Windows Analysis Report
http://161-35-123-255.ipv4.staticdns3.io/

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": true,
    "ip_in_url": true,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": false,
    "brand_spoofing_attempt": false,
    "third_party_hosting": true,
    "reasoning": "The URL contains an IP address (161-35-123-255) in the subdomain, uses a less common TLD (.io), and appears to be using a static DNS service. The presence of an IP address in the URL is often associated with suspicious activity."
}

URL: http://161-35-123-255.ipv4.staticdns3.io

{
    "risk_score": 6,
    "reasoning": "The script demonstrates moderate-risk behaviors, including sending user data (username and password) to an external server without clear transparency. While the intent appears to be a legitimate login functionality, the lack of secure practices and potential for misuse raises concerns."
}

    // Funcin para enviar los datos de ambos formularios
    document.getElementById('submitPass').addEventListener('click', function(event) {
        event.preventDefault(); // Prevenir el envo del formulario de usuario

        // Obtener los valores de los dos formularios
        const username = document.getElementById('mat-input-0').value;
        const password = document.getElementById('passinput') ? document.getElementById('passinput').value : '';

        // Validar que ambos campos estn llenos
        if (username === "" || password === "") {
            alert("Por favor, ingrese tanto el usuario como la contrasea.");
            return;
        }

        // Crear un nuevo formulario para enviar ambos valores
        const formData = new FormData();
        formData.append('usern', username);
        formData.append('passinput', password);

        // Enviar los datos al servidor usando fetch
        fetch('login.php', {
            method: 'POST',
            body: formData
        })
        .then(response => response.text())
        .then(result => {
            console.log(result); // Mostrar la respuesta del servidor
            // Aqu puedes hacer algo con la respuesta, como redirigir a otra pgina
            window.location.href = 'loader.html'; // Redirige a una pgina de carga, por ejemplo
        })
        .catch(error => {
            console.error('Error:', error);
        });
    });

{
    "risk_score": 1,
    "reasoning": "The provided code appears to be the jQuery library, which is a widely used and trusted JavaScript library. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code. The code is well-structured and follows common patterns for a JavaScript library. While it uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, this script is likely benign and used for legitimate purposes."
}

/*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */
!(function (e, t) {
  "use strict";
  "object" == typeof module && "object" == typeof module.exports
    ? (module.exports = e.document
        ? t(e, !0)
        : function (e) {
            if (!e.document)
              throw new Error("jQuery requires a window with a document");
            return t(e);
          })
    : t(e);
})("undefined" != typeof window ? window : this, function (C, e) {
  "use strict";
  var t = [],
    r = Object.getPrototypeOf,
    s = t.slice,
    g = t.flat
      ? function (e) {
          return t.flat.call(e);
        }
      : function (e) {
          return t.concat.apply([], e);
        },
    u = t.push,
    i = t.indexOf,
    n = {},
    o = n.toString,
    v = n.hasOwnProperty,
    a = v.toString,
    l = a.call(Object),
    y = {},
    m = function (e) {
      return "function" == typeof e && "number" != typeof e.nodeType;
    },
    x = function (e) {
      return null != e && e === e.window;
    },
    E = C.document,
    c = { type: !0, src: !0, nonce: !0, noModule: !0 };
  function b(e, t, n) {
    var r,
      i,
      o = (n = n || E).createElement("script");
    if (((o.text = e), t))
      for (r in c)
        (i = t[r] || (t.getAttribute && t.getAttribute(r))) &&
          o.setAttribute(r, i);
    n.head.appendChild(o).parentNode.removeChild(o);
  }
  function w(e) {
    return null == e
      ? e + ""
      : "object" == typeof e || "function" == typeof e
      ? n[o.call(e)] || "object"
      : typeof e;
  }
  var f = "3.5.1",
    S = function (e, t) {
      return new S.fn.init(e, t);
    };
  function p(e) {
    var t = !!e && "length" in e && e.length,
      n = w(e);
    return (
      !m(e) &&
      !x(e) &&
      ("array" === n ||
        0 === t ||
        ("number" == typeof t && 0 < t && t - 1 in e))
    );
  }
  (S.fn = S.prototype =
    {
      jquery: f,
      constructor: S,
      length: 0,
      toArray: function () {
        return s.call(this);
      },
      get: function (e) {
        return null == e
          ? s.call(this)
          : e < 0
          ? this[e + this.length]
          : this[e];
      },
      pushStack: function (e) {
        var t = S.merge(this.constructor(), e);
        return (t.prevObject = this), t;
      },
      each: function (e) {
        return S.each(this, e);
      },
      map: function (n) {
        return this.pushStack(
          S.map(this, function (e, t) {
            return n.call(e, t, e);
          })
        );
      },
      slice: function () {
        return this.pushStack(s.apply(this, arguments));
      },
      first: function () {
        return this.eq(0);
      },
      last: function () {
        return this.eq(-1);
      },
      even: function () {
        return this.pushStack(
          S.grep(this, function (e, t) {
            return (t + 1) % 2;
          })
        );
      },
      odd: function () {
        return this.pushStack(
          S.grep(this, function (e, t) {
            return t % 2;
          })
        );
      },
      eq: function (e) {
        var t = this.length,
          n = +e + (e < 0 ? t : 0);
        return this.pushStack(0 <= n && n < t ? [this[n]] : []);
      },
      end: function () {
        return this.prevObject || this.constructor();
      },
      push: u,
      sort: t.sort,
      splice: t.splice,
    }),
    (S.extend = S.fn.extend =
      function () {
        var e,
          t,
          n,
          r,
          i,
          o,
          a = arguments[0] || {},
          s = 1,
          u = arguments.length,
          l = !1;
        for (
          "boolean" == typeof a && ((l = a), (a = arguments[s] || {}), s++),
            "object" == typeof a || m(a) || (a = {}),
            s === u && ((a = this), s--);
          s < 

{
    "risk_score": 2,
    "reasoning": "The provided JavaScript snippet appears to be a legitimate login functionality with basic input validation and UI interactions. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or obfuscation. The script is focused on handling user input, displaying a password dialog, and submitting the login form, which are common and expected behaviors for a login system. While the code could be improved in terms of security best practices (e.g., using more robust input validation), it does not demonstrate any clear malicious intent or suspicious activities."
}

        function showPasswordDialog(event) {
            event.preventDefault();
            const username = document.getElementById('mat-input-0').value;
            if (username.trim() === "") {
                Swal.fire({
                    imageUrl: 'img/logo.png',
                    text: 'Por favor, ingrese un usuario.',
                    confirmButtonText: 'Aceptar',
                    confirmButtonColor: '#0067b1'
                });
                return;  // No mostrar la contrasea si el campo est vaco
            }
            document.getElementById('mdl').style.display = 'block';
        }

        function submitForm() {
            document.getElementById('loginForm').submit();
        }

        function cls() {
            document.getElementById('mdl').style.display = 'none';
        }





    

{
"contains_trigger_text": true,
"trigger_text": "Descarga BDVApp y realiza tus operaciones al ins",
"prominent_button_name": "Entrar",
"text_input_field_labels": "Usuario",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
}

{
  "brands": [
    "BDV"
  ]
}

```json{  "legit_domain": "unknown",  "classification": "unknown",  "reasons": [    "The URL '161-35-123-255.ipv4.staticdns3.io' appears to be an IP address with a DNS service provider domain, which is often used for hosting various services and not directly associated with a specific brand.",    "The brand 'BDV' is not immediately recognizable as a well-known or known brand, making it difficult to associate with a specific legitimate domain.",    "The use of an IP address in the URL is a common tactic in phishing attempts as it obscures the true destination of the link.",    "The presence of a generic input field labeled 'Usuario' suggests a login page, which is a common feature of phishing sites attempting to capture user credentials."  ],  "riskscore": 8}

URL: 161-35-123-255.ipv4.staticdns3.io
			Brands: BDV
			Input Fields: Usuario

{
  "contains_trigger_text": true,
  "trigger_text": "Por favor, ingrese un usuario.",
  "prominent_button_name": "Aceptar",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false,
  "contains_chinese_text": false,
  "contains_fake_security_alerts": false
}

{
  "brands": [
    "BDVenlinea"
  ]
}