKnsFn957FPsx7XH2JLTJepdfPuIdgg7EqT0GAJF7TufQqnMHB3FuuFjSNJ9xHtqzTA0tQvAjtnQ6HTdnUwDaGZy0comMejwGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=7324&min_rtt=6482&rtt_var=1818&sent=6&recv=11&lost=0&retrans=0&sent_bytes=4258&recv_bytes=2283&delivery_rate=569359&cwnd=253&unsent_bytes=0&cid=981537b90ae815ba&ts=23&x=0"
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-type-options
nosniff
domainRoute
www.aaavk.cc/wps/system/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.aaavk.cc/wps/system/domainRoute?device=2&agentName=fafafa888
Requested by
Host: www.aaavk.cc
URL: https://www.aaavk.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402d75f3823b9bd75163509e50d72b571bcb740cb6bf0da187f1d07f3b43589f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Merchant
xnbetcomf2
Cache-Control
no-cache
Referer
https://www.aaavk.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-robots-tag
noindex,nofollow
x-app-trace-id
7jy8m0t629
content-encoding
gzip
cf-cache-status
DYNAMIC
x-elapsed-time
2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxkaGjf8kZR7bxLBpmsxRQ8OmMxObPcQQUcS6rIQLnAMumCLTe00ppFw%2B5vDJu1nzagR0y6GDOf6JgG3JW%2FeXoG%2Ba6NGTqFEDfuZnql3yMWx4cuo2L%2BvGNfPA3gBjL6EwQGYulcwiM8%2FQfU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=11109&min_rtt=6482&rtt_var=5615&sent=22&recv=20&lost=0&retrans=0&sent_bytes=13021&recv_bytes=2626&delivery_rate=682751&cwnd=257&unsent_bytes=0&cid=981537b90ae815ba&ts=1423&x=0"
date
Fri, 03 Jan 2025 18:47:36 GMT
content-type
application/json
vary
Accept-Encoding
x-module-id
COMM1, COMM3, FREEPLAY3
x-frame-options
SAMEORIGIN
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=0
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fc52883190f9763-FRA
access-control-allow-origin
*
server
cloudflare
favicon.ico
www.aaavk.cc/ 		0
0
ping
www.5lwin00.com/wps/system/test/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.5lwin00.com/wps/system/test/ping?t=1735930056744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.255.217.49 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
PRO-CDN /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,merchant
Access-Control-Request-Method
GET
Origin
https://www.aaavk.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
allow
OPTIONS,HEAD,GET
cache-control
no-cache
date
Fri, 03 Jan 2025 18:47:37 GMT
server
PRO-CDN
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
ping
www.5lwin00.com/wps/system/test/ 		222 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.5lwin00.com/wps/system/test/ping?t=1735930056744
Requested by
Host: www.aaavk.cc
URL: https://www.aaavk.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.255.217.49 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
PRO-CDN /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Merchant
xnbetcomf2
Cache-Control
no-cache
Referer
https://www.aaavk.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex,nofollow
x-app-trace-id
s04vq05629
cache-control
no-cache
x-elapsed-time
1
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
content-length
222
date
Fri, 03 Jan 2025 18:47:38 GMT
content-type
image/png
server
PRO-CDN
x-module-id
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ping
www.5lwin0.com/wps/system/test/ 		222 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.5lwin0.com/wps/system/test/ping?t=1735930056744
Requested by
Host: www.aaavk.cc
URL: https://www.aaavk.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:372f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Merchant
xnbetcomf2
Cache-Control
no-cache
Referer
https://www.aaavk.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-robots-tag
noindex,nofollow
x-app-trace-id
e8c0bim627
cf-cache-status
DYNAMIC
x-elapsed-time
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7RT7fFU53FL5l25dUac0RWRZmCPINu7slz%2F2E6biWVq3%2FduWfwOLkN1yxwT3I%2BzGA9now5wM3YaarRZCV%2FGxGBbwIAah2bPTNWIks1LKdPUwFG5YbfvQYyheGGOQub1xPnBEq59S5Zfi6EOmw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=8451&min_rtt=7708&rtt_var=1639&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4765&recv_bytes=2397&delivery_rate=426130&cwnd=254&unsent_bytes=0&cid=e35bc6e6ddd0b4d7&ts=1350&x=0"
date
Fri, 03 Jan 2025 18:47:38 GMT
content-type
image/png
x-module-id
x-frame-options
SAMEORIGIN
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=0
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fc5288bdd330374-FRA
access-control-allow-origin
*
content-length
222
server
cloudflare
ping
www.5lwin.vip/wps/system/test/ 		222 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.5lwin.vip/wps/system/test/ping?t=1735930056744
Requested by
Host: www.aaavk.cc
URL: https://www.aaavk.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Merchant
xnbetcomf2
Cache-Control
no-cache
Referer
https://www.aaavk.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-robots-tag
noindex,nofollow
x-app-trace-id
emrpjzz627
cf-cache-status
DYNAMIC
x-elapsed-time
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mc5kdxToqb4mUSIVHibL6%2Bq3W1l%2BvI0D8y6EoYveJPevVsh%2FZBm0g6Aa%2F%2BzGOs7ioMypiquPQ%2FBZx%2Boj6kQ%2Bt1eBdZyt02L93EkxFiAaD3Lsg3mNI743SHh7vnSC0wpTtdiftPUaeIYmZrAo"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=7633&min_rtt=6993&rtt_var=1557&sent=9&recv=12&lost=0&retrans=0&sent_bytes=4721&recv_bytes=2397&delivery_rate=544881&cwnd=255&unsent_bytes=0&cid=031e8fe079d57cbe&ts=1342&x=0"
date
Fri, 03 Jan 2025 18:47:38 GMT
content-type
image/png
x-module-id
x-frame-options
SAMEORIGIN
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=0
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fc5288bcf162bc6-FRA
access-control-allow-origin
*
content-length
222
server
cloudflare
ping
www.5lwin.win/wps/system/test/ 		222 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.5lwin.win/wps/system/test/ping?t=1735930056744
Requested by
Host: www.aaavk.cc
URL: https://www.aaavk.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3deb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Merchant
xnbetcomf2
Cache-Control
no-cache
Referer
https://www.aaavk.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-robots-tag
noindex,nofollow
x-app-trace-id
rkewttu627
cf-cache-status
DYNAMIC
x-elapsed-time
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpZuSrvOKMINa6pQ0AyONJKxoHkZsyVqTS%2F8IPJiHkRnjjQpnRw7lqCmq4xBvjRN2Nudn8H3DeJ9eMoWTEgz940SZ5rNDpMeEMrXJDJ8km6FHcQvAp6bxHdGzBvKr%2FIv2WoQKInPCqRkEf2e"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=8722&min_rtt=8207&rtt_var=1491&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4821&recv_bytes=2488&delivery_rate=406583&cwnd=254&unsent_bytes=0&cid=9c63aca9bd86632b&ts=1331&x=0"
date
Fri, 03 Jan 2025 18:47:38 GMT
content-type
image/png
x-module-id
x-frame-options
SAMEORIGIN
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=0
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fc5288bcc8a363b-FRA
access-control-allow-origin
*
content-length
222
server
cloudflare
ping
www.5lwin.site/wps/system/test/ 		222 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.5lwin.site/wps/system/test/ping?t=1735930056744
Requested by
Host: www.aaavk.cc
URL: https://www.aaavk.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Merchant
xnbetcomf2
Cache-Control
no-cache
Referer
https://www.aaavk.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-robots-tag
noindex,nofollow
x-app-trace-id
i7ifgvg627
cf-cache-status
DYNAMIC
x-elapsed-time
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wU%2BzVW5%2BkLn74QTB3nYZnnCFzjjyZ7UQooi1Grcyy1VKeO0PXx5ksb9FbH8CN2Sm0Nrf6Vz0MpF49nQkgOv1ppUXLhmqePKlievGFBandr1rO57ZLmu%2BCo5gs0ESfN9Q%2BVR8gUk7J1GGsCDlLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=9007&min_rtt=8555&rtt_var=1495&sent=9&recv=12&lost=0&retrans=0&sent_bytes=4726&recv_bytes=2397&delivery_rate=388711&cwnd=255&unsent_bytes=0&cid=911c984fa0cc2c70&ts=1325&x=0"
date
Fri, 03 Jan 2025 18:47:38 GMT
content-type
image/png
x-module-id
x-frame-options
SAMEORIGIN
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=0
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fc5288bdb199a0f-FRA
access-control-allow-origin
*
content-length
222
server
cloudflare
ping
www.5lwin0.com/wps/system/test/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.5lwin0.com/wps/system/test/ping?t=1735930056744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:372f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,merchant
Access-Control-Request-Method
GET
Origin
https://www.aaavk.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
allow
OPTIONS,HEAD,GET
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8fc52886f8680374-FRA
date
Fri, 03 Jan 2025 18:47:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QP8siA83dj%2FF0KGPamYL620o%2FQ1zOzqK9xCkCVvEwoeFlyzVejnEHxbg16zP3dNDR%2FC7h1dIdzTNhvS%2BuWBDWhu0mItK9pkGuxs16%2BolqLG0vQZ21wgDkRD%2FwjZOUIMBtsDNXmzZwgN79NA06g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=8325&min_rtt=7708&rtt_var=1847&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3953&recv_bytes=2295&delivery_rate=426130&cwnd=253&unsent_bytes=0&cid=e35bc6e6ddd0b4d7&ts=789&x=0"
strict-transport-security
max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
ping
www.5lwin.vip/wps/system/test/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.5lwin.vip/wps/system/test/ping?t=1735930056744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,merchant
Access-Control-Request-Method
GET
Origin
https://www.aaavk.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
allow
OPTIONS,HEAD,GET
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8fc52886eac02bc6-FRA
date
Fri, 03 Jan 2025 18:47:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dG8qJUOnAaROMN0P8afwwaMUfWqeg%2FoBOkZPemHgLzhFPAV6Vb8zNbcuKWcq0iXfZ58SnXDd%2F9BT3hlGjD3rSZNIOqGB0HwL8N5spgP6lLxZdVszrsAaf3erqQvDOJ1vFbT09t57ZNEQiXol"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=7443&min_rtt=6993&rtt_var=1569&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3921&recv_bytes=2295&delivery_rate=544881&cwnd=254&unsent_bytes=0&cid=031e8fe079d57cbe&ts=781&x=0"
strict-transport-security
max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
ping
www.5lwin.win/wps/system/test/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.5lwin.win/wps/system/test/ping?t=1735930056744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3deb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,merchant
Access-Control-Request-Method
GET
Origin
https://www.aaavk.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
allow
OPTIONS,HEAD,GET
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8fc52886f925363b-FRA
date
Fri, 03 Jan 2025 18:47:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whNiOOa87ETkmUKb4yYDrvC9JMyf2HQhE8DJGIAJygmOFjqQ980FWS4YSaFlUNIDTPw64dWC63a3vURHAXZLEaWBTcdcxTMl3C9Rf8oiKUAU4Dx2TzUlj9nZEcCfLIoC7A3WUn0Yf9qOHCiy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=8732&min_rtt=8207&rtt_var=1961&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4023&recv_bytes=2386&delivery_rate=406583&cwnd=253&unsent_bytes=0&cid=9c63aca9bd86632b&ts=774&x=0"
strict-transport-security
max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
ping
www.5lwin.site/wps/system/test/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.5lwin.site/wps/system/test/ping?t=1735930056744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,merchant
Access-Control-Request-Method
GET
Origin
https://www.aaavk.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
allow
OPTIONS,HEAD,GET
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8fc5288718929a0f-FRA
date
Fri, 03 Jan 2025 18:47:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qx%2BDjbr898YbpMqgUofzKp6LkEBr6DRB1fBL2R7xgUfRlv6Q5V1OrTcSX4gqNvmMTqRGk%2B12uwo8UJMpRtpcC1EFi7frp9MD%2BCnnP2c%2FVPFYQWu5q3Xu7Zlv7aFpFCVuBXn47A25vTJmQB66qw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=9006&min_rtt=8555&rtt_var=1991&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3918&recv_bytes=2295&delivery_rate=388711&cwnd=254&unsent_bytes=0&cid=911c984fa0cc2c70&ts=770&x=0"
strict-transport-security
max-age=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
Primary Request /
fafafa888.5lwin.win/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fafafa888.5lwin.win/
Requested by
Host: www.aaavk.cc
URL: https://www.aaavk.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3deb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642f841dbe05bdf5218fca7034b000a7b1a9ab4fbfebffea189d71657dbd1c83
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.aaavk.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8fc5288f7f6dd9d2-FRA
content-encoding
zstd
content-type
text/html
date
Fri, 03 Jan 2025 18:47:38 GMT
last-modified
Mon, 23 Dec 2024 07:02:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=va8tSdxT3Mz8veeXXXasfilyAdvBtPGH%2BBphFjKqTEQa9teGelhV5lElpkauika1nfFBOYYS59hGkst1hz3VxtcxmD%2BAtrusyPl4IsL4tdFwGfzrjChMoq0JZxQlwE3I9XADKME9ADBBcKL1SLI77kAT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=7581&min_rtt=7456&rtt_var=1336&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3947&recv_bytes=2298&delivery_rate=498079&cwnd=253&unsent_bytes=0&cid=32f13098d4e1c35e&ts=765&x=0"
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
aboutMerchant.js
fafafa888.5lwin.win/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fafafa888.5lwin.win/js/aboutMerchant.js?v=613
Requested by
Host: fafafa888.5lwin.win
URL: https://fafafa888.5lwin.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3deb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eac29b202a9f065a4da967b86ffc0353ec3c56b76093099c18c56902258c8b1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://fafafa888.5lwin.win/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67690af9-7c3"
age
72953
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRxNptP1PO1ed0kePW2N4Kf8NmbrUmAgcX1NgfaVjjf3DPkVRrN3gxExv7dmZhAhuxpaS6aomF9NS7hdOaAjPlVQaRVNbcfzW8VWj8J8QevUY%2FtdnwZfkeVxJoF1MjB8yZa%2Bi9phDIq%2FVLs2t9f5RNe1"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 03 Jan 2025 21:25:12 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=10273&min_rtt=7456&rtt_var=5611&sent=13&recv=14&lost=0&retrans=0&sent_bytes=5560&recv_bytes=2726&delivery_rate=498079&cwnd=256&unsent_bytes=0&cid=32f13098d4e1c35e&ts=812&x=0"
date
Fri, 03 Jan 2025 18:47:38 GMT
content-type
application/javascript
last-modified
Mon, 23 Dec 2024 07:02:17 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fc5289469a2d9d2-FRA
pro-cdn-cache-tier2
MISS, MISS
server
cloudflare
encrypt.js
fafafa888.5lwin.win/js/ 		0
0
chunk-web-view.c5d12b4c.js
fafafa888.5lwin.win/js/ 		0
0
chunk-vendors.9a54ccf0.js
fafafa888.5lwin.win/js/ 		0
0
index.9100cc57.js
fafafa888.5lwin.win/js/ 		0
0
chunk-web-view.cf46d257.css
fafafa888.5lwin.win/css/ 		0
0
chunk-vendors.14190ba7.css
fafafa888.5lwin.win/css/ 		0
0
index.9f4554a0.css
fafafa888.5lwin.win/css/ 		0
0
/
www.5lwin.win/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.aaavk.cc
URL
https://www.aaavk.cc/favicon.ico
Domain
fafafa888.5lwin.win
URL
https://fafafa888.5lwin.win/js/encrypt.js?v=613
Domain
fafafa888.5lwin.win
URL
https://fafafa888.5lwin.win/js/chunk-web-view.c5d12b4c.js
Domain
fafafa888.5lwin.win
URL
https://fafafa888.5lwin.win/js/chunk-vendors.9a54ccf0.js
Domain
fafafa888.5lwin.win
URL
https://fafafa888.5lwin.win/js/index.9100cc57.js
Domain
fafafa888.5lwin.win
URL
https://fafafa888.5lwin.win/css/chunk-web-view.cf46d257.css
Domain
fafafa888.5lwin.win
URL
https://fafafa888.5lwin.win/css/chunk-vendors.14190ba7.css
Domain
fafafa888.5lwin.win
URL
https://fafafa888.5lwin.win/css/index.9f4554a0.css
Domain
www.5lwin.win
URL
https://www.5lwin.win/?affiliateCode=fafafa888

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| checkDevice

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN