| URL: http://url4908.dhlecommerce.co.uk Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": true,
"third_party_hosting": true,
"reasoning": "The URL contains a numeric prefix '4908' which is unusual and suspicious for a legitimate DHL domain. While .co.uk is a legitimate TLD, the number sequence in the subdomain suggests this could be a phishing attempt targeting DHL's brand."
} |
URL: http://url4908.dhlecommerce.co.uk |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "This script appears to be implementing a common pattern for asynchronous loading and hiding of elements, likely for analytics or performance optimization purposes. While it uses some older techniques like modifying the class name directly, the overall behavior does not indicate any high-risk activities. The script is likely legitimate, but could be improved by using more modern APIs."
} |
(function (a, s, y, n, c, h, i, d, e) {
s.className += ' ' + y;
h.start = 1 * new Date;
h.end = i = function () {
s.className = s.className.replace(RegExp(' ?' + y), '')
};
(a[n] = a[n] || []).hide = h;
setTimeout(function () {
i(); h.end = null
}, c);
h.timeout = c;
})
(window, document.documentElement, 'async-hide', 'dataLayer', 4000, { 'GTM-MB5384M': true });
|
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a legitimate part of a web application, with no clear indicators of malicious behavior. It primarily handles the display of scan event data, user session management, and navigation to external websites. While it uses some legacy APIs like `XDomainRequest`, the overall context suggests this is likely a benign script with no significant security risks."
} |
// The collection of scan events are provided from the server
UKMailGMapApp.ScanEvents = scanEventsData('[{"ScanEventId":"1","Title":"IOD: porch","Latitude":"52.202729","Longitude":"1.028911","Accuracy":"0","ScanType":"DT15","EventDateTime":"14/01/2025 12:23:55","PodDateTime":"14/01/2025 12:23","IconURL":"//maps.google.com/mapfiles/kml/paddle/A.png","ImageURL":"","Items":"1","SigName":"porch","Comments":"None","InfoWindowHeader":"IOD: Signed for by porch on Tuesday 14th January 2025 at 12:23","DeliveryType":"Accepted at delivery point","DeliveryTypeMessage":"Accepted at delivery point","ConsignmentNumber":"41903751569767","HasPodSignatureImage":"false"}]');
UKMailGMapApp.IsLogOffValidatedUser = 'true';
UKMailGMapApp.IsSwitchOnMapFeature = 'true';
var utitlity = UKMail.Utility;
var map = UKMail.Map;
map.addItem(utitlity.addAdpStoreData(''));
$(function () {
$("#bottomBanner1").click(function () {
window.location.href = "https://send.dhlparcel.co.uk/quick-quote?utm_source=track.dhlecommerce&utm_medium=hompage_image";
});
$("#bottomBanner2").click(function () {
window.location.href = "https://www.dhl.com/gb-en/home/our-divisions/parcel/business-users/business-services.html#parsysPath_reference_copy_copy";
});
});
|
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a common pattern used in ASP.NET web applications for client-side postback handling. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code. The script is primarily focused on handling form submissions and does not exhibit any suspicious behavior. While it uses some legacy practices like `__doPostBack`, this is a standard technique in the ASP.NET ecosystem and does not pose a significant security risk in this context."
} |
//<![CDATA[
var theForm = document.forms['ctl01'];
if (!theForm) {
theForm = document.ctl01;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//
|
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a simple user interface interaction, with a click event handler to hide an article element and a click event handler to redirect the user to a DHL website. This behavior is common for web page functionality and does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or obfuscation. The script is likely benign and used for legitimate purposes."
} |
$(function() {
$('.smart-article__close').click(function() {
$(this).closest('.article').slideUp();
});
$("#topBanner").click(function () {
window.location.href = "https://www.dhl.com/gb-en/home/our-divisions/parcel/business-users/business-services/consumer-app.html";
});
});
|
| URL: https://track.dhlparcel.co.uk/Scripts/jquery-3.7.0... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "The provided code appears to be the jQuery library, which is a widely used and trusted JavaScript library. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code. The code is well-structured and follows common patterns for a JavaScript library. While it uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, this script is likely benign and used for legitimate purposes."
} |
/*! jQuery v3.7.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */
!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use strict";var oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return oe.flat.call(e)}:function(e){return oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue.toString,a=o.call(Object),le={},v=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},y=function(e){return null!=e&&e===e.window},C=ie.document,u={type:!0,src:!0,nonce:!0,noModule:!0};function m(e,t,n){var r,i,o=(n=n||C).createElement("script");if(o.text=e,t)for(r in u)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[i.call(e)]||"object":typeof e}var t="3.7.0",l=/HTML$/i,ce=function(e,t){return new ce.fn.init(e,t)};function c(e){var t=!!e&&"length"in e&&e.length,n=x(e);return!v(e)&&!y(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}function fe(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}ce.fn=ce.prototype={jquery:t,constructor:ce,length:0,toArray:function(){return ae.call(this)},get:function(e){return null==e?ae.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=ce.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return ce.each(this,e)},map:function(n){return this.pushStack(ce.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(ae.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(ce.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(ce.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:s,sort:oe.sort,splice:oe.splice},ce.extend=ce.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||v(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(ce.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||ce.isPlainObject(n)?n:{},i=!1,a[t]=ce.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},ce.extend({expando:"jQuery"+(t+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==i.call(e))&&(!(t=r(e))||"function"==typeof(n=ue.call(t,"constructor")&&t.constructor)&&o.call(n)===a)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){m(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(c(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},text:function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i)return e.textContent;if(3===i||4===i)return e.nodeValue}else while(t=e[r++])n+=ce.text(t);return n},makeArray:function(e,t){var n=t||[];return null!=e&&(c(Object(e))?ce.merge(n,"string"==typeof e?[e]:e):s.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:se.call(t,e,n)},isXMLDoc:function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!l.test(t||n&&n.nodeName||"HTML")},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r |
| URL: https://track.dhlparcel.co.uk/bundles/WebFormsJs?v... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a part of a web form handling functionality, which is a common and legitimate practice. While it uses some older APIs like `XDomainRequest` and performs dynamic DOM manipulation, these behaviors are not inherently malicious and are likely part of the form's functionality. The script does not exhibit any high-risk indicators like dynamic code execution or data exfiltration. Overall, the risk score is on the lower end, indicating a relatively benign script with some outdated practices."
} |
function WebForm_PostBackOptions(n,t,i,r,u,f,e){this.eventTarget=n;this.eventArgument=t;this.validation=i;this.validationGroup=r;this.actionUrl=u;this.trackFocus=f;this.clientSubmit=e}function WebForm_DoPostBackWithOptions(n){var r=!0,i,t;n.validation&&typeof Page_ClientValidate=="function"&&(r=Page_ClientValidate(n.validationGroup));r&&(typeof n.actionUrl!="undefined"&&n.actionUrl!=null&&n.actionUrl.length>0&&(theForm.action=n.actionUrl),n.trackFocus&&(i=theForm.elements.__LASTFOCUS,typeof i!="undefined"&&i!=null&&(typeof document.activeElement=="undefined"?i.value=n.eventTarget:(t=document.activeElement,typeof t!="undefined"&&t!=null&&(typeof t.id!="undefined"&&t.id!=null&&t.id.length>0?i.value=t.id:typeof t.name!="undefined"&&(i.value=t.name))))));n.clientSubmit&&__doPostBack(n.eventTarget,n.eventArgument)}function WebForm_DoCallback(n,t,i,r,u,f){var w=__theFormPostData+"__CALLBACKID="+WebForm_EncodeCallback(n)+"&__CALLBACKPARAM="+WebForm_EncodeCallback(t),s,v,h,l,o,y,a,p,c,e,b;theForm.__EVENTVALIDATION&&(w+="&__EVENTVALIDATION="+WebForm_EncodeCallback(theForm.__EVENTVALIDATION.value));try{s=new XMLHttpRequest}catch(k){try{s=new ActiveXObject("Microsoft.XMLHTTP")}catch(k){}}v=!0;try{v=s&&s.setRequestHeader}catch(k){}if(h={},h.eventCallback=i,h.context=r,h.errorCallback=u,h.async=f,l=WebForm_FillFirstAvailableSlot(__pendingCallbacks,h),f||(__synchronousCallBackIndex!=-1&&(__pendingCallbacks[__synchronousCallBackIndex]=null),__synchronousCallBackIndex=l),v){s.onreadystatechange=WebForm_CallbackComplete;h.xmlRequest=s;o=theForm.action||document.location.pathname;y=o.indexOf("#");y!==-1&&(o=o.substr(0,y));__nonMSDOMBrowser||(a=o.indexOf("?"),a!==-1?(p=o.substr(0,a),p.indexOf("%")===-1&&(o=encodeURI(p)+o.substr(a))):o.indexOf("%")===-1&&(o=encodeURI(o)));s.open("POST",o,!0);s.setRequestHeader("Content-Type","application/x-www-form-urlencoded; charset=utf-8");s.send(w);return}if(h.xmlRequest={},c="__CALLBACKFRAME"+l,e=document.frames[c],!e){e=document.createElement("IFRAME");e.width="1";e.height="1";e.frameBorder="0";e.id=c;e.name=c;e.style.position="absolute";e.style.top="-100px";e.style.left="-100px";try{callBackFrameUrl&&(e.src=callBackFrameUrl)}catch(k){}document.body.appendChild(e)}b=window.setInterval(function(){var a,s,h,i,r,u,f,o;if(e=document.frames[c],e&&e.document){for(window.clearInterval(b),e.document.write(""),e.document.close(),e.document.write('<html><body><form method="post"><input type="hidden" name="__CALLBACKLOADSCRIPT" value="t"><\/form><\/body><\/html>'),e.document.close(),e.document.forms[0].action=theForm.action,a=__theFormPostCollection.length,h=0;h<a;h++)s=__theFormPostCollection[h],s&&(i=e.document.createElement("INPUT"),i.type="hidden",i.name=s.name,i.value=s.value,e.document.forms[0].appendChild(i));r=e.document.createElement("INPUT");r.type="hidden";r.name="__CALLBACKID";r.value=n;e.document.forms[0].appendChild(r);u=e.document.createElement("INPUT");u.type="hidden";u.name="__CALLBACKPARAM";u.value=t;e.document.forms[0].appendChild(u);theForm.__EVENTVALIDATION&&(f=e.document.createElement("INPUT"),f.type="hidden",f.name="__EVENTVALIDATION",f.value=theForm.__EVENTVALIDATION.value,e.document.forms[0].appendChild(f));o=e.document.createElement("INPUT");o.type="hidden";o.name="__CALLBACKINDEX";o.value=l;e.document.forms[0].appendChild(o);e.document.forms[0].submit()}},10)}function WebForm_CallbackComplete(){for(var i,t,n=0;n<__pendingCallbacks.length;n++)callbackObject=__pendingCallbacks[n],callbackObject&&callbackObject.xmlRequest&&callbackObject.xmlRequest.readyState==4&&(__pendingCallbacks[n].async||(__synchronousCallBackIndex=-1),__pendingCallbacks[n]=null,i="__CALLBACKFRAME"+n,t=document.getElementById(i),t&&t.parentNode.removeChild(t),WebForm_ExecuteCallback(callbackObject))}function WebForm_ExecuteCallback(n){var t=n.xmlRequest.responseText,r,u,f,i;t.charAt(0)=="s"?typeof n.eventCallback!="undefined"&&n.eventCallback!=null&&n.eventCallback(t.substring(1),n.context):t.charAt(0)=="e"?typeof n.errorCallb |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a legitimate script that handles resizing of an iframe and integrates with a client-side validation process. While it uses some legacy practices like `XDomainRequest`, the overall behavior is consistent with typical web application functionality and does not demonstrate any high-risk indicators. The script is likely well-intentioned, with the potential for some minor performance or security concerns due to the use of outdated APIs."
} |
$(window).on('load', function() {
resizeIframe();
});
$(function () {
resizeIframe();
svg4everybody();
// This is a frig to resize the containing iFrame on client side validation failure - ##mw !!!!!!!!
var originalValidationFunction = Page_ClientValidate;
if (window.primaryNavigationIsLoaded !== true && originalValidationFunction && typeof (originalValidationFunction) == "function") {
// ReSharper disable once AssignToImplicitGlobalInFunctionScope
Page_ClientValidate = function (validationGroup) {
var result = originalValidationFunction(validationGroup);
if (!Page_IsValid) {
resizetheiframe();
}
return result;
};
}
});
function resizeIframe(debug) {
var height = $('#dhlparcel').height() * 1.1;
var maxheight = height.toString() + 'px';
if (debug === true) alert(maxheight);
window.parent.postMessage(['resizeiframe', 'integrationframe', '100%', maxheight], '*');
}
function debugResizeIframe() {
resizeIframe(true);
}
function resizetheiframe() {
setTimeout(window.resizeIframe, 300);
}
function debugresizetheiframe() {
setTimeout(window.debugResizeIframe, 300);
}
|
| URL: https://track.dhlparcel.co.uk/Scripts/respond.min.... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a polyfill for media queries, which is a common and legitimate practice. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or obfuscated code. The script primarily focuses on feature detection and DOM manipulation to ensure consistent media query behavior across different browsers. While it uses some moderate-risk indicators like external data transmission and aggressive DOM manipulation, these are within the expected scope of a media query polyfill. Overall, the script seems to be a well-intentioned and widely-used library, and the risk score is relatively low."
} |
/*! Respond.js v1.4.0: min/max-width media query polyfill * Copyright 2013 Scott Jehl
* Licensed under https://github.com/scottjehl/Respond/blob/master/LICENSE-MIT
* */
!function(a){"use strict";a.matchMedia=a.matchMedia||function(a){var b,c=a.documentElement,d=c.firstElementChild||c.firstChild,e=a.createElement("body"),f=a.createElement("div");return f.id="mq-test-1",f.style.cssText="position:absolute;top:-100em",e.style.background="none",e.appendChild(f),function(a){return f.innerHTML='­<style media="'+a+'"> #mq-test-1 { width: 42px; }</style>',c.insertBefore(e,d),b=42===f.offsetWidth,c.removeChild(e),{matches:b,media:a}}}(a.document)}(this),function(a){"use strict";function b(){u(!0)}var c={};a.respond=c,c.update=function(){};var d=[],e=function(){var b=!1;try{b=new a.XMLHttpRequest}catch(c){b=new a.ActiveXObject("Microsoft.XMLHTTP")}return function(){return b}}(),f=function(a,b){var c=e();c&&(c.open("GET",a,!0),c.onreadystatechange=function(){4!==c.readyState||200!==c.status&&304!==c.status||b(c.responseText)},4!==c.readyState&&c.send(null))};if(c.ajax=f,c.queue=d,c.regex={media:/@media[^\{]+\{([^\{\}]*\{[^\}\{]*\})+/gi,keyframes:/@.*keyframes[^\{]+\{(?:[^\{\}]*\{[^\}\{]*\})+[^\}]+\}/gi,urls:/(url\()['"]?([^\/\)'"][^:\)'"]+)['"]?(\))/g,findStyles:/@media *([^\{]+)\{([\S\s]+?)$/,only:/(only\s+)?([a-zA-Z]+)\s?/,minw:/\([\s]*min\-width\s*:[\s]*([\s]*[0-9\.]+)(px|em)[\s]*\)/,maxw:/\([\s]*max\-width\s*:[\s]*([\s]*[0-9\.]+)(px|em)[\s]*\)/},c.mediaQueriesSupported=a.matchMedia&&null!==a.matchMedia("only all")&&a.matchMedia("only all").matches,!c.mediaQueriesSupported){var g,h,i,j=a.document,k=j.documentElement,l=[],m=[],n=[],o={},p=30,q=j.getElementsByTagName("head")[0]||k,r=j.getElementsByTagName("base")[0],s=q.getElementsByTagName("link"),t=function(){var a,b=j.createElement("div"),c=j.body,d=k.style.fontSize,e=c&&c.style.fontSize,f=!1;return b.style.cssText="position:absolute;font-size:1em;width:1em",c||(c=f=j.createElement("body"),c.style.background="none"),k.style.fontSize="100%",c.style.fontSize="100%",c.appendChild(b),f&&k.insertBefore(c,k.firstChild),a=b.offsetWidth,f?k.removeChild(c):c.removeChild(b),k.style.fontSize=d,e&&(c.style.fontSize=e),a=i=parseFloat(a)},u=function(b){var c="clientWidth",d=k[c],e="CSS1Compat"===j.compatMode&&d||j.body[c]||d,f={},o=s[s.length-1],r=(new Date).getTime();if(b&&g&&p>r-g)return a.clearTimeout(h),h=a.setTimeout(u,p),void 0;g=r;for(var v in l)if(l.hasOwnProperty(v)){var w=l[v],x=w.minw,y=w.maxw,z=null===x,A=null===y,B="em";x&&(x=parseFloat(x)*(x.indexOf(B)>-1?i||t():1)),y&&(y=parseFloat(y)*(y.indexOf(B)>-1?i||t():1)),w.hasquery&&(z&&A||!(z||e>=x)||!(A||y>=e))||(f[w.media]||(f[w.media]=[]),f[w.media].push(m[w.rules]))}for(var C in n)n.hasOwnProperty(C)&&n[C]&&n[C].parentNode===q&&q.removeChild(n[C]);for(var D in f)if(f.hasOwnProperty(D)){var E=j.createElement("style"),F=f[D].join("\n");E.type="text/css",E.media=D,q.insertBefore(E,o.nextSibling),E.styleSheet?E.styleSheet.cssText=F:E.appendChild(j.createTextNode(F)),n.push(E)}},v=function(a,b,d){var e=a.replace(c.regex.keyframes,"").match(c.regex.media),f=e&&e.length||0;b=b.substring(0,b.lastIndexOf("/"));var g=function(a){return a.replace(c.regex.urls,"$1"+b+"$2$3")},h=!f&&d;b.length&&(b+="/"),h&&(f=1);for(var i=0;f>i;i++){var j,k,n,o;h?(j=d,m.push(g(a))):(j=e[i].match(c.regex.findStyles)&&RegExp.$1,m.push(RegExp.$2&&g(RegExp.$2))),n=j.split(","),o=n.length;for(var p=0;o>p;p++)k=n[p],l.push({media:k.split("(")[0].match(c.regex.only)&&RegExp.$2||"all",rules:m.length-1,hasquery:k.indexOf("(")>-1,minw:k.match(c.regex.minw)&&parseFloat(RegExp.$1)+(RegExp.$2||""),maxw:k.match(c.regex.maxw)&&parseFloat(RegExp.$1)+(RegExp.$2||"")})}u()},w=function(){if(d.length){var b=d.shift();f(b.href,function(c){v(c,b.href,b.media),o[b.href]=!0,a.setTimeout(function(){w()},0)})}},x=function(){for(var b=0;b<s.length;b++){var c=s[b],e=c.href,f=c.media,g=c.rel&&"stylesheet"===c.rel.toLowerCase();e&&g&&!o[e]&&(c.styleSheet&&c.styleSheet.rawCssText?(v(c.styl |
| URL: https://track.dhlparcel.co.uk/Scripts/bootstrap.mi... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "The provided JavaScript snippet appears to be a part of the Bootstrap library, which is a popular and widely-used front-end framework. The code does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code/URLs. The behaviors observed are related to standard UI functionality, such as handling alert dismissals and button state changes, which are common in web development. Additionally, the code is well-documented and licensed under the Apache License, indicating it is a legitimate and trusted library. Overall, this script poses a low risk and is likely used for legitimate purposes."
} |
/* NUGET: BEGIN LICENSE TEXT
*
* Microsoft grants you the right to use these script files for the sole
* purpose of either: (i) interacting through your browser with the Microsoft
* website or online service, subject to the applicable licensing or use
* terms; or (ii) using the files as included with a Microsoft product subject
* to that product's license terms. Microsoft reserves all other rights to the
* files not expressly granted by Microsoft, whether by implication, estoppel
* or otherwise. Insofar as a script file is dual licensed under GPL,
* Microsoft neither took the code under GPL nor distributes it thereunder but
* under the terms set out in this paragraph. All notices and licenses
* below are for informational purposes only.
*
* NUGET: END LICENSE TEXT */
/**
* bootstrap.js v3.0.0 by @fat and @mdo
* Copyright 2013 Twitter Inc.
* http://www.apache.org/licenses/LICENSE-2.0
*/
if(!jQuery)throw new Error("Bootstrap requires jQuery");+function(a){"use strict";function b(){var a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var c in b)if(void 0!==a.style[c])return{end:b[c]}}a.fn.emulateTransitionEnd=function(b){var c=!1,d=this;a(this).one(a.support.transition.end,function(){c=!0});var e=function(){c||a(d).trigger(a.support.transition.end)};return setTimeout(e,b),this},a(function(){a.support.transition=b()})}(window.jQuery),+function(a){"use strict";var b='[data-dismiss="alert"]',c=function(c){a(c).on("click",b,this.close)};c.prototype.close=function(b){function c(){f.trigger("closed.bs.alert").remove()}var d=a(this),e=d.attr("data-target");e||(e=d.attr("href"),e=e&&e.replace(/.*(?=#[^\s]*$)/,""));var f=a(e);b&&b.preventDefault(),f.length||(f=d.hasClass("alert")?d:d.parent()),f.trigger(b=a.Event("close.bs.alert")),b.isDefaultPrevented()||(f.removeClass("in"),a.support.transition&&f.hasClass("fade")?f.one(a.support.transition.end,c).emulateTransitionEnd(150):c())};var d=a.fn.alert;a.fn.alert=function(b){return this.each(function(){var d=a(this),e=d.data("bs.alert");e||d.data("bs.alert",e=new c(this)),"string"==typeof b&&e[b].call(d)})},a.fn.alert.Constructor=c,a.fn.alert.noConflict=function(){return a.fn.alert=d,this},a(document).on("click.bs.alert.data-api",b,c.prototype.close)}(window.jQuery),+function(a){"use strict";var b=function(c,d){this.$element=a(c),this.options=a.extend({},b.DEFAULTS,d)};b.DEFAULTS={loadingText:"loading..."},b.prototype.setState=function(a){var b="disabled",c=this.$element,d=c.is("input")?"val":"html",e=c.data();a+="Text",e.resetText||c.data("resetText",c[d]()),c[d](e[a]||this.options[a]),setTimeout(function(){"loadingText"==a?c.addClass(b).attr(b,b):c.removeClass(b).removeAttr(b)},0)},b.prototype.toggle=function(){var a=this.$element.closest('[data-toggle="buttons"]');if(a.length){var b=this.$element.find("input").prop("checked",!this.$element.hasClass("active")).trigger("change");"radio"===b.prop("type")&&a.find(".active").removeClass("active")}this.$element.toggleClass("active")};var c=a.fn.button;a.fn.button=function(c){return this.each(function(){var d=a(this),e=d.data("bs.button"),f="object"==typeof c&&c;e||d.data("bs.button",e=new b(this,f)),"toggle"==c?e.toggle():c&&e.setState(c)})},a.fn.button.Constructor=b,a.fn.button.noConflict=function(){return a.fn.button=c,this},a(document).on("click.bs.button.data-api","[data-toggle^=button]",function(b){var c=a(b.target);c.hasClass("btn")||(c=c.closest(".btn")),c.button("toggle"),b.preventDefault()})}(window.jQuery),+function(a){"use strict";var b=function(b,c){this.$element=a(b),this.$indicators=this.$element.find(".carousel-indicators"),this.options=c,this.paused=this.sliding=this.interval=this.$active=this.$items=null,"hover"==this.options.pause&&this.$element.on("mouseenter",a.proxy(this.pause,this)).on("mouseleave",a.proxy(this.cycle,this))};b.DEFAULTS={interval:5e3,pause:"hove |
| URL: https://maps.googleapis.com/maps/api/js?v=3.exp&ke... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a legitimate Google Maps API loader. It does not contain any high-risk indicators like dynamic code execution, data exfiltration, or obfuscated code. The script is primarily responsible for loading and configuring the Google Maps API, which is a common and expected behavior for a maps-related web application. While it uses some legacy APIs like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, the script seems to be a standard implementation of the Google Maps API and does not exhibit any suspicious or malicious behavior."
} |
window.google = window.google || {};
google.maps = google.maps || {};
(function() {
var modules = google.maps.modules = {};
google.maps.__gjsload__ = function(name, text) {
modules[name] = text;
};
google.maps.Load = function(apiLoad) {
delete google.maps.Load;
apiLoad([0.009999999776482582,[null,[["https://khms0.googleapis.com/kh?v=992\u0026hl=en-US\u0026","https://khms1.googleapis.com/kh?v=992\u0026hl=en-US\u0026"],null,null,null,1,"992",["https://khms0.google.com/kh?v=992\u0026hl=en-US\u0026","https://khms1.google.com/kh?v=992\u0026hl=en-US\u0026"]],null,null,null,null,[["https://cbks0.googleapis.com/cbk?","https://cbks1.googleapis.com/cbk?"]],[["https://khms0.googleapis.com/kh?v=163\u0026hl=en-US\u0026","https://khms1.googleapis.com/kh?v=163\u0026hl=en-US\u0026"],null,null,null,null,"163",["https://khms0.google.com/kh?v=163\u0026hl=en-US\u0026","https://khms1.google.com/kh?v=163\u0026hl=en-US\u0026"]],null,null,null,null,null,null,null,[["https://streetviewpixels-pa.googleapis.com/v1/thumbnail?hl=en-US\u0026","https://streetviewpixels-pa.googleapis.com/v1/thumbnail?hl=en-US\u0026"]]],["en-US","US",null,0,null,null,"https://maps.gstatic.com/mapfiles/",null,"https://maps.googleapis.com","https://maps.googleapis.com",null,"https://maps.google.com",null,"https://maps.gstatic.com/maps-api-v3/api/images/","https://www.google.com/maps",null,"https://www.google.com",1,"https://maps.googleapis.com/maps_api_js_slo/log?hasfast=true",0,1],["https://maps.googleapis.com/maps-api-v3/api/js/59/4a","3.59.4a"],[3985718276],null,null,null,[3,8,13,17,20,21,26,99,114,98,125,113,112],null,null,"",null,null,1,"https://khms.googleapis.com/mz?v=992\u0026","AIzaSyBsiHIOwGAj2rNVKU685dmfKBkfAPdENh8","https://earthbuilder.googleapis.com","https://earthbuilder.googleapis.com",null,"https://mts.googleapis.com/maps/vt/icon",[["https://maps.googleapis.com/maps/vt"],["https://maps.googleapis.com/maps/vt"],null,null,null,null,null,null,null,null,null,null,["https://www.google.com/maps/vt"],"/maps/vt",716000000,716,716473359],2,500,[null,null,null,null,"https://www.google.com/maps/preview/log204","","https://static.panoramio.com.storage.googleapis.com/photos/",["https://geo0.ggpht.com/cbk","https://geo1.ggpht.com/cbk","https://geo2.ggpht.com/cbk","https://geo3.ggpht.com/cbk"],"https://maps.googleapis.com/maps/api/js/GeoPhotoService.GetMetadata","https://maps.googleapis.com/maps/api/js/GeoPhotoService.SingleImageSearch",["https://lh3.ggpht.com/","https://lh4.ggpht.com/","https://lh5.ggpht.com/","https://lh6.ggpht.com/"],"https://streetviewpixels-pa.googleapis.com/v1/tile",["https://lh3.googleusercontent.com/","https://lh4.googleusercontent.com/","https://lh5.googleusercontent.com/","https://lh6.googleusercontent.com/"]],null,null,null,null,"/maps/api/js/ApplicationService.GetEntityDetails",0,null,null,null,null,[],["59.4a"],1,0,[1],"CgAS/S4IzAUSfAgBEnhodHRwczovL3d3dy5nc3RhdGljLmNvbS9tYXBzL3Jlcy9Db21wYWN0TGVnZW5kU2RrLVJvYWRtYXBTYXRlbGxpdGUtRmV0Y2hhYmxlU3R5bGVTZXRTZGstZDlmOWVkN2IwMDI4OTY1ZGM3NzZmZGEyNzg1YmJlYjASfAgCEnhodHRwczovL3d3dy5nc3RhdGljLmNvbS9tYXBzL3Jlcy9Db21wYWN0TGVnZW5kU2RrLVJvYWRtYXBTYXRlbGxpdGUtRmV0Y2hhYmxlU3R5bGVTZXRTZGstZDlmOWVkN2IwMDI4OTY1ZGM3NzZmZGEyNzg1YmJlYjASfAgDEnhodHRwczovL3d3dy5nc3RhdGljLmNvbS9tYXBzL3Jlcy9Db21wYWN0TGVnZW5kU2RrLVJvYWRtYXBTYXRlbGxpdGUtRmV0Y2hhYmxlU3R5bGVTZXRTZGstZDlmOWVkN2IwMDI4OTY1ZGM3NzZmZGEyNzg1YmJlYjASdggEEnJodHRwczovL3d3dy5nc3RhdGljLmNvbS9tYXBzL3Jlcy9Db21wYWN0TGVnZW5kU2RrLU5hdmlnYXRpb24tRmV0Y2hhYmxlU3R5bGVTZXRTZGstZDlmOWVkN2IwMDI4OTY1ZGM3NzZmZGEyNzg1YmJlYjASfggFEnpodHRwczovL3d3dy5nc3RhdGljLmNvbS9tYXBzL3Jlcy9Db21wYWN0TGVnZW5kU2RrLU5hdmlnYXRpb25Mb3dMaWdodC1GZXRjaGFibGVTdHlsZVNldFNkay1kOWY5ZWQ3YjAwMjg5NjVkYzc3NmZkYTI3ODViYmViMBJ/CAYSe2h0dHBzOi8vd3d3LmdzdGF0aWMuY29tL21hcHMvcmVzL0NvbXBhY3RMZWdlbmRTZGstTmF2aWdhdGlvblNhdGVsbGl0ZS1GZXRjaGFibGVTdHlsZVNldFNkay1kOWY5ZWQ3YjAwMjg5NjVkYzc3NmZkYTI3ODViYmViMBJzCAcSb2h0dHBzOi8vd3d3LmdzdGF0aWMuY29tL21hcHMvcmVzL0NvbXBhY3RMZWdlbmRTZGstUm9hZG1hcC1GZXRjaGFibGVTdHlsZVNl |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Track parcel",
"text_input_field_labels": [
"Shipment number / Receipt ID"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Track another parcel",
"prominent_button_name": "Track parcel",
"text_input_field_labels": [
"Shipment number / Receipt ID"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"brands": [
"DHL"
]
} |
|
| URL: https://track.dhlparcel.co.uk Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false,
"reasoning": "This is a legitimate DHL parcel tracking domain for the UK region. The .co.uk TLD is appropriate for UK-based services, and the subdomain structure is standard for tracking services."
} |
URL: https://track.dhlparcel.co.uk |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"brands": [
"DHL"
]
} |
|
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Track another parcel",
"prominent_button_name": "Track parcel",
"text_input_field_labels": [
"Shipment number / Receipt ID"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Track parcel",
"text_input_field_labels": [
"Shipment number / Receipt ID"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Your parcel 4190375156967767 is delivered",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://track.dhlparcel.co.uk/?nav=1&postcode=IP14%204FE&sn=41903751569767 Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
Edit tour
chrome.exe (PID: 6876 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node