| URL: http://efaktura.dhlecommerce.pl Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": true,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": true,
"third_party_hosting": true
} |
URL: http://efaktura.dhlecommerce.pl |
| URL: https://cdn.cookielaw.org/scripttemplates/otSDKStu... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a part of the OneTrust consent management platform, which is a widely used and legitimate tool for managing user consent and privacy preferences on websites. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. It primarily focuses on implementing the necessary functionality for the OneTrust platform, including handling consent data, managing vendor lists, and interacting with the IAB framework. While the code uses some legacy practices like `XDomainRequest`, these are not inherently malicious and are commonly found in older web applications. Overall, the script seems to be a benign implementation of the OneTrust consent management solution, with no clear signs of malicious intent."
} |
var OneTrustStub=(t=>{var a,o,r,e,l=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupubconsent",this.oneTrustIsIABCrossConsentEnableParam="isIABGlobal",this.isStubReady=!0,this.geolocationCookiesParam="geolocation",this.EUCOUNTRIES=["BE","BG","CZ","DK","DE","EE","IE","GR","ES","FR","IT","CY","LV","LT","LU","HU","MT","NL","AT","PL","PT","RO","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.domPurifyScriptName="otDomPurify.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]",this.migratedDomainId="[[NewDomainId]]",this.userLocation={country:"",state:"",stateName:""}},s=((g=y=y||{})[g.Days=1]="Days",g[g.Weeks=7]="Weeks",g[g.Months=30]="Months",g[g.Years=365]="Years",(g=e=e||{}).Name="OTGPPConsent",g[g.ChunkSize=4e3]="ChunkSize",g.ChunkCountParam="GPPCookiesCount",(g=a=a||{}).CPRA="usca",g.CCPA="usca",g.CDPA="usva",g.USNATIONAL="usnat",g.COLORADO="usco",g.CTDPA="usct",g.UCPA="usut",g.IAB2V2="tcfeuv2",(g=o=o||{})[g.CPRA=8]="CPRA",g[g.CCPA=8]="CCPA",g[g.CDPA=9]="CDPA",g[g.USNATIONAL=7]="USNATIONAL",g[g.COLORADO=10]="COLORADO",g[g.UCPA=11]="UCPA",g[g.CTDPA=12]="CTDPA",g[g.IAB2V2=2]="IAB2V2","geo"),u="otpreview",p=(e.Name,"PRODUCTION"),n=((g={})[y.Days]="PCenterVendorListLifespanDay",g[y.Weeks]="LfSpnWk",g[y.Months]="PCenterVendorListLifespanMonth",g[y.Years]="LfSpnYr",i.prototype.camelize=function(t){return(t=t.replace("--","")).split("-").map(function(t,e){var i=t?t[0].toUpperCase()+t.slice(1):"";return 0===e?t:i}).join("")},i.prototype.strToObj=function(t){for(var e={},i=t.split(";").map(function(t){return t.trim()}),n=0,a=void 0;n<i.length;++n)if(/:/.test(i[n])){if(!(a=i[n].split(/:(.+)/))[1])return null;e[this.camelize(a[0])]=a[1].trim()}return e},i);function i(){var t=this;this.implementThePolyfill=function(){var a=t,o=Element.prototype.setAttribute;return Element.prototype.setAttribute=function(t,e){if("style"!==t.toLowerCase()&&o.apply(this,[t,e]),"style"!==t.toLowerCase()||e||this.removeAttribute("style"),"style"===t.toLowerCase()&&e){this.removeAttribute("style");var i,n=a.strToObj(e);for(i in n)this.style[i]=n[i]}},!0}}function c(t,e,i){void 0===i&&(i=!1);function n(t){return t?(";"!==(t=t.trim()).charAt(t.length-1)&&(t+=";"),t.trim()):null}var o=n(t.getAttribute("style")),s=n(e),e="",e=i&&o?(()=>{for(var t=o.split(";").concat(s.split(";")).filter(function(t){return 0!==t.length}),e="",i="",n=t.length-1;0<=n;n--){var a=t[n].substring(0,t[n].indexOf(":")+1).trim();e.indexOf(a)<0&&(e+=a,i+=t[n]+";")}return i})():s;t.setAttribute("style",e)}(e=r=r||{}).ping="ping",e.addEventListener="addEventListener",e.removeEventListener="removeEventListener",e.hasSection="hasSection",e.getSection="getSection",e.getField="getField",e.getGPPData="getGPPData";var d=new function(){var s=this;this.LOCATOR_NAME="__gppLocator",this.win=window,this.customInit="CUSTOMINIT",this.init=function(){s.win.__gpp&&"function"==typeof s.win.__gpp||(s.win.__gpp=s.executeGppApi,window.addEventListener("message",s.messageHandler,!1),s.addFrame(s.LOCATOR_NAME))},this.removeGppApi=function(){delete s.win.__gpp;var t=document.querySelectorAll("iframe[name="+s.LOCATOR_NAME+"]")[0];t&&t.parentElement.removeChild(t)},this.executeGppApi=function(){for(var t=[],e=0;e<arguments.length;e++)t[e]=arguments[e];var i=null==(i=s.win)?void 0:i.__gpp;if(i.queue=i.queue||[],i.events=i.events||[],!t.length||1===t.length&&"queue"===t[0])return i.queue;if(1===t.length&&"events"===t[0])return i.events;var n=t[0],a=1<t.length?t[1]:null,o=2<t.length?t[2]:null;switch(n){case r.ping:return s.getPingRequest(a);case r.addEventListener:return s.addEventListener(a,o);case r.removeEventListener:return s.removeEventListener(o);default:return void s.addToQueue(n,a,o)}},this.getPingRequest=functi |
| URL: https://efaktura.dhlecommerce.pl/app/vendor-be8783... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a part of the jQuery library, which is a widely-used and trusted JavaScript framework. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. The behaviors observed are primarily related to DOM manipulation, event handling, and other common jQuery functionalities, which are considered low-risk. While the code uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, this script is likely part of a legitimate web application and does not demonstrate any suspicious or malicious intent."
} |
if(function(e,t){"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(e,t){function n(e){var t=!!e&&"length"in e&&e.length,n=oe.type(e);return"function"===n||oe.isWindow(e)?!1:"array"===n||0===t||"number"==typeof t&&t>0&&t-1 in e}function r(e,t,n){if(oe.isFunction(t))return oe.grep(e,function(e,r){return!!t.call(e,r,e)!==n});if(t.nodeType)return oe.grep(e,function(e){return e===t!==n});if("string"==typeof t){if(he.test(t))return oe.filter(t,e,n);t=oe.filter(t,e)}return oe.grep(e,function(e){return Q.call(t,e)>-1!==n})}function i(e,t){for(;(e=e[t])&&1!==e.nodeType;);return e}function o(e){var t={};return oe.each(e.match(we)||[],function(e,n){t[n]=!0}),t}function a(){K.removeEventListener("DOMContentLoaded",a),e.removeEventListener("load",a),oe.ready()}function s(){this.expando=oe.expando+s.uid++}function l(e,t,n){var r;if(void 0===n&&1===e.nodeType)if(r="data-"+t.replace(Ae,"-$&").toLowerCase(),n=e.getAttribute(r),"string"==typeof n){try{n="true"===n?!0:"false"===n?!1:"null"===n?null:+n+""===n?+n:Me.test(n)?oe.parseJSON(n):n}catch(i){}Te.set(e,t,n)}else n=void 0;return n}function c(e,t,n,r){var i,o=1,a=20,s=r?function(){return r.cur()}:function(){return oe.css(e,t,"")},l=s(),c=n&&n[3]||(oe.cssNumber[t]?"":"px"),u=(oe.cssNumber[t]||"px"!==c&&+l)&&De.exec(oe.css(e,t));if(u&&u[3]!==c){c=c||u[3],n=n||[],u=+l||1;do o=o||".5",u/=o,oe.style(e,t,u+c);while(o!==(o=s()/l)&&1!==o&&--a)}return n&&(u=+u||+l||0,i=n[1]?u+(n[1]+1)*n[2]:+n[2],r&&(r.unit=c,r.start=u,r.end=i)),i}function u(e,t){var n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[];return void 0===t||t&&oe.nodeName(e,t)?oe.merge([e],n):n}function d(e,t){for(var n=0,r=e.length;r>n;n++)ke.set(e[n],"globalEval",!t||ke.get(t[n],"globalEval"))}function p(e,t,n,r,i){for(var o,a,s,l,c,p,m=t.createDocumentFragment(),f=[],h=0,g=e.length;g>h;h++)if(o=e[h],o||0===o)if("object"===oe.type(o))oe.merge(f,o.nodeType?[o]:o);else if(Re.test(o)){for(a=a||m.appendChild(t.createElement("div")),s=(Ie.exec(o)||["",""])[1].toLowerCase(),l=He[s]||He._default,a.innerHTML=l[1]+oe.htmlPrefilter(o)+l[2],p=l[0];p--;)a=a.lastChild;oe.merge(f,a.childNodes),a=m.firstChild,a.textContent=""}else f.push(t.createTextNode(o));for(m.textContent="",h=0;o=f[h++];)if(r&&oe.inArray(o,r)>-1)i&&i.push(o);else if(c=oe.contains(o.ownerDocument,o),a=u(m.appendChild(o),"script"),c&&d(a),n)for(p=0;o=a[p++];)Pe.test(o.type||"")&&n.push(o);return m}function m(){return!0}function f(){return!1}function h(){try{return K.activeElement}catch(e){}}function g(e,t,n,r,i,o){var a,s;if("object"==typeof t){"string"!=typeof n&&(r=r||n,n=void 0);for(s in t)g(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),i===!1)i=f;else if(!i)return e;return 1===o&&(a=i,i=function(e){return oe().off(e),a.apply(this,arguments)},i.guid=a.guid||(a.guid=oe.guid++)),e.each(function(){oe.event.add(this,t,i,r,n)})}function v(e,t){return oe.nodeName(e,"table")&&oe.nodeName(11!==t.nodeType?t:t.firstChild,"tr")?e.getElementsByTagName("tbody")[0]||e.appendChild(e.ownerDocument.createElement("tbody")):e}function b(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function $(e){var t=Ve.exec(e.type);return t?e.type=t[1]:e.removeAttribute("type"),e}function y(e,t){var n,r,i,o,a,s,l,c;if(1===t.nodeType){if(ke.hasData(e)&&(o=ke.access(e),a=ke.set(t,o),c=o.events)){delete a.handle,a.events={};for(i in c)for(n=0,r=c[i].length;r>n;n++)oe.event.add(t,i,c[i][n])}Te.hasData(e)&&(s=Te.access(e),l=oe.extend({},s),Te.set(t,l))}}function w(e,t){var n=t.nodeName.toLowerCase();"input"===n&&Oe.test(e.type)?t.checked=e.checked:"input"!==n&&"textarea"!==n||(t.defaultValue=e.defaultValue)}function E(e,t,n,r){t=Z.apply([],t);v |
| URL: https://efaktura.dhlecommerce.pl Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://efaktura.dhlecommerce.pl |
| URL: https://cdn.cookielaw.org/scripttemplates/202308.2... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a part of the OneTrust Banner SDK, which is a legitimate and widely used consent management platform. The code does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The behaviors observed, such as the use of legacy APIs and tracking functionality, are common in analytics and consent management tools and do not pose a significant security risk. Overall, this script is likely benign and used for legitimate purposes."
} |
/**
* onetrust-banner-sdk
* v202308.2.0
* by OneTrust LLC
* Copyright 2023
*/
!function(){"use strict";var D=function(e,t){return(D=Object.setPrototypeOf||({__proto__:[]}instanceof Array?function(e,t){e.__proto__=t}:function(e,t){for(var o in t)Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o])}))(e,t)};function N(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function o(){this.constructor=e}D(e,t),e.prototype=null===t?Object.create(t):(o.prototype=t.prototype,new o)}var H,F=function(){return(F=Object.assign||function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function R(e,s,a,l){return new(a=a||Promise)(function(o,t){function n(e){try{i(l.next(e))}catch(e){t(e)}}function r(e){try{i(l.throw(e))}catch(e){t(e)}}function i(e){var t;e.done?o(e.value):((t=e.value)instanceof a?t:new a(function(e){e(t)})).then(n,r)}i((l=l.apply(e,s||[])).next())})}function M(n,r){var i,s,a,l={label:0,sent:function(){if(1&a[0])throw a[1];return a[1]},trys:[],ops:[]},c={next:e(0),throw:e(1),return:e(2)};return"function"==typeof Symbol&&(c[Symbol.iterator]=function(){return this}),c;function e(o){return function(e){var t=[o,e];if(i)throw new TypeError("Generator is already executing.");for(;l=c&&t[c=0]?0:l;)try{if(i=1,s&&(a=2&t[0]?s.return:t[0]?s.throw||((a=s.return)&&a.call(s),0):s.next)&&!(a=a.call(s,t[1])).done)return a;switch(s=0,(t=a?[2&t[0],a.value]:t)[0]){case 0:case 1:a=t;break;case 4:return l.label++,{value:t[1],done:!1};case 5:l.label++,s=t[1],t=[0];continue;case 7:t=l.ops.pop(),l.trys.pop();continue;default:if(!(a=0<(a=l.trys).length&&a[a.length-1])&&(6===t[0]||2===t[0])){l=0;continue}if(3===t[0]&&(!a||t[1]>a[0]&&t[1]<a[3]))l.label=t[1];else if(6===t[0]&&l.label<a[1])l.label=a[1],a=t;else{if(!(a&&l.label<a[2])){a[2]&&l.ops.pop(),l.trys.pop();continue}l.label=a[2],l.ops.push(t)}}t=r.call(n,l)}catch(e){t=[6,e],s=0}finally{i=a=0}if(5&t[0])throw t[1];return{value:t[0]?t[1]:void 0,done:!0}}}}function q(){for(var e=0,t=0,o=arguments.length;t<o;t++)e+=arguments[t].length;for(var n=Array(e),r=0,t=0;t<o;t++)for(var i=arguments[t],s=0,a=i.length;s<a;s++,r++)n[r]=i[s];return n}(e=H=H||{})[e.ACTIVE=0]="ACTIVE",e[e.ALWAYS_ACTIVE=1]="ALWAYS_ACTIVE",e[e.EXPIRED=2]="EXPIRED",e[e.NO_CONSENT=3]="NO_CONSENT",e[e.OPT_OUT=4]="OPT_OUT",e[e.PENDING=5]="PENDING",e[e.WITHDRAWN=6]="WITHDRAWN";var U=setTimeout;function j(e){return Boolean(e&&void 0!==e.length)}function z(){}function K(e){if(!(this instanceof K))throw new TypeError("Promises must be constructed via new");if("function"!=typeof e)throw new TypeError("not a function");this._state=0,this._handled=!1,this._value=void 0,this._deferreds=[],$(e,this)}function W(o,n){for(;3===o._state;)o=o._value;0===o._state?o._deferreds.push(n):(o._handled=!0,K._immediateFn(function(){var e,t=1===o._state?n.onFulfilled:n.onRejected;if(null===t)(1===o._state?J:Y)(n.promise,o._value);else{try{e=t(o._value)}catch(e){return void Y(n.promise,e)}J(n.promise,e)}}))}function J(t,e){try{if(e===t)throw new TypeError("A promise cannot be resolved with itself.");if(e&&("object"==typeof e||"function"==typeof e)){var o=e.then;if(e instanceof K)return t._state=3,t._value=e,void X(t);if("function"==typeof o)return void $((n=o,r=e,function(){n.apply(r,arguments)}),t)}t._state=1,t._value=e,X(t)}catch(e){Y(t,e)}var n,r}function Y(e,t){e._state=2,e._value=t,X(e)}function X(e){2===e._state&&0===e._deferreds.length&&K._immediateFn(function(){e._handled||K._unhandledRejectionFn(e._value)});for(var t=0,o=e._deferreds.length;t<o;t++)W(e,e._deferreds[t]);e._deferreds=null}function Q(e,t,o){this.onFulfilled="function"==typeof e?e:null,this.onRejected="function"==typeof t?t:null,this.promise=o}function $(e,t){var o=!1;try{e(function(e){o||(o=!0,J(t,e))},function(e){o||(o=!0,Y(t,e))})}catch(e){o||(o=!0,Y(t,e))}}function Z(){}K.prototype.catch=function(e){r |
| URL: https://library.startquestion.com/current/startque... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a utility library for interacting with the browser environment. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code primarily focuses on browser-related functionality like retrieving URL, referrer, language, scroll state, device type, operating system, cookies, and adding event listeners. While it uses some legacy APIs like `XDomainRequest`, the overall behavior seems benign and aligned with typical analytics or telemetry functionality. The script also includes utility functions for managing cookies and opening links in new tabs, which are common web development practices. Overall, this script poses a low risk and is likely to be part of a legitimate web application."
} |
var __defProp=Object.defineProperty,__defNormalProp=(e,t,i)=>t in e?__defProp(e,t,{enumerable:!0,configurable:!0,writable:!0,value:i}):e[t]=i,__publicField=(e,t,i)=>(__defNormalProp(e,"symbol"!=typeof t?t+"":t,i),i);(function(){"use strict";class Browser{constructor(e){__publicField(this,"topDomain"),this.window=e}getUrl(){return this.window.location.href}getReferrer(){return this.window.document.referrer}getLang(){return this.window.navigator.language.slice(0,2)}getScrollState(){const e=this.window.scrollY+this.window.innerHeight;return{pixels:e,percents:e/this.window.document.body.offsetHeight*100}}getDeviceType(){return isMobile(this.window.navigator.userAgent)||window.innerWidth<=480?"mobile":"desktop"}getOperatingSystem(){if(this.window.navigator.platform.match(/win/i))return"windows";if(this.window.navigator.platform.match(/mac/i))return"macos";return this.window.navigator.platform.match(/linux/i)?"linux":"unknown"}hasScrollbar(){return this.window.innerWidth>this.window.document.documentElement.clientWidth}getCookies(){return parseCookies(this.window.document.cookie)}addMouseoutListener(e){this.window.document.addEventListener("mouseout",e)}addScrollListener(e){this.window.document.addEventListener("scroll",e)}openInNewTab(e){const t=this.window.document.createElement("a");t.target="_blank",t.href=e,t.textContent="Redirecting...",document.body.appendChild(t),t.click(),document.body.removeChild(t)}setCookieInTopDomain(e,t,i){this.window.document.cookie=`${e}=${t};domain=${this.getTopDomain()};expires=${getFutureDateInUtc(i)};path=/`}removeCookie(e){this.window.document.cookie=`${e}=;domain=.${this.getTopDomain()};expires=Thu, 01 Jan 1970 00:00:01 GMT;path=/`}getTopDomain(){return this.topDomain||(this.topDomain=getTopDomain(this.window)),this.topDomain}}const getTopDomain=e=>{const{document:t}=e,i="startquestion-detect-top-level-domain",n=`${i}=cookie`,s=t.location.hostname.split(".");if(1===s.length)return s[0];let r;for(let a=s.length-2;a>=0;a--)if(r=s.slice(a).join("."),t.cookie=`${n};domain=.${r};path=/`,t.cookie.indexOf(n)>-1)return t.cookie=`${i}=;domain=.${r};expires=Thu, 01 Jan 1970 00:00:01 GMT;path=/`,r;return""},getFutureDateInUtc=e=>{const t=new Date;return t.setTime(t.getTime()+24*e*60*60*1e3),t.toUTCString()},parseCookies=e=>e.split("; ").reduce(((e,t)=>{const[i,n]=t.split("=");return e[i]=n,e}),{}),isMobile=e=>/(tablet|ipad|playbook|silk)|(android(?!.*mobi))/i.test(e)||/Mobile|iP(hone|od)|Android|BlackBerry|IEMobile|Kindle|Silk-Accelerated|(hpw|web)OS|Opera M(obi|ini)/.test(e);let configuration;const setConfiguration$1=e=>{configuration=e},getConfiguration$1=()=>configuration,getEntranceStyles=()=>`\n ${getKeyframes()}\n ${getClasses()}\n`,getClasses=()=>"\n.sq-entrance-center-left {\n -webkit-animation: sq-scale-in-left 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n animation: sq-scale-in-left 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n}\n\n.sq-entrance-center-right {\n -webkit-animation: sq-scale-in-right 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n animation: sq-scale-in-right 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n}\n\n.sq-entrance-top-center {\n -webkit-animation: sq-scale-in-top 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n animation: sq-scale-in-top 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n}\n\n.sq-entrance-bottom-center {\n -webkit-animation: sq-scale-in-bottom 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n animation: sq-scale-in-bottom 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n}\n\n.sq-entrance-top-left {\n -webkit-animation: sq-scale-in-top-left 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n animation: sq-scale-in-top-left 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n}\n\n.sq-entrance-top-right {\n -webkit-animation: sq-scale-in-top-right 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n animation: sq-scale-in-top-right 0.35s cubic-bezier(0.250, 0.460, 0.450, 0.940) both;\n}\n\n.s |
| URL: https://efaktura.dhlecommerce.pl/#/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Zaloguj si do aplikacji eFaktura DHL eCommerce",
"prominent_button_name": "Zaloguj",
"text_input_field_labels": [
"Login (e-mail)",
"Haso"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://efaktura.dhlecommerce.pl/#/ Model: Joe Sandbox AI | {
"brands": [
"DHL"
]
} |
 |
| URL: https://efaktura.dhlecommerce.pl/#/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Zaloguj si do aplikacji eFaktura DHL eCommerce",
"prominent_button_name": "Zaloguj",
"text_input_field_labels": [
"Login (e-mail)",
"Haso"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://efaktura.dhlecommerce.pl/#/ Model: Joe Sandbox AI | {
"brands": [
"DHL"
]
} |
|
| URL: https://efaktura.dhlecommerce.pl/#/ Model: Joe Sandbox AI | ```json{ "legit_domain": "dhl.com", "classification": "wellknown", "reasons": [ "The brand 'DHL' is a well-known global logistics company.", "The URL 'efaktura.dhlecommerce.pl' uses a subdomain structure that includes 'dhl', which is part of the legitimate brand name.", "The domain 'dhlecommerce.pl' does not match the primary domain 'dhl.com', which is typically associated with DHL.", "The use of 'ecommerce' in the domain could be an attempt to appear legitimate, but it is not a known or verified subdomain of DHL.", "The presence of login fields for email and password increases the risk of phishing, especially if the domain is not verified." ], "riskscore": 7}
Google indexed: False |
URL: efaktura.dhlecommerce.pl
Brands: DHL
Input Fields: Login (e-mail), Haso |
| URL: https://efaktura.dhlecommerce.pl/#/ Model: Joe Sandbox AI | ```json{ "legit_domain": "dhl.com", "classification": "wellknown", "reasons": [ "The brand 'DHL' is a well-known international logistics company.", "The legitimate domain for DHL is 'dhl.com'.", "The URL 'efaktura.dhlecommerce.pl' contains 'dhlecommerce', which is not the exact match for the legitimate domain.", "The use of 'ecommerce' in the domain could be an attempt to mimic DHL's services, but it is not a recognized subdomain of DHL.", "The domain uses a '.pl' extension, which could be legitimate if DHL has a Polish branch, but it is not the primary domain.", "The presence of login fields for email and password is typical for phishing sites attempting to harvest credentials." ], "riskscore": 8}
Google indexed: False |
URL: efaktura.dhlecommerce.pl
Brands: DHL
Input Fields: Login (e-mail), Haso |
Edit tour
chrome.exe (PID: 2848 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node