| URL: https://p3rsa.appdocumentcenter.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": true,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://p3rsa.appdocumentcenter.com |
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a simple form submission function, which is a common and legitimate behavior. While it does not demonstrate any high-risk indicators, the lack of context around the form's purpose and the target domain means it requires further review to determine if there are any potential security concerns."
} |
function EbonyStone() {
document.forms[0].submit();
}
|
| URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The provided JavaScript snippet appears to be a Cloudflare challenge script, which is a common security mechanism used to protect websites from bots and other automated threats. While the script exhibits some behaviors that could be considered moderate-risk, such as external data transmission and the use of fallback domains, these are likely part of the challenge's functionality and not indicative of malicious intent. The script also includes some low-risk indicators, such as the use of legacy APIs and analytics-related behavior. Overall, the script seems to be a legitimate security mechanism, but it could benefit from some improvements to reduce its aggressive DOM manipulation and increase transparency around the data it transmits."
} |
(function(){
window._cf_chl_opt={
cvId: '3',
cZone: 'challenges.cloudflare.com',
cTplV: 5,
chlApivId: '0',
chlApiWidgetId: 'txkak',
chlApiSitekey: '0x4AAAAAAA2_FtrtI-q9RaMg',
chlApiMode: 'managed',
chlApiSize: 'normal',
chlApiRcV: 'UXM4KBOBysjijpk75g6LWYoE1FwxtuGaKFudJQTZ9zg-1736452565-1.3.1.1-BCADt4f5P5u3jXNErCVfLQwpjhUmeylao6IgPIlcIig',
chlApiTimeoutEncountered: 0,
chlApiOverrunBudgetMs:10000,
chlTimeoutMs:120000,
cK:[],
cType: 'chl_api_m',
cRay: '8ff6fd190aab43e2',
cH: '18vScXrxhuttUXHOqP_J5rD9UvDGMFhrOT0Us0auPPQ-1736452565-1.1.1.1-GIj2VB_Zd.FrfreWXYckp1oBKfIHegPJphGweU8UQ5qa6xGjZVnyyJLptZ6pM3Qi',
cFPWv: 'b',
cLt: 'n',
chlApiFailureFeedbackEnabled:true,
chlApiLoopFeedbackEnabled:false,
wOL:false,
wT: 'auto',
wS: 'normal',
md: 'EBfZY3yMdytQt7AhFeWzvKPiJriOWVUW_Bn5e6stvtQ-1736452565-1.1.1.1-i9WZzCuPGTy0PHSBTOcrQsRFCjDN6HyX7gbzqgOI_qdin2QEDmBOL1Vcu_I8N2MbLaeu_A7ozMkL2hHGZWSvGc6UDHGDPdfYZHf9H7uZUBWnoAL1eNwZ6Auh.gqL3C.fTLTDGousE_Ikfm3NovBph7tQXG4tqtiyJEdaB6L3q7MP0IxjsKhq6rwuPegsLPtAK1LM9xnhT5ZDzwZv6eSEBHcPn.gkagGwKFkL6io8D_ZbYRRiNiPmDitinAgFQKlmYYN7eCdPtlLivlKlC8zaO0sXZpPaXgtOj7stk3ZNKUPM84EREZdt1RjQnb64XMjtYkPpIz9WrsuWPuvTddgi1df.iUoMROBGUhOvA2s9ZB6TELUUB3Nej0y.Mq5PEhvUgapk04yvzIXTyJ2Mqs_jrdXCDZ7Ib8iZXTrAEiaU_LGRC6AZzL1Phxrcsh9Yc7N9fMuOH6waQPNg3JoYoukktLGBJLF0Eamywhjgi3KUmySJvoWTuhfPR2aW3NI5tGmpCgYNwhg4afJ4cV3GjpInSctKydtm2Z2L0tm6IAV55OON37a8_LEkrSnnL4T1FIs0phb6lXg4w7MEmjblfNUqaEKU8.tglB4TSam7IFpHVowu4FfqY76KUDUVkBQGwHrHgs3VSY0GolP4zGfk.mG76RjESVHRY8FQjid.zo14W5LNuPutb30X1viWq8Tlhm1ydbAzPlohpAiWZkmeHks2o30s4o9fCI6SphLTPhZ5x0GI6YOcoT2gdbCaX0fXGaFwdy4wIxWD.QVnrRihnBOsSZYlxjjG3wdAoFVaYjrCcNCcCBpkCdETczKwNQKl89_m3V2eGanAaq8LvjUQZOqWSa9qRQhxotkzzTz1ZdMwonlG9SnW72yPSMKi0MhxchtzNsUETqINH085oKfCdNwuyCZ4PUdCsbzHPpwJcUixeb9Sj_2_GNhJU5gWdj7oRjDZjBic6IBXg6n7zg7UkjPhKJTtHH0.p2vCnr7VBnMT9my9fdsbbJd8M0kJ0wD5au0ByRXtLBv6kN7.pro1wBiosj44xyh79x_Dsn1lNRVuDQ9hazn.o0kSqG5NtHdQFZt2LTAMesG0hueQcUywZsZiA62z1_9SlWAt79bbBAOcFgNuXNvpyrH4y9o6U6idwe9kWOP.JbfevwMUqW.9cl88vO0iU_w6VkOH0wL8Hoiu6Be03aA9WTan8oa_aVYpuf6iS3zZjzcSY5_AS.KRZpzmJ09F4JLF9AN_OwIUXzXbkGP5MXPWbyPb_DUGh4dzhxOUACm8FBw2mGTrP4X2wI3woci6H3Y.i6jwQoUzXX_8N7BeVXkK2VvwSHR7vfxAFr3qKCuuB_d8tfZXP7K5UqSbSWNX4AHltvYLVHJNFiJzgS_fuHTQ1RaXRjqJxlP0vdUG3b5b3r8xNIHLvtRPaqEhNJiz.cv._KQFWgo81i6M4UhcnERWzsN4oN.1GKmKhknzd28iE8X3677DJqmQoYQJ0sP_TdtKRa6wnHSMbYTjnPuoBW0NgsxMy20EtvjVSMXY_tmQ45VH0IQ5kNd1FGzmmtLIT0dDIG_6Ehp_QeAdgz0gI69ZN89ASHnKwYnzGki7EPtaYTSYSbcvy1L_C_RprU7M0DoGUumGxeYIyrTyisc',
cITimeS: '1736452565',
refresh: function(){
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: 'txkak',
nextRcV: 'UXM4KBOBysjijpk75g6LWYoE1FwxtuGaKFudJQTZ9zg-1736452565-1.3.1.1-BCADt4f5P5u3jXNErCVfLQwpjhUmeylao6IgPIlcIig',
event: 'reloadRequest',
}, "*");
}
}
};
var handler = function(event) {
var e = event.data;
if (e.source && e.source === 'cloudflare-challenge' && e.event === 'meow' && e.widgetId === window._cf_chl_opt.chlApiWidgetId) {
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: window._cf_chl_opt.chlApiWidgetId,
event: 'food',
seq: e.seq,
}, '*');
|
| URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a Cloudflare challenge script, which is a common security mechanism used to protect websites from bots and other automated threats. The script contains some behaviors that could be considered moderate-risk, such as external data transmission and the use of fallback domains. However, the script is likely serving a legitimate purpose and does not demonstrate any clear malicious intent. The risk score is capped at 3 due to the script's apparent purpose as a security mechanism."
} |
window._cf_chl_opt.uaO=false;window._cf_chl_opt.URaOa8={"metadata":{"challenge.privacy_link":"https%3A%2F%2Fwww.cloudflare.com%2Fprivacypolicy%2F","challenge.supported_browsers":"https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support","challenge.terms":"https%3A%2F%2Fwww.cloudflare.com%2Fwebsite-terms%2F"},"translations":{"check_delays":"Verification%20is%20taking%20longer%20than%20expected.%20Check%20your%20Internet%20connection%20and%20%3Ca%20class%3D%22refresh_link%22%3Erefresh%20the%20page%3C%2Fa%3E%20if%20the%20issue%20persists.","turnstile_refresh":"Refresh","outdated_browser":"Your%20browser%20is%20out%20of%20date.%20Update%20your%20browser%20to%20view%20this%20site%20properly.%3Cbr%2F%3E%3Ca%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%20href%3D%22https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support%22%3EClick%20here%20for%20more%20information%3C%2Fa%3E","turnstile_failure":"Error","turnstile_expired":"Expired","invalid_sitekey":"Invalid%20sitekey.%20Contact%20the%20Site%20Administrator%20if%20this%20problem%20persists.","turnstile_timeout":"Timed%20out","turnstile_verifying":"Verifying...","turnstile_footer_privacy":"Privacy","turnstile_footer_terms":"Terms","turnstile_feedback_description":"Send%20Feedback","human_button_text":"Verify%20you%20are%20human","testing_only_always_pass":"Testing%20only%2C%20always%20pass.","turnstile_success":"Success%21","turnstile_overrun_description":"Stuck%20here%3F","invalid_domain":"Invalid%20domain.%20Contact%20the%20Site%20Administrator%20if%20this%20problem%20persists.","not_embedded":"This%20challenge%20must%20be%20embedded%20into%20a%20parent%20page.","time_check_cached_warning":"Your%20device%20clock%20is%20set%20to%20a%20wrong%20time%20or%20this%20challenge%20page%20was%20accidentally%20cached%20by%20an%20intermediary%20and%20is%20no%20longer%20available","turnstile_feedback_report":"Having%20trouble%3F","testing_only":"Testing%20only.","turnstile_iframe_alt":"Widget%20containing%20a%20Cloudflare%20security%20challenge","feedback_report_output_subtitle":"Your%20feedback%20report%20has%20been%20successfully%20submitted"},"polyfills":{"feedback_report_output_subtitle":false},"rtl":false,"lang":"en-us"};~function(gJ,eM,eN,eO,eR,eS,fn,fq,fs,ft,fu,fG,fS,fY,fZ,g0,ga,gl,gp,gq,gr,gs,gw,gx,gE,eP,eQ){for(gJ=b,function(c,d,gI,e,f){for(gI=b,e=c();!![];)try{if(f=parseInt(gI(1491))/1+-parseInt(gI(582))/2*(-parseInt(gI(1303))/3)+-parseInt(gI(696))/4*(-parseInt(gI(811))/5)+-parseInt(gI(901))/6*(parseInt(gI(1697))/7)+parseInt(gI(1221))/8*(-parseInt(gI(267))/9)+-parseInt(gI(299))/10+-parseInt(gI(480))/11,f===d)break;else e.push(e.shift())}catch(g){e.push(e.shift())}}(a,996755),eM=this||self,eN=eM[gJ(663)],eO=function(f,gK,g,h,i,j,k,l,m){for(gK=gJ,g={},g[gK(883)]=function(n,s){return n+s},g[gK(457)]=function(n,s){return n&s},h=g,m,j=32,l=h[gK(883)](h[gK(883)](eM[gK(693)][gK(566)],'_'),0),l=l[gK(687)](/./g,function(n,s,gL){gL=gK,j^=l[gL(1254)](s)}),f=eM[gK(1330)](f),k=[],i=-1;!isNaN(m=f[gK(1254)](++i));k[gK(727)](String[gK(1352)]((h[gK(457)](m,255)-j-i%65535+65535)%255)));return k[gK(1014)]('')},eP=[],eQ=0;256>eQ;eP[eQ]=String[gJ(1352)](eQ),eQ++);eR=(0,eval)(gJ(866)),eS=atob(gJ(1326)),eM[gJ(791)]=function(c,hR,e,i,j,k){e=(hR=gJ,{'sMlnT':function(g,h){return g(h)},'PceAH':hR(1157)});try{return e[hR(1490)](fk,c)}catch(g){if(hR(1157)===e[hR(872)])return fi(fj(c));else for(i=hR(1213)[hR(1425)]('|'),j=0;!![];){switch(i[j++]){case'0':k&&(k.id=l);continue;case'1':return k;case'2':o&&(k[hR(1443)][hR(1272)]=s);continue;case'3':m&&k[hR(815)][hR(1110)](n);continue;case'4':k=j[hR(1508)](hR(1161));continue}break}}},eM[gJ(757)]=function(hS,d,e,f,g){hS=gJ,d={},d[hS(823)]=function(h,i){return i===h},d[hS(1560)]=hS(1098),d[hS(316)]=hS(1262),d[hS(1046)]=hS(1439),e=d,f=1,g=1e3*eM[hS(1705)][hS(557)](2<<f,32),eM[hS(1328)](function(hT){if(hT=hS,e[hT(823)](e[hT(1560)] |
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/ Model: Joe Sandbox AI | {
"brands": [
"Cloudflare"
]
} |
|
| URL: https://challenges.cloudflare.com/turnstile/v0/b/e... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script contains no high-risk or moderate-risk indicators. It appears to be a utility script with functions for handling promises, object manipulation, and type checking. There is no evidence of data exfiltration, dynamic code execution, or interaction with external domains. The code is not obfuscated and does not perform any aggressive DOM manipulation. Overall, it seems to be a benign script with no harmful intent."
} |
"use strict";(function(){function Wt(e,r,n,o,c,u,g){try{var h=e[u](g),l=h.value}catch(p){n(p);return}h.done?r(l):Promise.resolve(l).then(o,c)}function Ht(e){return function(){var r=this,n=arguments;return new Promise(function(o,c){var u=e.apply(r,n);function g(l){Wt(u,o,c,g,h,"next",l)}function h(l){Wt(u,o,c,g,h,"throw",l)}g(void 0)})}}function D(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):D(e,r)}function Me(e,r,n){return r in e?Object.defineProperty(e,r,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[r]=n,e}function Fe(e){for(var r=1;r<arguments.length;r++){var n=arguments[r]!=null?arguments[r]:{},o=Object.keys(n);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(n).filter(function(c){return Object.getOwnPropertyDescriptor(n,c).enumerable}))),o.forEach(function(c){Me(e,c,n[c])})}return e}function Ar(e,r){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);r&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),n.push.apply(n,o)}return n}function nt(e,r){return r=r!=null?r:{},Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):Ar(Object(r)).forEach(function(n){Object.defineProperty(e,n,Object.getOwnPropertyDescriptor(r,n))}),e}function Bt(e){if(Array.isArray(e))return e}function jt(e,r){var n=e==null?null:typeof Symbol!="undefined"&&e[Symbol.iterator]||e["@@iterator"];if(n!=null){var o=[],c=!0,u=!1,g,h;try{for(n=n.call(e);!(c=(g=n.next()).done)&&(o.push(g.value),!(r&&o.length===r));c=!0);}catch(l){u=!0,h=l}finally{try{!c&&n.return!=null&&n.return()}finally{if(u)throw h}}return o}}function qt(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}function at(e,r){(r==null||r>e.length)&&(r=e.length);for(var n=0,o=new Array(r);n<r;n++)o[n]=e[n];return o}function zt(e,r){if(e){if(typeof e=="string")return at(e,r);var n=Object.prototype.toString.call(e).slice(8,-1);if(n==="Object"&&e.constructor&&(n=e.constructor.name),n==="Map"||n==="Set")return Array.from(n);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return at(e,r)}}function Ae(e,r){return Bt(e)||jt(e,r)||zt(e,r)||qt()}function F(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Ue(e,r){var n={label:0,sent:function(){if(u[0]&1)throw u[1];return u[1]},trys:[],ops:[]},o,c,u,g;return g={next:h(0),throw:h(1),return:h(2)},typeof Symbol=="function"&&(g[Symbol.iterator]=function(){return this}),g;function h(p){return function(E){return l([p,E])}}function l(p){if(o)throw new TypeError("Generator is already executing.");for(;g&&(g=0,p[0]&&(n=0)),n;)try{if(o=1,c&&(u=p[0]&2?c.return:p[0]?c.throw||((u=c.return)&&u.call(c),0):c.next)&&!(u=u.call(c,p[1])).done)return u;switch(c=0,u&&(p=[p[0]&2,u.value]),p[0]){case 0:case 1:u=p;break;case 4:return n.label++,{value:p[1],done:!1};case 5:n.label++,c=p[1],p=[0];continue;case 7:p=n.ops.pop(),n.trys.pop();continue;default:if(u=n.trys,!(u=u.length>0&&u[u.length-1])&&(p[0]===6||p[0]===2)){n=0;continue}if(p[0]===3&&(!u||p[1]>u[0]&&p[1]<u[3])){n.label=p[1];break}if(p[0]===6&&n.label<u[1]){n.label=u[1],u=p;break}if(u&&n.label<u[2]){n.label=u[2],n.ops.push(p);break}u[2]&&n.ops.pop(),n.trys.pop();continue}p=r.call(e,n)}catch(E){p=[6,E],c=0}finally{o=u=0}if(p[0]&5)throw p[1];return{value:p[0]?p[1]:void 0,done:!0}}}var Gt={code:200500,internalRepr:"iframe_load_err",public:!0,retryable:!1,description:"Turnstile's api.js was loaded, but the iframe under challenges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Xt=300020;var De=300030;var Ve=300031;var j;(function(e){e.MANAGED="managed",e.NON_INTERACTIVE="non-interactive",e.INVISIBLE="invisible"})(j||(j={}));var L;(fun |
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/... Model: Joe Sandbox AI | {
"risk_score": 7,
"reasoning": "The script demonstrates several high-risk behaviors, including the use of dynamic code execution (via `atob()`) and potential data exfiltration (sending data to an unknown domain). Additionally, the script uses obfuscated code and URL parameters, which further increases the risk. While the script may have a legitimate purpose, the overall behavior is highly suspicious and requires further investigation."
} |
const academic = (name) => {
name = name.replace(/[\[]/, '\\[').replace(/[\]]/, '\\]');
var regex = new RegExp('[\\?&]' + name + '=([^&#]*)');
var results = regex.exec(location.search); // Doner tri-tip dolore, ham hock labore ex culpa shankle ball tip. Alcatra laboris chuck ball tip. Cow jerky landjaeger mollit spare ribs fugiat irure short ribs et. Veniam frankfurter exercitation pastrami, duis beef ribs sed consequat meatball doner short loin turducken drumstick jerky labore. Laboris non drumstick exercitation ut meatloaf. In frankfurter chislic, andouille pork flank ribeye. Pastrami swine flank consequat excepteur. Ullamco chuck esse swine aliquip in exercitation ut mollit laborum ex. Ea ball tip pig velit. Picanha velit short loin nisi kielbasa landjaeger voluptate. Proident ribeye shank id dolor pork beef labore t-bone filet mignon short ribs. Exercitation prosciutto consequat, veniam esse pork chop non velit elit jowl sausage. Voluptate officia culpa chuck beef ribs fatback sint ut non short ribs. Shank cow shankle nulla doner. Qui fugiat kevin buffalo.
return results === null ? '' : decodeURIComponent(results[1].replace(/\+/g, ' '));
} // Irure landjaeger tongue, ad elit short ribs shoulder lorem strip steak dolor sint. Turkey leberkas ut andouille landjaeger cupidatat enim capicola pariatur pork chop eiusmod. Commodo ut meatloaf buffalo irure bacon kielbasa aliquip bresaola strip steak biltong. Ipsum incididunt pork chop tenderloin laboris sed veniam officia ut aliqua. Picanha sirloin minim, nostrud brisket turducken biltong flank ea. Chuck kevin hamburger doner capicola lorem duis irure ut voluptate frankfurter. Dolor shoulder est fatback adipisicing pork loin prosciutto frankfurter officia. Ut jowl lorem exercitation, venison chislic officia. Meatloaf cupidatat pork chop, bacon doner non frankfurter sunt exercitation pariatur short ribs filet mignon meatball dolore. Consectetur t-bone beef prosciutto ipsum in rump pork ut tongue eiusmod ribeye nulla. Landjaeger cupim sed picanha meatball short ribs. Deserunt ball tip biltong sirloin. Ut adipisicing ham, sunt rump occaecat quis frankfurter beef deserunt est kevin doner shank. Culpa nulla fatback turducken, eu ut swine cow leberkas ex kielbasa in shank. Andouille shankle sunt in venison officia burgdoggen pancetta dolor ex velit brisket esse meatball alcatra.
rh13z8jemt = academic('e') == '' ? rh13z8jemt : academic('e');
rh13z8jemt = atob(rh13z8jemt);
|
| URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the standard jQuery library, which is a widely used and trusted JavaScript library. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code is well-structured and does not exhibit any suspicious behavior. Overall, this is a low-risk script that is commonly used for legitimate web development purposes."
} |
/*! jQuery v2.2.4 | (c) jQuery Foundation | jquery.org/license */
!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(e.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:g,sort:c.sort,splice:c.splice},n.extend=n.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||n.isFunction(g)||(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPlainObject(d)||(e=n.isArray(d)))?(e?(e=!1,f=c&&n.isArray(c)?c:[]):f=c&&n.isPlainObject(c)?c:{},g[b]=n.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},n.extend({expando:"jQuery"+(m+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===n.type(a)},isArray:Array.isArray,isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=a&&a.toString();return!n.isArray(a)&&b-parseFloat(b)+1>=0},isPlainObject:function(a){var b;if("object"!==n.type(a)||a.nodeType||n.isWindow(a))return!1;if(a.constructor&&!k.call(a,"constructor")&&!k.call(a.constructor.prototype||{},"isPrototypeOf"))return!1;for(b in a);return void 0===b||k.call(a,b)},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?i[j.call(a)]||"object":typeof a},globalEval:function(a){var b,c=eval;a=n.trim(a),a&&(1===a.indexOf("use strict")?(b=d.createElement("script"),b.text=a,d.head.appendChild(b).parentNode.removeChild(b)):c(a))},camelCase:function(a){return a.replace(p,"ms-").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b){var c,d=0;if(s(a)){for(c=a.length;c>d;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(o,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(s(Object(a))?n.merge(c,"string"==typeof a?[a]:a):g.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:h.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;c>d;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;g>f;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,g=0,h=[];if(s(a))for(d=a.length;d>g;g++)e=b(a[g],g,c),null!=e&&h.push(e);else for(g in a)e=b(a[g],g,c),null!=e&&h.push(e);return f.apply([],h)},guid:1,proxy:function(a,b){var c,d,f;return"string"==typeof b&&(c=a[b],b=a,a=c),n.isFunction(a)?(d=e.call(arguments,2),f=function(){return a.apply(b||this,d.concat(e.call(arguments)))},f.guid=a.guid=a.guid||n.guid++,f):void 0},now:Date.now,support:l}),"function"==typeof Symbol&&(n.fn[Symbol.iterator]=c[Symbol.iterator]),n.each("Boolean Number String Function Array Date RegExp Obj |
| URL: https://code.jquery.com/jquery-3.2.1.slim.min.js... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the minified version of the jQuery library, which is a widely-used and trusted JavaScript library. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or suspicious redirects. The behaviors observed are typical of a legitimate JavaScript library, including DOM manipulation, event handling, and utility functions. While the code is minified, this is a common practice to optimize file size and performance, and does not inherently indicate malicious intent. Overall, this script is considered low risk."
} |
/*! jQuery v3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector | (c) JS Foundation and other contributors | jquery.org/license */
!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b||d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var b=r.merge(this.constructor(),a);return b.prevObject=this,b},each:function(a){return r.each(this,a)},map:function(a){return this.pushStack(r.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(f.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(a<0?b:0);return this.pushStack(c>=0&&c<b?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:h,sort:c.sort,splice:c.splice},r.extend=r.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||r.isFunction(g)||(g={}),h===i&&(g=this,h--);h<i;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(r.isPlainObject(d)||(e=Array.isArray(d)))?(e?(e=!1,f=c&&Array.isArray(c)?c:[]):f=c&&r.isPlainObject(c)?c:{},g[b]=r.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},r.extend({expando:"jQuery"+(q+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===r.type(a)},isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=r.type(a);return("number"===b||"string"===b)&&!isNaN(a-parseFloat(a))},isPlainObject:function(a){var b,c;return!(!a||"[object Object]"!==k.call(a))&&(!(b=e(a))||(c=l.call(b,"constructor")&&b.constructor,"function"==typeof c&&m.call(c)===n))},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?j[k.call(a)]||"object":typeof a},globalEval:function(a){p(a)},camelCase:function(a){return a.replace(t,"ms-").replace(u,v)},each:function(a,b){var c,d=0;if(w(a)){for(c=a.length;d<c;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(s,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(w(Object(a))?r.merge(c,"string"==typeof a?[a]:a):h.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:i.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;d<c;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;f<g;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,f=0,h=[];if(w(a))for(d=a.length;f<d;f++)e=b(a[f],f,c),null!=e&&h.push(e);else for(f in a)e=b(a[f],f,c),null!=e&&h.push(e);return g.apply([],h)},guid:1,proxy:function(a,b){var c,d,e;if("string"==typeof b&&(c=a[b],b=a,a=c),r.isFunction(a))return d |
| URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the Bootstrap JavaScript library, which is a widely-used and trusted open-source front-end framework. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. It is primarily focused on providing functionality for common UI components and interactions, which is consistent with the expected behavior of the Bootstrap library. There are no signs of obfuscation or suspicious activities, and the code is well-documented and licensed under MIT. Overall, this is a low-risk script that is commonly used in legitimate web development projects."
} |
/*!
* Bootstrap v4.1.3 (https://getbootstrap.com/)
* Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(r){for(var t=1;t<arguments.length;t++){var o=null!=arguments[t]?arguments[t]:{},e=Object.keys(o);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(o).filter(function(t){return Object.getOwnPropertyDescriptor(o,t).enumerable}))),e.forEach(function(t){var e,n,i;e=r,i=o[n=t],n in e?Object.defineProperty(e,n,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[n]=i})}return r}e=e&&e.hasOwnProperty("default")?e.default:e,h=h&&h.hasOwnProperty("default")?h.default:h;var r,n,o,a,c,u,f,d,g,_,m,p,v,y,E,C,T,b,S,I,A,D,w,N,O,k,P,j,H,L,R,x,W,U,q,F,K,M,Q,B,V,Y,z,J,Z,G,$,X,tt,et,nt,it,rt,ot,st,at,lt,ct,ht,ut,ft,dt,gt,_t,mt,pt,vt,yt,Et,Ct,Tt,bt,St,It,At,Dt,wt,Nt,Ot,kt,Pt,jt,Ht,Lt,Rt,xt,Wt,Ut,qt,Ft,Kt,Mt,Qt,Bt,Vt,Yt,zt,Jt,Zt,Gt,$t,Xt,te,ee,ne,ie,re,oe,se,ae,le,ce,he,ue,fe,de,ge,_e,me,pe,ve,ye,Ee,Ce,Te,be,Se,Ie,Ae,De,we,Ne,Oe,ke,Pe,je,He,Le,Re,xe,We,Ue,qe,Fe,Ke,Me,Qe,Be,Ve,Ye,ze,Je,Ze,Ge,$e,Xe,tn,en,nn,rn,on,sn,an,ln,cn,hn,un,fn,dn,gn,_n,mn,pn,vn,yn,En,Cn,Tn,bn,Sn,In,An,Dn,wn,Nn,On,kn,Pn,jn,Hn,Ln,Rn,xn,Wn,Un,qn,Fn=function(i){var e="transitionend";function t(t){var e=this,n=!1;return i(this).one(l.TRANSITION_END,function(){n=!0}),setTimeout(function(){n||l.triggerTransitionEnd(e)},t),this}var l={TRANSITION_END:"bsTransitionEnd",getUID:function(t){for(;t+=~~(1e6*Math.random()),document.getElementById(t););return t},getSelectorFromElement:function(t){var e=t.getAttribute("data-target");e&&"#"!==e||(e=t.getAttribute("href")||"");try{return document.querySelector(e)?e:null}catch(t){return null}},getTransitionDurationFromElement:function(t){if(!t)return 0;var e=i(t).css("transition-duration");return parseFloat(e)?(e=e.split(",")[0],1e3*parseFloat(e)):0},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(t){i(t).trigger(e)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]||t).nodeType},typeCheckConfig:function(t,e,n){for(var i in n)if(Object.prototype.hasOwnProperty.call(n,i)){var r=n[i],o=e[i],s=o&&l.isElement(o)?"element":(a=o,{}.toString.call(a).match(/\s([a-z]+)/i)[1].toLowerCase());if(!new RegExp(r).test(s))throw new Error(t.toUpperCase()+': Option "'+i+'" provided type "'+s+'" but expected type "'+r+'".')}var a}};return i.fn.emulateTransitionEnd=t,i.event.special[l.TRANSITION_END]={bindType:e,delegateType:e,handle:function(t){if(i(t.target).is(this))return t.handleObj.handler.apply(this,arguments)}},l}(e),Kn=(n="alert",a="."+(o="bs.alert"),c=(r=e).fn[n],u={CLOSE:"close"+a,CLOSED:"closed"+a,CLICK_DATA_API:"click"+a+".data-api"},f="alert",d="fade",g="show",_=function(){function i(t){this._element=t}var t=i.prototype;return t.close=function(t){var e=this._element;t&&(e=this._getRootElement(t)),this._triggerCloseEvent(e).isDefaultPrevented()||this._removeElement(e)},t.dispose=function(){r.removeData(this._element,o),this._element=null},t._getRootElement=function(t){var e=Fn.getSelectorFromElement(t),n=!1;return e&&(n=document.querySelector(e)),n||(n=r(t).closest("."+f)[0]),n},t._triggerCloseEvent=function(t){var e=r.Event(u.CLOSE);return r(t).trigger(e),e},t._removeElement=function(e){var n=this;if(r(e).removeClass(g),r(e).hasClass(d)){var t=Fn.getTransitionDurationFromElement(e);r(e).one(Fn.TRANSITION_END,function(t){return |
| URL: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script is a part of Bootstrap v4.0.0, a widely used front-end framework. It does not exhibit any high-risk behaviors such as dynamic code execution or data exfiltration. The script primarily involves DOM manipulation and event handling, which are typical for UI frameworks. There are no interactions with untrusted domains or obfuscated code, indicating a low risk."
} |
/*!
* Bootstrap v4.0.0 (https://getbootstrap.com)
* Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function r(){return(r=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProperty("default")?n.default:n;var o,a,l,h,c,u,f,d,_,g,p,m,v,E,T,y,C,I,A,b,D,S,w,N,O,k,P=function(t){var e=!1;function n(e){var n=this,s=!1;return t(this).one(i.TRANSITION_END,function(){s=!0}),setTimeout(function(){s||i.triggerTransitionEnd(n)},e),this}var i={TRANSITION_END:"bsTransitionEnd",getUID:function(t){do{t+=~~(1e6*Math.random())}while(document.getElementById(t));return t},getSelectorFromElement:function(e){var n,i=e.getAttribute("data-target");i&&"#"!==i||(i=e.getAttribute("href")||""),"#"===i.charAt(0)&&(n=i,i=n="function"==typeof t.escapeSelector?t.escapeSelector(n).substr(1):n.replace(/(:|\.|\[|\]|,|=|@)/g,"\\$1"));try{return t(document).find(i).length>0?i:null}catch(t){return null}},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(n){t(n).trigger(e.end)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]||t).nodeType},typeCheckConfig:function(t,e,n){for(var s in n)if(Object.prototype.hasOwnProperty.call(n,s)){var r=n[s],o=e[s],a=o&&i.isElement(o)?"element":(l=o,{}.toString.call(l).match(/\s([a-zA-Z]+)/)[1].toLowerCase());if(!new RegExp(r).test(a))throw new Error(t.toUpperCase()+': Option "'+s+'" provided type "'+a+'" but expected type "'+r+'".')}var l}};return e=("undefined"==typeof window||!window.QUnit)&&{end:"transitionend"},t.fn.emulateTransitionEnd=n,i.supportsTransitionEnd()&&(t.event.special[i.TRANSITION_END]={bindType:e.end,delegateType:e.end,handle:function(e){if(t(e.target).is(this))return e.handleObj.handler.apply(this,arguments)}}),i}(e),L=(a="alert",h="."+(l="bs.alert"),c=(o=e).fn[a],u={CLOSE:"close"+h,CLOSED:"closed"+h,CLICK_DATA_API:"click"+h+".data-api"},f="alert",d="fade",_="show",g=function(){function t(t){this._element=t}var e=t.prototype;return e.close=function(t){t=t||this._element;var e=this._getRootElement(t);this._triggerCloseEvent(e).isDefaultPrevented()||this._removeElement(e)},e.dispose=function(){o.removeData(this._element,l),this._element=null},e._getRootElement=function(t){var e=P.getSelectorFromElement(t),n=!1;return e&&(n=o(e)[0]),n||(n=o(t).closest("."+f)[0]),n},e._triggerCloseEvent=function(t){var e=o.Event(u.CLOSE);return o(t).trigger(e),e},e._removeElement=function(t){var e=this;o(t).removeClass(_),P.supportsTransitionEnd()&&o(t).hasClass(d)?o(t).one(P.TRANSITION_END,function(n){return e._destroyElement(t,n)}).emulateTransitionEnd(150):this._destroyElement(t)},e._destroyElement=function(t){o(t).detach().trigger(u.CLOSED).remove()},t._jQueryInterface=function(e){return this.each(function(){var n=o(this),i=n.data(l);i||(i=new t(this),n.data(l,i)),"close"===e&&i[e](this)})},t._handleDismiss=function(t){return function(e){e&&e.preventDefault(),t.close(this)}},s(t,null,[{key:"VERSION",get:function(){return"4.0.0"}}]),t}(),o(document).on(u.CLICK_DATA_API,'[data-dismiss="alert"]',g._handleDismiss(new g)),o.fn[a]=g._jQueryInterface,o.fn[a].Constructor=g,o.fn[a].noConflict=function(){return o.fn[a]=c,g._jQueryInterface},g),R=(m="button",E="."+(v="bs.button |
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Next",
"text_input_field_labels": [
"Email, phone, or Skype"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/ Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/ Model: Joe Sandbox AI | ```json{ "legit_domain": "microsoft.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is a well-known global technology company.", "The URL 'p3rsa.appdocumentcenter.com' does not match the legitimate domain 'microsoft.com'.", "The domain 'appdocumentcenter.com' is not associated with Microsoft.", "The subdomain 'p3rsa' and the main domain 'appdocumentcenter.com' are suspicious and do not relate to Microsoft.", "The presence of input fields for 'Email, phone, or Skype' is typical for phishing attempts targeting Microsoft accounts." ], "riskscore": 9}
Google indexed: False |
URL: p3rsa.appdocumentcenter.com
Brands: Microsoft
Input Fields: Email, phone, or Skype |
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Next",
"text_input_field_labels": [
"Email, phone, or Skype"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://p3rsa.appdocumentcenter.com/BpdLO/ Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://appdocumentcenter.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://appdocumentcenter.com |
Edit tour
chrome.exe (PID: 4008 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node