Windows Analysis Report
https://cjerichmond.jimdosite.com/

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": true
}

URL: https://cjerichmond.jimdosite.com

{
    "risk_score": 5,
    "reasoning": "The script appears to be a common email obfuscation technique, which is a moderate-risk indicator. It decodes email addresses embedded in the HTML and replaces them with obfuscated versions. While this is a common practice to protect email addresses from spam, the script also performs aggressive DOM manipulation, which is another moderate-risk indicator. Overall, the script exhibits some potentially concerning behaviors, but it does not appear to be inherently malicious."
}

!function(){"use strict";function e(e){try{if("undefined"==typeof console)return;"error"in console?console.error(e):console.log(e)}catch(e){}}function t(e){return d.innerHTML='<a href="'+e.replace(/"/g,"&quot;")+'"></a>',d.childNodes[0].getAttribute("href")||""}function r(e,t){var r=e.substr(t,2);return parseInt(r,16)}function n(n,c){for(var o="",a=r(n,c),i=c+2;i<n.length;i+=2){var l=r(n,i)^a;o+=String.fromCharCode(l)}try{o=decodeURIComponent(escape(o))}catch(u){e(u)}return t(o)}function c(t){for(var r=t.querySelectorAll("a"),c=0;c<r.length;c++)try{var o=r[c],a=o.href.indexOf(l);a>-1&&(o.href="mailto:"+n(o.href,a+l.length))}catch(i){e(i)}}function o(t){for(var r=t.querySelectorAll(u),c=0;c<r.length;c++)try{var o=r[c],a=o.parentNode,i=o.getAttribute(f);if(i){var l=n(i,0),d=document.createTextNode(l);a.replaceChild(d,o)}}catch(h){e(h)}}function a(t){for(var r=t.querySelectorAll("template"),n=0;n<r.length;n++)try{i(r[n].content)}catch(c){e(c)}}function i(t){try{c(t),o(t),a(t)}catch(r){e(r)}}var l="/cdn-cgi/l/email-protection#",u=".__cf_email__",f="data-cfemail",d=document.createElement("div");i(document),function(){var e=document.currentScript||document.scripts[document.scripts.length-1];e.parentNode.removeChild(e)}()}();

{
    "risk_score": 8,
    "reasoning": "This script demonstrates several high-risk behaviors, including dynamic code execution, data exfiltration, and redirects to potentially malicious domains. The use of an iframe to load additional scripts and the obfuscated parameters in the script source URL suggest this is a highly suspicious and potentially malicious script."
}

(function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'8ffdcfd2ffbd7c8e',t:'MTczNjUyNDExMS4wMDAwMDA='};var a=document.createElement('script');a.nonce='';a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();

{
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
}

{
"contains_trigger_text": true,
"trigger_text": "Here is the document your contact shared with you click on view document below",
"prominent_button_name": "VIEW DOCUMENT",
"text_input_field_labels": [
"Naam"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
}

{
    "typosquatting": true,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": false,
    "brand_spoofing_attempt": true,
    "third_party_hosting": false
}

URL: https://turascandlnavia.com

{
  "brands": "unknown"
}

{
  "brands": [
    "Jimdo"
  ]
}

```json
{
    "risk_score": 2,
    "reasoning": "The script primarily deals with cookie management and logging, with no high-risk behaviors like dynamic code execution or data exfiltration. It uses console logging and cookie setting, which are low-risk activities. The script does not interact with external domains or perform aggressive DOM manipulation."
}

/*! For license information please see f01207515949d5549158.js.LICENSE.txt */
(()=>{var e,t,n,i,a={58695:(e,t,n)=>{"use strict";n(33893).Cookie;var i=n(76046);t.u5=i.CKies,i.CookieOptions,i.CookieType},76046:(e,t,n)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0});var i,a,o=n(33893);!function(e){e.NECESSARY="necessary",e.FUNCTIONAL="functional",e.PERFORMANCE="performance",e.MARKETING="marketing"}(i=t.CookieType||(t.CookieType={})),function(e){e.ALLOW="allow",e.DENY="deny"}(a=t.CookieOptions||(t.CookieOptions={})),t.CONFIG_EXPIRATION=31536e6;var r=function(){function e(){}return e.getExpireDate=function(){var e=new Date;return e.setTime(e.getTime()+t.CONFIG_EXPIRATION),e},e.key=function(e){return"ckies_"+e},e.use=function(e){return e===i.NECESSARY||(this.isOptIn()?o.Cookie.get(this.key(e))===a.ALLOW:o.Cookie.get(this.key(e))!==a.DENY)},e.deny=function(e){this.set(e,a.DENY)},e.allow=function(e){this.set(e,a.ALLOW)},e.useNecessary=function(){return this.use(i.NECESSARY)},e.useFunctional=function(){return this.use(i.FUNCTIONAL)},e.usePerformance=function(){return this.use(i.PERFORMANCE)},e.useMarketing=function(){return this.use(i.MARKETING)},e.set=function(e,t){e!==i.NECESSARY&&o.Cookie.set(this.key(e),t,this.getExpireDate())},e.isOptIn=function(){return window.hasOwnProperty("CKIES_OPTIN")&&!0===window.CKIES_OPTIN},e}();t.CKies=r},33893:(e,t)=>{"use strict";Object.defineProperty(t,"__esModule",{value:!0});var n=function(){function e(){}return e.get=function(e){var t=("; "+document.cookie).split("; "+e+"=");return t&&2===t.length?(t.pop()||"").split(";").shift():null},e.set=function(e,t,n){document.cookie=e+"="+t+"; expires="+n.toUTCString()+"; path=/"},e}();t.Cookie=n},2604:(e,t,n)=>{"use strict";n.d(t,{UD:()=>Mo});var i={log:"log",debug:"debug",info:"info",warn:"warn",error:"error"},a=console,o={};Object.keys(i).forEach((function(e){o[e]=a[e]}));var r="Datadog Browser SDK:",s={debug:o.debug.bind(a,r),log:o.log.bind(a,r),info:o.info.bind(a,r),warn:o.warn.bind(a,r),error:o.error.bind(a,r)};function l(e,t){return function(){for(var n=[],i=0;i<arguments.length;i++)n[i]=arguments[i];try{return e.apply(void 0,n)}catch(e){s.error(t,e)}}}var c,d=!1;function u(e){d=e}function m(e,t,n){var i=n.value;n.value=function(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];return(c?p(i):i).apply(this,e)}}function p(e){return function(){return g(e,this,arguments)}}function g(e,t,n){try{return e.apply(t,n)}catch(e){if(h(e),c)try{c(e)}catch(e){h(e)}}}function h(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];d&&s.error.apply(s,function(e,t,n){if(n||2===arguments.length)for(var i,a=0,o=t.length;a<o;a++)!i&&a in t||(i||(i=Array.prototype.slice.call(t,0,a)),i[a]=t[a]);return e.concat(i||Array.prototype.slice.call(t))}(["[MONITOR]"],e,!1))}function b(e,t){return-1!==e.indexOf(t)}function f(e){if(Array.from)return Array.from(e);var t=[];if(e instanceof Set)e.forEach((function(e){return t.push(e)}));else for(var n=0;n<e.length;n++)t.push(e[n]);return t}function y(e,t){for(var n=0;n<e.length;n+=1){var i=e[n];if(t(i,n))return i}}function v(e){return Object.keys(e).map((function(t){return e[t]}))}function S(e){return Object.keys(e).map((function(t){return[t,e[t]]}))}function k(e,t){return e.slice(0,t.length)===t}function w(e){for(var t=[],n=1;n<arguments.length;n++)t[n-1]=arguments[n];return t.forEach((function(t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])})),e}function C(e){var t=w({version:"5.15.0",onReady:function(e){e()}},e);return Object.defineProperty(t,"_setDebug",{get:function(){return u},enumerable:!1}),t}function T(e,t,n){var i=e[t];e[t]=n,i&&i.q&&i.q.forEach((function(e){return l(e,"onReady callback threw an error:")()}))}function P(){if("object"==typeof globalThis)return globalThis;Object.defineProperty(Object.prototype,"_dd_temp_",{get:function(){return this},configurable:!0});var e=_dd_temp_;return delete Object.prototype._dd_temp_,"object"!=typeof e&&(e="object"==typeof self?self:"ob