| URL: email Model: Joe Sandbox AI | {
"explanation": [
"Suspicious sender domain 'capitaltractorinc.com' doesn't match the claimed service 'DocsOnline'",
"Generic document signing subject line combined with unexpected sender is a common phishing tactic",
"Attachment naming convention attempts to create urgency and appears targeted"
],
"phishing": true,
"confidence": 8,
"generated_by_ai": false
} |
{
"date": "Mon, 13 Jan 2025 00:43:36 -0800",
"subject": "Cardfactory: Executed Agreement DocsID- Sign & Review.",
"communications": [
"CAUTION: This email originated from outside of the organisation. If in doubt please use the report message button to Security.\n\n"
],
"from": "Received via DocsOnline Shared <d.plowinske@capitaltractorinc.com>",
"to": "martin.poole@cardfactory.co.uk",
"attachements": [
"Martin.poole-In Service Agreement.pdf"
]
} |
| URL: Email Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "CAUTION: This area is protected from outside of the organization. If you did not please as the legal message within it Security",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": true,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: Email Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
| URL: Email Model: Joe Sandbox AI | {"classification":"Credential Stealer"} |
Email:
Detected potential phishing email: Suspicious sender domain 'capitaltractorinc.com' doesn't match the claimed service 'DocsOnline'. Generic document signing subject line combined with unexpected sender is a common phishing tactic. Attachment naming convention attempts to create urgency and appears targeted |
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=mart... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. The use of the 'astronomy' function to extract and decode a parameter from the URL, and the subsequent assignment of the decoded value to the 'rh13z8jemt' variable, suggests the potential for malicious activity. The script also contains a significant amount of irrelevant and obfuscated text, further raising suspicion. Overall, this script demonstrates a high risk of malicious intent and should be thoroughly investigated."
} |
const astronomy = (name) => {
name = name.replace(/[\[]/, '\\[').replace(/[\]]/, '\\]');
var regex = new RegExp('[\\?&]' + name + '=([^&#]*)');
var results = regex.exec(location.search); // Dolore ex consectetur eu corned beef boudin alcatra nostrud biltong exercitation rump. Aute excepteur cupim pastrami adipisicing tenderloin ham strip steak consectetur cow dolore sausage chislic bacon tri-tip. Leberkas kevin nulla flank brisket beef ribs. Corned beef dolore frankfurter, shankle minim porchetta incididunt cupim fatback ipsum sausage pancetta. Doner officia t-bone jowl, pancetta dolore laboris. Labore shank pork chop culpa. Ea sint commodo minim tenderloin, bacon dolore kevin fugiat salami in deserunt capicola aute meatloaf. Pork aliqua pork belly incididunt, sunt andouille tenderloin ea burgdoggen qui brisket doner esse ut enim. Tenderloin prosciutto ullamco laboris meatball ut pork sint anim filet mignon in commodo. Beef ribeye dolore filet mignon, ut buffalo boudin exercitation consequat sausage officia pancetta jowl in picanha. Shankle beef id mollit, tri-tip cillum magna sed andouille salami flank. Fugiat biltong jerky, meatloaf enim beef deserunt filet mignon ullamco swine. Eiusmod fatback sunt, aliquip mollit id chislic sausage. Dolore fugiat incididunt ball tip t-bone exercitation, doner non burgdoggen veniam ipsum spare ribs jerky. Esse kevin lorem jowl.
return results === null ? '' : decodeURIComponent(results[1].replace(/\+/g, ' '));
} // Swine pancetta et do drumstick duis bacon veniam ribeye incididunt andouille buffalo. Aliqua turducken capicola in exercitation short ribs rump deserunt. Aliquip chislic et t-bone pastrami commodo elit turducken in id. Prosciutto in incididunt, fatback magna ex chicken. Tail chicken consequat veniam incididunt ground round burgdoggen reprehenderit meatloaf salami jerky aute kielbasa. Ad dolor pork belly shoulder qui strip steak ea picanha proident rump labore chuck. In ut porchetta, irure fatback t-bone do ham chicken rump incididunt sausage. Esse meatball chicken bresaola ullamco in. Ribeye shank nulla, ut pastrami cupim lorem laboris ground round voluptate strip steak beef esse. Pig short loin porchetta fugiat filet mignon duis lorem aliqua kevin id sunt. Bacon aliquip ham beef ribs, aute shank turducken. Frankfurter consequat jerky, pancetta pork officia bacon enim capicola est salami rump chuck. Leberkas shank t-bone aliquip. Sausage consequat jerky cillum, salami picanha venison duis cupidatat short loin chislic id et swine pancetta. In fatback landjaeger ut pastrami prosciutto voluptate, doner pariatur ut et magna commodo bacon rump.
rh13z8jemt = astronomy('e') == '' ? rh13z8jemt : astronomy('e');
rh13z8jemt = atob(rh13z8jemt);
|
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=mart... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a simple function that submits the first form on the page. This behavior is relatively low-risk and is likely part of a legitimate web application functionality. While the use of `document.forms[0].submit()` is a common practice, it does not exhibit any high-risk indicators such as dynamic code execution, data exfiltration, or suspicious redirects. Therefore, the risk score is assessed as low."
} |
function StarlitTwinkle() {
document.forms[0].submit();
}
|
| URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a Cloudflare challenge script, which is a common security mechanism used to protect websites from bots and other automated threats. The script does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or redirects to malicious domains. It primarily handles communication with the Cloudflare challenge system, which is a legitimate and expected behavior. While the script uses some legacy APIs and has a significant amount of obfuscated code, these factors alone do not indicate malicious intent. Overall, the script seems to be a part of a legitimate security mechanism and poses a low risk."
} |
(function(){
window._cf_chl_opt={
cvId: '3',
cZone: 'challenges.cloudflare.com',
cTplV: 5,
chlApivId: '0',
chlApiWidgetId: 't1nv5',
chlApiSitekey: '0x4AAAAAAA5MvjXmVop0v3Nh',
chlApiMode: 'managed',
chlApiSize: 'normal',
chlApiRcV: 'FPeH90OTrelqoC3ghW3WVftp6.ucc6xpE.6lKLddGOc-1736775807-1.3.1.1-0VvPNnu1LSpX8l2uSgxsEtNGBa8XaZGRNXWvDZF0QZo',
chlApiTimeoutEncountered: 0,
chlApiOverrunBudgetMs:10000,
chlTimeoutMs:120000,
cK:[],
cType: 'chl_api_m',
cRay: '9015d0bcfa880f71',
cH: 'U_eeSvfNhw3F9xPpDpKbrMspTrZUQyZI98ip41hIWVY-1736775807-1.1.1.1-e6TZ4yXjlV0jUhy0Qn.QlTCBlHPvV2yqEjXTmywhTzJCj9_IQV8OYBPin1zWiqdT',
cFPWv: 'b',
cLt: 'n',
chlApiFailureFeedbackEnabled:true,
chlApiLoopFeedbackEnabled:false,
wOL:false,
wT: 'auto',
wS: 'normal',
md: 'FGsRp89mckMpEp93Q6XXhagvEyKpOO3g4zq5pDG2NAk-1736775807-1.1.1.1-Xv7uY4QScbd0G5lPfo6zl8E2wS0Kl7YcmMkInDZrrnimM4NEVN.44RxzjKQCwSVtfHQoOShdXVuRRN9FWpfDkhTMWU3TWPOAGRXpevd9.9p1glZNQkSrxZITTWX_ii3i8.E5fmI4yFqcZzayDi8__ClaPJf6A7o6lsKLz.4l5__FIAYmVJBIwCviACCjE95gC15qolGlSKP2nACtPMn1uJVz_rWjsUCcvlSJfvcTCxyjeALM6dyQSK5FK2gEtxj2ONV_MpDVpjEFozJsfuwsN.OJG_KXM4zsvOsZUD0lYkiZMw.h0UEC7y74S0z1eFsmyOToPa8NjtIgyH7un_xRjbDJcoMuyc68BraADS1Yj4xRcuLqNs9ZyizjUu8d1yG9P7kWKS.BEW9FqJaP00vg_s9QrLSkDf_TtW1HT8tBTHQKW9u.e_Eq_UrgvbtCfDb8TZYsHioXdjp7h9O_UhDHi1LaYnX.biTdZnMybb9kwHL.uj5faM2KNw2JaDLHc_VVWGjoTQ5VAv4K8f2fJADTtDyuOtpXEM5GyvQLXD3ymXXEhZHC3Mpx26rggLBj.kV3NRxcweWCJO0FHuzvH7ciFuAy9oSos2A52G7zqpzkReuvNj3EDaH6U24d6sDE6WoJJOGIvWJ77cAEMqR7PWReLPSXQfWXEuTqSZhj5uahFmGhvbUIyp8rWgBna6_Jd9Xs291AzwZTZC.AuCxodts34qYGV4BUPy7veCrSAfHxB2cQDcMH_e_7xBq4R5oCFIGMbiJAXkIVd5PFAdRPf8yaHc1f.0HFliSSpBzp1AdGZC2D1TtFmb0eHN0AdCbFKg.3KvZhO756.DFNYYdmGAhcncTtis5phsYEtSA602hzkvmr1ICHaUD3TsfCWBQ6Weq5LEWWz7NCLtGMr2.S8OqmNKCh2BNnbqUTFvGd9EdKgxhnJ0C704JE0mzLXsTKfNCqQ5AlkfjsnXOa7CrMWWfdCVqDfdmXjyuR_MAEb1QCrbyQ73VyUf27Q0virvxgnaQDgIHKLRsoI6sp_hb1iODokbzp6MIklVV_kr_0b5OQg1Wssc3mawckb6RZRJREKfjLQ7T1DZ_7QPEcIEx7j5iUIi8FbqhOYOFB7Q5LVv4.7rCzhoohpVCwnJTw17JaVxXt1PXhEPZgC2Fetk8wxKkPPdK65jy0x629TOlRNTxGS4gDVJNFa59rDQgVAedkKyyCe6ynPNTD6XeRAh_Qsv5u7_ejiQKw2rBJehezxIQvIcNqwQNn5ASs3Md5SrO2LrfyGxBQJAdZHJM5HdVtQM1fXaqLard_KG5SVjV.64.V_wZprCn8egTSojGWM4ZpRRqRTnke2CYZ7XgKlbEG3iUUYnjs2Qx9HJjZsotybYtHd9Ai8KFA87k8ulyLPzgPkzLw2dOvauOUMjL3qJ6_Y80LQeAu6pytv2K2Uea6rXR5znsBWbJABR3Fkjaq3o73m6GM8Tz_dRMaATDEyo5HWUWMZEru3fGBOFynJs6yGHU3XL5a0jAUvjUnuHI_dk.FdXX5fFbJmuZ6agk.NEXKwhFt7tcEtGCzAOWTiWBVcr2MdKpe76qJJnhMAFp4fxD.5EEXYY5ypEhcvqszoY5.QaEO8IKX0pUBCsOuEuCMwSdNpQM',
cITimeS: '1736775807',
refresh: function(){
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: 't1nv5',
nextRcV: 'FPeH90OTrelqoC3ghW3WVftp6.ucc6xpE.6lKLddGOc-1736775807-1.3.1.1-0VvPNnu1LSpX8l2uSgxsEtNGBa8XaZGRNXWvDZF0QZo',
event: 'reloadRequest',
}, "*");
}
}
};
var handler = function(event) {
var e = event.data;
if (e.source && e.source === 'cloudflare-challenge' && e.event === 'meow' && e.widgetId === window._cf_chl_opt.chlApiWidgetId) {
if(window['parent']){
window['parent'].postMessage({
source: 'cloudflare-challenge',
widgetId: window._cf_chl_opt.chlApiWidgetId,
event: 'food',
seq: e.seq,
}, '*');
|
| URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.3... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the Bootstrap JavaScript library, which is a widely-used and trusted open-source front-end framework. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. It is primarily focused on providing functionality for common UI components and interactions, which is consistent with the expected behavior of the Bootstrap library. There are no signs of obfuscation or suspicious activities, and the code is well-documented and licensed under MIT. Overall, this is a low-risk script that is commonly used in legitimate web development projects."
} |
/*!
* Bootstrap v4.1.3 (https://getbootstrap.com/)
* Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,h){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function l(r){for(var t=1;t<arguments.length;t++){var o=null!=arguments[t]?arguments[t]:{},e=Object.keys(o);"function"==typeof Object.getOwnPropertySymbols&&(e=e.concat(Object.getOwnPropertySymbols(o).filter(function(t){return Object.getOwnPropertyDescriptor(o,t).enumerable}))),e.forEach(function(t){var e,n,i;e=r,i=o[n=t],n in e?Object.defineProperty(e,n,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[n]=i})}return r}e=e&&e.hasOwnProperty("default")?e.default:e,h=h&&h.hasOwnProperty("default")?h.default:h;var r,n,o,a,c,u,f,d,g,_,m,p,v,y,E,C,T,b,S,I,A,D,w,N,O,k,P,j,H,L,R,x,W,U,q,F,K,M,Q,B,V,Y,z,J,Z,G,$,X,tt,et,nt,it,rt,ot,st,at,lt,ct,ht,ut,ft,dt,gt,_t,mt,pt,vt,yt,Et,Ct,Tt,bt,St,It,At,Dt,wt,Nt,Ot,kt,Pt,jt,Ht,Lt,Rt,xt,Wt,Ut,qt,Ft,Kt,Mt,Qt,Bt,Vt,Yt,zt,Jt,Zt,Gt,$t,Xt,te,ee,ne,ie,re,oe,se,ae,le,ce,he,ue,fe,de,ge,_e,me,pe,ve,ye,Ee,Ce,Te,be,Se,Ie,Ae,De,we,Ne,Oe,ke,Pe,je,He,Le,Re,xe,We,Ue,qe,Fe,Ke,Me,Qe,Be,Ve,Ye,ze,Je,Ze,Ge,$e,Xe,tn,en,nn,rn,on,sn,an,ln,cn,hn,un,fn,dn,gn,_n,mn,pn,vn,yn,En,Cn,Tn,bn,Sn,In,An,Dn,wn,Nn,On,kn,Pn,jn,Hn,Ln,Rn,xn,Wn,Un,qn,Fn=function(i){var e="transitionend";function t(t){var e=this,n=!1;return i(this).one(l.TRANSITION_END,function(){n=!0}),setTimeout(function(){n||l.triggerTransitionEnd(e)},t),this}var l={TRANSITION_END:"bsTransitionEnd",getUID:function(t){for(;t+=~~(1e6*Math.random()),document.getElementById(t););return t},getSelectorFromElement:function(t){var e=t.getAttribute("data-target");e&&"#"!==e||(e=t.getAttribute("href")||"");try{return document.querySelector(e)?e:null}catch(t){return null}},getTransitionDurationFromElement:function(t){if(!t)return 0;var e=i(t).css("transition-duration");return parseFloat(e)?(e=e.split(",")[0],1e3*parseFloat(e)):0},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(t){i(t).trigger(e)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]||t).nodeType},typeCheckConfig:function(t,e,n){for(var i in n)if(Object.prototype.hasOwnProperty.call(n,i)){var r=n[i],o=e[i],s=o&&l.isElement(o)?"element":(a=o,{}.toString.call(a).match(/\s([a-z]+)/i)[1].toLowerCase());if(!new RegExp(r).test(s))throw new Error(t.toUpperCase()+': Option "'+i+'" provided type "'+s+'" but expected type "'+r+'".')}var a}};return i.fn.emulateTransitionEnd=t,i.event.special[l.TRANSITION_END]={bindType:e,delegateType:e,handle:function(t){if(i(t.target).is(this))return t.handleObj.handler.apply(this,arguments)}},l}(e),Kn=(n="alert",a="."+(o="bs.alert"),c=(r=e).fn[n],u={CLOSE:"close"+a,CLOSED:"closed"+a,CLICK_DATA_API:"click"+a+".data-api"},f="alert",d="fade",g="show",_=function(){function i(t){this._element=t}var t=i.prototype;return t.close=function(t){var e=this._element;t&&(e=this._getRootElement(t)),this._triggerCloseEvent(e).isDefaultPrevented()||this._removeElement(e)},t.dispose=function(){r.removeData(this._element,o),this._element=null},t._getRootElement=function(t){var e=Fn.getSelectorFromElement(t),n=!1;return e&&(n=document.querySelector(e)),n||(n=r(t).closest("."+f)[0]),n},t._triggerCloseEvent=function(t){var e=r.Event(u.CLOSE);return r(t).trigger(e),e},t._removeElement=function(e){var n=this;if(r(e).removeClass(g),r(e).hasClass(d)){var t=Fn.getTransitionDurationFromElement(e);r(e).one(Fn.TRANSITION_END,function(t){return |
| URL: https://challenges.cloudflare.com/cdn-cgi/challeng... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a Cloudflare challenge script, which is a common security mechanism used to protect websites from bots and other automated threats. The script does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The script is primarily responsible for handling the Cloudflare challenge and providing translations for the user interface. While it uses some legacy APIs like `XDomainRequest`, these are not inherently malicious and are likely used for compatibility reasons. Overall, this script is considered low risk and is likely a legitimate part of the website's security measures."
} |
window._cf_chl_opt.uaO=false;window._cf_chl_opt.URaOa8={"metadata":{"challenge.supported_browsers":"https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support","challenge.privacy_link":"https%3A%2F%2Fwww.cloudflare.com%2Fprivacypolicy%2F","challenge.terms":"https%3A%2F%2Fwww.cloudflare.com%2Fwebsite-terms%2F"},"translations":{"turnstile_feedback_report":"Having%20trouble%3F","turnstile_overrun_description":"Stuck%20here%3F","time_check_cached_warning":"Your%20device%20clock%20is%20set%20to%20a%20wrong%20time%20or%20this%20challenge%20page%20was%20accidentally%20cached%20by%20an%20intermediary%20and%20is%20no%20longer%20available","turnstile_iframe_alt":"Widget%20containing%20a%20Cloudflare%20security%20challenge","turnstile_failure":"Error","check_delays":"Verification%20is%20taking%20longer%20than%20expected.%20Check%20your%20Internet%20connection%20and%20%3Ca%20class%3D%22refresh_link%22%3Erefresh%20the%20page%3C%2Fa%3E%20if%20the%20issue%20persists.","turnstile_expired":"Expired","human_button_text":"Verify%20you%20are%20human","turnstile_footer_privacy":"Privacy","turnstile_footer_terms":"Terms","invalid_sitekey":"Invalid%20sitekey.%20Contact%20the%20Site%20Administrator%20if%20this%20problem%20persists.","turnstile_refresh":"Refresh","outdated_browser":"Your%20browser%20is%20out%20of%20date.%20Update%20your%20browser%20to%20view%20this%20site%20properly.%3Cbr%2F%3E%3Ca%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%20href%3D%22https%3A%2F%2Fdevelopers.cloudflare.com%2Ffundamentals%2Fget-started%2Fconcepts%2Fcloudflare-challenges%2F%23browser-support%22%3EClick%20here%20for%20more%20information%3C%2Fa%3E","turnstile_verifying":"Verifying...","turnstile_feedback_description":"Send%20Feedback","testing_only":"Testing%20only.","turnstile_timeout":"Timed%20out","invalid_domain":"Invalid%20domain.%20Contact%20the%20Site%20Administrator%20if%20this%20problem%20persists.","testing_only_always_pass":"Testing%20only%2C%20always%20pass.","turnstile_success":"Success%21","not_embedded":"This%20challenge%20must%20be%20embedded%20into%20a%20parent%20page.","feedback_report_output_subtitle":"Your%20feedback%20report%20has%20been%20successfully%20submitted"},"polyfills":{"feedback_report_output_subtitle":false},"rtl":false,"lang":"en-us"};~function(gJ,eM,eN,eU,f0,f3,f5,f6,f7,fj,fv,fB,fC,fD,fN,fY,g2,g3,g4,g8,g9,ga,gb,gh,gi,gf,gg){for(gJ=b,function(c,d,gI,e,f){for(gI=b,e=c();!![];)try{if(f=-parseInt(gI(656))/1*(-parseInt(gI(669))/2)+-parseInt(gI(580))/3*(parseInt(gI(1170))/4)+parseInt(gI(1006))/5*(parseInt(gI(380))/6)+-parseInt(gI(763))/7*(-parseInt(gI(1631))/8)+-parseInt(gI(1451))/9+parseInt(gI(1060))/10+-parseInt(gI(1642))/11*(parseInt(gI(791))/12),d===f)break;else e.push(e.shift())}catch(g){e.push(e.shift())}}(a,971363),eM=this||self,eN=eM[gJ(1481)],eM[gJ(667)]=![],eM[gJ(408)]=function(h1){if(h1=gJ,eM[h1(667)])return;eM[h1(667)]=!![]},eU=0,eN[gJ(586)]===gJ(861)?eN[gJ(1439)](gJ(873),function(){setTimeout(eX,0)}):setTimeout(eX,0),eM[gJ(385)]=function(hc,d,e,f,g){hc=gJ,d={},d[hc(1324)]=function(h,i){return i*h},e=d,f=1,g=e[hc(1324)](1e3,eM[hc(625)][hc(655)](2<<f,32)),eM[hc(638)](function(hd){hd=hc,eM[hd(658)]&&(eM[hd(1707)][hd(711)](),eM[hd(1707)][hd(428)](),eM[hd(1337)]=!![],eM[hd(658)][hd(772)]({'source':hd(1591),'widgetId':eM[hd(696)][hd(1306)],'event':hd(1009),'cfChlOut':eM[hd(696)][hd(357)],'cfChlOutS':eM[hd(696)][hd(520)],'code':hd(1077),'rcV':eM[hd(696)][hd(469)]},'*'))},g)},eM[gJ(788)]=function(g,h,i,he,j,k,l,m,n,o,s,x,B,C,D,E,F){k=(he=gJ,j={},j[he(1272)]=he(1389),j[he(1431)]=function(G,H){return G instanceof H},j[he(1240)]=function(G,H){return G+H},j[he(581)]=function(G,H){return G+H},j[he(1329)]=function(G,H){return G+H},j[he(457)]=he(707),j[he(1457)]=he(1320),j[he(1555)]=he(1400),j[he(1253)]=he(960),j);try{if(l=eY(g[he(1575)],g[he(1725)]),k[he(1431)](g[he(1575)],Error)?he(1614)!==he(1614)?s[he(1173)][he(507)](k[he(1272)]):g[he(1575)]=JSON[he(1177)](g[he(1 |
| URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the standard jQuery library, which is a widely used and trusted JavaScript library. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code is well-structured and does not exhibit any suspicious behavior. Overall, this is a low-risk script that is commonly used for legitimate web development purposes."
} |
/*! jQuery v2.2.4 | (c) jQuery Foundation | jquery.org/license */
!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=a.document,e=c.slice,f=c.concat,g=c.push,h=c.indexOf,i={},j=i.toString,k=i.hasOwnProperty,l={},m="2.2.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return e.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:e.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);return b.prevObject=this,b.context=this.context,b},each:function(a){return n.each(this,a)},map:function(a){return this.pushStack(n.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(e.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(0>a?b:0);return this.pushStack(c>=0&&b>c?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:g,sort:c.sort,splice:c.splice},n.extend=n.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||n.isFunction(g)||(g={}),h===i&&(g=this,h--);i>h;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(n.isPlainObject(d)||(e=n.isArray(d)))?(e?(e=!1,f=c&&n.isArray(c)?c:[]):f=c&&n.isPlainObject(c)?c:{},g[b]=n.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},n.extend({expando:"jQuery"+(m+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===n.type(a)},isArray:Array.isArray,isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=a&&a.toString();return!n.isArray(a)&&b-parseFloat(b)+1>=0},isPlainObject:function(a){var b;if("object"!==n.type(a)||a.nodeType||n.isWindow(a))return!1;if(a.constructor&&!k.call(a,"constructor")&&!k.call(a.constructor.prototype||{},"isPrototypeOf"))return!1;for(b in a);return void 0===b||k.call(a,b)},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?i[j.call(a)]||"object":typeof a},globalEval:function(a){var b,c=eval;a=n.trim(a),a&&(1===a.indexOf("use strict")?(b=d.createElement("script"),b.text=a,d.head.appendChild(b).parentNode.removeChild(b)):c(a))},camelCase:function(a){return a.replace(p,"ms-").replace(q,r)},nodeName:function(a,b){return a.nodeName&&a.nodeName.toLowerCase()===b.toLowerCase()},each:function(a,b){var c,d=0;if(s(a)){for(c=a.length;c>d;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(o,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(s(Object(a))?n.merge(c,"string"==typeof a?[a]:a):g.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:h.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;c>d;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;g>f;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,g=0,h=[];if(s(a))for(d=a.length;d>g;g++)e=b(a[g],g,c),null!=e&&h.push(e);else for(g in a)e=b(a[g],g,c),null!=e&&h.push(e);return f.apply([],h)},guid:1,proxy:function(a,b){var c,d,f;return"string"==typeof b&&(c=a[b],b=a,a=c),n.isFunction(a)?(d=e.call(arguments,2),f=function(){return a.apply(b||this,d.concat(e.call(arguments)))},f.guid=a.guid=a.guid||n.guid++,f):void 0},now:Date.now,support:l}),"function"==typeof Symbol&&(n.fn[Symbol.iterator]=c[Symbol.iterator]),n.each("Boolean Number String Function Array Date RegExp Obj |
| URL: https://code.jquery.com/jquery-3.2.1.slim.min.js... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This appears to be the minified version of the jQuery library, which is a widely-used and trusted JavaScript library. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or suspicious redirects. The behaviors observed are typical of a legitimate JavaScript library, including DOM manipulation, event handling, and utility functions. While the code is minified, this is a common practice to optimize file size and performance, and does not inherently indicate malicious intent. Overall, this script is considered low risk."
} |
/*! jQuery v3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector | (c) JS Foundation and other contributors | jquery.org/license */
!function(a,b){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){"use strict";var c=[],d=a.document,e=Object.getPrototypeOf,f=c.slice,g=c.concat,h=c.push,i=c.indexOf,j={},k=j.toString,l=j.hasOwnProperty,m=l.toString,n=m.call(Object),o={};function p(a,b){b=b||d;var c=b.createElement("script");c.text=a,b.head.appendChild(c).parentNode.removeChild(c)}var q="3.2.1 -ajax,-ajax/jsonp,-ajax/load,-ajax/parseXML,-ajax/script,-ajax/var/location,-ajax/var/nonce,-ajax/var/rquery,-ajax/xhr,-manipulation/_evalUrl,-event/ajax,-effects,-effects/Tween,-effects/animatedSelector",r=function(a,b){return new r.fn.init(a,b)},s=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,t=/^-ms-/,u=/-([a-z])/g,v=function(a,b){return b.toUpperCase()};r.fn=r.prototype={jquery:q,constructor:r,length:0,toArray:function(){return f.call(this)},get:function(a){return null==a?f.call(this):a<0?this[a+this.length]:this[a]},pushStack:function(a){var b=r.merge(this.constructor(),a);return b.prevObject=this,b},each:function(a){return r.each(this,a)},map:function(a){return this.pushStack(r.map(this,function(b,c){return a.call(b,c,b)}))},slice:function(){return this.pushStack(f.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(a){var b=this.length,c=+a+(a<0?b:0);return this.pushStack(c>=0&&c<b?[this[c]]:[])},end:function(){return this.prevObject||this.constructor()},push:h,sort:c.sort,splice:c.splice},r.extend=r.fn.extend=function(){var a,b,c,d,e,f,g=arguments[0]||{},h=1,i=arguments.length,j=!1;for("boolean"==typeof g&&(j=g,g=arguments[h]||{},h++),"object"==typeof g||r.isFunction(g)||(g={}),h===i&&(g=this,h--);h<i;h++)if(null!=(a=arguments[h]))for(b in a)c=g[b],d=a[b],g!==d&&(j&&d&&(r.isPlainObject(d)||(e=Array.isArray(d)))?(e?(e=!1,f=c&&Array.isArray(c)?c:[]):f=c&&r.isPlainObject(c)?c:{},g[b]=r.extend(j,f,d)):void 0!==d&&(g[b]=d));return g},r.extend({expando:"jQuery"+(q+Math.random()).replace(/\D/g,""),isReady:!0,error:function(a){throw new Error(a)},noop:function(){},isFunction:function(a){return"function"===r.type(a)},isWindow:function(a){return null!=a&&a===a.window},isNumeric:function(a){var b=r.type(a);return("number"===b||"string"===b)&&!isNaN(a-parseFloat(a))},isPlainObject:function(a){var b,c;return!(!a||"[object Object]"!==k.call(a))&&(!(b=e(a))||(c=l.call(b,"constructor")&&b.constructor,"function"==typeof c&&m.call(c)===n))},isEmptyObject:function(a){var b;for(b in a)return!1;return!0},type:function(a){return null==a?a+"":"object"==typeof a||"function"==typeof a?j[k.call(a)]||"object":typeof a},globalEval:function(a){p(a)},camelCase:function(a){return a.replace(t,"ms-").replace(u,v)},each:function(a,b){var c,d=0;if(w(a)){for(c=a.length;d<c;d++)if(b.call(a[d],d,a[d])===!1)break}else for(d in a)if(b.call(a[d],d,a[d])===!1)break;return a},trim:function(a){return null==a?"":(a+"").replace(s,"")},makeArray:function(a,b){var c=b||[];return null!=a&&(w(Object(a))?r.merge(c,"string"==typeof a?[a]:a):h.call(c,a)),c},inArray:function(a,b,c){return null==b?-1:i.call(b,a,c)},merge:function(a,b){for(var c=+b.length,d=0,e=a.length;d<c;d++)a[e++]=b[d];return a.length=e,a},grep:function(a,b,c){for(var d,e=[],f=0,g=a.length,h=!c;f<g;f++)d=!b(a[f],f),d!==h&&e.push(a[f]);return e},map:function(a,b,c){var d,e,f=0,h=[];if(w(a))for(d=a.length;f<d;f++)e=b(a[f],f,c),null!=e&&h.push(e);else for(f in a)e=b(a[f],f,c),null!=e&&h.push(e);return g.apply([],h)},guid:1,proxy:function(a,b){var c,d,e;if("string"==typeof b&&(c=a[b],b=a,a=c),r.isFunction(a))return d |
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=martin.poole@cardfactory.co.uk Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://docusign.legalcloudfiles.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": true,
"third_party_hosting": true
} |
URL: https://docusign.legalcloudfiles.com |
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=martin.poole@cardfactory.co.uk Model: Joe Sandbox AI | {
"brands": [
"Cloudflare"
]
} |
|
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=martin.poole@cardfactory.co.uk Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Sign in options",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=martin.poole@cardfactory.co.uk Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Sign in",
"text_input_field_labels": [
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://challenges.cloudflare.com/turnstile/v0/b/e... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script does not exhibit any high-risk behaviors such as dynamic code execution, data exfiltration, or redirects to suspicious domains. It appears to be a utility script with functions for handling promises, object manipulation, and error handling. There are no interactions with external domains or aggressive DOM manipulations. The code is not obfuscated, and there are no legacy practices or tracking behaviors present."
} |
"use strict";(function(){function Wt(e,r,n,o,c,u,g){try{var h=e[u](g),l=h.value}catch(p){n(p);return}h.done?r(l):Promise.resolve(l).then(o,c)}function Ht(e){return function(){var r=this,n=arguments;return new Promise(function(o,c){var u=e.apply(r,n);function g(l){Wt(u,o,c,g,h,"next",l)}function h(l){Wt(u,o,c,g,h,"throw",l)}g(void 0)})}}function D(e,r){return r!=null&&typeof Symbol!="undefined"&&r[Symbol.hasInstance]?!!r[Symbol.hasInstance](e):D(e,r)}function Me(e,r,n){return r in e?Object.defineProperty(e,r,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[r]=n,e}function Fe(e){for(var r=1;r<arguments.length;r++){var n=arguments[r]!=null?arguments[r]:{},o=Object.keys(n);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(n).filter(function(c){return Object.getOwnPropertyDescriptor(n,c).enumerable}))),o.forEach(function(c){Me(e,c,n[c])})}return e}function Ar(e,r){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);r&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),n.push.apply(n,o)}return n}function nt(e,r){return r=r!=null?r:{},Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(r)):Ar(Object(r)).forEach(function(n){Object.defineProperty(e,n,Object.getOwnPropertyDescriptor(r,n))}),e}function Bt(e){if(Array.isArray(e))return e}function jt(e,r){var n=e==null?null:typeof Symbol!="undefined"&&e[Symbol.iterator]||e["@@iterator"];if(n!=null){var o=[],c=!0,u=!1,g,h;try{for(n=n.call(e);!(c=(g=n.next()).done)&&(o.push(g.value),!(r&&o.length===r));c=!0);}catch(l){u=!0,h=l}finally{try{!c&&n.return!=null&&n.return()}finally{if(u)throw h}}return o}}function qt(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}function at(e,r){(r==null||r>e.length)&&(r=e.length);for(var n=0,o=new Array(r);n<r;n++)o[n]=e[n];return o}function zt(e,r){if(e){if(typeof e=="string")return at(e,r);var n=Object.prototype.toString.call(e).slice(8,-1);if(n==="Object"&&e.constructor&&(n=e.constructor.name),n==="Map"||n==="Set")return Array.from(n);if(n==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return at(e,r)}}function Ae(e,r){return Bt(e)||jt(e,r)||zt(e,r)||qt()}function F(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Ue(e,r){var n={label:0,sent:function(){if(u[0]&1)throw u[1];return u[1]},trys:[],ops:[]},o,c,u,g;return g={next:h(0),throw:h(1),return:h(2)},typeof Symbol=="function"&&(g[Symbol.iterator]=function(){return this}),g;function h(p){return function(E){return l([p,E])}}function l(p){if(o)throw new TypeError("Generator is already executing.");for(;g&&(g=0,p[0]&&(n=0)),n;)try{if(o=1,c&&(u=p[0]&2?c.return:p[0]?c.throw||((u=c.return)&&u.call(c),0):c.next)&&!(u=u.call(c,p[1])).done)return u;switch(c=0,u&&(p=[p[0]&2,u.value]),p[0]){case 0:case 1:u=p;break;case 4:return n.label++,{value:p[1],done:!1};case 5:n.label++,c=p[1],p=[0];continue;case 7:p=n.ops.pop(),n.trys.pop();continue;default:if(u=n.trys,!(u=u.length>0&&u[u.length-1])&&(p[0]===6||p[0]===2)){n=0;continue}if(p[0]===3&&(!u||p[1]>u[0]&&p[1]<u[3])){n.label=p[1];break}if(p[0]===6&&n.label<u[1]){n.label=u[1],u=p;break}if(u&&n.label<u[2]){n.label=u[2],n.ops.push(p);break}u[2]&&n.ops.pop(),n.trys.pop();continue}p=r.call(e,n)}catch(E){p=[6,E],c=0}finally{o=u=0}if(p[0]&5)throw p[1];return{value:p[0]?p[1]:void 0,done:!0}}}var Gt={code:200500,internalRepr:"iframe_load_err",public:!0,retryable:!1,description:"Turnstile's api.js was loaded, but the iframe under challenges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Xt=300020;var De=300030;var Ve=300031;var j;(function(e){e.MANAGED="managed",e.NON_INTERACTIVE="non-interactive",e.INVISIBLE="invisible"})(j||(j={}));var L;(fun |
| URL: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script is a part of the Bootstrap library, a widely used and reputable front-end framework. It does not exhibit any high-risk or moderate-risk behaviors such as dynamic code execution, data exfiltration, or redirects to suspicious domains. The script primarily involves DOM manipulation and event handling, which are typical for UI libraries. There are no interactions with untrusted domains or obfuscated code present."
} |
/*!
* Bootstrap v4.0.0 (https://getbootstrap.com)
* Copyright 2011-2018 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e(t.bootstrap={},t.jQuery,t.Popper)}(this,function(t,e,n){"use strict";function i(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function s(t,e,n){return e&&i(t.prototype,e),n&&i(t,n),t}function r(){return(r=Object.assign||function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(t[i]=n[i])}return t}).apply(this,arguments)}e=e&&e.hasOwnProperty("default")?e.default:e,n=n&&n.hasOwnProperty("default")?n.default:n;var o,a,l,h,c,u,f,d,_,g,p,m,v,E,T,y,C,I,A,b,D,S,w,N,O,k,P=function(t){var e=!1;function n(e){var n=this,s=!1;return t(this).one(i.TRANSITION_END,function(){s=!0}),setTimeout(function(){s||i.triggerTransitionEnd(n)},e),this}var i={TRANSITION_END:"bsTransitionEnd",getUID:function(t){do{t+=~~(1e6*Math.random())}while(document.getElementById(t));return t},getSelectorFromElement:function(e){var n,i=e.getAttribute("data-target");i&&"#"!==i||(i=e.getAttribute("href")||""),"#"===i.charAt(0)&&(n=i,i=n="function"==typeof t.escapeSelector?t.escapeSelector(n).substr(1):n.replace(/(:|\.|\[|\]|,|=|@)/g,"\\$1"));try{return t(document).find(i).length>0?i:null}catch(t){return null}},reflow:function(t){return t.offsetHeight},triggerTransitionEnd:function(n){t(n).trigger(e.end)},supportsTransitionEnd:function(){return Boolean(e)},isElement:function(t){return(t[0]||t).nodeType},typeCheckConfig:function(t,e,n){for(var s in n)if(Object.prototype.hasOwnProperty.call(n,s)){var r=n[s],o=e[s],a=o&&i.isElement(o)?"element":(l=o,{}.toString.call(l).match(/\s([a-zA-Z]+)/)[1].toLowerCase());if(!new RegExp(r).test(a))throw new Error(t.toUpperCase()+': Option "'+s+'" provided type "'+a+'" but expected type "'+r+'".')}var l}};return e=("undefined"==typeof window||!window.QUnit)&&{end:"transitionend"},t.fn.emulateTransitionEnd=n,i.supportsTransitionEnd()&&(t.event.special[i.TRANSITION_END]={bindType:e.end,delegateType:e.end,handle:function(e){if(t(e.target).is(this))return e.handleObj.handler.apply(this,arguments)}}),i}(e),L=(a="alert",h="."+(l="bs.alert"),c=(o=e).fn[a],u={CLOSE:"close"+h,CLOSED:"closed"+h,CLICK_DATA_API:"click"+h+".data-api"},f="alert",d="fade",_="show",g=function(){function t(t){this._element=t}var e=t.prototype;return e.close=function(t){t=t||this._element;var e=this._getRootElement(t);this._triggerCloseEvent(e).isDefaultPrevented()||this._removeElement(e)},e.dispose=function(){o.removeData(this._element,l),this._element=null},e._getRootElement=function(t){var e=P.getSelectorFromElement(t),n=!1;return e&&(n=o(e)[0]),n||(n=o(t).closest("."+f)[0]),n},e._triggerCloseEvent=function(t){var e=o.Event(u.CLOSE);return o(t).trigger(e),e},e._removeElement=function(t){var e=this;o(t).removeClass(_),P.supportsTransitionEnd()&&o(t).hasClass(d)?o(t).one(P.TRANSITION_END,function(n){return e._destroyElement(t,n)}).emulateTransitionEnd(150):this._destroyElement(t)},e._destroyElement=function(t){o(t).detach().trigger(u.CLOSED).remove()},t._jQueryInterface=function(e){return this.each(function(){var n=o(this),i=n.data(l);i||(i=new t(this),n.data(l,i)),"close"===e&&i[e](this)})},t._handleDismiss=function(t){return function(e){e&&e.preventDefault(),t.close(this)}},s(t,null,[{key:"VERSION",get:function(){return"4.0.0"}}]),t}(),o(document).on(u.CLICK_DATA_API,'[data-dismiss="alert"]',g._handleDismiss(new g)),o.fn[a]=g._jQueryInterface,o.fn[a].Constructor=g,o.fn[a].noConflict=function(){return o.fn[a]=c,g._jQueryInterface},g),R=(m="button",E="."+(v="bs.button |
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=martin.poole@cardfactory.co.uk Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=martin.poole@cardfactory.co.uk Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://docusign.legalcloudfiles.com/S06ga/?e=martin.poole@cardfactory.co.uk Model: Joe Sandbox AI | ```json{ "legit_domain": "docusign.com", "classification": "wellknown", "reasons": [ "The brand 'Microsoft' is not directly associated with the URL 'docusign.legalcloudfiles.com'.", "The URL uses 'docusign' as a subdomain, which is a well-known brand for electronic agreements, but the main domain 'legalcloudfiles.com' is not associated with DocuSign.", "The presence of 'docusign' in the subdomain could be an attempt to mislead users into thinking the site is related to DocuSign.", "The use of a generic domain 'legalcloudfiles.com' is suspicious and not directly linked to any well-known brand.", "The input field 'Password' suggests that sensitive information is being requested, which is a common tactic in phishing sites." ], "riskscore": 8}
Google indexed: False |
URL: docusign.legalcloudfiles.com
Brands: Microsoft
Input Fields: Password |
| URL: https://legalcloudfiles.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://legalcloudfiles.com |
Edit tour
OUTLOOK.EXE (PID: 3540 cmdline: 
ai.exe (PID: 7060 cmdline: 
Acrobat.exe (PID: 7036 cmdline: 
AcroCEF.exe (PID: 6220 cmdline: 
chrome.exe (PID: 7748 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node