| URL: https://disruptivc-dot-yamm-track.appspot.com Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": true,
"malicious_keywords": true,
"encoded_characters": false,
"redirection": true,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://disruptivc-dot-yamm-track.appspot.com |
| URL: https://yugaljeeautomotive.com/z/pro/mentanance/au... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "The provided JavaScript snippet simply reloads the current page, which is a common and benign operation. This behavior does not indicate any high-risk or malicious activities."
} |
window.location.reload();
|
| URL: https://construction-sealants-ltd.jimdosite.com/... Model: Joe Sandbox AI | {
"risk_score": 9,
"reasoning": "This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to a suspicious domain. The use of an iframe to load additional scripts and the obfuscated nature of the code further increase the risk. While the script may have a legitimate purpose, such as implementing a security challenge, the overall behavior is highly suspicious and indicative of potential malicious intent."
} |
(function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'8f373acb99d942b2',t:'MTczNDQ0MTgyNy4wMDAwMDA='};var a=document.createElement('script');a.nonce='';a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();
|
| URL: https://challenges.cloudflare.com/turnstile/v0/b/7... Model: Joe Sandbox AI | {
"risk_score": 6,
"reasoning": "The provided JavaScript snippet exhibits several behaviors that raise moderate security concerns. While it does not contain any clear indicators of malicious intent, the use of dynamic code execution, external data transmission, and aggressive DOM manipulation warrant further review. Additionally, the presence of obfuscated code and the use of multiple fallback domains increase the overall risk profile of the script. Overall, this script requires closer inspection to determine its true purpose and potential impact on user security and privacy."
} |
"use strict";(function(){function Ht(e,r,n,o,c,u,g){try{var h=e[u](g),l=h.value}catch(p){n(p);return}h.done?r(l):Promise.resolve(l).then(o,c)}function Bt(e){return function(){var r=this,n=arguments;return new Promise(function(o,c){var u=e.apply(r,n);function g(l){Ht(u,o,c,g,h,"next",l)}function h(l){Ht(u,o,c,g,h,"throw",l)}g(void 0)})}}function D(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):D(e,r)}function Me(e,r,n){return r in e?Object.defineProperty(e,r,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[r]=n,e}function Fe(e){for(var r=1;r<arguments.length;r++){var n=arguments[r]!=null?arguments[r]:{},o=Object.keys(n);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(n).filter(function(c){return Object.getOwnPropertyDescriptor(n,c).enumerable}))),o.forEach(function(c){Me(e,c,n[c])})}return e}function Sr(e,r){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);r&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),n.push.apply(n,o)}return n}function nt(e,r){return r=r!=null?r:{},Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):Sr(Object(r)).forEach(function(n){Object.defineProperty(e,n,Object.getOwnPropertyDescriptor(r,n))}),e}function jt(e){if(Array.isArray(e))return e}function qt(e,r){var n=e==null?null:typeof Symbol!="undefined"&&e[Symbol.iterator]||e["@@iterator"];if(n!=null){var o=[],c=!0,u=!1,g,h;try{for(n=n.call(e);!(c=(g=n.next()).done)&&(o.push(g.value),!(r&&o.length===r));c=!0);}catch(l){u=!0,h=l}finally{try{!c&&n.return!=null&&n.return()}finally{if(u)throw h}}return o}}function zt(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}function at(e,r){(r==null||r>e.length)&&(r=e.length);for(var n=0,o=new Array(r);n<r;n++)o[n]=e[n];return o}function Gt(e,r){if(e){if(typeof e=="string")return at(e,r);var n=Object.prototype.toString.call(e).slice(8,-1);if(n==="Object"&&e.constructor&&(n=e.constructor.name),n==="Map"||n==="Set")return Array.from(n);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return at(e,r)}}function Ae(e,r){return jt(e)||qt(e,r)||Gt(e,r)||zt()}function F(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Ue(e,r){var n={label:0,sent:function(){if(u[0]&1)throw u[1];return u[1]},trys:[],ops:[]},o,c,u,g;return g={next:h(0),throw:h(1),return:h(2)},typeof Symbol=="function"&&(g[Symbol.iterator]=function(){return this}),g;function h(p){return function(E){return l([p,E])}}function l(p){if(o)throw new TypeError("Generator is already executing.");for(;g&&(g=0,p[0]&&(n=0)),n;)try{if(o=1,c&&(u=p[0]&2?c.return:p[0]?c.throw||((u=c.return)&&u.call(c),0):c.next)&&!(u=u.call(c,p[1])).done)return u;switch(c=0,u&&(p=[p[0]&2,u.value]),p[0]){case 0:case 1:u=p;break;case 4:return n.label++,{value:p[1],done:!1};case 5:n.label++,c=p[1],p=[0];continue;case 7:p=n.ops.pop(),n.trys.pop();continue;default:if(u=n.trys,!(u=u.length>0&&u[u.length-1])&&(p[0]===6||p[0]===2)){n=0;continue}if(p[0]===3&&(!u||p[1]>u[0]&&p[1]<u[3])){n.label=p[1];break}if(p[0]===6&&n.label<u[1]){n.label=u[1],u=p;break}if(u&&n.label<u[2]){n.label=u[2],n.ops.push(p);break}u[2]&&n.ops.pop(),n.trys.pop();continue}p=r.call(e,n)}catch(E){p=[6,E],c=0}finally{o=u=0}if(p[0]&5)throw p[1];return{value:p[0]?p[1]:void 0,done:!0}}}var Xt={code:200500,internalRepr:"iframe_load_err",public:!0,retryable:!1,description:"Turnstile's api.js was loaded, but the iframe under challenges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Yt=300020;var De=300030;var Ve=300031;var j;(function(e){e.MANAGED="managed",e.NON_INTERACTIVE="non-interactive",e.INVISIBLE="invisible"})(j||(j={}));var L;(fun |
| URL: https://yugaljeeautomotive.com/z/pro/mentanance/au... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a legitimate implementation of the Cloudflare Turnstile CAPTCHA system. It initializes the Turnstile widget, attaches an event listener to handle the 'turnstile:pass' event, and automatically submits the form when the CAPTCHA is successfully completed. The script does not exhibit any high-risk behaviors and is likely used for legitimate user verification purposes. Some low-risk indicators, such as the use of a legacy `XDomainRequest` API and the presence of a retry mechanism, are present, but these are common practices in CAPTCHA implementations and do not indicate malicious intent. Overall, this script is considered low risk."
} |
function onloadTurnstileCallback() {
console.log('Turnstile script loaded');
// Initialize Turnstile after the script is loaded
window.turnstile = window.turnstile || {};
window.turnstile.render = window.turnstile.render || {};
const turnstileElement = document.querySelector('.cf-turnstile');
if (turnstileElement) {
console.log('Turnstile element found');
// Attach the event listener to the Turnstile instance
turnstileElement.addEventListener('turnstile:pass', function() {
console.log('Turnstile CAPTCHA passed');
document.getElementById('captcha-form').submit();
});
// Define a retry function for the fallback
function checkTurnstileResponse(retryCount = 0) {
if (window.turnstile && window.turnstile.getResponse) {
const response = window.turnstile.getResponse();
if (response) {
// Append the response to the form before submitting
const form = document.getElementById('captcha-form');
const input = document.createElement('input');
input.type = 'hidden';
input.name = 'cf-turnstile-response';
input.value = response;
form.appendChild(input); // Add the response input to the form
// Auto-submit the form
setTimeout(function() {
form.submit();
}, 500); // You can adjust the delay if necessary (in milliseconds)
} else if (retryCount < 10) { // Retry up to 10 times
console.log('Turnstile response not yet obtained, retrying...');
setTimeout(() => checkTurnstileResponse(retryCount + 1), 3000); // Retry after 5 seconds
} else {
console.error('Turnstile response not obtained after several attempts');
}
} else if (retryCount < 10) { // Retry if Turnstile is not ready
console.log('Turnstile not ready, retrying...');
setTimeout(() => checkTurnstileResponse(retryCount + 1), 3000); // Retry after 5 seconds
} else {
console.error('Turnstile not initialized after several attempts');
}
}
// Start checking for the Turnstile response
setTimeout(() => checkTurnstileResponse(), 3000); // Initial delay before starting checks
} else {
console.error('Turnstile element not found');
}
}
|
| URL: https://construction-sealants-ltd.jimdosite.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://construction-sealants-ltd.jimdosite.com |
| URL: https://jimdo-dolphin-static-assets-prod.freetls.f... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The provided JavaScript snippet appears to be a part of a larger library or framework, and it does not exhibit any clear high-risk behaviors. However, it does contain some moderate-risk indicators, such as external data transmission and the use of legacy APIs. Additionally, the code is obfuscated, which can make it more difficult to analyze and understand its true purpose. Overall, this script requires further review due to its unclear behavior and potential for aggressive DOM manipulation."
} |
/*! For license information please see dd36634b5e90c11d85d7.js.LICENSE.txt */
(()=>{var e,t,n,i,a={58695:(e,t,n)=>{"use strict";n(33893).Cookie;var i=n(76046);t.u5=i.CKies,i.CookieOptions,i.CookieType},76046:(e,t,n)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0});var i,a,o=n(33893);!function(e){e.NECESSARY="necessary",e.FUNCTIONAL="functional",e.PERFORMANCE="performance",e.MARKETING="marketing"}(i=t.CookieType||(t.CookieType={})),function(e){e.ALLOW="allow",e.DENY="deny"}(a=t.CookieOptions||(t.CookieOptions={})),t.CONFIG_EXPIRATION=31536e6;var r=function(){function e(){}return e.getExpireDate=function(){var e=new Date;return e.setTime(e.getTime()+t.CONFIG_EXPIRATION),e},e.key=function(e){return"ckies_"+e},e.use=function(e){return e===i.NECESSARY||(this.isOptIn()?o.Cookie.get(this.key(e))===a.ALLOW:o.Cookie.get(this.key(e))!==a.DENY)},e.deny=function(e){this.set(e,a.DENY)},e.allow=function(e){this.set(e,a.ALLOW)},e.useNecessary=function(){return this.use(i.NECESSARY)},e.useFunctional=function(){return this.use(i.FUNCTIONAL)},e.usePerformance=function(){return this.use(i.PERFORMANCE)},e.useMarketing=function(){return this.use(i.MARKETING)},e.set=function(e,t){e!==i.NECESSARY&&o.Cookie.set(this.key(e),t,this.getExpireDate())},e.isOptIn=function(){return window.hasOwnProperty("CKIES_OPTIN")&&!0===window.CKIES_OPTIN},e}();t.CKies=r},33893:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0});var n=function(){function e(){}return e.get=function(e){var t=("; "+document.cookie).split("; "+e+"=");return t&&2===t.length?(t.pop()||"").split(";").shift():null},e.set=function(e,t,n){document.cookie=e+"="+t+"; expires="+n.toUTCString()+"; path=/"},e}();t.Cookie=n},2604:(e,t,n)=>{"use strict";n.d(t,{UD:()=>Mo});var i={log:"log",debug:"debug",info:"info",warn:"warn",error:"error"},a=console,o={};Object.keys(i).forEach((function(e){o[e]=a[e]}));var r="Datadog Browser SDK:",s={debug:o.debug.bind(a,r),log:o.log.bind(a,r),info:o.info.bind(a,r),warn:o.warn.bind(a,r),error:o.error.bind(a,r)};function l(e,t){return function(){for(var n=[],i=0;i<arguments.length;i++)n[i]=arguments[i];try{return e.apply(void 0,n)}catch(e){s.error(t,e)}}}var c,d=!1;function u(e){d=e}function m(e,t,n){var i=n.value;n.value=function(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];return(c?p(i):i).apply(this,e)}}function p(e){return function(){return g(e,this,arguments)}}function g(e,t,n){try{return e.apply(t,n)}catch(e){if(h(e),c)try{c(e)}catch(e){h(e)}}}function h(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];d&&s.error.apply(s,function(e,t,n){if(n||2===arguments.length)for(var i,a=0,o=t.length;a<o;a++)!i&&a in t||(i||(i=Array.prototype.slice.call(t,0,a)),i[a]=t[a]);return e.concat(i||Array.prototype.slice.call(t))}(["[MONITOR]"],e,!1))}function b(e,t){return-1!==e.indexOf(t)}function f(e){if(Array.from)return Array.from(e);var t=[];if(e instanceof Set)e.forEach((function(e){return t.push(e)}));else for(var n=0;n<e.length;n++)t.push(e[n]);return t}function y(e,t){for(var n=0;n<e.length;n+=1){var i=e[n];if(t(i,n))return i}}function v(e){return Object.keys(e).map((function(t){return e[t]}))}function S(e){return Object.keys(e).map((function(t){return[t,e[t]]}))}function k(e,t){return e.slice(0,t.length)===t}function w(e){for(var t=[],n=1;n<arguments.length;n++)t[n-1]=arguments[n];return t.forEach((function(t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])})),e}function C(e){var t=w({version:"5.15.0",onReady:function(e){e()}},e);return Object.defineProperty(t,"_setDebug",{get:function(){return u},enumerable:!1}),t}function T(e,t,n){var i=e[t];e[t]=n,i&&i.q&&i.q.forEach((function(e){return l(e,"onReady callback threw an error:")()}))}function P(){if("object"==typeof globalThis)return globalThis;Object.defineProperty(Object.prototype,"_dd_temp_",{get:function(){return this},configurable:!0});var e=_dd_temp_;return delete Object.prototype._dd_temp_,"object"!=typeof e&&(e="object"==typeof self?self:"ob |
| URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a Cloudflare challenge script, which is a legitimate behavior for websites that use Cloudflare's security services. The script sets up various configuration options for the Cloudflare challenge and includes some communication with the parent window, which is a common pattern for these types of challenges. While the script uses some obfuscated code, this is likely a security measure implemented by Cloudflare and does not necessarily indicate malicious intent. Overall, the script seems to be part of a legitimate security mechanism and does not demonstrate any high-risk behaviors."
} |
(function(){
window._cf_chl_opt={
cvId: '3',
cZone: 'challenges.cloudflare.com',
cTplV: 5,
chlApivId: '0',
chlApiWidgetId: 'f8dyj',
chlApiSitekey: '0x4AAAAAAA2TdCPQgN_V-Tva',
chlApiMode: 'managed',
chlApiSize: 'normal',
chlApiRcV: 'eATZcCAG8Y3zlOWH4H5mERNViexzVv48_C_hsxiwibc-1734441846-1.3.1.1-iWqrLu.bQiUq1zDHesvSFlkOTSzEXtjeS3ZJ_ayQutI',
chlApiTimeoutEncountered: 0,
chlApiOverrunBudgetMs:10000,
chlTimeoutMs:120000,
cK:[],
cType: 'chl_api_m',
cRay: '8f373b445bd67ce7',
cH: 'HXx1SoTmJOn1S4cQIEai.07VycQpJzJAxBVN7tY26vo-1734441846-1.1.1.1-dO050.wp3H.mWXeKtudpoNSggUqfwz41tDRiBm_buJDr9Zmkpv4_SzrLzQ6AjcQQ',
cFPWv: 'b',
cLt: 'n',
chlApiFailureFeedbackEnabled:true,
chlApiLoopFeedbackEnabled:false,
wOL:false,
wT: 'auto',
wS: 'normal',
md: 'fcXPlycarcA_DYTEj89lncGF7Gm5LdUKs6TM8IiZpOs-1734441846-1.1.1.1-f4EwZ8zYRrd9pG7VMDRTvHeIkxUIdU7TW_nFppirLtYUsh.iw6WbDLSxVzI6SAbNwCqCDtgEv.4UD5WKsqjV9H8MCWNof9B2hHI_RjFGhDKFaPYWhAoJ5LBkCVxpxgVkTM5fa6iAjPr1HWeRF1keRNmee.LZqqS1l2ovEiShZPB4xMUWwJ.bX50IJPKMOJAcDyLRDDBSTWNGsYWKV4JD2kokGzSNOU4wxPJHU9tecFLkbnE6T2Otl0.Uhc_8KrQ3DF.w8BdhqFxNa6.F23QaF8ugwHXL1kiOrsKvk10tw82tdkPVxUZHxrhGSNURyFrLnDRzSdTuafwUtt1a9ybfarawMHwJ20X7bibgBF2VNdTONMzi7wrqX3fxu_mz7WyqwvYDRaRK1jKdBM8W4iSJa8hnfOyWhZySlVzcNKpd.P4Vjtmu7Sn4r5NXIhpWLnfdUEaXkAYYf0hr8uQig3qgmPyDdcy9Mlo7TdSKo5H16iu2RtQK1YBwTvVesogkxvQxKvWEZVeTAbRu6UpN6iDjqDx.kyMM6YWwhNRsCT7AUztmW930Fu5rI6RJLm6fmW9e0KWR.6Xy0_IjU3tP.9P7rRWBDa2vy9d9_zdTj43suJyjjphCrwdKm.ls3M3pCLMe3fSwkbX6rF9YoirqHDFcr.tR9WdfGILlxytmcu4ILI.6tFg1QxLaXABb98sssFVaIFCCyVsFI1BFiB5Ha2Q2LbZAujFBPgK.Rhz6eLrUVldhB9Xo6nePoYor1.HgLeV6FNbWldQAmz.twhl68Tu0ETHetN3ioJJ0y1sMvWTr7o8dvfx6p.03Lmgh0pKSXujMeB13O84lZHAyxNwwkPk1zT.FrkCRX0S39Zrp3hzFkd5JcZ.x32HodUQKEgV3mA.Azwi9fPpNAKHKEm.5sPH2BZrVbBY89cKPeI9aJv6aWchAkrZ78ty1.FgB3uTdTwmxKIL0VBozT9N1VEmHlSwMnPpi0EcduyPqYab_bOIbPcc1M6VEP.xWsPwpLnv6HLdU9tawh9DE6SJi.RtScsVYsa5zCW1KvGWNrX16fiK3.lDW0Hh1noxcgDH2pgxMqsPh.mZsY7uY_yjyggYUjHkQyvEfmDjBZCCE.k7T9vrnhQye2mV4I6YuObVPrrNe.2_RuY_JZH67b_54EvYF8VWSSfT6MuVBL66g9pQk.FfpVfPKV4tMLU1RBzmInB3_50JFuXESQopOoqQGg0i7ii3MCBPhByg72TP5RFfT6KPwxDu7WgU0vdG_EbQXHcwmaVn0Ifa38PDJLXWHKCJjeOfpb2dC9V1R09RWy8mgxs7B7kvWCW3VNOacXD1dExwB1idw9nBP3ahqEFgnSMSXV7m.F16F45PZkuITgBV72gt46V0TSolQtffqp32s3Ll4uVtLdtLBsPwYGMlVAfRE44OSdA',
cITimeS: '1734441846',
refresh: function(){
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: 'f8dyj',
nextRcV: 'eATZcCAG8Y3zlOWH4H5mERNViexzVv48_C_hsxiwibc-1734441846-1.3.1.1-iWqrLu.bQiUq1zDHesvSFlkOTSzEXtjeS3ZJ_ayQutI',
event: 'reloadRequest',
}, "*");
}
}
};
var handler = function(event) {
var e = event.data;
if (e.source && e.source === 'cloudflare-challenge' && e.event === 'meow' && e.widgetId === window._cf_chl_opt.chlApiWidgetId) {
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: window._cf_chl_opt.chlApiWidgetId,
event: 'food',
seq: e.seq,
}, '*');
}
}
}
window.addEventListener('message', handler);
}());
|
| URL: https://construction-sealants-ltd.jimdosite.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "New PDF Document Received",
"prominent_button_name": "Review Document Here",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": true,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_security_alerts": false
} |
 |
| URL: https://construction-sealants-ltd.jimdosite.com/ Model: Joe Sandbox AI | {
"brands": [
"Construction Sealants Ltd",
"Jimdo"
]
} |
|
| URL: https://jimdosite.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://jimdosite.com |
Edit tour
chrome.exe (PID: 6176 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node