1. Went to the website
2. Saw that the password is a decoy. It will lead to flag.txt
3. Opened flag.txt on that URL and found the flag: "$Hacker&?r3@L$"
4. jctf{$Hacker&?r3@L$}