| URL: email Model: Joe Sandbox AI | {
"explanation": [
"Email claims to be from Microsoft Teams but uses suspicious domain 'employee-services.org' instead of legitimate Microsoft domains",
"Contains suspicious QR code link from non-Microsoft domains (mycurricula.com)",
"Uses common phishing lure of 'New Voice Mail' to create urgency and curiosity"
],
"phishing": true,
"confidence": 9,
"generated_by_ai": false
} |
{
"date": "Thu, 30 Jan 2025 19:13:58 +0000",
"subject": "FW: New Voice Mail",
"communications": [
"Were getting QR codes for VMs now?\n\n\n[live-quinn.com]<http://live-quinn.com/>\nMegan Keller\nDirector of IT\n3348 Peachtree Road, NE, Suite 1460 | Atlanta, Georgia 30326\nD:\n4707514137\nmkeller@live-quinn.com<mailto:mkeller@live-quinn.com>\nlive-quinn.com<https://live-quinn.com/>\n[https://quinnresdev.wpenginepowered.com/wp-content/uploads/2024/05/Quinn_Residences_US_English_2024_Certification_Badge-49x70-1.png]\nNotice of Confidentiality\nThis e-mail message and attachments, if any, are intended solely for the use of the addressee hereof. In addition, this message and attachments, if any, may contain information that is confidential, privileged and exempt from disclosure under applicable law. If you are not the intended recipient of this message, you are prohibited from reading, disclosing, reproducing, distributing, disseminating, or otherwise using this transmission. Delivery of this message to any person other than the intended recipient is not intended to waive any right or privilege. If you have received this message in error, please promptly notify the sender by e-mail and immediately delete this message from your system.\n\n\n\n",
"From: Microsoft Teams <noreply@employee-services.org>\nSent: Thursday, January 30, 2025 1:57 PM\nTo: Megan Keller <mkeller@live-quinn.com>\nSubject: New Voice Mail\n\n\n[https://s3.amazonaws.com/media.aws-cdn/content/1549-674a428f226ac.png]\n\n[https://mycurricula.com/p/generate-qr/?u=93304-ee6c10cda19b878c738c18904c8c2ac129f33e8dadfa97c7967f5baeab7b345d]\n\n"
],
"from": "Megan Keller <mkeller@live-quinn.com>",
"to": "MSP IT Partners Support <support@msp-partner.com>",
"attachements": []
} |
| URL: email Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": [
"Email is sent through legitimate Microsoft Office 365 infrastructure (outlook.com domains)",
"Message has passed Microsoft's internal security checks (SCL score of -1 indicates trusted sender)",
"Contains valid Microsoft anti-spam headers and authentication markers",
"Message ID format matches legitimate Office 365 pattern",
"Routing information shows expected Microsoft Exchange server paths",
"BCL (Bulk Compliant Level) of 0 indicates this is not bulk mail",
"All headers are consistent with legitimate Office 365 email flow"
]
} |
Date: Thu, 30 Jan 2025 19:13:58 +0000
Key: mime-version
Value: 1.0
Key: return-path
Value: mkeller@live-quinn.com
Key: x-microsoft-antispam-message-info
Value: l08djzGjnX8UwgpyhZlGQMNQohtOyoqo4K8mBIy3FOsLtrLg80P2KO1qiaezKyf/Yxy/TfYOZCXttX92DoGvIx6AKdtVJpylganEzUdTYmomLGQHr+8m8ALoOHFvRlDePvk6yTV9KRySlsu/YbLMCFUzvsoQ3aMGidFCT11OrinznTCO9FCzFWWgjlkvX7TOQ9doJ/d1NXri3bhF2h+gQktOjytrcoFHLaWmR9ijHX70PQWVotiLFc+vMnFR5ZjvPDkztPsrALsMCHoXCWr9Umt0pB+2F6+b1jHzN7SJ7TNY/O/NDaPzp/OxTNEBTWKpY0FwckAh4eULkwffda6uv0PNWBR6C9xFfKb5Nnv2pR3Hb4XbrcghAf6D1oQbt3D4EAWa/ggqFDmlSTVGiHFTn9a39HsyI7YwWaTx503e6N5duK+YBaQAJlDWxV0/yWTm4ihf88w3FHkAc+/wUjqJJ4BH0mymyUk8Y93gbXtdFuOGbDIS5+SfEFklHUdQsXF+epyK5WduYq9iOOGMiI2yDmbq3+XsWHHIcmhpV2BLV8SF9i+G/3ZrkxaXXazTd7FvZAnmxIw+NAEzMp5xHIONAXYzMxCzyO+MAU8aTSLBgwKP0pRxCzAtCGPVWEtYTbXwtSCwEZHc5fRLkER2IcznwUX6Pr6coWRiHz9vjH3dRk3MxIl7vd2dXh7erdrDD+m64Fh39T8Hfjj/o+suLZjuz0INDf1p/uEAB7IrtesI/jv4MHiGAg887kiqeJQSK7YoNnsxXtpMiCVKRaX/kTiDzsiRHrlaZ3YCIYQ2tPnCjmjlqk/mSV30G6xsN82RxD6Y7mIyWybO9Erg/yH9FGxLntDNI3JeBQeFh4OoYwv46wXzFtib/pBmlDuDjy6JSja2oGcWytK3Ro4DEQRU+DHERKIVEyh0ttAjou2c3YuTZU39yRrsqazB/5izI3tuAcgNHH9FwnZoMBV1ky6K8Ys3+yzoIe3WQimRb/VcvkygVyCxZWiIVvknA2SnImZfnCM5uZbArnKRvx74/fYcyu/iJ6ybjQ239ghWKwlx9/0yJSL164RtU362zFqNBxmWUWtJ8JiXpewWdaRzs3pEZkHvijGcMjcsrF4k3ew13ibO89iUa4eLU1y+CuiHHQ2i2eP30QMpBs02KIfJTaY0S5ea+EYJxe59X4dMLxa+gc1Eu7Rju1uu6t5rD7JBNUF7TnIya4g3kSZA6JopoctyKZ2pinePyD1GLEZtWmG0YM1NoDqbxIV1I0bsWqS9K9vNl+HhOg7HUVYIm+bXoFSakedEF39m10IoGYmFJD76qoUTN8Jwf97E1N/Td7Wct9B3rcczGuWLmYObR3vSbjqk+oAwAlkL8TBXWyLGFM0M389PSVp52H44T4976f/57s3QWS/0FtPd88oeK7hIKq3OucUsEQjbvVXMHj8YBH8xEFeJzHTLBDhwBJZ0zAjokOIifZ0gzr3wT1uKvZWnDCVf6guxla4aMNwVJCkoOuGd4D0I2t19Qj9Zif3JUpnHwxXbCbmp5KIoddG0YLXIWqikx+/ih6HrI3JVo83ijfqMS+7OJHk6q0cuIj8ehJWly4wrWiMQzyxVN0rEB6Rn1xVUSuQEBee6ntLSYDknusht+aSWjyBlzJ22jGpe4NM+LeazQ9TZJgz5JciVY4GXYvUV4ZbcExVgDrxtBtwHUs5xWN3U7jV2eyNWeDBTAn9NXe9P3kJtVfiD80ifZXI0YqpYNU+1/FuidG6IwGf5I6XtMC8B91fVk1y4mYYQh857uCfANfanO6BnsdRg/d+9NPwzksHPCyox0XzC6xLWocRq9cY+w/Fn1V8tDpEUyV7MPiuwb9iXzpKQN6G3bBnHoD8/itGjZ8XI98k7bz4W7YTqZBkEKP/zY1ArHw75goMqO/zQz5cMbqlsYBqeb6JBZ8xpwW4m0rV3X81005YO187ZC40j/6+Bz0T1PpsTYhv46mREMkus+ZkfRigXsKlV/zDBvjES/OAR5t950Bjg1Ecj3hf+J3k6oFWZypoPMhPtJCZK9sLL3V5OLTIuOTN0Ero3OWa8or7Y988AeI943e2dHDui5Fy2sr2p4a6EgMmvP0WqYXN+T3Q7qn+oVJgmqc4LNzcoh6mMWplkRE+WcCgJeUCOuD2D9y4cPyDWt/Frz9oRQ0/rxyuBpk0DLXMMubY3AXTDSA==
Key: message-id
Value: <SA0PR05MB7290BE90A36D9F81DC1B14DC97E92@SA0PR05MB7290.namprd05.prod.outlook.com>
Key: x-ms-exchange-senderadcheck
Value: 1
Key: received
Value: from SA0PR05MB7290.namprd05.prod.outlook.com ([fe80::28e7:7f9f:1319:dd63]) by SA0PR05MB7290.namprd05.prod.outlook.com ([fe80::28e7:7f9f:1319:dd63%6]) with mapi id 15.20.8398.017; Thu, 30 Jan 2025 19:13:58 +0000
Key: x-ms-exchange-crosstenant-authas
Value: Anonymous
Key: x-ms-exchange-crosstenant-originalarrivaltime
Value: 30 Jan 2025 19:14:08.4167 (UTC)
Key: content-type
Value: multipart/alternative; boundary="_000_SA0PR05MB7290BE90A36D9F81DC1B14DC97E92SA0PR05MB7290namp_"
Key: x-forefront-antispam-report
Value: CIP:52.101.85.103;CTRY:US;LANG:en;SCL:-1;SRV:;IPV:NLI;SFV:NSPM;H:BYAPR05CU005.outbound.protection.outlook.com;PTR:mail-westusazon11020103.outbound.protection.outlook.com;CAT:NONE;SFS:(13230040)(35042699022)(69100299015)(1032899013)(13003099007)(8096899003)(2066899003);DIR:INB;
Key: x-ms-exchange-organization-scl
Value: -1
Key: x-microsoft-antispam
Value: BCL:0;ARA:13230040|35042699022|69100299015|1032899013|13003099007|8096899003|2066899003;
|
| URL: https://mycurricula.com Model: Joe Sandbox AI | ```json{ "brand": "unknown", "brand_classification": "unknown", "legit_url": "unknown", "similarity": 0, "spoofed": 0, "reasoning": "The URL 'mycurricula.com' does not closely resemble any known brand or legitimate URL. There are no apparent character substitutions or visual similarities to a well-known brand. The domain name 'mycurricula' suggests a focus on educational content or curriculum-related services, which does not imply any deceptive intent or connection to a recognized brand. The use of the '.com' extension is standard and does not indicate typosquatting. Overall, there is no evidence to suggest that this URL is attempting to spoof a legitimate brand."} |
URL: https://mycurricula.com |
| URL: https://mycurricula.com/p/defense-coaching... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a legitimate implementation of a toast notification system using the Alpine.js framework and the Pusher Channels library. It listens for specific events, such as '.app.alert.toast' and '.pusher:subscription_succeeded', and dispatches custom events to update the UI with toast notifications. The code does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or obfuscation. The use of the Pusher Channels library is a common practice for real-time communication and notification systems. Overall, this script seems to be a benign implementation of a standard web application feature."
} |
document.addEventListener('alpine:init', () => {
window.Alpine.directive('ToastComponent', window.ToastComponent);
});
document.addEventListener('DOMContentLoaded', function () {
window.UserId = null;
window.LearnerId = "nL46xRN258QY";
window.LearnerCompanyId = "alJVgpaR831L";
window.CompanyId = null;
window.PartnerId = null;
if (window.UserId && typeof window.Echo !== 'undefined') {
Echo.private(`user.${window.UserId}`)
.listen('.app.alert.toast', (e) => {
window.dispatchEvent(
new CustomEvent('toast', {
detail: Toast.make(
e.message ?? 'User notification',
e.title ?? 'Alert!',
e.type ?? 'success',
e.duration ?? 5000
)
})
);
})
.listen('.pusher:subscription_succeeded', (e) => {
Livewire.dispatch(
`user.${window.UserId}.websocket.connected`,
);
});
}
if (window.LearnerId && typeof window.Echo !== 'undefined') {
Echo.private(`learner.${window.LearnerId}`)
.listen('.app.alert.toast', (e) => {
window.dispatchEvent(
new CustomEvent('toast', {
detail: Toast.make(
e.message ?? 'Learner notification',
e.title ?? 'Alert!',
e.type ?? 'success',
e.duration ?? 5000
)
})
);
})
.listen('.pusher:subscription_succeeded', (e) => {
Livewire.dispatch(
`learner.${window.LearnerId}.websocket.connected`,
);
});
Echo.private(`learner-company.${window.LearnerCompanyId}`)
.listen('.app.alert.toast', (e) => {
window.dispatchEvent(
new CustomEvent('toast', {
detail: Toast.make(
e.message ?? 'Learner notification',
e.title ?? 'Alert!',
e.type ?? 'success',
e.duration ?? 5000
)
})
);
})
.listen('.pusher:subscription_succeeded', (e) => {
Livewire.dispatch(
`learner.${window.LearnerId}.websocket.connected`,
);
});
}
if (window.CompanyId && typeof window.Echo !== 'undefined') {
Echo.private(`company.${window.CompanyId}`)
.listen('.app.alert.toast', (e) => {
window.dispatchEvent(
new CustomEvent('toast', {
detail: Toast.make(
e.message ?? 'Company notification',
e.title ?? 'Alert!',
e.type ?? 'success',
e.duration ?? 5000
)
})
);
})
.listen('.pusher:subscription_succeeded', (e) => {
Livewire.dispatch(
`company.${window.CompanyId}.websocket.connected`,
);
});
}
if (window.PartnerId && typeof window.Echo !== 'undefined') {
Echo.private(`partner.${window.PartnerId}`).listen(
'.app.alert.toast', |
| URL: https://d2v8pn2kg220hg.cloudfront.net/503d5a3a-15b... Model: Joe Sandbox AI | {
"risk_score": 5,
"reasoning": "The provided JavaScript snippet contains a mix of behaviors that require further review. While it does not exhibit any clear malicious intent, there are some moderate-risk indicators that warrant closer inspection. The code includes base64 encoding/decoding functions, which could potentially be used for data exfiltration, and it interacts with the WebAuthn API, which could be used for authentication-related activities. Additionally, the script checks for the existence of the `PublicKeyCredential` object, which is a WebAuthn-specific API. Overall, the script appears to be implementing some WebAuthn-related functionality, but the specific use case and the handling of sensitive data are not entirely clear. A more detailed review of the script's context and purpose would be necessary to determine the full risk profile."
} |
function d(e){const t=new Uint8Array(e);let n="";for(const i of t)n+=String.fromCharCode(i);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function E(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),n=(4-t.length%4)%4,a=t.padEnd(t.length+n,"="),i=atob(a),o=new ArrayBuffer(i.length),c=new Uint8Array(o);for(let s=0;s<i.length;s++)c[s]=i.charCodeAt(s);return o}function A(){return(window==null?void 0:window.PublicKeyCredential)!==void 0&&typeof window.PublicKeyCredential=="function"}function m(e){const{id:t}=e;return{...e,id:E(t),transports:e.transports}}function y(e){return e==="localhost"||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}class r extends Error{constructor({message:t,code:n,cause:a,name:i}){super(t,{cause:a}),this.name=i??a.name,this.code=n}}function I({error:e,options:t}){var a,i,o;const{publicKey:n}=t;if(!n)throw Error("options was missing required publicKey property");if(e.name==="AbortError"){if(t.signal instanceof AbortSignal)return new r({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if(e.name==="ConstraintError"){if(((a=n.authenticatorSelection)==null?void 0:a.requireResidentKey)===!0)return new r({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if(t.mediation==="conditional"&&((i=n.authenticatorSelection)==null?void 0:i.userVerification)==="required")return new r({message:"User verification was required during automatic registration but it could not be performed",code:"ERROR_AUTO_REGISTER_USER_VERIFICATION_FAILURE",cause:e});if(((o=n.authenticatorSelection)==null?void 0:o.userVerification)==="required")return new r({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if(e.name==="InvalidStateError")return new r({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if(e.name==="NotAllowedError")return new r({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if(e.name==="NotSupportedError")return n.pubKeyCredParams.filter(s=>s.type==="public-key").length===0?new r({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new r({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if(e.name==="SecurityError"){const c=window.location.hostname;if(y(c)){if(n.rp.id!==c)return new r({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else return new r({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e})}else if(e.name==="TypeError"){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new r({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if(e.name==="UnknownError")return new r({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}class S{createNewAbortSignal(){if(this.controller){const n=new Error("Cancelling existing WebAuthn API call for new one");n.name="AbortError",this.controller.abort(n)}const t=new AbortController;return this.controller=t,t.signal}cancelCeremony(){if(this.controller){const t=new Error("Manually cancelling existing WebAuthn API call");t.name="AbortError",this.controller.abort(t),this.controller=void 0}}}const _=new S,P=["cross-platform","platform"];function O(e){if(e&&!(P.indexOf(e)<0))return e}async function N(e){var w;const{optionsJSON:t,useAutoRegister:n=!1}=e;if(!A())throw new Error("WebAuthn is not supported in this browser");const a={...t,challenge:E(t.challenge),user:{. |
| URL: https://d2v8pn2kg220hg.cloudfront.net/503d5a3a-15b... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a part of a larger library or framework, likely related to real-time communication or event handling. While it contains some potentially risky behaviors, such as dynamic code execution and external data transmission, the overall context suggests these are likely part of legitimate functionality rather than malicious intent. The code is also well-structured and follows common patterns, indicating it is not intentionally obfuscated. Therefore, the risk score is assessed as low, with a score of 3."
} |
function b(r){"@babel/helpers - typeof";return b=typeof Symbol=="function"&&typeof Symbol.iterator=="symbol"?function(i){return typeof i}:function(i){return i&&typeof Symbol=="function"&&i.constructor===Symbol&&i!==Symbol.prototype?"symbol":typeof i},b(r)}function u(r,i){if(!(r instanceof i))throw new TypeError("Cannot call a class as a function")}function O(r,i){for(var n=0;n<i.length;n++){var t=i[n];t.enumerable=t.enumerable||!1,t.configurable=!0,"value"in t&&(t.writable=!0),Object.defineProperty(r,t.key,t)}}function c(r,i,n){return i&&O(r.prototype,i),Object.defineProperty(r,"prototype",{writable:!1}),r}function d(){return d=Object.assign||function(r){for(var i=1;i<arguments.length;i++){var n=arguments[i];for(var t in n)Object.prototype.hasOwnProperty.call(n,t)&&(r[t]=n[t])}return r},d.apply(this,arguments)}function a(r,i){if(typeof i!="function"&&i!==null)throw new TypeError("Super expression must either be null or a function");r.prototype=Object.create(i&&i.prototype,{constructor:{value:r,writable:!0,configurable:!0}}),Object.defineProperty(r,"prototype",{writable:!1}),i&&g(r,i)}function p(r){return p=Object.setPrototypeOf?Object.getPrototypeOf:function(n){return n.__proto__||Object.getPrototypeOf(n)},p(r)}function g(r,i){return g=Object.setPrototypeOf||function(t,e){return t.__proto__=e,t},g(r,i)}function j(){if(typeof Reflect>"u"||!Reflect.construct||Reflect.construct.sham)return!1;if(typeof Proxy=="function")return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],function(){})),!0}catch{return!1}}function S(r){if(r===void 0)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return r}function E(r,i){if(i&&(typeof i=="object"||typeof i=="function"))return i;if(i!==void 0)throw new TypeError("Derived constructors may only return object or undefined");return S(r)}function h(r){var i=j();return function(){var t=p(r),e;if(i){var s=p(this).constructor;e=Reflect.construct(t,arguments,s)}else e=t.apply(this,arguments);return E(this,e)}}var m=function(){function r(){u(this,r)}return c(r,[{key:"listenForWhisper",value:function(n,t){return this.listen(".client-"+n,t)}},{key:"notification",value:function(n){return this.listen(".Illuminate\\Notifications\\Events\\BroadcastNotificationCreated",n)}},{key:"stopListeningForWhisper",value:function(n,t){return this.stopListening(".client-"+n,t)}}]),r}(),w=function(){function r(i){u(this,r),this.namespace=i}return c(r,[{key:"format",value:function(n){return n.charAt(0)==="."||n.charAt(0)==="\\"?n.substr(1):(this.namespace&&(n=this.namespace+"."+n),n.replace(/\./g,"\\"))}},{key:"setNamespace",value:function(n){this.namespace=n}}]),r}(),y=function(r){a(n,r);var i=h(n);function n(t,e,s){var o;return u(this,n),o=i.call(this),o.name=e,o.pusher=t,o.options=s,o.eventFormatter=new w(o.options.namespace),o.subscribe(),o}return c(n,[{key:"subscribe",value:function(){this.subscription=this.pusher.subscribe(this.name)}},{key:"unsubscribe",value:function(){this.pusher.unsubscribe(this.name)}},{key:"listen",value:function(e,s){return this.on(this.eventFormatter.format(e),s),this}},{key:"listenToAll",value:function(e){var s=this;return this.subscription.bind_global(function(o,l){if(!o.startsWith("pusher:")){var f=s.options.namespace.replace(/\./g,"\\"),k=o.startsWith(f)?o.substring(f.length+1):"."+o;e(k,l)}}),this}},{key:"stopListening",value:function(e,s){return s?this.subscription.unbind(this.eventFormatter.format(e),s):this.subscription.unbind(this.eventFormatter.format(e)),this}},{key:"stopListeningToAll",value:function(e){return e?this.subscription.unbind_global(e):this.subscription.unbind_global(),this}},{key:"subscribed",value:function(e){return this.on("pusher:subscription_succeeded",function(){e()}),this}},{key:"error",value:function(e){return this.on("pusher:subscription_error",function(s){e(s)}),this}},{key:"on",value:function(e,s){return this.subscription.bind(e,s),this}}]),n}(m),T=function(r){a(n,r);var i=h(n);function n(){return u(this, |
| URL: https://d2v8pn2kg220hg.cloudfront.net/503d5a3a-15b... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a part of the Pikaday library, which is a popular date picker library. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code/URLs. The script primarily focuses on date manipulation and rendering functionality, which is common for a date picker library. While it uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, the script seems to be a legitimate implementation of a date picker functionality and does not exhibit any suspicious or malicious behavior."
} |
import{c as de,g as ce}from"./ace-builds-Yv6jyLXb.js";import{r as ge}from"./moment-DVlmW3bi.js";var K={exports:{}};/*!
* Pikaday
*
* Copyright 2014 David Bushell | BSD & MIT license | https://github.com/Pikaday/Pikaday
*/(function(q,me){(function(b,w){var M;{try{M=ge}catch{}q.exports=w(M)}})(de,function(b){var w=typeof b=="function",M=!!window.addEventListener,h=window.document,T=window.setTimeout,m=function(t,e,i,n){M?t.addEventListener(e,i,!!n):t.attachEvent("on"+e,i)},y=function(t,e,i,n){M?t.removeEventListener(e,i,!!n):t.detachEvent("on"+e,i)},z=function(t){return t.trim?t.trim():t.replace(/^\s+|\s+$/g,"")},u=function(t,e){return(" "+t.className+" ").indexOf(" "+e+" ")!==-1},N=function(t,e){u(t,e)||(t.className=t.className===""?e:t.className+" "+e)},O=function(t,e){t.className=z((" "+t.className+" ").replace(" "+e+" "," "))},W=function(t){return/Array/.test(Object.prototype.toString.call(t))},d=function(t){return/Date/.test(Object.prototype.toString.call(t))&&!isNaN(t.getTime())},G=function(t){var e=t.getDay();return e===0||e===6},U=function(t){return t%4===0&&t%100!==0||t%400===0},A=function(t,e){return[31,U(t)?29:28,31,30,31,30,31,31,30,31,30,31][e]},I=function(t){d(t)&&t.setHours(0,0,0,0)},Y=function(t,e){return t.getTime()===e.getTime()},C=function(t,e,i){var n,a;for(n in e)a=t[n]!==void 0,a&&typeof e[n]=="object"&&e[n]!==null&&e[n].nodeName===void 0?d(e[n])?i&&(t[n]=new Date(e[n].getTime())):W(e[n])?i&&(t[n]=e[n].slice(0)):t[n]=C({},e[n],i):(i||!a)&&(t[n]=e[n]);return t},P=function(t,e,i){var n;h.createEvent?(n=h.createEvent("HTMLEvents"),n.initEvent(e,!0,!1),n=C(n,i),t.dispatchEvent(n)):h.createEventObject&&(n=h.createEventObject(),n=C(n,i),t.fireEvent("on"+e,n))},L=function(t){return t.month<0&&(t.year-=Math.ceil(Math.abs(t.month)/12),t.month+=12),t.month>11&&(t.year+=Math.floor(Math.abs(t.month)/12),t.month-=12),t},D={field:null,bound:void 0,ariaLabel:"Use the arrow keys to pick a date",position:"bottom left",reposition:!0,format:"YYYY-MM-DD",toString:null,parse:null,defaultDate:null,setDefaultDate:!1,firstDay:0,firstWeekOfYearMinDays:4,formatStrict:!1,minDate:null,maxDate:null,yearRange:10,showWeekNumber:!1,pickWholeWeek:!1,minYear:0,maxYear:9999,minMonth:void 0,maxMonth:void 0,startRange:null,endRange:null,isRTL:!1,yearSuffix:"",showMonthAfterYear:!1,showDaysInNextAndPreviousMonths:!1,enableSelectionDaysInNextAndPreviousMonths:!1,numberOfMonths:1,mainCalendar:"left",container:void 0,blurFieldOnSelect:!0,i18n:{previousMonth:"Previous Month",nextMonth:"Next Month",months:["January","February","March","April","May","June","July","August","September","October","November","December"],weekdays:["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],weekdaysShort:["Sun","Mon","Tue","Wed","Thu","Fri","Sat"]},theme:null,events:[],onSelect:null,onOpen:null,onClose:null,onDraw:null,keyboardInput:!0},H=function(t,e,i){for(e+=t.firstDay;e>=7;)e-=7;return i?t.i18n.weekdaysShort[e]:t.i18n.weekdays[e]},X=function(t){var e=[],i="false";if(t.isEmpty)if(t.showDaysInNextAndPreviousMonths)e.push("is-outside-current-month"),t.enableSelectionDaysInNextAndPreviousMonths||e.push("is-selection-disabled");else return'<td class="is-empty"></td>';return t.isDisabled&&e.push("is-disabled"),t.isToday&&e.push("is-today"),t.isSelected&&(e.push("is-selected"),i="true"),t.hasEvent&&e.push("has-event"),t.isInRange&&e.push("is-inrange"),t.isStartRange&&e.push("is-startrange"),t.isEndRange&&e.push("is-endrange"),'<td data-day="'+t.day+'" class="'+e.join(" ")+'" aria-selected="'+i+'"><button class="pika-button pika-day" type="button" data-pika-year="'+t.year+'" data-pika-month="'+t.month+'" data-pika-day="'+t.day+'">'+t.day+"</button></td>"},Q=function(t,e){t.setHours(0,0,0,0);var i=t.getDate(),n=t.getDay(),a=e,s=a-1,r=7,f=function(v){return(v+r-1)%r};t.setDate(i+s-f(n));var o=new Date(t.getFullYear(),0,a),l=24*60*60*1e3,g=(t.getTime()-o.getTime())/l,c=1+Math.round((g-s+f(o.getDay()))/r);return c},Z=function(t,e,i,n){var a=new Date( |
| URL: https://d2v8pn2kg220hg.cloudfront.net/503d5a3a-15b... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a collection of imports and global variable assignments, which is a common practice in modern web development. While it includes some external library imports, such as SimpleWebAuthn, Intl, Pluralize, ApexCharts, EasyMDE, Pusher, Livewire, Moment, Pikaday, Vanilla Picker, and Ace, these are all well-known and widely used libraries that are unlikely to pose a significant security risk. The snippet also includes some custom functions related to user settings and notification previews, which are also common in web applications. Overall, the code does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or obfuscated code, and the use of external libraries is within a reasonable context. Therefore, the risk score is assessed as low (3)."
} |
import{s as p,a as w}from"./@simplewebauthn-CLvCXoCH.js";import{i as f}from"./intl-TV5EZGiN.js";import{p as g}from"./pluralize-CKy8wjKl.js";import{A as v}from"./apexcharts-CR0lJPIS.js";import{E as y}from"./easymde-BkQbLd_p.js";import{E as T}from"./laravel-echo-jsk6XGuY.js";import{P as E}from"./pusher-js-Cs7BQr1n.js";import{e as m,L as u}from"./livewire-Bl0O0EY7.js";import{C as L,m as R}from"./@ryangjchandler-DB4gAPbQ.js";import{m as k}from"./moment-timezone-ZsDSEs_D.js";import{p as S}from"./pikaday-D84Fc82I.js";import{i as C}from"./@jaames-DqG6q-J1.js";import{P as O}from"./vanilla-picker-DZ-25AGV.js";import{A as l}from"./ace-builds-Yv6jyLXb.js";import"./codemirror-CHs1P-aq.js";import"./codemirror-spell-checker-DAx1oG0u.js";import"./typo-js-CA1DZ0vR.js";import"./marked-B-c5sAHk.js";import"./moment-DVlmW3bi.js";window.intlTelInput=f;window.pluralize=g;window.ApexCharts=v;window.EasyMDE=y;window.Pusher=E;try{window.Echo=new T({broadcaster:"pusher",key:"e4269812c912a8b3a19d",cluster:"us2",forceTLS:!0})}catch(i){console.error(i)}m.plugin(L);m.plugin(R);window.moment=k;window.Pikaday=S;window.openSettings=function(){setTimeout(function(){document.getElementById("user-settings").classList.remove("hidden")},10)};window.settingsClosed=function(){setTimeout(function(){document.getElementById("user-settings").classList.add("hidden")},600)};window.settingsOpened=function(){};window.addEventListener("notificationPreview",i=>{document.body.classList.add("overflow-hidden");let e=document.getElementById("notificationPreview"),t=document.getElementById("notificationPreviewContainer");e.innerHTML=i.detail.html,t.classList.remove("hidden")});window.closePreview=function(){document.body.classList.remove("overflow-hidden");let i=document.getElementById("notificationPreview"),e=document.getElementById("notificationPreviewContainer");i.innerHTML="",e.classList.add("hidden")};window.iro=C;window.Picker=O;l.config.set("basePath","https://cdn.jsdelivr.net/npm/ace-builds@"+l.version+"/src-noconflict/");window.Ace=l;window.passkeys={register:async()=>{const i=document.querySelector("#passkey-message"),e=()=>{i.className="hidden",i.innerHTML=""},t=o=>{i.className="text-center mt-2 text-sm ",i.innerHTML=o},s=o=>{t(o),i.classList.add("text-danger-600")};e();try{const n=await(await fetch("/auth/passkey/generate-registration-options")).json();t("Waiting for a passkey...");const r=await p({optionsJSON:n}),a=await(await fetch("/auth/passkey/verify-registration",{method:"POST",headers:{"Content-Type":"application/json","X-CSRF-TOKEN":document.querySelector('meta[name="csrf-token"]').getAttribute("content")},body:JSON.stringify(r)})).json();if(a&&a.verified)e(),u.dispatch("updatePasskeys");else throw a}catch(o){console.error(o),s("Registration failed, please try again.")}},login:async(i=!1)=>{const e=document.querySelector("#passkey-message"),t=()=>{e.className="hidden",e.innerHTML=""},s=n=>{e.className="text-center mt-2 text-sm ",e.innerHTML=n},o=n=>{s(n),e.classList.add("text-danger-600")};t();try{const r=await(await fetch("/auth/passkey/generate-login-options")).json();i||s("Waiting for a passkey...");let d;try{d=await w({optionsJSON:r,useBrowserAutofill:i,verifyBrowserAutofillInput:!1})}catch(h){if(i)return;throw h}const c=await(await fetch("/auth/passkey/verify-login",{method:"POST",headers:{"Content-Type":"application/json","X-CSRF-TOKEN":document.querySelector('meta[name="csrf-token"]').getAttribute("content")},body:JSON.stringify(d)})).json();if(c&&c.verified)s("Success! Logging in..."),window.location.reload();else throw c}catch(n){console.error(n),o("Login failed, please try another authentication method.")}}};document.addEventListener("DOMContentLoaded",()=>{document.querySelector("#sign-in-with-passkey")&&passkeys.login(!0)});m.data("ToastComponent",i=>({defaultDuration:5e3,wireToasts:i.$entangle("toasts"),wireToastsIndex:0,toasts:[],pendingToasts:[],pendingRemovals:[],count:0,loaded:!1,init(){window.Toast={component:this,make:(e,t,s,o)=>({title:t,message |
| URL: https://d2v8pn2kg220hg.cloudfront.net/503d5a3a-15b... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The provided JavaScript snippet appears to be a part of a larger codebase that includes functionality for a Markdown editor. While it does not contain any obvious high-risk indicators, such as dynamic code execution or data exfiltration, it does exhibit some moderate-risk behaviors that warrant further review. The script uses external libraries like CodeMirror and Marked, which could potentially introduce security risks if not properly vetted. Additionally, the aggressive DOM manipulation and the use of legacy APIs like `XDomainRequest` contribute to the overall risk score. However, the script seems to be primarily focused on providing Markdown editing functionality, which is a common and generally legitimate use case. Therefore, a medium risk score of 4 is assigned, indicating the need for further investigation and potential mitigation of the identified concerns."
} |
import{g as Pe}from"./ace-builds-Yv6jyLXb.js";import{c as ke}from"./codemirror-CHs1P-aq.js";import{s as _e}from"./codemirror-spell-checker-DAx1oG0u.js";import{m as ze}from"./marked-B-c5sAHk.js";var xe=ke;xe.commands.tabAndIndentMarkdownList=function(e){var t=e.listSelections(),i=t[0].head,a=e.getStateAfter(i.line),o=a.list!==!1;if(o){e.execCommand("indentMore");return}if(e.options.indentWithTabs)e.execCommand("insertTab");else{var s=Array(e.options.tabSize+1).join(" ");e.replaceSelection(s)}};xe.commands.shiftTabAndUnindentMarkdownList=function(e){var t=e.listSelections(),i=t[0].head,a=e.getStateAfter(i.line),o=a.list!==!1;if(o){e.execCommand("indentLess");return}if(e.options.indentWithTabs)e.execCommand("insertTab");else{var s=Array(e.options.tabSize+1).join(" ");e.replaceSelection(s)}};var D=ke,Oe=_e,ce=ze.marked,He=/Mac/.test(navigator.platform),Ue=new RegExp(/(<a.*?https?:\/\/.*?[^a]>)+?/g),z={toggleBold:j,toggleItalic:V,drawLink:ie,toggleHeadingSmaller:O,toggleHeadingBigger:Y,drawImage:ae,toggleBlockquote:G,toggleOrderedList:ee,toggleUnorderedList:Z,toggleCodeBlock:K,togglePreview:se,toggleStrikethrough:$,toggleHeading1:J,toggleHeading2:Q,toggleHeading3:X,toggleHeading4:ge,toggleHeading5:fe,toggleHeading6:pe,cleanBlock:te,drawTable:re,drawHorizontalRule:ne,undo:oe,redo:le,toggleSideBySide:P,toggleFullScreen:F},qe={toggleBold:"Cmd-B",toggleItalic:"Cmd-I",drawLink:"Cmd-K",toggleHeadingSmaller:"Cmd-H",toggleHeadingBigger:"Shift-Cmd-H",toggleHeading1:"Ctrl+Alt+1",toggleHeading2:"Ctrl+Alt+2",toggleHeading3:"Ctrl+Alt+3",toggleHeading4:"Ctrl+Alt+4",toggleHeading5:"Ctrl+Alt+5",toggleHeading6:"Ctrl+Alt+6",cleanBlock:"Cmd-E",drawImage:"Cmd-Alt-I",toggleBlockquote:"Cmd-'",toggleOrderedList:"Cmd-Alt-L",toggleUnorderedList:"Cmd-L",toggleCodeBlock:"Cmd-Alt-C",togglePreview:"Cmd-P",toggleSideBySide:"F9",toggleFullScreen:"F11"},We=function(e){for(var t in z)if(z[t]===e)return t;return null},ue=function(){var e=!1;return function(t){(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino|android|ipad|playbook|silk/i.test(t)||/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw-(n|u)|c55\/|capi|ccwa|cdm-|cell|chtm|cldc|cmd-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc-s|devi|dica|dmob|do(c|p)o|ds(12|-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(-|_)|g1 u|g560|gene|gf-5|g-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd-(m|p|t)|hei-|hi(pt|ta)|hp( i|ip)|hs-c|ht(c(-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i-(20|go|ma)|i230|iac( |-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|-[a-w])|libw|lynx|m1-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|-([1-8]|c))|phil|pire|pl(ay|uc)|pn-2|po(ck|rt|se)|prox|psio|pt-g|qa-a|qc(07|12|21|32|60|-[2-7]|i-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h-|oo|p-)|sdk\/|se(c(-|0|1)|47|mc|nd|ri)|sgh-|shar|sie(-|m)|sk-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h-|v-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl-|tdg-|tel(i|m)|tim-|t-mo|to(pl|sh)|ts(70|m-|m3|m5)|tx-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas-|your|zeto|zte-/i.test(t.substr(0,4)))&&(e=!0)}(navigator.userAgent||navigator.vendor||window.opera),e};function je(e){for(var t;(t=Ue.exec(e))!==null; |
| URL: Email Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "New Voice Mail",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "unknown"
} |
 |
| URL: Email Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://d2v8pn2kg220hg.cloudfront.net/503d5a3a-15b... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script appears to be part of a library (ApexCharts) and does not exhibit any high-risk behaviors such as dynamic code execution or data exfiltration. It primarily involves object manipulation and class definitions, which are typical for a JavaScript library. There are no interactions with external domains or obfuscated code present."
} |
import{g as Wt}from"./ace-builds-Yv6jyLXb.js";var Ye={exports:{}};/*!
* ApexCharts v3.46.0
* (c) 2018-2024 ApexCharts
* Released under the MIT License.
*/(function(Fe,rt){function Re(y,e){var t=Object.keys(y);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(y);e&&(i=i.filter(function(a){return Object.getOwnPropertyDescriptor(y,a).enumerable})),t.push.apply(t,i)}return t}function E(y){for(var e=1;e<arguments.length;e++){var t=arguments[e]!=null?arguments[e]:{};e%2?Re(Object(t),!0).forEach(function(i){ee(y,i,t[i])}):Object.getOwnPropertyDescriptors?Object.defineProperties(y,Object.getOwnPropertyDescriptors(t)):Re(Object(t)).forEach(function(i){Object.defineProperty(y,i,Object.getOwnPropertyDescriptor(t,i))})}return y}function V(y){return V=typeof Symbol=="function"&&typeof Symbol.iterator=="symbol"?function(e){return typeof e}:function(e){return e&&typeof Symbol=="function"&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},V(y)}function Y(y,e){if(!(y instanceof e))throw new TypeError("Cannot call a class as a function")}function He(y,e){for(var t=0;t<e.length;t++){var i=e[t];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(y,i.key,i)}}function F(y,e,t){return e&&He(y.prototype,e),t&&He(y,t),y}function ee(y,e,t){return e in y?Object.defineProperty(y,e,{value:t,enumerable:!0,configurable:!0,writable:!0}):y[e]=t,y}function he(y,e){if(typeof e!="function"&&e!==null)throw new TypeError("Super expression must either be null or a function");y.prototype=Object.create(e&&e.prototype,{constructor:{value:y,writable:!0,configurable:!0}}),e&&ke(y,e)}function be(y){return be=Object.setPrototypeOf?Object.getPrototypeOf:function(e){return e.__proto__||Object.getPrototypeOf(e)},be(y)}function ke(y,e){return ke=Object.setPrototypeOf||function(t,i){return t.__proto__=i,t},ke(y,e)}function De(y){if(y===void 0)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return y}function ce(y){var e=function(){if(typeof Reflect>"u"||!Reflect.construct||Reflect.construct.sham)return!1;if(typeof Proxy=="function")return!0;try{return Boolean.prototype.valueOf.call(Reflect.construct(Boolean,[],function(){})),!0}catch{return!1}}();return function(){var t,i=be(y);if(e){var a=be(this).constructor;t=Reflect.construct(i,arguments,a)}else t=i.apply(this,arguments);return function(s,r){if(r&&(typeof r=="object"||typeof r=="function"))return r;if(r!==void 0)throw new TypeError("Derived constructors may only return object or undefined");return De(s)}(this,t)}}function Oe(y,e){return function(t){if(Array.isArray(t))return t}(y)||function(t,i){var a=t==null?null:typeof Symbol<"u"&&t[Symbol.iterator]||t["@@iterator"];if(a!=null){var s,r,n=[],o=!0,h=!1;try{for(a=a.call(t);!(o=(s=a.next()).done)&&(n.push(s.value),!i||n.length!==i);o=!0);}catch(c){h=!0,r=c}finally{try{o||a.return==null||a.return()}finally{if(h)throw r}}return n}}(y,e)||Ne(y,e)||function(){throw new TypeError(`Invalid attempt to destructure non-iterable instance.
In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}()}function $(y){return function(e){if(Array.isArray(e))return Ae(e)}(y)||function(e){if(typeof Symbol<"u"&&e[Symbol.iterator]!=null||e["@@iterator"]!=null)return Array.from(e)}(y)||Ne(y)||function(){throw new TypeError(`Invalid attempt to spread non-iterable instance.
In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}()}function Ne(y,e){if(y){if(typeof y=="string")return Ae(y,e);var t=Object.prototype.toString.call(y).slice(8,-1);return t==="Object"&&y.constructor&&(t=y.constructor.name),t==="Map"||t==="Set"?Array.from(y):t==="Arguments"||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(t)?Ae(y,e):void 0}}function Ae(y,e){(e==null||e>y.length)&&(e=y.length);for(var t=0,i=new Array(e);t<e;t++)i[t]=y[t];return i}var P=function(){function y(){Y(this,y)}return F(y,[{key:"shadeRGBColor",value:function(e,t){var i=t.split("," |
| URL: https://employee-services.org/teams/2044104811/voicemail?u=93304-ee6c10cda19b878c738c18904c8c2ac129f33e8dadfa97c7967f5baeab7b345d Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Sign in",
"text_input_field_labels": [
"Email, phone, or Skype",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "unknown"
}
Google indexed: False |
 |
| URL: https://d2v8pn2kg220hg.cloudfront.net/503d5a3a-15b... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script primarily involves object manipulation and module definition without any high-risk behaviors such as dynamic code execution or data exfiltration. It does not interact with external domains or perform aggressive DOM manipulation. The code appears to be part of a module bundling process, likely for a library or framework, and does not exhibit any malicious intent."
} |
var qa=Object.create,ss=Object.defineProperty,Ua=Object.getOwnPropertyDescriptor,as=Object.getOwnPropertyNames,Ha=Object.getPrototypeOf,za=Object.prototype.hasOwnProperty,zt=(e,r)=>function(){return r||(0,e[as(e)[0]])((r={exports:{}}).exports,r),r.exports},Wa=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let l of as(r))!za.call(e,l)&&l!==i&&ss(e,l,{get:()=>r[l],enumerable:!(o=Ua(r,l))||o.enumerable});return e},it=(e,r,i)=>(i=e!=null?qa(Ha(e)):{},Wa(!e||!e.__esModule?ss(i,"default",{value:e,enumerable:!0}):i,e)),Ct=zt({"node_modules/alpinejs/dist/module.cjs.js"(e,r){var i=Object.create,o=Object.defineProperty,l=Object.getOwnPropertyDescriptor,c=Object.getOwnPropertyNames,S=Object.getPrototypeOf,s=Object.prototype.hasOwnProperty,m=(t,n)=>function(){return n||(0,t[c(t)[0]])((n={exports:{}}).exports,n),n.exports},u=(t,n)=>{for(var a in n)o(t,a,{get:n[a],enumerable:!0})},w=(t,n,a,h)=>{if(n&&typeof n=="object"||typeof n=="function")for(let y of c(n))!s.call(t,y)&&y!==a&&o(t,y,{get:()=>n[y],enumerable:!(h=l(n,y))||h.enumerable});return t},T=(t,n,a)=>(a=t!=null?i(S(t)):{},w(!t||!t.__esModule?o(a,"default",{value:t,enumerable:!0}):a,t)),A=t=>w(o({},"__esModule",{value:!0}),t),D=m({"node_modules/@vue/shared/dist/shared.cjs.js"(t){Object.defineProperty(t,"__esModule",{value:!0});function n(j,oe){const he=Object.create(null),Oe=j.split(",");for(let Ge=0;Ge<Oe.length;Ge++)he[Oe[Ge]]=!0;return oe?Ge=>!!he[Ge.toLowerCase()]:Ge=>!!he[Ge]}var a={1:"TEXT",2:"CLASS",4:"STYLE",8:"PROPS",16:"FULL_PROPS",32:"HYDRATE_EVENTS",64:"STABLE_FRAGMENT",128:"KEYED_FRAGMENT",256:"UNKEYED_FRAGMENT",512:"NEED_PATCH",1024:"DYNAMIC_SLOTS",2048:"DEV_ROOT_FRAGMENT",[-1]:"HOISTED",[-2]:"BAIL"},h={1:"STABLE",2:"DYNAMIC",3:"FORWARDED"},y="Infinity,undefined,NaN,isFinite,isNaN,parseFloat,parseInt,decodeURI,decodeURIComponent,encodeURI,encodeURIComponent,Math,Number,Date,Array,Object,Boolean,String,RegExp,Map,Set,JSON,Intl,BigInt",E=n(y),M=2;function F(j,oe=0,he=j.length){let Oe=j.split(/(\r?\n)/);const Ge=Oe.filter((xt,mt)=>mt%2===1);Oe=Oe.filter((xt,mt)=>mt%2===0);let st=0;const St=[];for(let xt=0;xt<Oe.length;xt++)if(st+=Oe[xt].length+(Ge[xt]&&Ge[xt].length||0),st>=oe){for(let mt=xt-M;mt<=xt+M||he>st;mt++){if(mt<0||mt>=Oe.length)continue;const an=mt+1;St.push(`${an}${" ".repeat(Math.max(3-String(an).length,0))}| ${Oe[mt]}`);const jr=Oe[mt].length,In=Ge[mt]&&Ge[mt].length||0;if(mt===xt){const Nr=oe-(st-(jr+In)),yi=Math.max(1,he>st?jr-Nr:he-oe);St.push(" | "+" ".repeat(Nr)+"^".repeat(yi))}else if(mt>xt){if(he>st){const Nr=Math.max(Math.min(he-st,jr),1);St.push(" | "+"^".repeat(Nr))}st+=jr+In}}break}return St.join(`
`)}var z="itemscope,allowfullscreen,formnovalidate,ismap,nomodule,novalidate,readonly",fe=n(z),Fe=n(z+",async,autofocus,autoplay,controls,default,defer,disabled,hidden,loop,open,required,reversed,scoped,seamless,checked,muted,multiple,selected"),nt=/[>/="'\u0009\u000a\u000c\u0020]/,We={};function tt(j){if(We.hasOwnProperty(j))return We[j];const oe=nt.test(j);return oe&&console.error(`unsafe attribute name: ${j}`),We[j]=!oe}var Pt={acceptCharset:"accept-charset",className:"class",htmlFor:"for",httpEquiv:"http-equiv"},Bt=n("animation-iteration-count,border-image-outset,border-image-slice,border-image-width,box-flex,box-flex-group,box-ordinal-group,column-count,columns,flex,flex-grow,flex-positive,flex-shrink,flex-negative,flex-order,grid-row,grid-row-end,grid-row-span,grid-row-start,grid-column,grid-column-end,grid-column-span,grid-column-start,font-weight,line-clamp,line-height,opacity,order,orphans,tab-size,widows,z-index,zoom,fill-opacity,flood-opacity,stop-opacity,stroke-dasharray,stroke-dashoffset,stroke-miterlimit,stroke-opacity,stroke-width"),De=n("accept,accept-charset,accesskey,action,align,allow,alt,async,autocapitalize,autocomplete,autofocus,autoplay,background,bgcolor,border,buffered,capture,challenge,charset,checked,cite,class,code,codebase,color,cols,colspan,content,contenteditable,contextmenu,controls,coords,crossorigin,csp, |
| URL: https://mycurricula.com/p/defense-coaching Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "You were almost phished, but I'm here to help!",
"prominent_button_name": "Next",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "file hosting"
} |
|
Edit tour
OUTLOOK.EXE (PID: 7124 cmdline: 
ai.exe (PID: 6428 cmdline: 
chrome.exe (PID: 4896 cmdline: 
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
