URL: http://i646972656374o6c6373o636f6dz.oszar.com Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": true,
"malicious_keywords": false,
"encoded_characters": true,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: http://i646972656374o6c6373o636f6dz.oszar.com |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Ide... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to potentially malicious domains. The use of an iframe to load additional scripts and the obfuscated nature of the code further increase the risk. While the script may have a legitimate purpose, such as a challenge platform, the overall behavior is highly suspicious and indicative of malicious intent."
} |
(function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'8fa0afc4ef5f9e08',t:'MTczNTU0NzYyNC4wMDAwMDA='};var a=document.createElement('script');a.nonce='';a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Scr... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The script demonstrates some moderate-risk behaviors, such as external data transmission and aggressive DOM manipulation, but it appears to have a legitimate purpose of managing session timeouts. The script could be improved by using more secure practices, such as sending session keep-alive requests to a trusted domain instead of a hardcoded URL. Additionally, the script could benefit from better error handling and user experience considerations."
} |
//
// sessionTimeout.js
//
// After a set amount of time, a sliding divis shown to the user with the option
// to either log out now, or stay connected. If log out now is selected,
// the page is redirected to a logout URL. If stay connected is selected,
// a keep-alive URL is requested through AJAX. If no options is selected
// after another set amount of time, the page is automatically redirected
// to a timeout URL.
//
//
// USAGE
//
// 1. Include jQuery
// 2. Call $.sessionTimeout(); after document ready
//
//
// OPTIONS
//
// message
// Text shown to user in dialog after warning period.
// Default: 'Your session is about to expire.'
//
// keepAliveUrl
// URL to call through AJAX to keep session alive
// Default: '/Shared/Login'
//
// redirUrl
// URL to take browser to if no action is take after warning period
// Default: 'timedOut.asp'
//
// logoutUrl
// URL to take browser to if user clicks "Log Out Now"
// Default: 'logout.asp'
//
// warnAfter
// Time in milliseconds after page is opened until warning dialog is opened
// Default: 900000 (15 minutes)
//
// redirAfter
// Time in milliseconds after page is opened until browser is redirected to redirUrl
// Default: 1200000 (20 minutes)
//
(function ($) {
jQuery.sessionTimeout = function (options) {
var defaults = {
redirUrl: '/Identity/Account/Login',
warnAfter: 900000 - 60000, // 14 minutes
redirAfter: 900000, // 15 minutes
clearSession: false,
}
// Extend user-set options over defaults
var o = defaults
if (options) { var o = $.extend(defaults, options); };
if (o.clearSession) {
clearSessionTimer();
return;
}
function clearSessionTimer() {
controlDialogTimer('stop');
controlDialogTimer('start');
return;
}
function logoutHandler() {
console.log("redirect:" + o.redirUrl);
window.location = o.redirUrl;
}
function showSessionTimeoutDialog() {
controlDialogTimer('stop');
controlRedirTimer('start');
}
function controlDialogTimer(action) {
var dialogTimer;
switch (action) {
case 'start':
dialogTimer = setTimeout(function () {
showSessionTimeoutDialog();
}, o.warnAfter);
break;
case 'stop':
clearTimeout(dialogTimer);
break;
}
}
function controlRedirTimer(action) {
if (action == 'start') {
redirTimer = setTimeout(function () {
logoutHandler();
}, o.redirAfter - o.warnAfter);
}
else {
clearTimeout(redirTimer);
}
}
// Begin warning period
controlDialogTimer('start');
};
})(jQuery);
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Scr... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a part of the Microsoft Unobtrusive Ajax support library for jQuery. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or suspicious redirects. The script is primarily focused on handling AJAX-related functionality in web applications, including form submissions and link clicks. While it uses some legacy practices like `XDomainRequest`, the overall behavior is consistent with typical web application functionality and does not raise significant security concerns."
} |
/* NUGET: BEGIN LICENSE TEXT
*
* Microsoft grants you the right to use these script files for the sole
* purpose of either: (i) interacting through your browser with the Microsoft
* website or online service, subject to the applicable licensing or use
* terms; or (ii) using the files as included with a Microsoft product subject
* to that product's license terms. Microsoft reserves all other rights to the
* files not expressly granted by Microsoft, whether by implication, estoppel
* or otherwise. Insofar as a script file is dual licensed under GPL,
* Microsoft neither took the code under GPL nor distributes it thereunder but
* under the terms set out in this paragraph. All notices and licenses
* below are for informational purposes only.
*
* NUGET: END LICENSE TEXT */
/*
** Unobtrusive Ajax support library for jQuery
** Copyright (C) Microsoft Corporation. All rights reserved.
*/
(function(a){var b="unobtrusiveAjaxClick",d="unobtrusiveAjaxClickTarget",h="unobtrusiveValidation";function c(d,b){var a=window,c=(d||"").split(".");while(a&&c.length)a=a[c.shift()];if(typeof a==="function")return a;b.push(d);return Function.constructor.apply(null,b)}function e(a){return a==="GET"||a==="POST"}function g(b,a){!e(a)&&b.setRequestHeader("X-HTTP-Method-Override",a)}function i(c,b,e){var d;if(e.indexOf("application/x-javascript")!==-1)return;d=(c.getAttribute("data-ajax-mode")||"").toUpperCase();a(c.getAttribute("data-ajax-update")).each(function(f,c){var e;switch(d){case"BEFORE":e=c.firstChild;a("<div />").html(b).contents().each(function(){c.insertBefore(this,e)});break;case"AFTER":a("<div />").html(b).contents().each(function(){c.appendChild(this)});break;case"REPLACE-WITH":a(c).replaceWith(b);break;default:a(c).html(b)}})}function f(b,d){var j,k,f,h;j=b.getAttribute("data-ajax-confirm");if(j&&!window.confirm(j))return;k=a(b.getAttribute("data-ajax-loading"));h=parseInt(b.getAttribute("data-ajax-loading-duration"),10)||0;a.extend(d,{type:b.getAttribute("data-ajax-method")||undefined,url:b.getAttribute("data-ajax-url")||undefined,cache:!!b.getAttribute("data-ajax-cache"),beforeSend:function(d){var a;g(d,f);a=c(b.getAttribute("data-ajax-begin"),["xhr"]).apply(b,arguments);a!==false&&k.show(h);return a},complete:function(){k.hide(h);c(b.getAttribute("data-ajax-complete"),["xhr","status"]).apply(b,arguments)},success:function(a,e,d){i(b,a,d.getResponseHeader("Content-Type")||"text/html");c(b.getAttribute("data-ajax-success"),["data","status","xhr"]).apply(b,arguments)},error:function(){c(b.getAttribute("data-ajax-failure"),["xhr","status","error"]).apply(b,arguments)}});d.data.push({name:"X-Requested-With",value:"XMLHttpRequest"});f=d.type.toUpperCase();if(!e(f)){d.type="POST";d.data.push({name:"X-HTTP-Method-Override",value:f})}a.ajax(d)}function j(c){var b=a(c).data(h);return!b||!b.validate||b.validate()}a(document).on("click","a[data-ajax=true]",function(a){a.preventDefault();f(this,{url:this.href,type:"GET",data:[]})});a(document).on("click","form[data-ajax=true] input[type=image]",function(c){var g=c.target.name,e=a(c.target),f=a(e.parents("form")[0]),d=e.offset();f.data(b,[{name:g+".x",value:Math.round(c.pageX-d.left)},{name:g+".y",value:Math.round(c.pageY-d.top)}]);setTimeout(function(){f.removeData(b)},0)});a(document).on("click","form[data-ajax=true] :submit",function(e){var g=e.currentTarget.name,f=a(e.target),c=a(f.parents("form")[0]);c.data(b,g?[{name:g,value:e.currentTarget.value}]:[]);c.data(d,f);setTimeout(function(){c.removeData(b);c.removeData(d)},0)});a(document).on("submit","form[data-ajax=true]",function(h){var e=a(this).data(b)||[],c=a(this).data(d),g=c&&c.hasClass("cancel");h.preventDefault();if(!g&&!j(this))return;f(this,{url:this.action,type:this.method||"GET",data:e.concat(a(this).serializeArray())})})})(jQuery);
|
URL: https://static.cloudflareinsights.com/beacon.min.j... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a utility function for generating a UUID (Universally Unique Identifier). It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code uses standard practices for generating a UUID, which is a common requirement for many web applications. While it uses some legacy APIs like `XDomainRequest`, these pose only minor risks and are not inherently malicious. Overall, this script is likely benign and poses a low risk."
} |
!function(){var e={343:function(e){"use strict";for(var t=[],n=0;n<256;++n)t[n]=(n+256).toString(16).substr(1);e.exports=function(e,n){var r=n||0,i=t;return[i[e[r++]],i[e[r++]],i[e[r++]],i[e[r++]],"-",i[e[r++]],i[e[r++]],"-",i[e[r++]],i[e[r++]],"-",i[e[r++]],i[e[r++]],"-",i[e[r++]],i[e[r++]],i[e[r++]],i[e[r++]],i[e[r++]],i[e[r++]]].join("")}},944:function(e){"use strict";var t="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto)||"undefined"!=typeof msCrypto&&"function"==typeof window.msCrypto.getRandomValues&&msCrypto.getRandomValues.bind(msCrypto);if(t){var n=new Uint8Array(16);e.exports=function(){return t(n),n}}else{var r=new Array(16);e.exports=function(){for(var e,t=0;t<16;t++)0==(3&t)&&(e=4294967296*Math.random()),r[t]=e>>>((3&t)<<3)&255;return r}}},508:function(e,t,n){"use strict";var r=n(944),i=n(343);e.exports=function(e,t,n){var o=t&&n||0;"string"==typeof e&&(t="binary"===e?new Array(16):null,e=null);var a=(e=e||{}).random||(e.rng||r)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,t)for(var c=0;c<16;++c)t[o+c]=a[c];return t||i(a)}},168:function(e,t,n){"use strict";var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var i in t=arguments[n])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},r.apply(this,arguments)};t.__esModule=!0;var i=n(699),o=n(752),a=n(104),c=n(508);!function(){function e(e){var t="";if(t=window.location.origin?window.location.origin:"".concat(window.location.protocol,"://").concat(window.location.host),e&&"string"==typeof e)if(0===e.indexOf("/"))t+=e;else try{var n=new URL(e);return"".concat(n.protocol,"://").concat(n.host).concat(n.pathname)}catch(e){}else{var r=window.location.pathname;r&&r.length>0&&(t+=r)}return t}function t(e,t){for(var n in e){var r=e[n];void 0!==t&&("number"!=typeof r&&"string"!=typeof r||(t[n]=r))}}!function(){var n,u,s=window.performance||window.webkitPerformance||window.msPerformance||window.mozPerformance,f="data-cf-beacon",d=document.currentScript||("function"==typeof document.querySelector?document.querySelector("script[".concat(f,"]")):void 0),l=c(),v=[],p=window.__cfBeacon?window.__cfBeacon:{};if(!p||"single"!==p.load){if(d){var m=d.getAttribute(f);if(m)try{p=r(r({},p),JSON.parse(m))}catch(e){}else{var g=d.getAttribute("src");if(g&&"function"==typeof URLSearchParams){var y=new URLSearchParams(g.replace(/^[^\?]+\??/,"")),h=y.get("token");h&&(p.token=h);var T=y.get("spa");p.spa=null===T||"true"===T}}p&&"multi"!==p.load&&(p.load="single"),window.__cfBeacon=p}if(s&&p&&p.token){var w,S,b=!1;document.addEventListener("visibilitychange",(function(){if("hidden"===document.visibilityState){if(L&&A()){var t=e();(null==w?void 0:w.url)==t&&(null==w?void 0:w.triggered)||P(),_(t)}!b&&w&&(b=!0,B())}else"visible"===document.visibilityState&&(new Date).getTime()}));var E={};"function"==typeof PerformanceObserver&&((0,a.onLCP)(x),(0,a.onFID)(x),(0,a.onFCP)(x),(0,a.onINP)(x),(0,a.onTTFB)(x),PerformanceObserver.supportedEntryTypes&&PerformanceObserver.supportedEntryTypes.includes("layout-shift")&&(0,a.onCLS)(x));var L=p&&(void 0===p.spa||!0===p.spa),C=p.send&&p.send.to?p.send.to:void 0===p.version?"https://cloudflareinsights.com/cdn-cgi/rum":null,P=function(r){var a=function(r){var o,a,c=s.timing,u=s.memory,f=r||e(),d={memory:{},timings:{},resources:[],referrer:(o=document.referrer||"",a=v[v.length-1],L&&w&&a?a.url:o),eventType:i.EventType.Load,firstPaint:0,firstContentfulPaint:0,startTime:F(),versions:{fl:p?p.version:"",js:"2024.6.1",timings:1},pageloadId:l,location:f,nt:S,serverTimings:I()};if(null==n){if("function"==typeof s.getEntriesByType){var m=s.getEntriesByType("navigation");m&&Array.isArray(m)&&m.length>0&&(d.timingsV2={},d.versions.timings=2,d.dt=m[0].deliveryType,delete d.timings,t(m[0],d.timingsV2))}1===d.versions.timings&&t(c,d.timings),t(u,d.memory)}else O(d);return d.firstPaint=k("first-paint"),d.firstContentfulPaint=k("first-contentful-paint"),p&&(p.icTag&&(d.icTag=p |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/Login?ReturnUrl=%2f Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "LOG IN",
"text_input_field_labels": [
"Email",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": true,
"malicious_keywords": false,
"encoded_characters": true,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://i646972656374o6c6373o636f6dz.oszar.com |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/Login?ReturnUrl=%2f Model: Joe Sandbox AI | {
"brands": [
"LCS Direct"
]
} |
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com/bun... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script primarily involves UI interactions and utility functions without any high-risk behaviors such as dynamic code execution or data exfiltration. It does not interact with external domains or perform aggressive DOM manipulations. The use of jQuery and Foundation for UI elements is standard practice, indicating low risk."
} |
function getCardName(n){switch(n){case"Visa":return"visa";case"Master Card":return"mastercard";case"American Express":return"amex";case"Discover":return"discover"}}function lcsdInitialize(){new Foundation.Equalizer($(".button-row")).applyHeight()}function lcsdWorkingStart(){spinner.spin(document.getElementById("center"))}function lcsdWorkingStop(){spinner.stop()}function confirmModal(n,t,i,r,u,f,e,o){var h,s;u=u||"Yes";f=f||"No";e=e||"";o=o||"";h='<div class="reveal" id="confirmModal" data-reveal data-options="closeOnClick:false;closeOnEsc:false"><h4 class="expanded confirm-title '+e+'">'+n+'<\/h2><div class="confirm-message '+o+'">'+t+'<\/div><div><button class="button no hollow" data-close>'+f+'<\/button><button class="button yes float-right">'+u+"<\/button><\/div><\/div>";$("body").append(h);s=new Foundation.Reveal($("#confirmModal"));s.open();$("#confirmModal").find(".yes").one("click",function(){s.close();$("#confirmModal").remove();i&&i.call()});$("#confirmModal").find(".no").one("click",function(){s.close();r&&r.call()});$(document).one("closed.zf.reveal","#confirmModal",function(){var n=$("#confirmModal").parent(".reveal-overlay");$("#confirmModal").remove();n.length&&n.remove()})}function modalAlert(n,t,i,r,u,f){var o,e;t=t||"";r=r||"Ok";u=u||"";f=f||"";o='<div class="reveal small" id="modalAlert" data-reveal data-options="closeOnClick:true;closeOnEsc:true" role="dialog"><h4 class="expanded alert-title '+u+'">'+n+'<\/h2><div class="alert-message '+f+'">'+t+'<\/div><div><button class="button close float-right">'+r+"<\/button><\/div><\/div>";$("body").append(o);e=new Foundation.Reveal($("#modalAlert"));e.open();$("#modalAlert").find(".close").one("click",function(){e.close()});$(document).one("closed.zf.reveal","#modalAlert",function(){var n=$("#modalAlert").parent(".reveal-overlay");$("#modalAlert").remove();n.length>0&&n.remove();i&&i.call()})}function reconfigureValidation(n){var t=$(n);t.removeData("validator");t.removeData("unobtrusiveValidation");$.validator.unobtrusive.parse(n)}function reconfigureValidationClasses(n){var r=$(n),t,i;$(n).resetValidation();$.validator.unobtrusive.parse(n);t=r.data("validator");i=r.data("unobtrusiveValidation");t.settings.rules=i.options.rules;t.settings.messages=i.options.messages}function autoHidePageMessages(){var n=$("#pageMessages");$.trim(n)&&n.show(0).delay(15e3).hide(0)}function isMobile(){var n=window.matchMedia("only screen and (min-width: 767px)");return!n.matches}function scrollTop(){$("html, body").animate({scrollTop:0},"slow")}(function(n,t){"use strict";typeof module=="object"&&typeof module.exports=="object"?module.exports=n.document?t(n,!0):function(n){if(!n.document)throw new Error("jQuery requires a window with a document");return t(n)}:t(n)})(typeof window!="undefined"?window:this,function(n,t){"use strict";function ir(n,t){t=t||u;var i=t.createElement("script");i.text=n;t.head.appendChild(i).parentNode.removeChild(i)}function fi(n){var t=!!n&&"length"in n&&n.length,r=i.type(n);return r==="function"||i.isWindow(n)?!1:r==="array"||t===0||typeof t=="number"&&t>0&&t-1 in n}function l(n,t){return n.nodeName&&n.nodeName.toLowerCase()===t.toLowerCase()}function oi(n,t,r){return i.isFunction(t)?i.grep(n,function(n,i){return!!t.call(n,i,n)!==r}):t.nodeType?i.grep(n,function(n){return n===t!==r}):typeof t!="string"?i.grep(n,function(n){return ot.call(t,n)>-1!==r}):er.test(t)?i.filter(t,n,r):(t=i.filter(t,n),i.grep(n,function(n){return ot.call(t,n)>-1!==r&&n.nodeType===1}))}function ar(n,t){while((n=n[t])&&n.nodeType!==1);return n}function ne(n){var t={};return i.each(n.match(h)||[],function(n,i){t[i]=!0}),t}function nt(n){return n}function pt(n){throw n;}function vr(n,t,r,u){var f;try{n&&i.isFunction(f=n.promise)?f.call(n).done(t).fail(r):n&&i.isFunction(f=n.then)?f.call(n,t,r):t.apply(undefined,[n].slice(u))}catch(n){r.apply(undefined,[n])}}function bt(){u.removeEventListener("DOMContentLoaded",bt);n.removeEventListener("load",bt);i.ready()}function ht(){this.expando=i.exp |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/Login?ReturnUrl=%2f Model: Joe Sandbox AI | ```json{ "legit_domain": "lcsdirect.com", "classification": "unknown", "reasons": [ "The URL 'i646972656374o6c6373o636f6dz.oszar.com' does not match the legitimate domain 'lcsdirect.com'.", "The URL contains a suspicious pattern with a long string of characters before '.oszar.com', which is not a common domain extension for legitimate businesses.", "The brand 'LCS Direct' is not widely recognized, making it difficult to classify as 'known' or 'wellknown'.", "The presence of input fields for 'Email' and 'Password' on a suspicious URL increases the risk of phishing." ], "riskscore": 9}
Google indexed: False |
URL: i646972656374o6c6373o636f6dz.oszar.com
Brands: LCS Direct
Input Fields: Email, Password |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/bun... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a collection of utility functions and does not contain any high-risk indicators. The functions are related to initializing a spinner, displaying confirmation and alert modals, and handling page scrolling and validation. While some of the functions use legacy APIs like `XDomainRequest`, the overall behavior does not suggest any malicious intent. The script seems to be part of a larger web application and is likely used for legitimate purposes."
} |
function lcsdInitialize(){new Foundation.Equalizer($(".button-row")).applyHeight()}function lcsdWorkingStart(){spinner.spin(document.getElementById("center"))}function lcsdWorkingStop(){spinner.stop()}function confirmModal(n,t,i,r,u,f,e,o){var h,s;u=u||"Yes";f=f||"No";e=e||"";o=o||"";h='<div class="reveal" id="confirmModal" data-reveal data-options="closeOnClick:false;closeOnEsc:false"><h4 class="expanded confirm-title '+e+'">'+n+'<\/h2><div class="confirm-message '+o+'">'+t+'<\/div><div><button class="button no hollow" data-close>'+f+'<\/button><button class="button yes float-right">'+u+"<\/button><\/div><\/div>";$("body").append(h);s=new Foundation.Reveal($("#confirmModal"));s.open();$("#confirmModal").find(".yes").one("click",function(){s.close();$("#confirmModal").remove();i&&i.call()});$("#confirmModal").find(".no").one("click",function(){s.close();r&&r.call()});$(document).one("closed.zf.reveal","#confirmModal",function(){var n=$("#confirmModal").parent(".reveal-overlay");$("#confirmModal").remove();n.length&&n.remove()})}function modalAlert(n,t,i,r,u,f){var o,e;t=t||"";r=r||"Ok";u=u||"";f=f||"";o='<div class="reveal small" id="modalAlert" data-reveal data-options="closeOnClick:true;closeOnEsc:true" role="dialog"><h4 class="expanded alert-title '+u+'">'+n+'<\/h2><div class="alert-message '+f+'">'+t+'<\/div><div><button class="button close float-right">'+r+"<\/button><\/div><\/div>";$("body").append(o);e=new Foundation.Reveal($("#modalAlert"));e.open();$("#modalAlert").find(".close").one("click",function(){e.close()});$(document).one("closed.zf.reveal","#modalAlert",function(){var n=$("#modalAlert").parent(".reveal-overlay");$("#modalAlert").remove();n.length>0&&n.remove();i&&i.call()})}function reconfigureValidation(n){var t=$(n);t.removeData("validator");t.removeData("unobtrusiveValidation");$.validator.unobtrusive.parse(n)}function reconfigureValidationClasses(n){var r=$(n),t,i;$(n).resetValidation();$.validator.unobtrusive.parse(n);t=r.data("validator");i=r.data("unobtrusiveValidation");t.settings.rules=i.options.rules;t.settings.messages=i.options.messages}function autoHidePageMessages(){var n=$("#pageMessages");$.trim(n)&&n.show(0).delay(15e3).hide(0)}function isMobile(){var n=window.matchMedia("only screen and (min-width: 767px)");return!n.matches}function scrollTop(){$("html, body").animate({scrollTop:0},"slow")}!function(n,t){"object"==typeof module&&module.exports?module.exports=t():"function"==typeof define&&define.amd?define(t):n.Spinner=t()}(this,function(){"use strict";function i(n,t){var i,r=document.createElement(n||"div");for(i in t)r[i]=t[i];return r}function t(n){for(var t=1,i=arguments.length;i>t;t++)n.appendChild(arguments[t]);return n}function a(n,t,i,r){var e=["opacity",t,~~(100*n),i,r].join("-"),o=.01+i/r*100,s=Math.max(1-(1-n)/t*(100-o),n),h=u.substring(0,u.indexOf("Animation")).toLowerCase(),c=h&&"-"+h+"-"||"";return l[e]||(f.insertRule("@"+c+"keyframes "+e+"{0%{opacity:"+s+"}"+o+"%{opacity:"+n+"}"+(o+.01)+"%{opacity:1}"+(o+t)%100+"%{opacity:"+n+"}100%{opacity:"+s+"}}",f.cssRules.length),l[e]=1),e}function o(n,t){var r,i,u=n.style;if(t=t.charAt(0).toUpperCase()+t.slice(1),void 0!==u[t])return t;for(i=0;i<c.length;i++)if(r=c[i]+t,void 0!==u[r])return r}function n(n,t){for(var i in t)n.style[o(n,i)||i]=t[i];return n}function s(n){for(var r,i,t=1;t<arguments.length;t++){r=arguments[t];for(i in r)void 0===n[i]&&(n[i]=r[i])}return n}function h(n,t){return"string"==typeof n?n:n[t%n.length]}function r(n){this.opts=s(n||{},r.defaults,y)}function v(){function u(n,t){return i("<"+n+' xmlns="urn:schemas-microsoft.com:vml" class="spin-vml">',t)}f.addRule(".spin-vml","behavior:url(#default#VML)");r.prototype.lines=function(i,r){function s(){return n(u("group",{coordsize:o+" "+o,coordorigin:-e+" "+-e}),{width:o,height:o})}function c(i,f,o){t(a,t(n(s(),{rotation:360/r.lines*i+"deg",left:~~f}),t(n(u("roundrect",{arcsize:r.corners}),{width:e,height:r.scale*r.width,left:r.scale*r.radius,top:-r.scale*r.width>>1,filter |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/bun... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a part of the Modernizr library, which is a popular feature detection library used for web development. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. It primarily focuses on feature detection and polyfilling for various web technologies like flexbox, canvas, and WebGL. While the code uses some legacy practices like `XDomainRequest`, these are not inherently malicious and are commonly found in older web development libraries. Overall, the script seems to be a legitimate and widely-used web development tool, and the risk score is relatively low."
} |
window.Modernizr=function(n,t,i){function a(n){c.cssText=n}function vt(n,t){return a(y.join(n+";")+(t||""))}function h(n,t){return typeof n===t}function v(n,t){return!!~(""+n).indexOf(t)}function lt(n,t){var u,r;for(u in n)if(r=n[u],!v(r,"-")&&c[r]!==i)return t=="pfx"?r:!0;return!1}function yt(n,t,r){var f,u;for(f in n)if(u=t[n[f]],u!==i)return r===!1?n[f]:h(u,"function")?u.bind(r||t):u;return!1}function f(n,t,i){var r=n.charAt(0).toUpperCase()+n.slice(1),u=(n+" "+ot.join(r+" ")+r).split(" ");return h(t,"string")||h(t,"undefined")?lt(u,t):(u=(n+" "+st.join(r+" ")+r).split(" "),yt(u,t,i))}function pt(){u.input=function(i){for(var r=0,u=i.length;r<u;r++)w[i[r]]=!!(i[r]in o);return w.list&&(w.list=!!(t.createElement("datalist")&&n.HTMLDataListElement)),w}("autocomplete autofocus list placeholder max min multiple pattern required step".split(" "));u.inputtypes=function(n){for(var u=0,r,f,e,h=n.length;u<h;u++)o.setAttribute("type",f=n[u]),r=o.type!=="text",r&&(o.value=g,o.style.cssText="position:absolute;visibility:hidden;",/^range$/.test(f)&&o.style.WebkitAppearance!==i?(s.appendChild(o),e=t.defaultView,r=e.getComputedStyle&&e.getComputedStyle(o,null).WebkitAppearance!=="textfield"&&o.offsetHeight!==0,s.removeChild(o)):/^(search|tel)$/.test(f)||(r=/^(url|email)$/.test(f)?o.checkValidity&&o.checkValidity()===!1:o.value!=g)),ht[n[u]]=!!r;return ht}("search tel url email datetime date month week time datetime-local number range color".split(" "))}var u={},d=!0,s=t.documentElement,e="modernizr",ut=t.createElement(e),c=ut.style,o=t.createElement("input"),g=":)",ft={}.toString,y=" -webkit- -moz- -o- -ms- ".split(" "),et="Webkit Moz O ms",ot=et.split(" "),st=et.toLowerCase().split(" "),p={svg:"http://www.w3.org/2000/svg"},r={},ht={},w={},nt=[],tt=nt.slice,b,l=function(n,i,r,u){var l,a,c,v,f=t.createElement("div"),h=t.body,o=h||t.createElement("body");if(parseInt(r,10))while(r--)c=t.createElement("div"),c.id=u?u[r]:e+(r+1),f.appendChild(c);return l=["­",'<style id="s',e,'">',n,"<\/style>"].join(""),f.id=e,(h?f:o).innerHTML+=l,o.appendChild(f),h||(o.style.background="",o.style.overflow="hidden",v=s.style.overflow,s.style.overflow="hidden",s.appendChild(o)),a=i(f,n),h?f.parentNode.removeChild(f):(o.parentNode.removeChild(o),s.style.overflow=v),!!a},at=function(t){var i=n.matchMedia||n.msMatchMedia,r;return i?i(t)&&i(t).matches||!1:(l("@media "+t+" { #"+e+" { position: absolute; } }",function(t){r=(n.getComputedStyle?getComputedStyle(t,null):t.currentStyle).position=="absolute"}),r)},ct=function(){function r(r,u){u=u||t.createElement(n[r]||"div");r="on"+r;var f=r in u;return f||(u.setAttribute||(u=t.createElement("div")),u.setAttribute&&u.removeAttribute&&(u.setAttribute(r,""),f=h(u[r],"function"),h(u[r],"undefined")||(u[r]=i),u.removeAttribute(r))),u=null,f}var n={select:"input",change:"input",submit:"form",reset:"form",error:"img",load:"img",abort:"img"};return r}(),it={}.hasOwnProperty,rt,k;rt=h(it,"undefined")||h(it.call,"undefined")?function(n,t){return t in n&&h(n.constructor.prototype[t],"undefined")}:function(n,t){return it.call(n,t)};Function.prototype.bind||(Function.prototype.bind=function(n){var t=this,i,r;if(typeof t!="function")throw new TypeError;return i=tt.call(arguments,1),r=function(){var f,e,u;return this instanceof r?(f=function(){},f.prototype=t.prototype,e=new f,u=t.apply(e,i.concat(tt.call(arguments))),Object(u)===u)?u:e:t.apply(n,i.concat(tt.call(arguments)))},r});r.flexbox=function(){return f("flexWrap")};r.flexboxlegacy=function(){return f("boxDirection")};r.canvas=function(){var n=t.createElement("canvas");return!!(n.getContext&&n.getContext("2d"))};r.canvastext=function(){return!!(u.canvas&&h(t.createElement("canvas").getContext("2d").fillText,"function"))};r.webgl=function(){return!!n.WebGLRenderingContext};r.touch=function(){var i;return"ontouchstart"in n||n.DocumentTouch&&t instanceof DocumentTouch?i=!0:l(["@media (",y.join("touch-enabled),("),e,")","{#modernizr{top:9px;position:absolute}}"].join(""),function |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/Login?ReturnUrl=%2F Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Please try one of the following:\n Please check the address to ensure that you have entered the correct URL.\n Use your browser's back button to try another link.\n Click on 'Go to Dashboard' button below to redirect to dashboard.\n Please ensure Javascript is enabled on your browser.",
"prominent_button_name": "GO TO LOGIN",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com/bun... Model: Joe Sandbox AI | ```json
{
"risk_score": 4,
"reasoning": "The script includes dynamic code execution through the creation and execution of script elements, which is a high-risk indicator. However, it does not exhibit other high-risk behaviors such as data exfiltration or redirects to suspicious domains. The script appears to be a part of a library or framework (possibly jQuery-related), which may justify some of its practices, but the use of dynamic script execution warrants further review."
} |
(function(n,t){"use strict";typeof module=="object"&&typeof module.exports=="object"?module.exports=n.document?t(n,!0):function(n){if(!n.document)throw new Error("jQuery requires a window with a document");return t(n)}:t(n)})(typeof window!="undefined"?window:this,function(n,t){"use strict";function ir(n,t){t=t||u;var i=t.createElement("script");i.text=n;t.head.appendChild(i).parentNode.removeChild(i)}function fi(n){var t=!!n&&"length"in n&&n.length,r=i.type(n);return r==="function"||i.isWindow(n)?!1:r==="array"||t===0||typeof t=="number"&&t>0&&t-1 in n}function l(n,t){return n.nodeName&&n.nodeName.toLowerCase()===t.toLowerCase()}function oi(n,t,r){return i.isFunction(t)?i.grep(n,function(n,i){return!!t.call(n,i,n)!==r}):t.nodeType?i.grep(n,function(n){return n===t!==r}):typeof t!="string"?i.grep(n,function(n){return ot.call(t,n)>-1!==r}):er.test(t)?i.filter(t,n,r):(t=i.filter(t,n),i.grep(n,function(n){return ot.call(t,n)>-1!==r&&n.nodeType===1}))}function ar(n,t){while((n=n[t])&&n.nodeType!==1);return n}function ne(n){var t={};return i.each(n.match(h)||[],function(n,i){t[i]=!0}),t}function nt(n){return n}function pt(n){throw n;}function vr(n,t,r,u){var f;try{n&&i.isFunction(f=n.promise)?f.call(n).done(t).fail(r):n&&i.isFunction(f=n.then)?f.call(n,t,r):t.apply(undefined,[n].slice(u))}catch(n){r.apply(undefined,[n])}}function bt(){u.removeEventListener("DOMContentLoaded",bt);n.removeEventListener("load",bt);i.ready()}function ht(){this.expando=i.expando+ht.uid++}function re(n){return n==="true"?!0:n==="false"?!1:n==="null"?null:n===+n+""?+n:te.test(n)?JSON.parse(n):n}function pr(n,t,i){var r;if(i===undefined&&n.nodeType===1)if(r="data-"+t.replace(ie,"-$&").toLowerCase(),i=n.getAttribute(r),typeof i=="string"){try{i=re(i)}catch(u){}e.set(n,t,i)}else i=undefined;return i}function kr(n,t,r,u){var h,e=1,l=20,c=u?function(){return u.cur()}:function(){return i.css(n,t,"")},s=c(),o=r&&r[3]||(i.cssNumber[t]?"":"px"),f=(i.cssNumber[t]||o!=="px"&&+s)&&ct.exec(i.css(n,t));if(f&&f[3]!==o){o=o||f[3];r=r||[];f=+s||1;do e=e||".5",f=f/e,i.style(n,t,f+o);while(e!==(e=c()/s)&&e!==1&&--l)}return r&&(f=+f||+s||0,h=r[1]?f+(r[1]+1)*r[2]:+r[2],u&&(u.unit=o,u.start=f,u.end=h)),h}function ue(n){var r,f=n.ownerDocument,u=n.nodeName,t=si[u];return t?t:(r=f.body.appendChild(f.createElement(u)),t=i.css(r,"display"),r.parentNode.removeChild(r),t==="none"&&(t="block"),si[u]=t,t)}function tt(n,t){for(var e,u,f=[],i=0,o=n.length;i<o;i++)(u=n[i],u.style)&&(e=u.style.display,t?(e==="none"&&(f[i]=r.get(u,"display")||null,f[i]||(u.style.display="")),u.style.display===""&&kt(u)&&(f[i]=ue(u))):e!=="none"&&(f[i]="none",r.set(u,"display",e)));for(i=0;i<o;i++)f[i]!=null&&(n[i].style.display=f[i]);return n}function o(n,t){var r;return(r=typeof n.getElementsByTagName!="undefined"?n.getElementsByTagName(t||"*"):typeof n.querySelectorAll!="undefined"?n.querySelectorAll(t||"*"):[],t===undefined||t&&l(n,t))?i.merge([n],r):r}function hi(n,t){for(var i=0,u=n.length;i<u;i++)r.set(n[i],"globalEval",!t||r.get(t[i],"globalEval"))}function iu(n,t,r,u,f){for(var e,s,p,a,w,v,h=t.createDocumentFragment(),y=[],l=0,b=n.length;l<b;l++)if(e=n[l],e||e===0)if(i.type(e)==="object")i.merge(y,e.nodeType?[e]:e);else if(tu.test(e)){for(s=s||h.appendChild(t.createElement("div")),p=(gr.exec(e)||["",""])[1].toLowerCase(),a=c[p]||c._default,s.innerHTML=a[1]+i.htmlPrefilter(e)+a[2],v=a[0];v--;)s=s.lastChild;i.merge(y,s.childNodes);s=h.firstChild;s.textContent=""}else y.push(t.createTextNode(e));for(h.textContent="",l=0;e=y[l++];){if(u&&i.inArray(e,u)>-1){f&&f.push(e);continue}if(w=i.contains(e.ownerDocument,e),s=o(h.appendChild(e),"script"),w&&hi(s),r)for(v=0;e=s[v++];)nu.test(e.type||"")&&r.push(e)}return h}function gt(){return!0}function it(){return!1}function uu(){try{return u.activeElement}catch(n){}}function ci(n,t,r,u,f,e){var o,s;if(typeof t=="object"){typeof r!="string"&&(u=u||r,r=undefined);for(s in t)ci(n,s,r,u,t[s],e);return n}if(u==null&&f==null?(f=r,u=r=undefined):f==null&&(typeof r=="string |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/Login?ReturnUrl=%2F Model: Joe Sandbox AI | {
"brands": [
"LCS Direct"
]
} |
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/ForgotPassword Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Forgot your password?",
"prominent_button_name": "EMAIL LINK",
"text_input_field_labels": [
"Email"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/ForgotPassword Model: Joe Sandbox AI | {
"brands": [
"LCS Direct"
]
} |
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/ForgotPassword Model: Joe Sandbox AI | ```json{ "legit_domain": "lcsdirect.com", "classification": "unknown", "reasons": [ "The URL 'i646972656374o6c6373o636f6dz.oszar.com' does not match the expected domain for 'LCS Direct'.", "The URL contains a suspicious pattern with a mix of numbers and letters, which is often used in phishing attempts.", "The domain 'oszar.com' is not associated with 'LCS Direct' and appears to be a generic or unrelated domain.", "The brand 'LCS Direct' is not widely recognized, making it difficult to classify as 'known' or 'wellknown'.", "The presence of an email input field is common in phishing sites attempting to harvest credentials." ], "riskscore": 9}
Google indexed: False |
URL: i646972656374o6c6373o636f6dz.oszar.com
Brands: LCS Direct
Input Fields: Email |
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/ForgotPassword Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Forgot your password?",
"prominent_button_name": "EMAIL LINK",
"text_input_field_labels": [
"Email"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://i646972656374o6c6373o636f6dz.oszar.com/Identity/Account/ForgotPassword Model: Joe Sandbox AI | {
"brands": [
"LCS Direct"
]
} |
|
URL: https://oszar.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://oszar.com |