| URL: https://steursinnovatingforthefuture.freshdesk.com Model: Joe Sandbox AI | ```json{ "brand": "Freshdesk", "brand_classification": "known", "legit_url": "https://freshdesk.com", "similarity": 3, "spoofed": 1, "reasoning": "The URL 'https://steursinnovatingforthefuture.freshdesk.com' uses a subdomain under the legitimate domain 'freshdesk.com'. Freshdesk is a known brand providing customer support software, and it allows users to create custom subdomains for their support portals. The subdomain 'steursinnovatingforthefuture' does not resemble any known brand and appears to be a custom name likely used by a legitimate user or organization. There are no visual character substitutions or structural changes that suggest typosquatting. The use of a subdomain in this context is typical for Freshdesk's service model, and there is no indication of an attempt to confuse users into thinking they are interacting with a different brand."} |
URL: https://steursinnovatingforthefuture.freshdesk.com |
| URL: https://microsoftonline.com Model: Joe Sandbox AI | ```json{ "brand": "Microsoft", "brand_classification": "wellknown", "legit_url": "https://login.microsoftonline.com", "similarity": 8, "spoofed": 7, "reasoning": "The URL 'microsoftonline.com' closely resembles the legitimate 'login.microsoftonline.com', which is a well-known domain used by Microsoft for its online services. The primary difference is the absence of the 'login' subdomain, which could lead to user confusion. The domain 'microsoftonline.com' could be perceived as a legitimate Microsoft domain due to its structure and the use of the brand name 'Microsoft'. There are no character substitutions, but the structural similarity and the use of the brand name suggest a high likelihood of typosquatting. However, without additional context or evidence of malicious intent, it is possible that this domain could be used for a legitimate purpose, such as a marketing campaign or a different service by Microsoft or an authorized partner."} |
URL: https://microsoftonline.com |
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | {
"risk_score": 6,
"reasoning": "This script exhibits several moderate-risk behaviors, including external data transmission, fallback domains, and aggressive DOM manipulation. While it does not contain any high-risk indicators like dynamic code execution or obfuscated code, the overall behavior suggests the need for further review to ensure the script's legitimacy and intended purpose."
} |
!function(e){function t(t){for(var r,i,o=t[0],l=t[1],c=t[2],u=0,f=[];u<o.length;u++)i=o[u],Object.prototype.hasOwnProperty.call(a,i)&&a[i]&&f.push(a[i][0]),a[i]=0;for(r in l)Object.prototype.hasOwnProperty.call(l,r)&&(e[r]=l[r]);for(d&&d(t);f.length;)f.shift()();return s.push.apply(s,c||[]),n()}function n(){for(var e,t=0;t<s.length;t++){for(var n=s[t],r=!0,o=1;o<n.length;o++){var l=n[o];0!==a[l]&&(r=!1)}r&&(s.splice(t--,1),e=i(i.s=n[0]))}return e}function r(e){return i.p+""+({}[e]||e)+".js"}function i(t){if(o[t])return o[t].exports;var n=o[t]={i:t,l:!1,exports:{}};return e[t].call(n.exports,n,n.exports,i),n.l=!0,n.exports}var o={},a={0:0},s=[];i.e=function(e){var t=[],n=a[e];if(0!==n)if(n)t.push(n[2]);else{var o=new Promise(function(t,r){n=a[e]=[t,r]});t.push(n[2]=o);var s,l=document.createElement("script");l.charset="utf-8",l.timeout=120,i.nc&&l.setAttribute("nonce",i.nc),l.src=r(e);var c=new Error;s=function(t){l.onerror=l.onload=null,clearTimeout(u);var n=a[e];if(0!==n){if(n){var r=t&&("load"===t.type?"missing":t.type),i=t&&t.target&&t.target.src;c.message="Loading chunk "+e+" failed.\n("+r+": "+i+")",c.name="ChunkLoadError",c.type=r,c.request=i,n[1](c)}a[e]=void 0}};var u=setTimeout(function(){s({type:"timeout",target:l})},12e4);l.onerror=l.onload=s,document.head.appendChild(l)}return Promise.all(t)},i.m=e,i.c=o,i.d=function(e,t,n){i.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},i.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.t=function(e,t){if(1&t&&(e=i(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(i.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var r in e)i.d(n,r,function(t){return e[t]}.bind(null,r));return n},i.n=function(e){var t=e&&e.__esModule?function(){return e["default"]}:function(){return e};return i.d(t,"a",t),t},i.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},i.p="/assets/cdn/portal/",i.oe=function(e){throw console.error(e),e};var l=window.webpackJsonp=window.webpackJsonp||[],c=l.push.bind(l);l.push=t,l=l.slice();for(var u=0;u<l.length;u++)t(l[u]);var d=c;n()}([,function(e,t,n){function r(e){return i(e)||o(e)||a(e)||s()}var i=n(167),o=n(168),a=n(156),s=n(169);e.exports=r,e.exports["default"]=e.exports,e.exports.__esModule=!0},function(e,t,n){function r(e,t){return i(e)||o(e,t)||a(e,t)||s()}var i=n(171),o=n(172),a=n(156),s=n(173);e.exports=r,e.exports["default"]=e.exports,e.exports.__esModule=!0},,function(e,t){function n(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}e.exports=n,e.exports["default"]=e.exports,e.exports.__esModule=!0},function(e,t,n){e.exports=n(175)},function(e,t){function n(e,t){for(var n=0;n<t.length;n++){var r=t[n];r.enumerable=r.enumerable||!1,r.configurable=!0,"value"in r&&(r.writable=!0),Object.defineProperty(e,r.key,r)}}function r(e,t,r){return t&&n(e.prototype,t),r&&n(e,r),e}e.exports=r,e.exports["default"]=e.exports,e.exports.__esModule=!0},,function(e,t){function n(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}e.exports=n,e.exports["default"]=e.exports,e.exports.__esModule=!0},function(e,t,n){!function(t,n){e.exports=n()}(window,function(){return function(e){function t(r){if(n[r])return n[r].exports;var i=n[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,t),i.l=!0,i.exports}var n={};return t.m=e,t.c=n,t.d=function(e,n,r){t.o(e,n)||Object.defineProperty(e,n,{enumerable:!0,get:r})},t.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},t.t=function(e,n){if(1&n&&(e=t(e)),8&n)return e;if(4&n&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(t.r(r),Object.defineProperty(r,"default", |
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be primarily focused on setting up Google Analytics and Freshchat functionality, which are common and legitimate use cases. While it uses some older APIs like `XDomainRequest`, the overall behavior is consistent with typical analytics and customer support integration. There are no clear indicators of malicious intent or high-risk activities, so the risk score is assessed as low."
} |
(window.webpackJsonp=window.webpackJsonp||[]).push([[44],{255:function(e,t,n){"use strict";n.r(t);var r=n(28);if(function(){function e(){dataLayer.push(arguments)}if(window.store.googleAnalytics){var t=window.store.googleAnalytics,n=t.account_number,i=t.domain,a=t.ga4;if(n){var s;a?(window.dataLayer=window.dataLayer||[],e("js",new Date),i&&e("set","linker",{domains:[i]}),e("config",n),s="https://www.googletagmanager.com/gtag/js?id=".concat(n)):(window._gaq=window._gaq||[],window._gaq.push(["_setAccount",n]),window._gaq.push(["_addDevId","00P19"]),i&&window._gaq.push(["_setDomainName",i]),window._gaq.push(["_trackPageview"]),s="".concat("https:"===document.location.protocol?"https://ssl":"http://www",".google-analytics.com/ga.js"));var o={type:"text/javascript",async:!0,src:s};Object(r.a)(o,!0)}}}(),function(){if(window.store.freshchat){var e=window.store,t=e.currentLocale,n=e.account.id,i=e.portal.id,a=e.user;a=void 0===a?{}:a;var s=a.name,o=a.email,u=e.freshchat,c=u.token,l=u.visitor_widget_host_url,f=u.autofaq_enabled,d=u.freddy_bot_status,h=u.freddy_bot_widget_config,p={src:"".concat(l,"/js/widget.js")},v={token:c,host:l};f&&d&&(v.locale=t,v.meta={fw_product:"freshdesk",fw_product_acc_id:n.toString(),fw_group_id:i.toString()},v.config=h),o&&s&&(v.externalId=o,v.firstName=s,v.email=o),Object(r.a)(p,!0).then(function(){window.jQuery(document).ready(function(){window.fcWidget.init(v)})})}}(),window.store.freddy_bot){var i=window.store,a=i.user,s=a.name,o=a.email,u=i.freddy_bot,c=u.widget_code_src,l=u.freshdesk_product_id,f=u.external_id,d=u.widget_code_env,h=u.widget_code_self_init,p=u.widget_code_init_type,v=u.widget_code_region;!function(){if(!document.getElementById("spd-busns-spt")){var e={id:"spd-busns-spt",async:!0,src:c,"data-prdct-hash":l,"data-ext-client-id":f,"data-env":d,"data-self-init":h,"data-init-type":p,"data-region":v};Object(r.a)(e,!0).then(function(){window.Freshbots.initiateWidget({getClientParams:function(){return{"cstmr::nm":s,"cstmr::eml":o}}})})}}()}},28:function(e,t,n){"use strict";var r=n(2),i=n.n(r),a=function(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:!1,n=document.createElement("script");Object.entries(e).forEach(function(e){var t=i()(e,2),r=t[0],a=t[1],s="boolean"==typeof a?"":a;n.setAttribute(r,s)});var r=t?"head":"body",a=document.querySelector("".concat(r," script"));return a.parentNode.insertBefore(n,a),new Promise(function(e,t){n.onload=function(){e.apply(void 0,arguments)},n.onerror=function(){t(new Error("Error in loading scripts"))}})};t.a=a}},[[255,0]]]);
|
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a simple function that handles the display of an error image for a file attachment. It replaces the attachment element with a default icon and the file extension. This behavior is likely part of a legitimate application and does not demonstrate any high-risk indicators."
} |
const attachment_error_image = (attachment) => {
const parentElement = attachment.parentElement;
const defaultIcon = `<span class="icon-file-empty"></span><span class="fw-attachment-ext">${attachment.dataset.extension}</span>`;
parentElement.innerHTML = defaultIcon;
};
|
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The script appears to be a part of a web application framework and contains functionality for highlighting and interacting with elements on the page, as well as handling navigation and reloading the page. While some of the behaviors, such as DOM manipulation and communication with external domains, could be considered moderate-risk indicators, the overall context suggests this is likely a legitimate feature of the application rather than malicious behavior. Further review may be needed to fully understand the purpose and implementation, but the risk score is in the medium range."
} |
(window.webpackJsonp=window.webpackJsonp||[]).push([[97],{200:function(e,t){function n(){return window.self!==window.top}function r(e,t,n,r,i,o){var a=document.createElement("div");return a.className=e,a.style.position="fixed",a.style.top="".concat(n,"px"),a.style.left="".concat(r,"px"),a.style.width="".concat(i,"px"),a.style.height="".concat(o,"px"),a.style.background="rgba(0, 0, 0, 0.7)",a.style.pointerEvents="auto",a.style.zIndex="1030",m.appendChild(a),a}function i(){if(p){p.overlayTop.remove(),p.overlayLeft.remove(),p.overlayRight.remove(),p.overlayBottom.remove(),m.classList.remove("fw-nudge-overlay-active"),m.style.overflow="";var e=document.querySelectorAll(".fw-nudge-allow-interaction");e.forEach(function(e){e.classList.remove("fw-nudge-allow-interaction"),e.style.zIndex=""}),p=null}}function o(e,t){window.scrollTo(0,0);var n=document.querySelector(e);if(n){var i=n.getBoundingClientRect(),o=window.scrollY||window.pageYOffset,a=window.scrollX||window.pageXOffset,s=i.top+o,l=i.left+a,c=i.width,u=i.height;m.classList.add("fw-nudge-overlay-active"),m.style.overflow="hidden",n.classList.add("fw-nudge-allow-interaction"),n.style.zIndex="1000",p={overlayTop:r("fw-highlight-nudge-overlay","fixed",0,0,window.innerWidth,s),overlayLeft:r("fw-highlight-nudge-overlay","fixed",s,0,l,u),overlayRight:r("fw-highlight-nudge-overlay","fixed",s,l+c,window.innerWidth-(l+c),u),overlayBottom:r("fw-highlight-nudge-overlay","fixed",s-(1-t)+u,0,window.innerWidth,window.innerHeight-(s+u))}}}function a(){window.location.reload()}function s(e){window.location.href=e}function l(e){e&&0!==e.length&&e.forEach(function(e){var t=document.querySelector(e.selector);t&&(t.classList.add("fw-preview-step-highlight"),t.setAttribute("data-step-value",e.stepValue))})}function c(){var e=document.querySelectorAll(".fw-preview-step-highlight");e.forEach(function(e){e.classList.remove("fw-preview-step-highlight"),e.removeAttribute("data-step-value")})}function u(e){var t=e.data,n=t.action,r=t.params;switch(n){case"highlight":i(),c(),o(r.selector,r.scale||1);break;case"reload":a();break;case"navigate":s(r.url);break;case"removeHighlight":i(),c();break;case"stepHighlight":i(),c(),r.portalElementsList&&l(r.portalElementsList);break;case"removeStepHighlight":i(),c();break;default:console.warn("Unknown action:",n)}}function d(e){g=e,g.onmessage=u,g.postMessage({action:"portal-page-handshake-acknowledged",params:{url:window.location.pathname}})}function f(){window.addEventListener("message",function(e){"initPreviewPageConnection"===e.data.action&&e.ports.length>0&&d(e.ports[0])})}var p=null,h=document,m=h.body,g=null;n()&&f()}},[[200,0]]]);
|
| URL: https://freshdesk.com Model: Joe Sandbox AI | ```json{ "brand": "Freshdesk", "brand_classification": "known", "legit_url": "https://freshdesk.com", "similarity": 10, "spoofed": 0, "reasoning": "The URL 'https://freshdesk.com' is the legitimate domain for Freshdesk, a known customer support software brand. There are no character substitutions, structural changes, or misleading subdomains/extensions present in this URL. It directly matches the legitimate brand's domain, indicating no attempt at typosquatting. The URL is straightforward and does not suggest any unrelated purpose."} |
URL: https://freshdesk.com |
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a configuration object for a web application, containing various properties related to the application's assets, localization, portal information, account details, and marketplace integration. There are no high-risk indicators, such as dynamic code execution, data exfiltration, or obfuscated code. The script seems to be focused on setting up the application's environment and does not demonstrate any suspicious or malicious behavior. Therefore, the risk score is assessed as low."
} |
window.store = {};
window.store = {
assetPath: "/assets/cdn/portal/",
defaultLocale: "en",
currentLocale: "en",
currentPageName: "article_view",
portal: {"id":203000020241,"name":"Steurs: Innovating for the future","product_id":null},
portalAccess: {"hasSolutions":true,"hasForums":false,"hasTickets":false,"accessCount":1},
account: {"id":3804863,"name":"Steurs: Innovating for the future","time_zone":"Eastern Time (US & Canada)","companies":[]},
vault_service: {"url":"https://vault-service-eu.freshworks.com/data","max_try":2,"product_name":"fd"},
blockedExtensions: "",
search: {"all":"/support/search","solutions":"/support/search/solutions","topics":"/support/search/topics","tickets":"/support/search/tickets"},
article:{
id: "203000017909",
},
marketplace: {"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwcm9kdWN0IjoiZnJlc2hkZXNrIiwiYWNjb3VudF9pZCI6IjM4MDQ4NjMiLCJkb21haW4iOiJzdGV1cnNpbm5vdmF0aW5nZm9ydGhlZnV0dXJlLmZyZXNoZGVzay5jb20iLCJvcmdhbmlzYXRpb25faWQiOiI4MDE4MzkwNDY3NDkyNDI1MzAiLCJ0aW1lIjoxNzM3NDkyOTQzLCJpc3MiOiJmcmVzaGRlc2tfdmlzaXRvcl9wb3J0YWwifQ.JWiMzGef5LnrbryYeOB8waDnN_DNf-38QuA4n6L_evk","api_key":"634cd594466a52fa53c54b5b34779134","region":"euc","org_domain":"steursinnovatingforthefuture.myfreshworks.com"},
};
|
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a translation file for a web application's user interface. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or obfuscated code. The script primarily handles localization and translation-related functionality, which is a common and legitimate practice. While it uses some external data transmission to load translations, this is typical for internationalization features and does not raise significant security concerns. Overall, the script demonstrates low-risk behaviors and can be considered relatively benign."
} |
(window.webpackJsonp=window.webpackJsonp||[]).push([[53],{209:function(e,t){I18n.translations||(I18n.translations={}),I18n.translations.en=I18n.extend(I18n.translations.en||{},{enduser_marketplace:{error_messages:{global:{empty_message:"The message requested is empty",notify:{empty_type:"The notification type is empty",invalid_type:"Unsupported notification type"}},ticket:{invalid_field:"Invalid ticket field :: %{ticketFieldName}",invalid_value:"'value' is empty",set_options:{invalid_options:"Incorrect options given",invalid_tag:"Unable to set options to ticket field '%{fieldName}'",invalid_value:"'value' should be an array of option values"}}},ok_message:"ok"},portal_elements:{any:"Any",cancel:"Cancel",choose_more:"Choose More",close:"Close",confirm:{title:"Confirm Title"},default_placeholder:"Enter ",dropdown_default:"Choose...",error_messages:{liquid_tag_not_closed:"custom element '%{tagName}' is not closed"},next:"Next >",none:"None",pagination:"Page Navigation",previous:"< Previous",raised_by_placeholder:"Enter name or email",save:"Save",toggle_quoted_text:"Toggle quoted text"},portal_js_translations:{add:"Add",archive_tickets:{archived:"Archived"},at:"at",attachment_upload:{cumulative_size_exceeded:"Cumulative file size cannot exceed %{size}",extension_blocked:"Your attachment(s) type is/are not supported.",header:"Attachment",individual_size_exceeded:"File size cannot exceed %{size}"},change:"Change",chevron:"Chevron",confirm_navigate:"Are you sure? Changes that you made may not be saved",discussions:{follow:"Follow",following:"Following",solve:"Mark as solved",solved:"Mark as Unsolved",votes:"Votes"},email_bot:{cta_no:"No",cta_yes:"Yes, close ticket",failure_msg:"We're sorry. Our team will reach out to you shortly.",heading:"Does this article answer your query?",other_articles:"Uh-oh. Maybe these articles can help you.",sub_text:"If yes, we'll close your ticket.",success_msg:"We are glad this article was helpful in answering your query."},lightbox:{of:"of"},new_ticket:{any_cc_placeholder_text:"For example: abc@gmail.com",cc_add_text:"Enter a valid email to add cc",cc_unique_text:"Email already exists",company_cc_placeholder_text:"Select contacts from ",contractor_cc_placeholder_text:"Name or email from the selected company",multi_select_placeholder_text:"Choose..."},please_enter_one_or_more:"Please enter 1 or more characters",saving:"Saving",search:{sr_focus_msg:"Popular articles and recent searches are available access it with down arrow",sr_no_result_msg:"No results found",sr_result_msg:"result found access them with down arrow"},tickets:{add_multiple_cc:"Add multiple CC emails separated by ','",created_on:"Created by <span class='emphasize'>%{username}</span> on <span class='emphasize'>%{date}</span> - via %{source}",created_on_same_user:"Created on <span class='emphasize'>%{date}</span> - via %{source}",filter:{show_less:"Show less",show_more:"Show more"},max_cc:"You can select only %{count} cc emails",max_user:"You can select only %{count} user",no_tickets:"You have no tickets in this view"},view_all:"View all",view_less:"View less",view_more:"View more"},portal_validation:{confirm_password:"Must be same as New password",decimal:"Please enter valid number with maximum of 2 decimal places",email:"Please enter valid email address",number:"Please enter valid number",required:"This field is required",unique:"Email has been already present",url:"Please enter valid url"}})}},[[209,0]]]);
|
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script primarily involves DOM manipulation, browser detection, and local storage operations without any high-risk indicators like dynamic code execution or data exfiltration. It does not interact with external domains or use obfuscated code, suggesting a low risk of malicious behavior."
} |
(window.webpackJsonp=window.webpackJsonp||[]).push([[40],{0:function(e,t,n){"use strict";function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter(function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable})),n.push.apply(n,r)}return n}function o(e){for(var t=1;t<arguments.length;t++){var n=null!=arguments[t]?arguments[t]:{};t%2?r(Object(n),!0).forEach(function(t){f()(e,t,n[t])}):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(n)):r(Object(n)).forEach(function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(n,t))})}return e}function i(e){"loading"!==document.readyState?e():document.addEventListener("DOMContentLoaded",e)}function a(){var e,t=navigator,n=t.userAgent;return n.match(/chrome|chromium|crios/i)?e="chrome":n.match(/firefox|fxios/i)?e="firefox":n.match(/safari/i)?e="safari":n.match(/opr\//i)?e="opera":n.match(/edg/i)&&(e="edge"),e}function c(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"/support/",n=new URL(window.location.href).pathname,r=n.split(t)[0];return r?"".concat(r).concat(e):e}function s(e,t,n){var r=e.hasAttribute("disabled"),o=JSON.stringify(t)!==JSON.stringify(n);o?r&&e.removeAttribute("disabled"):!r&&e.setAttribute("disabled",!0)}n.d(t,"i",function(){return i}),n.d(t,"d",function(){return b}),n.d(t,"p",function(){return y}),n.d(t,"v",function(){return x}),n.d(t,"r",function(){return E}),n.d(t,"J",function(){return S}),n.d(t,"H",function(){return k}),n.d(t,"t",function(){return j}),n.d(t,"F",function(){return O}),n.d(t,"E",function(){return C}),n.d(t,"b",function(){return T}),n.d(t,"k",function(){return L}),n.d(t,"f",function(){return A}),n.d(t,"L",function(){return _}),n.d(t,"z",function(){return q}),n.d(t,"o",function(){return D}),n.d(t,"w",function(){return I}),n.d(t,"C",function(){return m}),n.d(t,"B",function(){return g}),n.d(t,"m",function(){return M}),n.d(t,"G",function(){return N}),n.d(t,"A",function(){return H}),n.d(t,"n",function(){return P}),n.d(t,"e",function(){return B}),n.d(t,"l",function(){return R}),n.d(t,"j",function(){return F}),n.d(t,"c",function(){return z}),n.d(t,"y",function(){return W}),n.d(t,"h",function(){return U}),n.d(t,"K",function(){return $}),n.d(t,"I",function(){return s}),n.d(t,"q",function(){return J}),n.d(t,"s",function(){return X}),n.d(t,"D",function(){return V}),n.d(t,"a",function(){return a}),n.d(t,"x",function(){return c}),n.d(t,"u",function(){return G}),n.d(t,"g",function(){return Y});var u=n(1),l=n.n(u),d=n(8),f=n.n(d),p=n(16),h=n(3),m=function(e){var t=document.createElement("div");return t.textContent=e,t.innerHTML.replace(/"/g,""")},v=function(e){try{var t=document.createElement("div");return t.innerHTML=e,t.textContent||t.innerText}catch(n){return e}},g=function(e){try{return encodeURIComponent(e)}catch(t){return e}},y=function(){return window.localStorage.getItem("recentSearches")?JSON.parse(window.localStorage.getItem("recentSearches")):[]},b=function(){localStorage.setItem("recentSearches","")},w=function(){return window.store.currentLocale||window.store.defaultLocale},x=function(){var e=document.querySelector(".fw-recent-searches"),t=y();e.innerHTML=t.map(function(e){var t=v(e);return'<li><a class="ps-32 line-clamp-2" href="/'.concat(w(),"/support/search?term=").concat(g(t),'">').concat(m(t),"</a></li>")}).join("")},E=function(e,t){return e&&e.classList.contains(t)},S=function(e){var t=[].concat(e);t.forEach(function(e){e&&e.classList.toggle("d-none")})},k=function(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"primary",n=[].concat(e);n.forEach(function(e){E(e,"btn-".concat(t))?e.classList.replace("btn-".concat(t),"btn-outline-".concat(t)):e.classList.replace("btn-outline-".concat(t),"btn-".concat(t))})},j=function(e){var t=[].concat(e);t.forEach(function(e){e&&!e.classList.contains("d-none")&&e.classList.add("d-none")})},O=function(e){var t=[].concat(e);t.forEach(function(e){e&&e.classList.con |
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script primarily involves DOM manipulation, utility functions, and local storage interactions without any high-risk indicators such as dynamic code execution or data exfiltration. It does not send data to external domains or use obfuscated code, suggesting a low risk of malicious behavior."
} |
(window.webpackJsonp=window.webpackJsonp||[]).push([[43],{0:function(e,t,n){"use strict";function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter(function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable})),n.push.apply(n,r)}return n}function a(e){for(var t=1;t<arguments.length;t++){var n=null!=arguments[t]?arguments[t]:{};t%2?r(Object(n),!0).forEach(function(t){d()(e,t,n[t])}):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(n)):r(Object(n)).forEach(function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(n,t))})}return e}function i(e){"loading"!==document.readyState?e():document.addEventListener("DOMContentLoaded",e)}function o(){var e,t=navigator,n=t.userAgent;return n.match(/chrome|chromium|crios/i)?e="chrome":n.match(/firefox|fxios/i)?e="firefox":n.match(/safari/i)?e="safari":n.match(/opr\//i)?e="opera":n.match(/edg/i)&&(e="edge"),e}function u(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"/support/",n=new URL(window.location.href).pathname,r=n.split(t)[0];return r?"".concat(r).concat(e):e}function c(e,t,n){var r=e.hasAttribute("disabled"),a=JSON.stringify(t)!==JSON.stringify(n);a?r&&e.removeAttribute("disabled"):!r&&e.setAttribute("disabled",!0)}n.d(t,"i",function(){return i}),n.d(t,"d",function(){return y}),n.d(t,"p",function(){return b}),n.d(t,"v",function(){return S}),n.d(t,"r",function(){return k}),n.d(t,"J",function(){return O}),n.d(t,"H",function(){return E}),n.d(t,"t",function(){return L}),n.d(t,"F",function(){return j}),n.d(t,"E",function(){return x}),n.d(t,"b",function(){return M}),n.d(t,"k",function(){return T}),n.d(t,"f",function(){return A}),n.d(t,"L",function(){return _}),n.d(t,"z",function(){return I}),n.d(t,"o",function(){return z}),n.d(t,"w",function(){return P}),n.d(t,"C",function(){return m}),n.d(t,"B",function(){return v}),n.d(t,"m",function(){return N}),n.d(t,"G",function(){return D}),n.d(t,"A",function(){return C}),n.d(t,"n",function(){return q}),n.d(t,"e",function(){return F}),n.d(t,"l",function(){return H}),n.d(t,"j",function(){return J}),n.d(t,"c",function(){return $}),n.d(t,"y",function(){return B}),n.d(t,"h",function(){return R}),n.d(t,"K",function(){return V}),n.d(t,"I",function(){return c}),n.d(t,"q",function(){return W}),n.d(t,"s",function(){return U}),n.d(t,"D",function(){return Z}),n.d(t,"a",function(){return o}),n.d(t,"x",function(){return u}),n.d(t,"u",function(){return Y}),n.d(t,"g",function(){return G});var s=n(1),l=n.n(s),f=n(8),d=n.n(f),p=n(16),h=n(3),m=function(e){var t=document.createElement("div");return t.textContent=e,t.innerHTML.replace(/"/g,""")},g=function(e){try{var t=document.createElement("div");return t.innerHTML=e,t.textContent||t.innerText}catch(n){return e}},v=function(e){try{return encodeURIComponent(e)}catch(t){return e}},b=function(){return window.localStorage.getItem("recentSearches")?JSON.parse(window.localStorage.getItem("recentSearches")):[]},y=function(){localStorage.setItem("recentSearches","")},w=function(){return window.store.currentLocale||window.store.defaultLocale},S=function(){var e=document.querySelector(".fw-recent-searches"),t=b();e.innerHTML=t.map(function(e){var t=g(e);return'<li><a class="ps-32 line-clamp-2" href="/'.concat(w(),"/support/search?term=").concat(v(t),'">').concat(m(t),"</a></li>")}).join("")},k=function(e,t){return e&&e.classList.contains(t)},O=function(e){var t=[].concat(e);t.forEach(function(e){e&&e.classList.toggle("d-none")})},E=function(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"primary",n=[].concat(e);n.forEach(function(e){k(e,"btn-".concat(t))?e.classList.replace("btn-".concat(t),"btn-outline-".concat(t)):e.classList.replace("btn-outline-".concat(t),"btn-".concat(t))})},L=function(e){var t=[].concat(e);t.forEach(function(e){e&&!e.classList.contains("d-none")&&e.classList.add("d-none")})},j=function(e){var t=[].concat(e);t.forEach(function(e){e&&e.classList.con |
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script primarily involves DOM manipulation, browser detection, and local storage management without any high-risk indicators like dynamic code execution or data exfiltration. It does not interact with external domains or use obfuscated code, suggesting a low risk of malicious behavior."
} |
(window.webpackJsonp=window.webpackJsonp||[]).push([[93],{0:function(e,t,n){"use strict";function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter(function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable})),n.push.apply(n,r)}return n}function i(e){for(var t=1;t<arguments.length;t++){var n=null!=arguments[t]?arguments[t]:{};t%2?r(Object(n),!0).forEach(function(t){d()(e,t,n[t])}):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(n)):r(Object(n)).forEach(function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(n,t))})}return e}function a(e){"loading"!==document.readyState?e():document.addEventListener("DOMContentLoaded",e)}function o(){var e,t=navigator,n=t.userAgent;return n.match(/chrome|chromium|crios/i)?e="chrome":n.match(/firefox|fxios/i)?e="firefox":n.match(/safari/i)?e="safari":n.match(/opr\//i)?e="opera":n.match(/edg/i)&&(e="edge"),e}function s(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"/support/",n=new URL(window.location.href).pathname,r=n.split(t)[0];return r?"".concat(r).concat(e):e}function u(e,t,n){var r=e.hasAttribute("disabled"),i=JSON.stringify(t)!==JSON.stringify(n);i?r&&e.removeAttribute("disabled"):!r&&e.setAttribute("disabled",!0)}n.d(t,"i",function(){return a}),n.d(t,"d",function(){return b}),n.d(t,"p",function(){return y}),n.d(t,"v",function(){return k}),n.d(t,"r",function(){return x}),n.d(t,"J",function(){return _}),n.d(t,"H",function(){return E}),n.d(t,"t",function(){return S}),n.d(t,"F",function(){return T}),n.d(t,"E",function(){return O}),n.d(t,"b",function(){return j}),n.d(t,"k",function(){return C}),n.d(t,"f",function(){return L}),n.d(t,"L",function(){return A}),n.d(t,"z",function(){return q}),n.d(t,"o",function(){return N}),n.d(t,"w",function(){return I}),n.d(t,"C",function(){return m}),n.d(t,"B",function(){return g}),n.d(t,"m",function(){return D}),n.d(t,"G",function(){return P}),n.d(t,"A",function(){return M}),n.d(t,"n",function(){return R}),n.d(t,"e",function(){return F}),n.d(t,"l",function(){return H}),n.d(t,"j",function(){return B}),n.d(t,"c",function(){return z}),n.d(t,"y",function(){return V}),n.d(t,"h",function(){return W}),n.d(t,"K",function(){return $}),n.d(t,"I",function(){return u}),n.d(t,"q",function(){return U}),n.d(t,"s",function(){return J}),n.d(t,"D",function(){return X}),n.d(t,"a",function(){return o}),n.d(t,"x",function(){return s}),n.d(t,"u",function(){return Y}),n.d(t,"g",function(){return Q});var c=n(1),l=n.n(c),f=n(8),d=n.n(f),p=n(16),h=n(3),m=function(e){var t=document.createElement("div");return t.textContent=e,t.innerHTML.replace(/"/g,""")},v=function(e){try{var t=document.createElement("div");return t.innerHTML=e,t.textContent||t.innerText}catch(n){return e}},g=function(e){try{return encodeURIComponent(e)}catch(t){return e}},y=function(){return window.localStorage.getItem("recentSearches")?JSON.parse(window.localStorage.getItem("recentSearches")):[]},b=function(){localStorage.setItem("recentSearches","")},w=function(){return window.store.currentLocale||window.store.defaultLocale},k=function(){var e=document.querySelector(".fw-recent-searches"),t=y();e.innerHTML=t.map(function(e){var t=v(e);return'<li><a class="ps-32 line-clamp-2" href="/'.concat(w(),"/support/search?term=").concat(g(t),'">').concat(m(t),"</a></li>")}).join("")},x=function(e,t){return e&&e.classList.contains(t)},_=function(e){var t=[].concat(e);t.forEach(function(e){e&&e.classList.toggle("d-none")})},E=function(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"primary",n=[].concat(e);n.forEach(function(e){x(e,"btn-".concat(t))?e.classList.replace("btn-".concat(t),"btn-outline-".concat(t)):e.classList.replace("btn-outline-".concat(t),"btn-".concat(t))})},S=function(e){var t=[].concat(e);t.forEach(function(e){e&&!e.classList.contains("d-none")&&e.classList.add("d-none")})},T=function(e){var t=[].concat(e);t.forEach(function(e){e&&e.classList.con |
| URL: https://steursinnovatingforthefuture.freshdesk.com... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script primarily involves DOM manipulation, browser detection, and local storage management without any high-risk indicators such as dynamic code execution or data exfiltration. It does not interact with external domains or use obfuscated code, suggesting a low risk of malicious behavior."
} |
(window.webpackJsonp=window.webpackJsonp||[]).push([[106,99],{0:function(e,t,n){"use strict";function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter(function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable})),n.push.apply(n,r)}return n}function i(e){for(var t=1;t<arguments.length;t++){var n=null!=arguments[t]?arguments[t]:{};t%2?r(Object(n),!0).forEach(function(t){f()(e,t,n[t])}):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(n)):r(Object(n)).forEach(function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(n,t))})}return e}function o(e){"loading"!==document.readyState?e():document.addEventListener("DOMContentLoaded",e)}function a(){var e,t=navigator,n=t.userAgent;return n.match(/chrome|chromium|crios/i)?e="chrome":n.match(/firefox|fxios/i)?e="firefox":n.match(/safari/i)?e="safari":n.match(/opr\//i)?e="opera":n.match(/edg/i)&&(e="edge"),e}function c(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"/support/",n=new URL(window.location.href).pathname,r=n.split(t)[0];return r?"".concat(r).concat(e):e}function s(e,t,n){var r=e.hasAttribute("disabled"),i=JSON.stringify(t)!==JSON.stringify(n);i?r&&e.removeAttribute("disabled"):!r&&e.setAttribute("disabled",!0)}n.d(t,"i",function(){return o}),n.d(t,"d",function(){return b}),n.d(t,"p",function(){return y}),n.d(t,"v",function(){return _}),n.d(t,"r",function(){return k}),n.d(t,"J",function(){return x}),n.d(t,"H",function(){return S}),n.d(t,"t",function(){return E}),n.d(t,"F",function(){return L}),n.d(t,"E",function(){return j}),n.d(t,"b",function(){return O}),n.d(t,"k",function(){return A}),n.d(t,"f",function(){return N}),n.d(t,"L",function(){return T}),n.d(t,"z",function(){return I}),n.d(t,"o",function(){return M}),n.d(t,"w",function(){return q}),n.d(t,"C",function(){return p}),n.d(t,"B",function(){return g}),n.d(t,"m",function(){return V}),n.d(t,"G",function(){return C}),n.d(t,"A",function(){return P}),n.d(t,"n",function(){return B}),n.d(t,"e",function(){return H}),n.d(t,"l",function(){return R}),n.d(t,"j",function(){return U}),n.d(t,"c",function(){return F}),n.d(t,"y",function(){return D}),n.d(t,"h",function(){return J}),n.d(t,"K",function(){return z}),n.d(t,"I",function(){return s}),n.d(t,"q",function(){return W}),n.d(t,"s",function(){return $}),n.d(t,"D",function(){return G}),n.d(t,"a",function(){return a}),n.d(t,"x",function(){return c}),n.d(t,"u",function(){return K}),n.d(t,"g",function(){return Q});var u=n(1),l=n.n(u),d=n(8),f=n.n(d),h=n(16),m=n(3),p=function(e){var t=document.createElement("div");return t.textContent=e,t.innerHTML.replace(/"/g,""")},v=function(e){try{var t=document.createElement("div");return t.innerHTML=e,t.textContent||t.innerText}catch(n){return e}},g=function(e){try{return encodeURIComponent(e)}catch(t){return e}},y=function(){return window.localStorage.getItem("recentSearches")?JSON.parse(window.localStorage.getItem("recentSearches")):[]},b=function(){localStorage.setItem("recentSearches","")},w=function(){return window.store.currentLocale||window.store.defaultLocale},_=function(){var e=document.querySelector(".fw-recent-searches"),t=y();e.innerHTML=t.map(function(e){var t=v(e);return'<li><a class="ps-32 line-clamp-2" href="/'.concat(w(),"/support/search?term=").concat(g(t),'">').concat(p(t),"</a></li>")}).join("")},k=function(e,t){return e&&e.classList.contains(t)},x=function(e){var t=[].concat(e);t.forEach(function(e){e&&e.classList.toggle("d-none")})},S=function(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"primary",n=[].concat(e);n.forEach(function(e){k(e,"btn-".concat(t))?e.classList.replace("btn-".concat(t),"btn-outline-".concat(t)):e.classList.replace("btn-outline-".concat(t),"btn-".concat(t))})},E=function(e){var t=[].concat(e);t.forEach(function(e){e&&!e.classList.contains("d-none")&&e.classList.add("d-none")})},L=function(e){var t=[].concat(e);t.forEach(function(e){e&&e.classList |
| URL: https://steursinnovatingforthefuture.freshdesk.com/support/solutions/articles/203000017909-steurs-innovating-for-the-future Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "VIEW PDF DOCUMENT",
"prominent_button_name": "VIEW PDF DOCUMENT",
"text_input_field_labels": "unknown",
"pdf_icon_visible": true,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "file hosting"
} |
 |
| URL: https://steursinnovatingforthefuture.freshdesk.com/support/solutions/articles/203000017909-steurs-innovating-for-the-future Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://pril.trelivorn.ru/h3J2L/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "unknown"
} |
 |
| URL: https://pril.trelivorn.ru/h3J2L/ Model: Joe Sandbox AI | {
"brands": [
"Cloudflare"
]
} |
|
| URL: https://pril.trelivorn.ru Model: Joe Sandbox AI | ```json{ "brand": "Trello", "brand_classification": "known", "legit_url": "https://trello.com", "similarity": 5, "spoofed": 6, "reasoning": "The URL 'pril.trelivorn.ru' appears to be attempting to mimic the brand 'Trello'. The subdomain 'pril' does not have a clear association with Trello, which could be an attempt to confuse users. The main domain 'trelivorn' is visually similar to 'Trello', with the substitution of 'o' for 'i' and the addition of 'rn' at the end, which could be a deliberate attempt to create a visually similar domain. The use of the '.ru' domain extension does not inherently suggest typosquatting, but it could be used to target a specific geographic audience. The similarity score is moderate due to the visual resemblance and structural changes, and the spoofed score is slightly higher due to the potential for user confusion."} |
URL: https://pril.trelivorn.ru |
| URL: https://login.microsoftonline.com Model: Joe Sandbox AI | ```json{ "brand": "Microsoft", "brand_classification": "wellknown", "legit_url": "https://login.microsoftonline.com", "similarity": 10, "spoofed": 0, "reasoning": "The URL 'https://login.microsoftonline.com' is a legitimate and well-known domain used by Microsoft for its online services, particularly for authentication and login purposes. There are no character substitutions or structural changes that suggest typosquatting. The domain 'microsoftonline.com' is directly associated with Microsoft, and the subdomain 'login' is contextually appropriate for its purpose. There is no indication of a deceptive attempt, and the URL is consistent with Microsoft's branding and service offerings."} |
URL: https://login.microsoftonline.com |
| URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2F Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Sign in",
"prominent_button_name": "Next",
"text_input_field_labels": [
"ydpei8@mrh.com"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "unknown"
} |
 |
| URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2F Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2F Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "We couldn't find an account with that username. Try another, or get a new Microsoft account.",
"prominent_button_name": "Next",
"text_input_field_labels": [
"ydpei8@mrh.com"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "software download portal"
} |
 |
| URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2F Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
Edit tour
chrome.exe (PID: 4400 cmdline: 
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
