| URL: http://kitces.emlnk1.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": true,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: http://kitces.emlnk1.com |
| URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migr... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This is jQuery's official migration plugin with legitimate functionality. It contains only low-risk behaviors: console logging for debugging, DOM manipulation through jQuery, and deprecation warnings. The code is from a trusted source (jQuery) and performs expected migration-related tasks."
} |
/*! jQuery Migrate v3.5.2 | (c) OpenJS Foundation and other contributors | jquery.com/license */
"undefined"==typeof jQuery.migrateMute&&(jQuery.migrateMute=!0),function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],function(e){return t(e,window)}):"object"==typeof module&&module.exports?module.exports=t(require("jquery"),window):t(jQuery,window)}(function(s,n){"use strict";function e(e){return 0<=function(e,t){for(var r=/^(\d+)\.(\d+)\.(\d+)/,n=r.exec(e)||[],o=r.exec(t)||[],a=1;a<=3;a++){if(+o[a]<+n[a])return 1;if(+n[a]<+o[a])return-1}return 0}(s.fn.jquery,e)}s.migrateVersion="3.5.2";var t=Object.create(null);s.migrateDisablePatches=function(){for(var e=0;e<arguments.length;e++)t[arguments[e]]=!0},s.migrateEnablePatches=function(){for(var e=0;e<arguments.length;e++)delete t[arguments[e]]},s.migrateIsPatchEnabled=function(e){return!t[e]},n.console&&n.console.log&&(s&&e("3.0.0")&&!e("5.0.0")||n.console.log("JQMIGRATE: jQuery 3.x-4.x REQUIRED"),s.migrateWarnings&&n.console.log("JQMIGRATE: Migrate plugin loaded multiple times"),n.console.log("JQMIGRATE: Migrate is installed"+(s.migrateMute?"":" with logging active")+", version "+s.migrateVersion));var o={};function u(e,t){var r=n.console;!s.migrateIsPatchEnabled(e)||s.migrateDeduplicateWarnings&&o[t]||(o[t]=!0,s.migrateWarnings.push(t+" ["+e+"]"),r&&r.warn&&!s.migrateMute&&(r.warn("JQMIGRATE: "+t),s.migrateTrace&&r.trace&&r.trace()))}function r(e,t,r,n,o){Object.defineProperty(e,t,{configurable:!0,enumerable:!0,get:function(){return u(n,o),r},set:function(e){u(n,o),r=e}})}function a(e,t,r,n,o){var a=e[t];e[t]=function(){return o&&u(n,o),(s.migrateIsPatchEnabled(n)?r:a||s.noop).apply(this,arguments)}}function c(e,t,r,n,o){if(!o)throw new Error("No warning message provided");return a(e,t,r,n,o),0}function i(e,t,r,n){return a(e,t,r,n),0}s.migrateDeduplicateWarnings=!0,s.migrateWarnings=[],void 0===s.migrateTrace&&(s.migrateTrace=!0),s.migrateReset=function(){o={},s.migrateWarnings.length=0},"BackCompat"===n.document.compatMode&&u("quirks","jQuery is not compatible with Quirks Mode");var d,l,p,f={},m=s.fn.init,y=s.find,g=/\[(\s*[-\w]+\s*)([~|^$*]?=)\s*([-\w#]*?#[-\w#]*)\s*\]/,h=/\[(\s*[-\w]+\s*)([~|^$*]?=)\s*([-\w#]*?#[-\w#]*)\s*\]/g,v=/^[\s\uFEFF\xA0]+|([^\s\uFEFF\xA0])[\s\uFEFF\xA0]+$/g;for(d in i(s.fn,"init",function(e){var t=Array.prototype.slice.call(arguments);return s.migrateIsPatchEnabled("selector-empty-id")&&"string"==typeof e&&"#"===e&&(u("selector-empty-id","jQuery( '#' ) is not a valid selector"),t[0]=[]),m.apply(this,t)},"selector-empty-id"),s.fn.init.prototype=s.fn,i(s,"find",function(t){var r=Array.prototype.slice.call(arguments);if("string"==typeof t&&g.test(t))try{n.document.querySelector(t)}catch(e){t=t.replace(h,function(e,t,r,n){return"["+t+r+'"'+n+'"]'});try{n.document.querySelector(t),u("selector-hash","Attribute selector with '#' must be quoted: "+r[0]),r[0]=t}catch(e){u("selector-hash","Attribute selector with '#' was not fixed: "+r[0])}}return y.apply(this,r)},"selector-hash"),y)Object.prototype.hasOwnProperty.call(y,d)&&(s.find[d]=y[d]);c(s.fn,"size",function(){return this.length},"size","jQuery.fn.size() is deprecated and removed; use the .length property"),c(s,"parseJSON",function(){return JSON.parse.apply(null,arguments)},"parseJSON","jQuery.parseJSON is deprecated; use JSON.parse"),c(s,"holdReady",s.holdReady,"holdReady","jQuery.holdReady is deprecated"),c(s,"unique",s.uniqueSort,"unique","jQuery.unique is deprecated; use jQuery.uniqueSort"),r(s.expr,"filters",s.expr.pseudos,"expr-pre-pseudos","jQuery.expr.filters is deprecated; use jQuery.expr.pseudos"),r(s.expr,":",s.expr.pseudos,"expr-pre-pseudos","jQuery.expr[':'] is deprecated; use jQuery.expr.pseudos"),e("3.1.1")&&c(s,"trim",function(e){return null==e?"":(e+"").replace(v,"$1")},"trim","jQuery.trim is deprecated; use String.prototype.trim"),e("3.2.0")&&(c(s,"nodeName",function(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()},"nodeName","jQuery.nodeName is de |
| URL: https://kitces.activehosted.com/admin/... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be a legitimate configuration script for ActiveCampaign (a known marketing automation platform). It only contains static variable declarations with format strings and API endpoints from a legitimate business domain. No data transmission, dynamic code execution, or suspicious behaviors are present."
} |
var datetimeformat = "%m/%d/%Y %H:%M";
var dateformat = "%m/%d/%Y";
var timeformat = "%H:%M";
var ac_action = "";
var plink = "https://kitces.activehosted.com";
var ac_branded = "1";
var is_trial = false;
var apipath = "https://kitces.activehosted.com/admin/api.php";
|
| URL: https://kitces.activehosted.com/admin/... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The code shows standard login page functionality with low-risk behaviors: DOM manipulation for visual effects (fade), URL parameter handling for password reset, and opening a support link to a legitimate domain (help.activecampaign.com). The hash handling in forms is a common practice. No data exfiltration, suspicious domains, or malicious patterns detected."
} |
function fade_login() {
$J('#login_container').fadeTo(1000, 0.55);
$J('#login_container').fadeTo(5000, 0.25);
$J('#login_container').fadeTo(1000, 1.00);
}
function lookup_link_fix(e) {
var url = $J(this).attr('href');
var usr = $J('#user').val();
if (ac_str_email(usr)) {
$J(this).attr('href', url + '&email=' + usr);
}
}
function contactSupport() {
let url = 'https://help.activecampaign.com/hc/en-us/requests/new';
window.open(url, '_blank');
}
$J(document).ready(function () {
$J("a.forgotpass").click(lookup_link_fix);
// if there is a hash, append it to links
if (window.location.hash) {
$J("form[name=log_user]").attr('action', $J("form[name=log_user]").attr('action') + window.location.hash);
}
});
|
| URL: https://kitces.activehosted.com/ac_global/js/ac.js... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The script shows moderate risk indicators including: use of eval() for callback functions, handling of XML responses, and AJAX functionality. However, it includes security measures like CSRF token validation and proper encoding of parameters. The code appears to be a legitimate AJAX handler with some outdated practices rather than malicious intent. Main concerns are the eval() usage and broad exception handling which could potentially be exploited."
} |
// ac.js
// Loading...
// ajax.js
var ac_ajax_debug = true;
function ac_ajax_request_object() {
var hreq;
try {
hreq = new XMLHttpRequest();
} catch (e) {
hreq = null;
}
return hreq;
}
function ac_ajax_call_url(url, post, cb) {
var hreq = ac_ajax_request_object();
if (hreq !== null) {
hreq.onreadystatechange = function() {
try {
ac_ajax_handle(hreq, cb);
} catch (e) {}
};
var method = ( post === null ? 'GET' : 'POST' );
var postType = typeof(post);
if ( post !== null ) {
if ( postType == 'array' || postType == 'object' ) {
var postArr = new Array();
for ( var i in post ) {
var postType = typeof(post[i]);
if ( postType == 'array' || postType == 'object' ) {
for ( var j in post[i] ) {
if ( typeof(post[i][j]) != 'function' ) {
postArr.push(i + '[' + ( j == 'undefined' ? '' : j ) + ']=' + encodeURIComponent(post[i][j]));
}
}
} else if ( postType != 'function' ) {
postArr.push(i + '=' + encodeURIComponent(post[i]));
}
}
post = postArr.join('&');
}
}
hreq.open(method, url, true);
hreq.setRequestHeader("X-XSRF-TOKEN", getCSRFToken());
if ( post !== null ) {
hreq.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
}
hreq.send(post);
}
}
function ac_ajax_proxy_call_url(base, url, post, cb) {
if (post !== null)
ac_ajax_call_url(base + "/ac_global/functions/ajax_proxy.php?post=1&url=" + ac_b64_encode(url), post, cb);
else
ac_ajax_call_url(base + "/ac_global/functions/ajax_proxy.php?url=" + ac_b64_encode(url), post, cb);
}
function ac_ajax_proxy_call_cb(base, url, func, cb) {
if (url.match(/\?/))
url = url + "&f=" + func;
else
url = url + "?f=" + func;
url += "&rand=" + ac_b64_encode(Math.random().toString());
if (arguments.length > 3) {
for (var i = 4; i < arguments.length; i++)
url += "&p[]=" + encodeURIComponent(arguments[i]);
}
ac_ajax_proxy_call_url(base, url, null, cb);
}
function ac_ajax_call(url, func) {
if (arguments.length < 3)
ac_ajax_call_cb(ac_str_url(url), func, null);
else {
ac_ajax_call_cb(ac_str_url(url), func, null, ac_ary_last(arguments, 2));
}
}
function ac_ajax_call_cb(url, func, cb) {
if (func) {
if (url.match(/\?/))
url = url + "&f=" + func;
else
url = url + "?f=" + func;
}
url += "&rand=" + ac_b64_encode(Math.random().toString());
if (arguments.length > 3) {
for (var i = 3; i < arguments.length; i++)
url += "&p[]=" + encodeURIComponent(arguments[i]);
}
if ( cb === null ) cb = function(){};
ac_ajax_call_url(url, null, cb);
}
function ac_ajax_post_cb(url, func, cb, post) {
if (func) {
if (url.match(/\?/))
url = url + "&f=" + func;
else
url = url + "?f=" + func;
}
url += "&rand=" + ac_b64_encode(Math.random().toString());
if ( cb === null ) cb = function(){};
ac_ajax_call_url(url, post, cb);
}
function ac_ajax_handle(hreq, cb) {
if (hreq !== null) {
if (hreq.readyState == 4) {
if (hreq.status == 200) {
try {
var xml = hreq.responseXML;
if (xml !== null && xml.documentElement !== null) {
if (cb === null)
cb = eval("cb_" + xml.documentElement.nodeName);
if (typeof cb == "function")
cb(xml.documentElement, hreq.responseText);
} else {
if ( hreq.responseText != '' ) {
if (typeof ac_ajax_handle_text == 'function')
ac_ajax_handle_text(hreq.responseText);
}
}
/*
var rootNode = ( xml !== null ? xml.documentElement : null );
if (cb === null && rootNode) {
cb = eval("cb_" + rootNode.nodeName);
|
| URL: https://kitces.activehosted.com/admin/js/jq/csrf_p... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This is a legitimate CSRF protection implementation that follows security best practices. It only allows same-origin requests, validates URLs, and properly handles CSRF tokens. The only minor risk factors are DOM manipulation via form submission handling and cookie reading, but these are necessary for CSRF protection. The code shows defensive programming practices like input validation and origin checking."
} |
/**
* Monkey patch jQuery so that for each AJAX request, it grabs the CSRF token
* directly from the cookie and sets it as a header. This way, it will always
* send the newest token.
*/
(function(allTheJQueries) {
function validateUrl(url) {
if (typeof url !== 'string') {
return false;
}
// If the URL does not begin with 'http' then it is a relative path,
// so it is okay
if (url.indexOf('http') !== 0) {
return true;
}
// If it is a fully qualified URL, then it MUST be to the current host
var upperCaseUrl = url.toUpperCase();
var upperCaseDocumentLocationOrigin = document.location.origin.toUpperCase();
return upperCaseUrl.indexOf(upperCaseDocumentLocationOrigin) === 0;
}
/**
* This is called every AJAX request, and adds our CSRF token header
* to the request
*/
function setHeader(options) {
var csrfResponseHeaderName = "X-XSRF-TOKEN";
if (!validateUrl(options.url)) {
return;
}
options.headers = typeof options.headers === 'object' ? options.headers : {};
options.headers[csrfResponseHeaderName] = getCSRFToken();
}
/**
* Modify the given version of jquery
*/
function modifyPrefilter(jQuery) {
if (typeof jQuery === "undefined"||
typeof jQuery.ajaxPrefilter !== "function"
) {
return false;
}
// Sanity check. Did we already override beforeSend?
if (jQuery.csrfProtection && jQuery.csrfProtection === "enabled") {
return false;
}
jQuery.ajaxPrefilter(setHeader);
jQuery.csrfProtection = "enabled";
return true;
}
/**
* Reads a CSRF token cookie value and appends it to
*
* @param jQueryImpl
* @returns {boolean}
*/
function appendCSRFTokenOnFormSubmit(jQueryImpl) {
if (typeof jQueryImpl === "undefined" ) {
return false;
}
// Settings page has their own submit handler. We are handling
// token injection there.
if (window.location.href.indexOf('main.php?action=settings') !== -1) {
return false;
}
try {
jQueryImpl(document).on('submit', 'form', function() {
appendCSRFToken(this);
});
} catch (e) {
return false;
}
return true;
}
// As there are several jQuery versions, just register on one
var csrfFormInterceptorRegistered = false;
// We need to do this to ALL of the given versions.
// We use different versions at different times.
allTheJQueries.forEach(function(jQueryImpl) {
modifyPrefilter(jQueryImpl);
if (!csrfFormInterceptorRegistered) {
csrfFormInterceptorRegistered = appendCSRFTokenOnFormSubmit(jQueryImpl);
}
});
})([window.jQuery, window.$J, window.$]);
/**
* Extracts CSRF protection token from the carrier cookie
*
* @returns {string}
*/
function getCSRFToken() {
var csrfCookieName = 'XSRF-TOKEN';
var cookie = window.document.cookie
// Break up all the cookies
.split(';')
// Filter out only cookies with right name
.filter(function(cookiePart) {
return cookiePart.indexOf(csrfCookieName) > -1;
})
// Get the first instance of the CSRF cookiecsr
// (In testing we only want the first one, not the last one.)
.shift()
;
if (typeof cookie === 'undefined') {
return;
}
// Here we split the token cookie and grab just the token itself:
// XSRF-TOKEN=sometoken => ["XSRF-TOKEN", "sometoken"] => 'sometoken'
var token = cookie.trim().split('=').pop();
return token;
}
/**
* Appends a CSRF protection token to html forms upon submit. Being defined in
* global scope, can be manually added to onSubmit event for every form missed
* by jQuery.
*
* @param interceptedForm
*/
function appendCSRFToken(interceptedForm) {
var form = interceptedForm;
if (!form.elements) {
form = interceptedForm.forms[0];
}
var csrfInput = getCSRFInputField(form);
if (!csrfInput) {
csrfInput = attachNewCSRFInputFieldToForm(form);
}
csrfInput.setAttribute("value", getCSRFToken());
}
/**
* Retrieves a csrf validation input field from the form
*
* @param myForm
* @returns {*}
*/
function getCSRFInputField(myForm) {
return myForm.elements._csrf |
| URL: https://kitces.activehosted.com/admin/... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate New Relic (NREUM) monitoring script initialization. It contains standard configuration for features like distributed tracing, session management, and error reporting. While it does collect telemetry data, it's from a trusted vendor (New Relic) and includes privacy controls and cookie settings."
} |
(window.NREUM||(NREUM={})).init={privacy:{cookies_enabled:true},ajax:{deny_list:[]},session_trace:{sampling_rate:0.0,mode:"FIXED_RATE",enabled:true,error_sampling_rate:0.0},distributed_tracing:{enabled:true}};(window.NREUM||(NREUM={})).loader_config={agentID:"456980009",accountID:"149034",trustKey:"149034",xpid:"VQIOUVVXGwcFUlhVDwgCUw==",licenseKey:"d3d5c809d5",applicationID:"456978955"};;/*! For license information please see nr-loader-spa-1.274.0.min.js.LICENSE.txt */
(()=>{var e,t,r={8122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},2555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(8122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},9417:(e,t,r)=>{"use strict";r.d(t,{D0:()=>h,gD:()=>g,xN:()=>p});var n=r(993);const i=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var o=r(2614),a=r(944),s=r(384),c=r(8122);const u="[data-nr-mask]",d=()=>{const e={mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,harvestTimeSeconds:10,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},feature_flags:[],generic_events:{enabled:!0,harvestTimeSeconds:30,autoStart:!0},harvest:{tooManyRequestsDelay:60},jserrors:{enabled:!0,harvestTimeSeconds:10,autoStart:!0},logging:{enabled:!0,harvestTimeSeconds:10,autoStart:!0,level:n.p_.INFO},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,harvestTimeSeconds:30,autoStart:!0},performance:{capture_marks:!1,capture_measures:!1},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:o.wk,inactiveMs:o.BB},session_replay:{autoStart:!0,enabled:!1,harvestTimeSeconds:60,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){i(t)?e.mask_selector="".concat(t,",").concat(u):""===t||null===t?e.mask_selector=u:(0,a.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){i(t)?e.block_selector+=",".concat(t):""!==t&&(0,a.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,a.R)(7,t)}},session_trace:{enabled:!0, |
| URL: https://kitces.activehosted.com/admin/jsc/ac.js?v=... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The code appears to be a legitimate JavaScript utility library with DOM manipulation and form handling functions. While it includes features like base64 encoding/decoding and URL redirection, these are implemented in a standard way. The code interacts with DOM elements through jQuery ($J) and contains form handling logic, but shows no signs of malicious behavior. The only minor concern is the URL redirection functionality, but it's implemented with basic safety checks."
} |
var ac={rand:function(){return ac.str.cast(Math.random())},randHex:function(){var a=ac.rand().split(".");return sprintf("%x",a[1])},hidden:function(a){return"none"==$J(a).css("display")},empty:function(a){for(var c in a)if("function"!=typeof a[c])return!1;return!0},redirect:function(a){a.match(/^http/)||(a=ac_js_site.p_link+"/"+a);window.location.href=a},refresh:function(){window.location.reload(!0)},highlight:function(a){a.focus();a.select()},distance:function(a,c){return Math.sqrt(Math.pow(a,2)+
Math.pow(c,2))},uniqid:function(){return ac.encodeBase64(Math.random().toString()).replace(/(\+|\/|=)+/,"")},clickToEdit:function(a,c,d){var e=ac.uniqid();c=c||function(){};d=d||{};$J(document).on("click",a,function(a){d.allowPropagation||a.stopPropagation();a=$J(this);a.hasClass("click-to-edit")||(a.addClass("click-to-edit "+e).data("click-to-edit-original",a.html()),!1!==d.select_all&&document.execCommand("selectAll",!1,null))});$J(document).on("keypress",a,function(a){if(13==a.which){var d=$J(this);
a.preventDefault();d.blur();c(d)}});$J(document).on("click",function(a){_.each($J(".click-to-edit."+e),function(a){a=$J(a);a.removeClass("click-to-edit "+e);c(a)})})},decodeBase64:function(a){return window.atob?decodeURIComponent(window.atob(a)):decodeURIComponent(ac._decodeBase64(a))},encodeBase64:function(a){return window.btoa?window.btoa(encodeURIComponent(a)):ac._encodeBase64(encodeURIComponent(a))},var:function(a,c){var d={};"string"==typeof a?d[a]=c:"object"==typeof a&&(d=a);$J.each(d,function(a,
c){for(var e=$J("*[var='"+ac.str.escape(a)+"']"),f=0,l;f<e.length;f++){var k=$J(e[f]);l="function"==typeof c?c(a,d):c;if(k.is("select"))k.val(l);else if(k.is("input"))switch(k.prop("type")){case "radio":k.val()==l&&k.prop("checked",!0);break;case "checkbox":k.val()==l?k.prop("checked",!0):k.prop("checked",!1);break;default:k.val(l)}else k.html(l)}})},droparea:function(a,c,d,e){var f=e.init||function(){},g=e.start||function(){},h=e.complete||function(a,c){};e=e.error||function(a){};$J(a).attr({"data-post":"old-imageup-dnd.php",
"data-width":c,"data-height":d,name:"dropfile"}).droparea({instructions:"",over:"",init:f,start:g,complete:h,error:e})},inherit:function(a){var c={};a&&(c.__proto__=a);return c},automodal:function(a,c){a.title||(a.title="[Please use the title property to set a title for this modal]");a.body||(a.body="");a.oklabel||(a.oklabel=strOK);a.okclass||(a.okclass="green");a.closelabel||(a.closelabel=a.hideok?strClose:strCancel);a.classes||(a.classes="");a.dont_blur||$J(document.activeElement).blur();c=c||function(){};
$J("#ac_automodal").remove();var d=""+('<div id="ac_automodal" class="modal '+(a.condor?"modal--condor ":"")+"show "+a.classes+'" style="display:none;">');d=d+'<div class="modal-dialog"><div class="modal-content"><div class="modal-header">'+('<a href="#" onclick="return false;" class="close_x" data-dismiss="modal">'+ac.icon("x",{pos:"middle",size:"medium"})+"</a>");d+=sprintf("<h3>%s</h3>",a.title);d=d+'</div><form><div class="modal-body">'+(a.condor?a.body:'<div class="body">'+a.body+"</div>");if(a.inputs)for(var e=
0;e<a.inputs.length;e++){var f=a.inputs[e];f.label=f.label||"";f.type=f.type||"text";f.name=f.name||"name"+e;f.className=f.className||"";f.default=f.default||"";f.attrs=f.attrs||"";f.placeholder=f.placeholder||"";f.placeholder&&(f.placeholder=' placeholder="'+f.placeholder+'"');switch(f.type){case "select":case "select-multiple":f.options=f.options||[];d+=sprintf('<fieldset class="select-options %s">',f.className);d+=sprintf("<label>%s</label>",f.label?f.label:"");d+=sprintf('<select name="%s" %s>',
f.name,f.type,"select-multiple"==f.type?"multiple":"");for(e=0;e<f.options.length;e++)d+=sprintf('<option %s value="%s">%s</option>',f.options[e].value==f.default?"selected":"",f.options[e].value,f.options[e].label);d+="</select>";d+="</fieldset>";break;case "textarea":f.rows=f.rows||8;f.cols=f.cols||40;d+=sprintf('<fieldset class="input %s">',f.className);d+=sprintf("<label>%s</label>",f.label?f.label:""); |
| URL: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is the beginning of the jQuery UI library, a well-known and trusted JavaScript framework. The code shows standard widget factory implementation with proper namespacing, event handling, and widget construction patterns. It's from a legitimate source (jQuery Foundation), is open-source, and uses standard JavaScript practices without any suspicious behaviors."
} |
/*! jQuery UI - v1.13.2 - 2022-07-14
* http://jqueryui.com
* Includes: widget.js, position.js, data.js, disable-selection.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/effect-size.js, effects/effect-slide.js, effects/effect-transfer.js, focusable.js, form-reset-mixin.js, jquery-patch.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/accordion.js, widgets/autocomplete.js, widgets/button.js, widgets/checkboxradio.js, widgets/controlgroup.js, widgets/datepicker.js, widgets/dialog.js, widgets/draggable.js, widgets/droppable.js, widgets/menu.js, widgets/mouse.js, widgets/progressbar.js, widgets/resizable.js, widgets/selectable.js, widgets/selectmenu.js, widgets/slider.js, widgets/sortable.js, widgets/spinner.js, widgets/tabs.js, widgets/tooltip.js
* Copyright jQuery Foundation and other contributors; Licensed MIT */
!function(t){"use strict";"function"==typeof define&&define.amd?define(["jquery"],t):t(jQuery)}(function(V){"use strict";V.ui=V.ui||{};V.ui.version="1.13.2";var n,i=0,a=Array.prototype.hasOwnProperty,r=Array.prototype.slice;V.cleanData=(n=V.cleanData,function(t){for(var e,i,s=0;null!=(i=t[s]);s++)(e=V._data(i,"events"))&&e.remove&&V(i).triggerHandler("remove");n(t)}),V.widget=function(t,i,e){var s,n,o,a={},r=t.split(".")[0],l=r+"-"+(t=t.split(".")[1]);return e||(e=i,i=V.Widget),Array.isArray(e)&&(e=V.extend.apply(null,[{}].concat(e))),V.expr.pseudos[l.toLowerCase()]=function(t){return!!V.data(t,l)},V[r]=V[r]||{},s=V[r][t],n=V[r][t]=function(t,e){if(!this||!this._createWidget)return new n(t,e);arguments.length&&this._createWidget(t,e)},V.extend(n,s,{version:e.version,_proto:V.extend({},e),_childConstructors:[]}),(o=new i).options=V.widget.extend({},o.options),V.each(e,function(e,s){function n(){return i.prototype[e].apply(this,arguments)}function o(t){return i.prototype[e].apply(this,t)}a[e]="function"==typeof s?function(){var t,e=this._super,i=this._superApply;return this._super=n,this._superApply=o,t=s.apply(this,arguments),this._super=e,this._superApply=i,t}:s}),n.prototype=V.widget.extend(o,{widgetEventPrefix:s&&o.widgetEventPrefix||t},a,{constructor:n,namespace:r,widgetName:t,widgetFullName:l}),s?(V.each(s._childConstructors,function(t,e){var i=e.prototype;V.widget(i.namespace+"."+i.widgetName,n,e._proto)}),delete s._childConstructors):i._childConstructors.push(n),V.widget.bridge(t,n),n},V.widget.extend=function(t){for(var e,i,s=r.call(arguments,1),n=0,o=s.length;n<o;n++)for(e in s[n])i=s[n][e],a.call(s[n],e)&&void 0!==i&&(V.isPlainObject(i)?t[e]=V.isPlainObject(t[e])?V.widget.extend({},t[e],i):V.widget.extend({},i):t[e]=i);return t},V.widget.bridge=function(o,e){var a=e.prototype.widgetFullName||o;V.fn[o]=function(i){var t="string"==typeof i,s=r.call(arguments,1),n=this;return t?this.length||"instance"!==i?this.each(function(){var t,e=V.data(this,a);return"instance"===i?(n=e,!1):e?"function"!=typeof e[i]||"_"===i.charAt(0)?V.error("no such method '"+i+"' for "+o+" widget instance"):(t=e[i].apply(e,s))!==e&&void 0!==t?(n=t&&t.jquery?n.pushStack(t.get()):t,!1):void 0:V.error("cannot call methods on "+o+" prior to initialization; attempted to call method '"+i+"'")}):n=void 0:(s.length&&(i=V.widget.extend.apply(null,[i].concat(s))),this.each(function(){var t=V.data(this,a);t?(t.option(i||{}),t._init&&t._init()):V.data(this,a,new e(i,this))})),n}},V.Widget=function(){},V.Widget._childConstructors=[],V.Widget.prototype={widgetName:"widget",widgetEventPrefix:"",defaultElement:"<div>",options:{classes:{},disabled:!1,create:null},_createWidget:function(t,e){e=V(e||this.defaultElement||this)[0],this.element=V(e),this.uuid=i++,this.eventNamespace="."+this.widgetName+this.uuid,this.bindings=V(),this.hoverable=V(),this.focusa |
| URL: https://cdnjs.cloudflare.com/ajax/libs/css-vars-po... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This is a legitimate CSS polyfill library with known source (GitHub). It uses XMLHttpRequest and XDomainRequest (legacy API) for CSS loading, but only for its intended purpose. The code is from a trusted source (MIT licensed) and performs expected CSS variable functionality. The only minor risk factors are the use of legacy APIs and external resource loading."
} |
/*!
* css-vars-ponyfill
* v2.4.9
* https://jhildenbiddle.github.io/css-vars-ponyfill/
* (c) 2018-2024 John Hildenbiddle <http://hildenbiddle.com>
* MIT license
*/
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof globalThis?globalThis:e||self).cssVars=t()}(this,(function(){"use strict";function e(){return e=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var r=arguments[t];for(var n in r)Object.prototype.hasOwnProperty.call(r,n)&&(e[n]=r[n])}return e},e.apply(this,arguments)}function t(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{},r={mimeType:t.mimeType||null,onBeforeSend:t.onBeforeSend||Function.prototype,onSuccess:t.onSuccess||Function.prototype,onError:t.onError||Function.prototype,onComplete:t.onComplete||Function.prototype},n=Array.isArray(e)?e:[e],o=Array.apply(null,Array(n.length)).map((function(e){return null}));function s(e){var t="string"==typeof e,r=t&&"<"===e.trim().charAt(0);return t&&!r}function a(e,t){r.onError(e,n[t],t)}function c(e,t){var s=r.onSuccess(e,n[t],t);e=!1===s?"":s||e,o[t]=e,-1===o.indexOf(null)&&r.onComplete(o)}var i=document.createElement("a");n.forEach((function(e,t){if(i.setAttribute("href",e),i.href=String(i.href),Boolean(document.all&&!window.atob)&&i.host.split(":")[0]!==location.host.split(":")[0]){if(i.protocol===location.protocol){var n=new XDomainRequest;n.open("GET",e),n.timeout=0,n.onprogress=Function.prototype,n.ontimeout=Function.prototype,n.onload=function(){var e=n.responseText;s(e)?c(e,t):a(n,t)},n.onerror=function(e){a(n,t)},setTimeout((function(){n.send()}),0)}else console.warn("Internet Explorer 9 Cross-Origin (CORS) requests must use the same protocol (".concat(e,")")),a(null,t)}else{var o=new XMLHttpRequest;o.open("GET",e),r.mimeType&&o.overrideMimeType&&o.overrideMimeType(r.mimeType),r.onBeforeSend(o,e,t),o.onreadystatechange=function(){if(4===o.readyState){var e=o.responseText;o.status<400&&s(e)||0===o.status&&s(e)?c(e,t):a(o,t)}},o.send()}}))}function r(e){var r=/\/\*[\s\S]+?\*\//g,o=/(?:@import\s*)(?:url\(\s*)?(?:['"])([^'"]*)(?:['"])(?:\s*\))?(?:[^;]*;)/g,s={rootElement:e.rootElement||document,include:e.include||'style,link[rel="stylesheet"]',exclude:e.exclude||null,filter:e.filter||null,skipDisabled:!1!==e.skipDisabled,useCSSOM:e.useCSSOM||!1,onBeforeSend:e.onBeforeSend||Function.prototype,onSuccess:e.onSuccess||Function.prototype,onError:e.onError||Function.prototype,onComplete:e.onComplete||Function.prototype},a=Array.apply(null,s.rootElement.querySelectorAll(s.include)).filter((function(e){return t=e,r=s.exclude,!(t.matches||t.matchesSelector||t.webkitMatchesSelector||t.mozMatchesSelector||t.msMatchesSelector||t.oMatchesSelector).call(t,r);var t,r})),c=Array.apply(null,Array(a.length)).map((function(e){return null}));function i(){if(-1===c.indexOf(null)){c.reduce((function(e,t,r){return""===t&&e.push(r),e}),[]).reverse().forEach((function(e){return[a,c].forEach((function(t){return t.splice(e,1)}))}));var e=c.join("");s.onComplete(e,c,a)}}function u(e,t,r,n){var o=s.onSuccess(e,r,n);f(e=void 0!==o&&!1===Boolean(o)?"":o||e,r,n,(function(e,n){null===c[t]&&(n.forEach((function(e){return s.onError(e.xhr,r,e.url)})),!s.filter||s.filter.test(e)?c[t]=e:c[t]="",i())}))}function l(e,t){var s=arguments.length>2&&void 0!==arguments[2]?arguments[2]:[],a={};return a.rules=(e.replace(r,"").match(o)||[]).filter((function(e){return-1===s.indexOf(e)})),a.urls=a.rules.map((function(e){return e.replace(o,"$1")})),a.absoluteUrls=a.urls.map((function(e){return n(e,t)})),a.absoluteRules=a.rules.map((function(e,r){var o=a.urls[r],s=n(a.absoluteUrls[r],t);return e.replace(o,s)})),a}function f(e,r,n,o){var a=arguments.length>4&&void 0!==arguments[4]?arguments[4]:[],c=arguments.length>5&&void 0!==arguments[5]?arguments[5]:[],i=l(e,n,c);i.rules.length?t(i.absoluteUrls,{onBeforeSend:function(e,t,n){s.onBeforeSend(e,r,t)},onSuccess:fu |
| URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is the legitimate jQuery library (version 3.7.1) source code. jQuery is a widely-used, open-source JavaScript library maintained by the OpenJS Foundation. The code shows standard library initialization patterns, proper documentation, and no suspicious behaviors. The code is neither obfuscated nor contains any malicious indicators."
} |
/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */
!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[i.call(e)]||"object":typeof e}var t="3.7.1",l=/HTML$/i,ce=function(e,t){return new ce.fn.init(e,t)};function c(e){var t=!!e&&"length"in e&&e.length,n=x(e);return!v(e)&&!y(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}function fe(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return ce.each(this,e)},map:function(n){return this.pushStack(ce.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(ae.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:s,sort:oe.sort,splice:oe.splice},ce.extend=ce.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||v(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(ce.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||ce.isPlainObject(n)?n:{},i=!1,a[t]=ce.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},ce.extend({expando:"jQuery"+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==i.call(e))&&(!(t=r(e))||"function"==typeof(n=ue.call(t,"constructor")&&t.constructor)&&o.call(n)===a)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){m(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(c(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},text:function(e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i||11===i?e.textContent:9===i?e.documentElement.textContent:3===i||4===i?e.nodeValue:n},makeArray:function(e,t){var n=t||[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==typeof e?[e]:e):s.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:se.call(t,e,n)},isXMLDoc:function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!l.test(t||n&&n.nodeName||"HTML")},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){va |
| URL: https://kitces.activehosted.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://kitces.activehosted.com |
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Get more out of ActiveCampaign",
"prominent_button_name": "Contact Customer Success",
"text_input_field_labels": [
"Username / Email",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Get more out of ActiveCampaign",
"prominent_button_name": "Contact Customer Success",
"text_input_field_labels": [
"Username / Email",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Get more out of ActiveCampaign",
"prominent_button_name": "Learn How",
"text_input_field_labels": [
"Username / Email",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Get more out of ActiveCampaign",
"prominent_button_name": "Contact Customer Success",
"text_input_field_labels": [
"Username / Email",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"brands": [
"Kitces"
]
} |
|
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"brands": [
"Nerd's Eye View KITCES"
]
} |
|
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"brands": [
"Nerd's Eye View KITCES"
]
} |
|
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"brands": [
"Nerd's Eye View",
"KITCES"
]
} |
|
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | ```json{ "legit_domain": "kitces.com", "classification": "known", "reasons": [ "The brand 'Kitces' is associated with financial planning and is known in the financial advisory community.", "The URL 'kitces.activehosted.com' uses a subdomain of 'activehosted.com', which is a service provider domain, not the primary domain of Kitces.", "The use of a service provider domain can be legitimate if Kitces uses ActiveCampaign for email marketing or similar services.", "The presence of input fields for Username/Email and Password on a non-primary domain raises suspicion, as it could be a phishing attempt to capture credentials.", "The domain 'activehosted.com' is not directly associated with Kitces, which increases the risk of phishing." ], "riskscore": 7}
Google indexed: False |
URL: kitces.activehosted.com
Brands: Kitces
Input Fields: Username / Email, Password |
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Get more out of ActiveCampaign",
"prominent_button_name": "Learn How",
"text_input_field_labels": [
"Username / Email",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"brands": [
"Kitces"
]
} |
|
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Kick off automations directly in Slack.",
"prominent_button_name": "Get the ActiveCampaign Bot for Slack",
"text_input_field_labels": [
"Username / Email",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://kitces.activehosted.com/admin/ Model: Joe Sandbox AI | {
"brands": [
"ActiveCampaign"
]
} |
|
| URL: https://activehosted.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://activehosted.com |
Edit tour
chrome.exe (PID: 5900 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node