finance banking

English

PHPSESSID

The domain name 'northucrunion.com' uses the commercial generic top-level domain (.com). The second-level label 'northucrunion' is 13 characters long split between 5 vowels and eight consonants. Segmentation suggests four words: north, u, cr, union. Average segment length settles at 3.5 characters. No strong language cues emerged from the frequency lists.

acct_no

acct_password

login

html/4d/68/4d680826-02df-450b-8319-a392b17fb509.html.gz

require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr

require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes

193aa4e8c74782571fe80c33c69f93978a955c3fb7644f2135c747d98e575696

a6e7c8756667f3f480f1eff498654d182c65f0576c3828af374c4d74ffb55bd1

1c1c2ec41829211636686ac910a1f090d201a4508f15b05425af99196169b808

a4ec9d558eeb7bc7359fe7c4820deea2c951fdd8bd34cb0e15727412c7f6c634

e3414f979119f198d602006e67fce8956948983d6899c8d9cc17eebffc32c479

ab2d81d45430bda61ce61ed5556dfd0b83b613d592288f91d93fbb0c24b20d60

edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

90726872bcd80da5a3230ce4001b05bc34b44edf153d875622cf4e3e2fddccf0

58ff07b8e8840772419cd6ce798c3b7e1e4e8d39efddab72f82407bfcd51e565

0e24697d795236d0b673f19da3d12a174f65039d90490c089ebd8f56f2127afc

3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

dfa8eec1b9bca04c2568b54524800ce1d16b8dc4f8d70fc5d5e998a161640b34

faece9f8b739341a9082602ef320e3daf77ffd32747f5a54ab980fc4fa055f45

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

### Impact

Affected versions of this package are vulnerable to Prototype Pollution.  A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting.  If you allow users to insert custom HTML code blocks into your page/app via parsing Markdown code blocks (or similar) and do not filter the language names the user can provide you may be vulnerable. 

The pollution should just be harmless data but this can cause problems for applications not expecting these properties to exist and can result in strange behavior or application crashes, i.e. a potential DOS vector. 

_If your website or application does not render user provided data it should be unaffected._

### Patches

Versions 9.18.2 and 10.1.2 and newer include fixes for this vulnerability.  If you are using version 7 or 8 you are encouraged to upgrade to a newer release.

### Workarounds

#### Patch your library

Manually patch your library to create null objects for both `languages` and `aliases`:

```js
const HLJS = function(hljs) {
  // ...
  var languages = Object.create(null);
  var aliases = Object.create(null);
```

#### Filter out bad data from end users:

Filter the language names that users are allowed to inject into your HTML to guarantee they are valid.

### References

* [What is Prototype Pollution?](https://codeburst.io/what-is-prototype-pollution-49482fc4b638)
* https://github.com/highlightjs/highlight.js/pull/2636

### For more information

If you have any questions or comments about this advisory:

* Please file an issue against [highlight.js](https://github.com/highlightjs/highlight.js/issues/)

### Impact: Potential ReDOS vulnerabilities (exponential and polynomial RegEx backtracking)

[oswasp](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS): 

> The Regular expression Denial of Service (ReDoS) is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size). An attacker can then cause a program using a Regular Expression to enter these extreme situations and then hang for a very long time.

If are you are using Highlight.js to highlight user-provided data you are possibly vulnerable.  On the client-side (in a browser or Electron environment) risks could include lengthy freezes or crashes... On the server-side infinite freezes could occur... effectively preventing users from accessing your app or service (ie, Denial of Service).

This is an issue with grammars shipped with the parser (and potentially 3rd party grammars also), not the parser itself. If you are using Highlight.js with any of the following grammars you are vulnerable.  If you are using `highlightAuto` to detect the language (and have any of these grammars registered) you are vulnerable. Exponential grammars (C, Perl, JavaScript) are auto-registered when using the common grammar subset/library `require('highlight.js/lib/common')` as of 10.4.0 - see https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@10.4.0/build/highlight.js

All versions prior to 10.4.1 are vulnerable, including version 9.18.5. 

**Grammars with exponential backtracking issues:**

  - c-like (c, cpp, arduino)
  - handlebars (htmlbars)
  - gams
  - perl
  - jboss-cli
  - r
  - erlang-repl
  - powershell
  - routeros
  - livescript (10.4.0 and 9.18.5 included this fix)
  - javascript & typescript (10.4.0 included partial fixes)

And of course any aliases of those languages have the same issue. ie: `hpp` is no safer than `cpp`.

**Grammars with polynomial backtracking issues:**

- kotlin
- gcode
- d
- aspectj
- moonscript
- coffeescript/livescript
- csharp
- scilab
- crystal
- elixir
- basic
- ebnf
- ruby
- fortran/irpf90
- livecodeserver
- yaml
- x86asm
- dsconfig
- markdown
- ruleslanguage
- xquery
- sqf

And again: any aliases of those languages have the same issue. ie: `ruby` and `rb` share the same ruby issues.


### Patches

- Version 10.4.1 resolves these vulnerabilities.  Please upgrade.

### Workarounds / Mitigations

- Discontinue use the affected grammars. (or perhaps use only those with poly vs exponential issues)
- Attempt cherry-picking the grammar fixes into older versions...
- Attempt using newer CDN versions of any affected languages.  (ie using an older CDN version of the library with newer CDN grammars).  Your mileage may vary.

### References

- https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS

### For more information

If you have any questions or comments about this advisory:
* Open an issue: https://github.com/highlightjs/highlight.js/issues
* Email us at [security@highlightjs.com](mailto:security@highlightjs.com)

adad71e40b7017d7a4cff0154fb837d3d27972976c3363db2f1d30daf3991373

3338edbae92c1e2651ad43d31ead40d3a0f4f671fbc7b90329b6db0d3f6471cf

width=device-width, initial-scale=1, maximum-scale=1, shrink-to-fit=no

viewport

Upperlink Limited

NORTHUCRUNION.COM

Abuse

Google LLC

GOOGLE


    $(document).ready(function(){
        $(".numpad").hide();
        $('.input').click(function(){
            $('.numpad').fadeToggle('fast');
        });

        $('.del').click(function(){
            $('.input').val($('.input').val().substring(0,$('.input').val().length - 1));
        });
        $('.faq').click(function(){
            alert("Enter Your OTP Sent to you ");
        })
        $('.shuffle').click(function(){
            $('.input').val($('.input').val() + $(this).text());
            $('.shuffle').shuffle();
        });
        (function($){

            $.fn.shuffle = function() {

                var allElems = this.get(),
                    getRandom = function(max) {
                        return Math.floor(Math.random() * max);
                    },
                    shuffled = $.map(allElems, function(){
                        var random = getRandom(allElems.length),
                            randEl = $(allElems[random]).clone(true)[0];
                        allElems.splice(random, 1);
                        return randEl;
                    });

                this.each(function(i){
                    $(this).replaceWith($(shuffled[i]));
                });

                return $(shuffled);

            };

        })(jQuery);

    });



    $(function() {
        $('#datepicker').keypress(function(event) {
            event.preventDefault();
            return false;
        });
    });


Requests	IP Address	Location	AS Autonomous System
14	192.178.183.94	United States	AS15169Google LLC
12	142.250.186.74	United States	AS15169Google LLC
12	91.204.209.2	United Kingdom	AS52148Enix Ltd
38	3	-	-

Security Scan Report: northucrunion.com

Summary

AI Security Verdict

Confirmed Scam

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies7

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History