| URL: https://wetransfert-devis-factgfd.mystrikingly.com Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": true,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": true,
"third_party_hosting": true
} |
URL: https://wetransfert-devis-factgfd.mystrikingly.com |
| URL: https://wetransfert-devis-factgfd.mystrikingly.com... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "The provided JavaScript snippet appears to be a simple utility function to retrieve a cookie value by name. This is a common and legitimate practice, and there are no indicators of high-risk or malicious behavior."
} |
if (!window.utils) window.utils = {}
window.utils.getCookieByName = (name) => {
const cookies = document.cookie.split(';')
for (const cookie of cookies) {
const [key, value] = cookie.trim().split('=')
if (key === name) {
return decodeURIComponent(value)
}
}
return ''
}
|
| URL: https://wetransfert-devis-factgfd.mystrikingly.com... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript code appears to be a set of utility functions for handling cookies and URL parameters, which are common practices in web development. While the code uses some legacy APIs like `XDomainRequest`, it does not exhibit any high-risk behaviors such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code is primarily focused on cookie management and URL parameter parsing, which are legitimate use cases. Therefore, the overall risk score is low."
} |
function setCookieItem(key, value, options) {
if (typeof options.expires === 'number') {
var days = options.expires, t = options.expires = new Date();
t.setTime(+t + days * 864e+5);
}
return (document.cookie = [
encodeURIComponent(key), '=', encodeURIComponent(String(value)),
options.expires ? '; expires=' + options.expires.toUTCString() : '', // use expires attribute, max-age is not supported by IE
options.path ? '; path=' + options.path : '',
options.domain ? '; domain=' + options.domain : '',
options.secure ? '; secure' : ''
].join(''));
}
function getCookieItem(cookieName) {
const name = cookieName + "=";
const decodedCookie = decodeURIComponent(document.cookie);
const cookieArray = decodedCookie.split(';');
for (let i = 0; i < cookieArray.length; i++) {
let cookie = cookieArray[i].trim();
if (cookie.indexOf(name) === 0) {
return cookie.substring(name.length, cookie.length);
}
}
return null;
}
function getQueryParam(url, param) {
// Expects a raw URL
var newParam = param.replace(/[[]/, '\\[').replace(/[\]]/, '\\]');
var regexS = '[\\?&]' + newParam + '=([^&#]*)';
var regex = new RegExp(regexS);
var results = regex.exec(url);
if (results === null || results && typeof results[1] !== 'string' && results[1].length) {
return '';
} else {
var result = results[1];
try {
result = decodeURIComponent(result);
} catch (err) {
console.error('Skipping decoding for malformed query param: ' + result);
}
return result.replace(/\+/g, ' ');
}
}
function utmNamesMapping(utmName) {
var expandedUtmName = '';
switch (utmName) {
case 'gclid':
case 'utm_gclid_current':
expandedUtmName = 'utm_gclid';
break;
default:
expandedUtmName = utmName;
}
return expandedUtmName;
}
function getTrackDomain() {
var trackDomain = '';
var hostName = document.domain;
var host = $S && $S.global_conf && $S.global_conf.host_suffix ||
$S && $S.globalConf && $S.globalConf.host_suffix || '';
if (hostName && hostName.includes('.strikingly.com')) {
trackDomain = '.strikingly.com';
} else if (hostName && hostName.includes('.sxl.cn')) {
trackDomain = '.sxl.cn';
} else if ($S && $S.live_site || $S && $S.liveBlog) {
trackDomain = hostName;
} else if (host) {
trackDomain = "." + host;
} else {
trackDomain = location.href && location.href.includes('strikingly') ? '.strikingly.com' : '.sxl.cn';
}
return trackDomain;
}
function recordUniqUtmCookies(originUrl, needSetCookie = true) {
var campaign_keywords = 'utm_source gclid utm_medium utm_campaign utm_content utm_term'.split(' '),
kw = '',
uniq_utm_config = {};
var index;
var siteUrl = originUrl || document.URL;
for (index = 0; index < campaign_keywords.length; ++index) {
kw = getQueryParam(siteUrl, campaign_keywords[index]);
var utm_name = utmNamesMapping(campaign_keywords[index]);
if (kw.length !== 0) {
uniq_utm_config[utm_name] = kw;
}
}
var isUtmCookieExisted = document.cookie && document.cookie.includes('__uniq_utm_config=');
if (!isUtmCookieExisted) {
uniq_utm_config['utm_timestamp'] = new Date().getTime();
uniq_utm_config['utm_referrer'] = document.referrer;
var gclidValue = getQueryParam(siteUrl, 'gclid');
var gbraidValue = getQueryParam(siteUrl, 'gbraid');
var wbraidValue = getQueryParam(siteUrl, 'wbraid');
var ttclidValue = getQueryParam(siteUrl, 'ttclid');
var fbclidValue = getQueryParam(siteUrl, 'fbclid');
var msclkidValue = getQueryParam(siteUrl, 'msclkid');
var bdvidValue = getQueryParam(siteUrl, 'bd_vid');
if (gclidValue) {
uniq_utm_config['utm_gclid'] = gclidValue;
}
if (gbraidValue) {
uniq_utm_config['utm_ |
| URL: https://wetransfert-devis-factgfd.mystrikingly.com... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be setting up Google Analytics tracking, which is a common and legitimate practice. While it checks for certain cookie values, this is likely for compliance or user consent purposes. The code does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. Overall, the script seems to be implementing standard analytics functionality and poses a low risk."
} |
var _gaq = _gaq || [];
if (typeof getCookieItem === 'function' && (getCookieItem('__strk_cookie_eu_visitor') != 'true' || getCookieItem('__is_open_strk_analytics_cookie'))) {
// Google Analytics (Universal) Setup
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','__ga');
}
|
| URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the standard jQuery library, which is a widely used and trusted JavaScript library. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. The code is well-structured and does not exhibit any obfuscation or aggressive DOM manipulation. Overall, this script is likely benign and used for legitimate web development purposes."
} |
/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */
!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[i.call(e)]||"object":typeof e}var t="3.7.1",l=/HTML$/i,ce=function(e,t){return new ce.fn.init(e,t)};function c(e){var t=!!e&&"length"in e&&e.length,n=x(e);return!v(e)&&!y(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}function fe(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return ce.each(this,e)},map:function(n){return this.pushStack(ce.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(ae.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:s,sort:oe.sort,splice:oe.splice},ce.extend=ce.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||v(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(ce.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||ce.isPlainObject(n)?n:{},i=!1,a[t]=ce.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},ce.extend({expando:"jQuery"+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==i.call(e))&&(!(t=r(e))||"function"==typeof(n=ue.call(t,"constructor")&&t.constructor)&&o.call(n)===a)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){m(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(c(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},text:function(e){var t,n="",r=0,i=e.nodeType;if(!i)while(t=e[r++])n+=ce.text(t);return 1===i||11===i?e.textContent:9===i?e.documentElement.textContent:3===i||4===i?e.nodeValue:n},makeArray:function(e,t){var n=t||[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==typeof e?[e]:e):s.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:se.call(t,e,n)},isXMLDoc:function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!l.test(t||n&&n.nodeName||"HTML")},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){va |
| URL: https://static-assets.strikinglycdn.com/detectIE-c... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a browser compatibility check and error handling mechanism. It checks the user's browser version and operating system, and displays a message to the user if the browser is outdated or incompatible. This behavior is common for websites that need to ensure a consistent user experience across different browser versions. The script does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The script is likely a legitimate part of the website's functionality."
} |
!function(){function o(){var o=!1;window.$S&&window.$S.global_conf?o=window.$S.global_conf.is_sxl:window.$S&&window.$S.globalConf&&(o=window.$S.globalConf.is_sxl);var e={strikingly:{tips:"Please upgrade your browser to view this site properly. ",learnMoreURL:"https://support.strikingly.com/hc/en-us/articles/206256982",learnMoreText:"Learn More. "},sxl:{tips:"",learnMoreURL:"http://help.sxl.cn/hc/zh-cn/articles/206374141",learnMoreText:""}};return o?e.sxl:e.strikingly}function e(){var o='<div class="browser-error-dialog s-edit-modal" style="display:block; position: fixed; background-color:#e7e9eb ; width: 70%; left: 15%; bottom: 50px; text-align: center;"><p style="padding: 30px; font-size: 140%;"><strong><span>${tips}</span><a href="${learnMoreURL}" target="_blank">${learnMoreText}</a></strong></p></div>';return o}function n(o,e){var n=-1,r=null;return o&&o.indexOf("MSIE")!==-1?r=new RegExp("MSIE ([0-9]{1,}[.0-9]{0,})"):e&&"Netscape"===e&&o.indexOf("Trident")!==-1&&(r=new RegExp("Trident/.*rv:([0-9]{1,}[.0-9]{0,})")),r&&null!==r.exec(o)&&(n=window.parseInt(RegExp.$1)),n}function r(o){var e=-1,n=null;return o&&o.indexOf("Windows NT")!==-1&&(n=new RegExp("Windows NT ([0-9]{1,}[.0-9]{0,});")),n&&null!==n.exec(o)&&(e=window.parseInt(RegExp.$1)),e}function i(n,r){if(!$(".browser-error-dialog").length){var i=o(),t=i.tips,l=i.learnMoreURL,a=i.learnMoreText,s=e();if($("body").append(s.replace("${tips}",t).replace("${learnMoreURL}",l).replace("${learnMoreText}",a)),$(".browser-error-dialog").css("position","absolute"),6===r)return;var w,d,p=window.parseInt($(".browser-error-dialog").css("bottom"));$(window).scroll(function(){window.clearTimeout(d),d=window.setTimeout(function(){w=0!==document.body.scrollTop?document.body.scrollTop:$(window).scrollTop(),$(".browser-error-dialog").animate({bottom:p-w},"slow")},150)})}}function t(){var o=window&&window.navigator&&window.navigator.userAgent,e=window&&window.navigator&&window.navigator.appName,t=n(o,e),l=r(o);if(t!==-1){var a="";l<=10&&t<11&&(a="chrome"),a&&i(a,t)}}function l(){window&&t()}window.onload=l}();
|
| URL: https://wetransfert-devis-factgfd.mystrikingly.com... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a simple utility function for retrieving the value of a cookie by name. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or redirects to suspicious domains. The code is straightforward and does not appear to have any malicious intent. While it uses a legacy API (`document.cookie.split(';')`), this is a common practice and does not pose a significant security risk. Overall, this script is considered low risk."
} |
(function() {
window.$B || (window.$B = {});
window.utils || (window.utils = {});
window.utils.getCookieValue = function(name) {
var cookie, cookies, key, value, _i, _len, _ref;
cookies = document.cookie.split(';');
for (_i = 0, _len = cookies.length; _i < _len; _i++) {
cookie = cookies[_i];
_ref = cookie.trim().split('='), key = _ref[0], value = _ref[1];
if (key === name) {
return decodeURIComponent(value);
}
}
return '';
};
}).call(this);
|
| URL: https://wetransfert-devis-factgfd.mystrikingly.com... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a legitimate script for optimizing page load performance on mobile devices. It checks the viewport width and dynamically loads a specific script bundle based on the device size. The script uses standard DOM manipulation techniques and does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or suspicious redirects. The script's purpose seems to be improving the user experience by delivering a more optimized page load for mobile users."
} |
// In order to load the page faster on mobile, render page-site-bundle
if(window.innerWidth <= 727) {
window.ssrIsLoaded = false
}
function downloadJSAtOnload(link, callback) {
var element = document.createElement("script");
element.src = link;
document.body.appendChild(element);
element.onload = function() {
callback && callback();
}
}
function loadScript(sourceLink) {
if (!window.ssrIsLoaded && false && window.siteConfigSrc) {
downloadJSAtOnload(window.siteConfigSrc, function() {
downloadJSAtOnload(sourceLink);
});
} else {
downloadJSAtOnload(sourceLink);
}
}
var sourceLink = "https://static-assets.strikinglycdn.com/webpack/lightBoostedPage-site-bundle.eb8c04343e689de733fc.js"
if (!window.ssrIsLoaded) {
sourceLink = "https://static-assets.strikinglycdn.com/webpack/page-site-bundle.8789e4771bd3c32ae590.js"
}
loadScript(sourceLink)
|
| URL: https://wetransfert-devis-factgfd.mystrikingly.com... Model: Joe Sandbox AI | {
"risk_score": 6,
"reasoning": "The provided JavaScript snippet exhibits several behaviors that raise moderate security concerns. It includes the following indicators:
1. External Data Transmission (+2 points): The script appears to be sending user data to external domains via XHR or fetch requests, which could potentially lead to data exfiltration.
2. Aggressive DOM Manipulation (+2 points): The script is repeatedly altering or clearing the DOM, which could be a sign of aggressive or potentially malicious behavior.
3. Tracking Behavior (+1 point): The script seems to be performing some form of analytics or tracking activity, which may raise privacy concerns depending on the context.
Additionally, the script is using a large number of obfuscated or minified functions, which makes it more difficult to analyze and understand its true purpose. This lack of transparency contributes to the overall risk score.
While the script may have legitimate use cases, such as lazy-loading images or implementing responsive design, the combination of the observed behaviors and the obfuscated nature of the code warrant further investigation to determine the actual intent and potential risks. Therefore, the final risk score is set to 6, indicating a medium-risk scenario that requires additional review and analysis."
} |
!function(e){var t=function(u,D,f){"use strict";var k,H;if(function(){var e;var t={lazyClass:"lazyload",loadedClass:"lazyloaded",loadingClass:"lazyloading",preloadClass:"lazypreload",errorClass:"lazyerror",autosizesClass:"lazyautosizes",fastLoadedClass:"ls-is-cached",iframeLoadMode:0,srcAttr:"data-src",srcsetAttr:"data-srcset",sizesAttr:"data-sizes",minSize:40,customMedia:{},init:true,expFactor:1.5,hFac:.8,loadMode:2,loadHidden:true,ricTimeout:0,throttleDelay:125};H=u.lazySizesConfig||u.lazysizesConfig||{};for(e in t){if(!(e in H)){H[e]=t[e]}}}(),!D||!D.getElementsByClassName){return{init:function(){},cfg:H,noSupport:true}}var O=D.documentElement,i=u.HTMLPictureElement,P="addEventListener",$="getAttribute",q=u[P].bind(u),I=u.setTimeout,U=u.requestAnimationFrame||I,o=u.requestIdleCallback,j=/^picture$/i,r=["load","error","lazyincluded","_lazyloaded"],a={},G=Array.prototype.forEach,J=function(e,t){if(!a[t]){a[t]=new RegExp("(\\s|^)"+t+"(\\s|$)")}return a[t].test(e[$]("class")||"")&&a[t]},K=function(e,t){if(!J(e,t)){e.setAttribute("class",(e[$]("class")||"").trim()+" "+t)}},Q=function(e,t){var a;if(a=J(e,t)){e.setAttribute("class",(e[$]("class")||"").replace(a," "))}},V=function(t,a,e){var i=e?P:"removeEventListener";if(e){V(t,a)}r.forEach(function(e){t[i](e,a)})},X=function(e,t,a,i,r){var n=D.createEvent("Event");if(!a){a={}}a.instance=k;n.initEvent(t,!i,!r);n.detail=a;e.dispatchEvent(n);return n},Y=function(e,t){var a;if(!i&&(a=u.picturefill||H.pf)){if(t&&t.src&&!e[$]("srcset")){e.setAttribute("srcset",t.src)}a({reevaluate:true,elements:[e]})}else if(t&&t.src){e.src=t.src}},Z=function(e,t){return(getComputedStyle(e,null)||{})[t]},s=function(e,t,a){a=a||e.offsetWidth;while(a<H.minSize&&t&&!e._lazysizesWidth){a=t.offsetWidth;t=t.parentNode}return a},ee=function(){var a,i;var t=[];var r=[];var n=t;var s=function(){var e=n;n=t.length?r:t;a=true;i=false;while(e.length){e.shift()()}a=false};var e=function(e,t){if(a&&!t){e.apply(this,arguments)}else{n.push(e);if(!i){i=true;(D.hidden?I:U)(s)}}};e._lsFlush=s;return e}(),te=function(a,e){return e?function(){ee(a)}:function(){var e=this;var t=arguments;ee(function(){a.apply(e,t)})}},ae=function(e){var a;var i=0;var r=H.throttleDelay;var n=H.ricTimeout;var t=function(){a=false;i=f.now();e()};var s=o&&n>49?function(){o(t,{timeout:n});if(n!==H.ricTimeout){n=H.ricTimeout}}:te(function(){I(t)},true);return function(e){var t;if(e=e===true){n=33}if(a){return}a=true;t=r-(f.now()-i);if(t<0){t=0}if(e||t<9){s()}else{I(s,t)}}},ie=function(e){var t,a;var i=99;var r=function(){t=null;e()};var n=function(){var e=f.now()-a;if(e<i){I(n,i-e)}else{(o||r)(r)}};return function(){a=f.now();if(!t){t=I(n,i)}}},e=function(){var v,m,c,h,e;var y,z,g,p,C,b,A;var n=/^img$/i;var d=/^iframe$/i;var E="onscroll"in u&&!/(gle|ing)bot/.test(navigator.userAgent);var _=0;var w=0;var M=0;var N=-1;var L=function(e){M--;if(!e||M<0||!e.target){M=0}};var x=function(e){if(A==null){A=Z(D.body,"visibility")=="hidden"}return A||!(Z(e.parentNode,"visibility")=="hidden"&&Z(e,"visibility")=="hidden")};var W=function(e,t){var a;var i=e;var r=x(e);g-=t;b+=t;p-=t;C+=t;while(r&&(i=i.offsetParent)&&i!=D.body&&i!=O){r=(Z(i,"opacity")||1)>0;if(r&&Z(i,"overflow")!="visible"){a=i.getBoundingClientRect();r=C>a.left&&p<a.right&&b>a.top-1&&g<a.bottom+1}}return r};var t=function(){var e,t,a,i,r,n,s,o,l,u,f,c;var d=k.elements;if((h=H.loadMode)&&M<8&&(e=d.length)){t=0;N++;for(;t<e;t++){if(!d[t]||d[t]._lazyRace){continue}if(!E||k.prematureUnveil&&k.prematureUnveil(d[t])){R(d[t]);continue}if(!(o=d[t][$]("data-expand"))||!(n=o*1)){n=w}if(!u){u=!H.expand||H.expand<1?O.clientHeight>500&&O.clientWidth>500?500:370:H.expand;k._defEx=u;f=u*H.expFactor;c=H.hFac;A=null;if(w<f&&M<1&&N>2&&h>2&&!D.hidden){w=f;N=0}else if(h>1&&N>1&&M<6){w=u}else{w=_}}if(l!==n){y=innerWidth+n*c;z=innerHeight+n;s=n*-1;l=n}a=d[t].getBoundingClientRect();if((b=a.bottom)>=s&&(g=a.top)<=z&&(C=a.right)>=s*c&&(p=a.left)<=y&&(b||C||p||g)&&(H.loadHidden||x(d[t]))&&(m&&M<3&&!o&&(h<3||N<4)||W(d[t], |
| URL: https://wetransfert-devis-factgfd.mystrikingly.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Pour lire le document veuillez entrer les identifiants de messagerie auxquels ce fichier a t envoy.",
"prominent_button_name": "Connexion",
"text_input_field_labels": [
"Adresse E-mail",
"Mot de passe"
],
"pdf_icon_visible": true,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://wetransfert-devis-factgfd.mystrikingly.com/ Model: Joe Sandbox AI | {
"brands": [
"WeTransfer"
]
} |
|
| URL: https://wetransfert-devis-factgfd.mystrikingly.com/ Model: Joe Sandbox AI | ```json{ "legit_domain": "wetransfer.com", "classification": "wellknown", "reasons": [ "The legitimate domain for WeTransfer is 'wetransfer.com'.", "The URL 'wetransfert-devis-factgfd.mystrikingly.com' contains 'wetransfert', which is a misspelling of 'wetransfer'.", "The domain 'mystrikingly.com' is a website builder platform, which can be used to create phishing sites.", "The presence of input fields for 'Adresse E-mail' and 'Mot de passe' suggests an attempt to collect sensitive information.", "The use of a subdomain and additional words like 'devis-factgfd' is suspicious and not typical for a legitimate WeTransfer page." ], "riskscore": 9}
Google indexed: False |
URL: wetransfert-devis-factgfd.mystrikingly.com
Brands: WeTransfer
Input Fields: Adresse E-mail, Mot de passe |
Edit tour
chrome.exe (PID: 6308 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node