Windows Analysis Report
Microsoft account password reset.eml

• EGA enabled

• Found application associated with file extension: .eml

```json
{
  "riskscore": 1,
  "reasons": "The provided JavaScript code appears to be related to mobile browser compatibility and initialization settings. It disables automatic page initialization for jQuery Mobile and adjusts the viewport settings for Internet Explorer Mobile 10. There are no evident signs of malicious behavior such as data exfiltration, obfuscation, or unauthorized access attempts."
}

/*<![CDATA[*/if($(document).bind("mobileinit",function(){$.mobile.autoInitializePage=!1}),navigator.userAgent.match(/IEMobile\/10\.0/)){var msViewportStyle=document.createElement("style");msViewportStyle.appendChild(document.createTextNode("@-ms-viewport{width:auto!important}"));document.getElementsByTagName("head")[0].appendChild(msViewportStyle)}/*  */

```json
{
  "riskscore": 1,
  "reasons": "The provided JavaScript code checks for a global privacy control setting and a specific cookie related to third-party ads opt-out. It does not exhibit any malicious behavior such as data exfiltration, credential stealing, or unauthorized access. The code is primarily concerned with privacy settings and cookie management, which are common practices in web development."
}

/*<![CDATA[*/
//

    const globalPrivacyControlEnabled = navigator.globalPrivacyControl;

    const GPC_DataSharingOptIn = (globalPrivacyControlEnabled) ? false : checkThirdPartyAdsOptOutCookie();

    function checkThirdPartyAdsOptOutCookie() {
        try {
            const ThirdPartyAdsOptOutCookieName = '3PAdsOptOut';
            var cookieValue = getCookie(ThirdPartyAdsOptOutCookieName);
            return cookieValue != 1;
        } catch {
            return true;
        }
    }

    function getCookie(cookieName) {
        var cookieValue = document.cookie.match('(^|;)\\s*' + cookieName + '\\s*=\\s*([^;]+)');
        return (cookieValue) ? cookieValue[2] : '';
    }

////
/*  */

```json
{
  "riskscore": 2,
  "reasons": "The provided JavaScript code appears to manipulate the DOM to decode HTML entities and manage the visibility of certain elements. It does not exhibit any obvious malicious behavior such as data exfiltration, credential stealing, or unauthorized access. However, it does modify the DOM based on certain conditions, which could potentially be used for phishing if combined with other malicious code. Overall, the risk is low but not zero."
}

/*<![CDATA[*/function DecodeHTML(){$(".msame_Header_chev").length&&($(".msame_Header_chev").text()?$(".msame_Header_chev").html($(".msame_Header_chev").text()).show():$(".msame_Header_chev").hide())}function checkDecode(){DecodeHTML();$(".msame_Header_chev").unbind("DOMSubtreeModified",checkDecode)}$(document).ready(function(){var i=document.getElementById("cli_shellHeaderSearchInput"),t=$(i).attr("placeholder").match(/&#(\d+);/g),r=t&&t.length,n;if(r)for(n=0;n<r;n++)i.placeholder=i.placeholder.replace(t[n],String.fromCharCode(t[n].match(/\d+/)))});$(document).ready(DecodeHTML);$(window).load(DecodeHTML);$(window).resize(function(){$(".msame_Header_chev").bind("DOMSubtreeModified",checkDecode)})/*  */

```json
{
  "phishing_score": 0,
  "brands": "Microsoft",
  "phishing": false,
  "suspicious_domain": false,
  "has_loginform": false,
  "has_captcha": false,
  "setechniques": false,
  "reasons": "The URL is legitimate and matches the official Microsoft domain. The content and design of the page are consistent with Microsoft's branding and style. There are no login forms or captchas present, and no social engineering techniques are evident."
}