| URL: https://getvideoz.click Model: Joe Sandbox AI | {
"typosquatting": true,
"unusual_query_string": false,
"suspicious_tld": true,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": true,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://getvideoz.click |
| URL: https://ogs.google.com/widget/callout?prid=1904465... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is a legitimate Google Chrome safety notification callback. It contains standard parameters for displaying a Chrome security message, uses known Google domains, and follows expected data structure patterns. No suspicious behaviors or data exfiltration attempts are present."
} |
AF_initDataCallback({key: 'ds:0', hash: '1', data:[[null,"Chrome automatically protects you from online threats","Discover how Chrome keeps you safe, uniquely powered by Google AI","Learn more","No thanks","https://www.google.com/images/hpp/logo-chrome-color-1x-web-64dp.png","","https://www.google.com/url?q\u003dhttps://google.com/chrome/safety%3Fbrand%3DKFKH%26utm_source%3Dweb%26utm_medium%3Dntp%26utm_campaign%3DCAM\u0026source\u003dhpp\u0026id\u003d19044659\u0026ct\u003d7\u0026usg\u003dAOvVaw2qe1HVigpfInpHHORf5kKC","48","48",null,null,null,null,2,null,19044659,7,null,null,null,null,null,null,null,0,1,null,null,false,null,0,0,true,false]], sideChannel: {}});
|
| URL: https://ogs.google.com/widget/callout?prid=1904465... Model: Joe Sandbox AI | {
"risk_score": 1,
"reasoning": "This is a legitimate configuration object (WIZ_global_data) commonly used by Google services. It contains standard configuration parameters, no malicious indicators, and interacts with trusted Google domains (gstatic.com). The data structure is transparent and uses expected patterns for Google services."
} |
window.WIZ_global_data = {"DpimGf":false,"EP1ykd":["/_/*"],"FdrFJe":"4115765068541206075","Im6cmf":"/_/OneGoogleWidgetUi","LVIXXb":1,"LoQv7e":true,"MT7f9b":[],"MUE6Ne":"OneGoogleWidgetUi","NrSucd":false,"OwAJ6e":false,"QrtxK":"","Rf2tsb":0,"S06Grb":"","S6lZl":128566913,"TSDtV":"%.@.[[null,[[45459555,null,false,null,null,null,\"Imeoqb\"]],\"CAMSEx0W17TsEpiYsAb2rpoQCLWcDQg\\u003d\"]]]","UUFaWc":"%.@.null,1000,2]","Vvafkd":false,"Yllh3e":"%.@.1733497761484786,122274382,3392446133]","ZwjLXe":243,"cfb2h":"boq_onegooglehttpserver_20241202.10_p0","eptZe":"/_/OneGoogleWidgetUi/","fPDxwd":[45799888,48802160,97517170,97684533],"gGcLoe":false,"iCzhFc":false,"nQyAE":{},"p9hQne":"https://www.gstatic.com/_/boq-one-google/_/r/","qwAQke":"OneGoogleWidgetUi","rtQCxc":300,"u4g7r":"%.@.null,1000,2]","w2btAe":"%.@.null,null,\"\",true,null,null,true,false]","xn5OId":false,"xnI9P":true,"xwAfE":true,"y2FhP":"prod","yFnxrf":1884,"zChJod":"%.@.]"};
|
| URL: https://ogs.google.com/widget/callout?prid=1904465... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate performance monitoring script. It uses standard browser APIs (performance.now, performance.mark) to track page load metrics, image loading, and visibility. While it does modify window object properties and attach event listeners, these are typical patterns for performance monitoring. No data exfiltration, suspicious domains, or malicious behaviors detected."
} |
(function(){'use strict';var a=window,d=a.performance,l=k();a.cc_latency_start_time=d&&d.now?0:d&&d.timing&&d.timing.navigationStart?d.timing.navigationStart:l;function k(){return d&&d.now?d.now():(new Date).getTime()}function n(e){if(d&&d.now&&d.mark){var g=d.mark(e);if(g)return g.startTime;if(d.getEntriesByName&&(e=d.getEntriesByName(e).pop()))return e.startTime}return k()}a.onaft=function(){n("aft")};a._isLazyImage=function(e){return e.hasAttribute("data-src")||e.hasAttribute("data-ils")||e.getAttribute("loading")==="lazy"};
a.l=function(e){function g(b){var c={};c[b]=k();a.cc_latency.push(c)}function m(b){var c=n("iml");b.setAttribute("data-iml",c);return c}a.cc_aid=e;a.iml_start=a.cc_latency_start_time;a.css_size=0;a.cc_latency=[];a.ccTick=g;a.onJsLoad=function(){g("jsl")};a.onCssLoad=function(){g("cssl")};a._isVisible=function(b,c){if(!c||c.style.display=="none")return!1;var f=b.defaultView;if(f&&f.getComputedStyle&&(f=f.getComputedStyle(c),f.height=="0px"||f.width=="0px"||f.visibility=="hidden"))return!1;if(!c.getBoundingClientRect)return!0;
var h=c.getBoundingClientRect();c=h.left+a.pageXOffset;f=h.top+a.pageYOffset;if(f+h.height<0||c+h.width<0||h.height<=0||h.width<=0)return!1;b=b.documentElement;return f<=(a.innerHeight||b.clientHeight)&&c<=(a.innerWidth||b.clientWidth)};a._recordImlEl=m;document.documentElement.addEventListener("load",function(b){b=b.target;var c;b.tagName!="IMG"||b.hasAttribute("data-iid")||a._isLazyImage(b)||b.hasAttribute("data-noaft")||(c=m(b));if(a.aft_counter&&(b=a.aft_counter.indexOf(b),b!==-1&&(b=a.aft_counter.splice(b,
1).length===1,a.aft_counter.length===0&&b&&c)))a.onaft(c)},!0);a.prt=-1;a.wiz_tick=function(){var b=n("prt");a.prt=b}};}).call(this);
l('HgvS1c')
|
| URL: https://ogs.google.com/widget/callout?prid=1904465... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate performance monitoring and lazy loading script. It uses standard browser APIs (performance.now, mark, getBoundingClientRect) to track page load metrics and image visibility. Contains no data exfiltration, suspicious domains, or malicious behaviors. The code is from a common web performance measurement pattern."
} |
(function(){'use strict';var a=window,d=a.performance,l=k();a.cc_latency_start_time=d&&d.now?0:d&&d.timing&&d.timing.navigationStart?d.timing.navigationStart:l;function k(){return d&&d.now?d.now():(new Date).getTime()}function n(e){if(d&&d.now&&d.mark){var g=d.mark(e);if(g)return g.startTime;if(d.getEntriesByName&&(e=d.getEntriesByName(e).pop()))return e.startTime}return k()}a.onaft=function(){n("aft")};a._isLazyImage=function(e){return e.hasAttribute("data-src")||e.hasAttribute("data-ils")||e.getAttribute("loading")==="lazy"};
a.l=function(e){function g(b){var c={};c[b]=k();a.cc_latency.push(c)}function m(b){var c=n("iml");b.setAttribute("data-iml",c);return c}a.cc_aid=e;a.iml_start=a.cc_latency_start_time;a.css_size=0;a.cc_latency=[];a.ccTick=g;a.onJsLoad=function(){g("jsl")};a.onCssLoad=function(){g("cssl")};a._isVisible=function(b,c){if(!c||c.style.display=="none")return!1;var f=b.defaultView;if(f&&f.getComputedStyle&&(f=f.getComputedStyle(c),f.height=="0px"||f.width=="0px"||f.visibility=="hidden"))return!1;if(!c.getBoundingClientRect)return!0;
var h=c.getBoundingClientRect();c=h.left+a.pageXOffset;f=h.top+a.pageYOffset;if(f+h.height<0||c+h.width<0||h.height<=0||h.width<=0)return!1;
|
| URL: https://ogs.google.com/widget/callout?prid=1904465... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate Google Closure Library event handling script with proper copyright notices. It implements event delegation and cross-browser compatibility. While it uses some DOM manipulation and event listeners, these are standard practices. The code is minified but not maliciously obfuscated, and it operates within the expected scope of event handling functionality."
} |
(function(){'use strict';function e(){var a=g,b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
var l=this||self;/*
Copyright 2024 Google, Inc
SPDX-License-Identifier: MIT
*/
var m=["focus","blur","error","load","toggle"];function n(a){return a==="mouseenter"?"mouseover":a==="mouseleave"?"mouseout":a==="pointerenter"?"pointerover":a==="pointerleave"?"pointerout":a};function p(a){this.l={};this.m={};this.i=null;this.g=[];this.o=a}p.prototype.handleEvent=function(a,b,c){q(this,{eventType:a,event:b,targetElement:b.target,eic:c,timeStamp:Date.now(),eia:void 0,eirp:void 0,eiack:void 0})};function q(a,b){if(a.i)a.i(b);else{b.eirp=!0;var c;(c=a.g)==null||c.push(b)}}
function r(a,b,c){if(!(b in a.l)&&a.o){var d=function(h,f,B){a.handleEvent(h,f,B)};a.l[b]=d;c=n(c||b);if(c!==b){var k=a.m[c]||[];k.push(b);a.m[c]=k}a.o.addEventListener(c,function(h){return function(f){d(b,f,h)}},void 0)}}p.prototype.j=function(a){return this.l[a]};p.prototype.ecrd=function(a){this.i=a;var b;if((b=this.g)==null?0:b.length){for(a=0;a<this.g.length;a++)q(this,this.g[a]);this.g=null}};var t=typeof navigator!=="undefined"&&/iPhone|iPad|iPod/.test(navigator.userAgent);function u(a){this.g=a;this.i=[]}u.prototype.addEventListener=function(a,b,c){t&&(this.g.style.cursor="pointer");var d=this.i,k=d.push,h=this.g;b=b(this.g);var f=!1;m.indexOf(a)>=0&&(f=!0);h.addEventListener(a,b,typeof c==="boolean"?{capture:f,passive:c}:f);k.call(d,{eventType:a,j:b,capture:f,passive:c})};var g="click dblclick focus focusin blur error focusout keydown keyup keypress load mouseover mouseout mouseenter mouseleave submit toggle touchstart touchend touchmove touchcancel auxclick change compositionstart compositionupdate compositionend beforeinput input select textinput copy cut paste mousedown mouseup wheel contextmenu dragover dragenter dragleave drop dragstart dragend pointerdown pointermove pointerup pointercancel pointerenter pointerleave pointerover pointerout gotpointercapture lostpointercapture ended loadedmetadata pagehide pageshow visibilitychange beforematch".split(" ");
if(!(g instanceof Array)){var v;var w=typeof Symbol!="undefined"&&Symbol.iterator&&g[Symbol.iterator];if(w)v=w.call(g);else if(typeof g.length=="number")v={next:e()};else throw Error(String(g)+" is not an iterable or ArrayLike");for(var x,y=[];!(x=v.next()).done;)y.push(x.value)};var z=function(a){return{trigger:function(b){var c=a.j(b.type);c||(r(a,b.type),c=a.j(b.type));var d=b.target||b.srcElement;c&&c(b.type,b,d.ownerDocument.documentElement)},configure:function(b){b(a)}}}(function(){var a=window,b=new u(a.document.documentElement),c=new p(b);g.forEach(function(h){return r(c,h)});var d,k;"onwebkitanimationend"in a&&(d="webkitAnimationEnd");r(c,"animationend",d);"onwebkittransitionend"in a&&(k="webkitTransitionEnd");r(c,"transitionend",k);return{s:c,u:b}}().s),A=["BOQ_wizbind"],
C=window||l;A[0]in C||typeof C.execScript=="undefined"||C.execScript("var "+A[0]);for(var D;A.length&&(D=A.shift());)A.length||z===void 0?C[D]&&C[D]!==Object.prototype[D]?C=C[D]:C=C[D]={}:C[D]=z;}).call(this);
|
| URL: https://ogs.google.com/widget/callout?prid=1904465... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate event handling library, likely from Google (based on copyright notices). It implements standard DOM event handling with safety checks and iOS compatibility. The code uses best practices like 'use strict' and contains no high-risk behaviors like eval() or suspicious data transmission. The only minor risk factors are DOM manipulation and event listening capabilities, which are standard for UI libraries."
} |
(function(){'use strict';function e(){var a=g,b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
var l=this||self;/*
Copyright 2024 Google, Inc
SPDX-License-Identifier: MIT
*/
var m=["focus","blur","error","load","toggle"];function n(a){return a==="mouseenter"?"mouseover":a==="mouseleave"?"mouseout":a==="pointerenter"?"pointerover":a==="pointerleave"?"pointerout":a};function p(a){this.l={};this.m={};this.i=null;this.g=[];this.o=a}p.prototype.handleEvent=function(a,b,c){q(this,{eventType:a,event:b,targetElement:b.target,eic:c,timeStamp:Date.now(),eia:void 0,eirp:void 0,eiack:void 0})};function q(a,b){if(a.i)a.i(b);else{b.eirp=!0;var c;(c=a.g)==null||c.push(b)}}
function r(a,b,c){if(!(b in a.l)&&a.o){var d=function(h,f,B){a.handleEvent(h,f,B)};a.l[b]=d;c=n(c||b);if(c!==b){var k=a.m[c]||[];k.push(b);a.m[c]=k}a.o.addEventListener(c,function(h){return function(f){d(b,f,h)}},void 0)}}p.prototype.j=function(a){return this.l[a]};p.prototype.ecrd=function(a){this.i=a;var b;if((b=this.g)==null?0:b.length){for(a=0;a<this.g.length;a++)q(this,this.g[a]);this.g=null}};var t=typeof navigator!=="undefined"&&/iPhone|iPad|iPod/.test(navigator.userAgent);function u(a){this.g=a;this.i=[]}u.prototype.addEventListener=function(a,b,c){t&&(this.g.style.cursor="pointer");var d=this.i,k=d.push,h=this.g;b=b(this.g);var f=!1;m.indexOf(a)>=0&&(f=!0);h.addEventListener(a,b,typeof c==="boolean"?{capture:f,passive:c}:f);k.call(d,{eventType:a,j:b,capture:f,passive:c})};var g="click dblclick focus focusin blur error focusout keydown keyup keypress load mouseover mouseout mouseenter mouseleave submit toggle touchstart touchend touchmove touchcancel auxclick change compositionstart compositionupdate compositionend
|
| URL: https://ogs.google.com/widget/callout?prid=1904465... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This is a Google Above-the-Fold Time (AFT) measurement script. It tracks image loading performance by monitoring images above the fold (visible viewport). Uses standard DOM APIs and contains no malicious patterns. Only low-risk behaviors observed: DOM manipulation for performance metrics and internal tracking. No data exfiltration or suspicious domains involved."
} |
(function(){'use strict';var c=window,d=[];c.aft_counter=d;var e=[],f=0;function _recordIsAboveFold(a){if(!c._isLazyImage(a)&&!a.hasAttribute("data-noaft")&&a.src){var b=(c._isVisible||function(){})(c.document,a);a.setAttribute("data-atf",b);b&&(e.indexOf(a)!==-1||d.indexOf(a)!==-1||a.complete||d.push(a),a.hasAttribute("data-iml")&&(a=Number(a.getAttribute("data-iml")),a>f&&(f=a)))}}
c.initAft=function(){f=0;e=Array.prototype.slice.call(document.getElementsByTagName("img")).filter(function(a){return!!a.getAttribute("data-iml")});[].forEach.call(document.getElementsByTagName("img"),function(a){try{_recordIsAboveFold(a)}catch(b){throw b.message=a.hasAttribute("data-iid")?b.message+"\nrecordIsAboveFold error for defer inlined image":b.message+("\nrecordIsAboveFold error for img element with <src: "+a.src+">"),b;}});if(d.length===0)c.onaft(f)};}).call(this);
initAft()
|
| URL: https://ogs.google.com/widget/callout?prid=1904465... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate Google Closure Library script for dialog/modal functionality. It uses message passing between frames (postMessage) and handles dialog dismissal events. While it does interact with the parent window and performs DOM manipulation, these are standard practices for modal dialogs. The code is well-structured, uses strict mode, and follows security best practices like origin checking. The only minor risk factors are DOM manipulation and cross-window communication, but these are implemented safely."
} |
'use strict';/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
function h(a){var b=typeof a;return b=="object"&&a!=null||b=="function"};function k(a,b){a&&(a=a.parentNode);for(var d=0;a;){if(b(a))return a;a=a.parentNode;d++}return null};function n(a){var b=document.querySelector('[data-ogmv] > [role="dialog"]');return b?b.hasAttribute("data-"+a):!1}function p(a){return h(a)&&a.nodeType==1&&a.hasAttribute("data-dismiss")?a:(a=k(a,function(b){return h(b)&&b.nodeType==1&&b.hasAttribute("data-dismiss")}))?a:null};function q(a){this.data=a};function r(a){this.h=a}function t(a,b){u(a,b);return new r(a)}function w(a){var b=new MessageChannel;u(b.port1,a);return b}function u(a,b){b&&(a.onmessage=function(d){var c=d.data;t(d.ports[0]);b(new q(c))})};var x=/#|$/;function y(a){var b=z,d=b.search(x);a:{var c=0;for(var e=a.length;(c=b.indexOf(a,c))>=0&&c<d;){var f=b.charCodeAt(c-1);if(f==38||f==63)if(f=b.charCodeAt(c+e),!f||f==61||f==38||f==35)break a;c+=e+1}c=-1}if(c<0)return null;e=b.indexOf("&",c);if(e<0||e>d)e=d;c+=a.length+1;return decodeURIComponent(b.slice(c,e!==-1?e:0).replace(/\+/g," "))};var z=window.location.href,A="ogi_"+(y("cn")||""),B;
function C(a,b){b=b===void 0?{}:b;if(!B){var d=y("origin")||"",c={destination:window.parent,origin:d,g:A,onMessage:void 0};d=c.destination;var e=c.origin;var f=c.i===void 0?void 0:c.i;var g=c.g===void 0?"ZNWN1d":c.g;c=c.onMessage===void 0?void 0:c.onMessage;if(e==="*")throw Error("Sending to wildcard origin not allowed.");var v=w(c),l={};f=f?(l.n=g,l.t=f,l):g;d.postMessage(f,e,[v.port2]);B=t(v.port1,c)}a={event:a,data:b};b=B;var m=m===void 0?[]:m;d=w();b.h.postMessage(a,[d.port2].concat(m))};C("_startuploaded",{wt:"c"});
(function(a,b){a.addEventListener("click",function(d){if(d.target){var c;if(c=p(d.target)){var e=c.getAttribute("data-dismiss");var f=c.getAttribute("data-cmd");var g=c.hasAttribute("data-nd");c=parseInt(c.getAttribute("data-aei"),10);e&&e.match(/^[A-Za-z]{1,3}$/)&&(g&&!f?b(e,c,g):f?b(e,c,g,f,{middleButton:d.button===1,altKey:d.altKey,ctrlKey:d.ctrlKey,metaKey:d.metaKey,shiftKey:d.shiftKey}):b(e,c))}}})})(document,function(a,b,d,c,e){d?C("dismiss",{type:a,nd:d,cmd:c,clickInfo:e,aei:b}):C("dismiss",
{type:a,cmd:c,clickInfo:e,aei:b})});
(function(a){document.readyState==="loading"?document.addEventListener("DOMContentLoaded",function(){a()}):a()})(function(){window.setTimeout(function(){var a,b=document.querySelector('[data-ogmv] > [role="dialog"]');if(a=b?{width:Math.min(Math.max(b.scrollWidth+10,370),500),height:Math.min(Math.max(b.scrollHeight+10,180),500)}:null){b=a.height+"px";a=a.width+"px";var d=n("icss"),c=n("dc");b=b===void 0?"":b;a=a===void 0?"":a;d=d===void 0?!1:d;c=c===void 0?!1:c;var e={wt:"c"};if(document.querySelector("[data-ogmv]")!=
null){var f=window.performance&&window.performance.timing;e.ttf=f&&f.responseEnd&&f.fetchStart?f.responseEnd-f.fetchStart:null;b&&(e.height=b);a&&(e.width=a);e.icss=d;e.dc=c;C("_renderstart",e)}else C("_renderfailed",e)}},100)});
|
| URL: chrome://newtab Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: chrome://newtab |
| URL: https://www.gstatic.com/_/mss/boq-one-google/_/js/... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "This appears to be a legitimate Google widget initialization script with standard Google Closure Library code. It contains copyright notices and uses strict mode. While it includes DOM manipulation capabilities, it's from a trusted source (Google) and follows standard security practices. The code is minified but not maliciously obfuscated."
} |
"use strict";this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi||{};(function(_){var window=this;
try{
_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x30183080, 0x6c, ]);
/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
/*
Copyright Google LLC
SPDX-License-Identifier: Apache-2.0
*/
/*
SPDX-License-Identifier: Apache-2.0
*/
/*
Copyright 2024 Google, Inc
SPDX-License-Identifier: MIT
*/
var ia,aaa,Ga,baa,Ja,cb,sb,eaa,Mb,Rb,Sb,Tb,Ub,Wb,Xb,Yb,ac,faa,gaa,cc,ec,lc,oc,qc,haa,wc,xc,yc,Ec,jaa,laa,Jc,Kc,Qc,Tc,Vc,Yc,Zc,Uc,bd,cd,paa,rd,sd,td,qaa,Bd,raa,Fd,saa,taa,uaa,Ld,vaa,Ud,xe,Ae,Ie,Ge,Je,y,Ve,bf,ef,qf,Aaa,Baa,Caa,Daa,vf,zf,Faa,Gaa,Haa,Iaa,Jaa,Kaa,Yf,Laa,Maa,Naa,vg,zg,Taa,Raa,Kg,Xaa,Pg,Sg,Zaa,$aa,Ug,hh,dba,eba,nh,fba,yh,gba,Ch,hba,iba,Qh,Rh,Sh,jba,kba,Vh,mba,nba,Zh,$h,rba,tba,uba,vba,wba,xba,yba,zba,Bba,Cba,Dba,Fba,Gba,aa,ti,ui,Hba,wi,Ci,Kba,Gi,Lba,Mba,Nba,Pi,Qi,Oba,Pba;
_.ba=function(a){return function(){return aa[a].apply(this,arguments)}};_.ca=function(a,b){return aa[a]=b};_.ea=function(a){_.da.setTimeout(function(){throw a;},0)};_.fa=function(a){a&&typeof a.dispose=="function"&&a.dispose()};ia=function(a){for(var b=0,c=arguments.length;b<c;++b){var d=arguments[b];_.ha(d)?ia.apply(null,d):_.fa(d)}};
_.ja=function(a,b){if(Error.captureStackTrace)Error.captureStackTrace(this,_.ja);else{var c=Error().stack;c&&(this.stack=c)}a&&(this.message=String(a));b!==void 0&&(this.cause=b);this.j=!0};_.ka=function(a){return a[a.length-1]};_.la=function(a,b,c){for(var d=typeof a==="string"?a.split(""):a,e=a.length-1;e>=0;--e)e in d&&b.call(c,d[e],e,a)};_.oa=function(a,b,c){b=_.ma(a,b,c);return b<0?null:typeof a==="string"?a.charAt(b):a[b]};
_.ma=function(a,b,c){for(var d=a.length,e=typeof a==="string"?a.split(""):a,f=0;f<d;f++)if(f in e&&b.call(c,e[f],f,a))return f;return-1};_.qa=function(a,b){return(0,_.pa)(a,b)>=0};_.ra=function(a,b){_.qa(a,b)||a.push(b)};_.ta=function(a,b){b=(0,_.pa)(a,b);var c;(c=b>=0)&&_.sa(a,b);return c};_.sa=function(a,b){return Array.prototype.splice.call(a,b,1).length==1};_.ua=function(a){return Array.prototype.concat.apply([],arguments)};
_.va=function(a){var b=a.length;if(b>0){for(var c=Array(b),d=0;d<b;d++)c[d]=a[d];return c}return[]};_.wa=function(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(_.ha(d)){var e=a.length||0,f=d.length||0;a.length=e+f;for(var g=0;g<f;g++)a[e+g]=d[g]}else a.push(d)}};_.xa=function(a,b,c){return arguments.length<=2?Array.prototype.slice.call(a,b):Array.prototype.slice.call(a,b,c)};
_.Ba=function(a,b){b=b||a;for(var c=0,d=0,e={};d<a.length;){var f=a[d++],g=_.ya(f)?"o"+_.Aa(f):(typeof f).charAt(0)+f;Object.prototype.hasOwnProperty.call(e,g)||(e[g]=!0,b[c++]=f)}b.length=c};_.Ca=function(a,b){if(!_.ha(a)||!_.ha(b)||a.length!=b.length)return!1;for(var c=a.length,d=aaa,e=0;e<c;e++)if(!d(a[e],b[e]))return!1;return!0};_.Da=function(a,b){return a>b?1:a<b?-1:0};aaa=function(a,b){return a===b};_.Fa=function(a,b){var c={};(0,_.Ea)(a,function(d,e){c[b.call(void 0,d,e,a)]=d});return c};
Ga=function(a){return{valueOf:a}.valueOf()};baa=function(){var a=null;if(!Ha)return a;try{var b=function(c){return c};a=Ha.createPolicy("OneGoogleWidgetUi#html",{createHTML:b,createScript:b,createScriptURL:b})}catch(c){}return a};Ja=function(){Ia===void 0&&(Ia=baa());return Ia};_.Ma=function(a){var b=Ja();return new _.Ka(_.La,b?b.createHTML(a):a)};_.Na=function(a){return a instanceof _.Ka};_.Oa=function(a){if(_.Na(a))return a.j;throw Error("B");};
_.Qa=function(a){return"function"==typeof _.Pa&&a instanceof _.Pa};_.Ra=function(a){if(_.Qa(a))return a.j;throw Error("B");};_.Ta=function(a){var b=Ja();return new _.Sa(_.La,b?b.createScriptURL(a):a)};_.Va=function(a){return a instanceof _.Sa};_.Xa=function(a){if(_.Va(a))return a.j;throw Error("B");};_.Za=function(a){return new _.Ya(_.La,a)};_.$a=function(a){return a instanceof _.Ya};_.ab=function(a){i |
| URL: https://www.gstatic.com/_/mss/boq-one-google/_/js/... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The code appears to be a legitimate Google widget UI implementation with standard DOM manipulation and CSS handling. While it contains DOM manipulation methods and attribute setters, these are typical for UI widgets. The code uses strict mode and follows secure coding practices. No high-risk behaviors like eval() or suspicious data transmission are present."
} |
"use strict";_F_installCss(".KL4X6e{background:#eee;bottom:0;left:0;opacity:0;position:absolute;right:0;top:0}.TuA45b{opacity:.8}sentinel{}");
this.default_OneGoogleWidgetUi=this.default_OneGoogleWidgetUi||{};(function(_){var window=this;
try{
_.xA=function(a,b,c,d,e,f,g){var h=(0,_.Pd)(a.va);_.Fc(h);a=_.je(a,h,c,b,2,f,!0);if(g){if(typeof e!=="number"||e<0||e>a.length)throw Error();}else d=d!=null?d:new c;e!=void 0?a.splice(e,g,d):a.push(d);(0,_.Dc)(d.va)&2?(0,_.El)(a,8):(0,_.El)(a,16)};_.zA=function(a){if(a instanceof _.yA)return a.j;throw Error("B");};_.AA=function(a){return new _.yA(_.La,a[0].toLowerCase())};
_.BA=function(a,b,c,d){if(a.length===0)throw Error("B");a=a.map(function(f){return _.zA(f)});var e=c.toLowerCase();if(a.every(function(f){return e.indexOf(f)!==0}))throw Error("ma`"+c);b.setAttribute(c,d)};_.At.prototype.kc=_.ca(28,function(){return this.j.length==0?null:new _.I(this.j[0])});_.I.prototype.kc=_.ca(27,function(){return this});_.At.prototype.Ja=_.ca(26,function(){return this.j.length?this.j[0]:null});_.I.prototype.Ja=_.ca(25,function(){return this.j[0]});
_.CA=function(a){var b=_.Dm(a);b===null&&_.Bm(a);return b};_.DA=function(a,b,c){if(!b&&!c)return null;var d=b?String(b).toUpperCase():null;return _.vh(a,function(e){return(!d||e.nodeName==d)&&(!c||typeof e.className==="string"&&_.qa(e.className.split(/\s+/),c))},!0)};_.EA=function(a){return a.j.slice()};_.yA=function(a,b){this.j=b};_.yA.prototype.toString=function(){return this.j};_.FA=function(a){return a instanceof _.I?a:new _.I(_.Gt(a))};_.O=function(){_.F.call(this)};_.D(_.O,_.F);_.O.W=function(){return{}};_.O.prototype.Ud=function(a){_.rr(this,a)};_.O[_.gg]=function(){return!0};var mha=function(a,b){var c=_.Fb(b).map(function(d){return _.dg(d)}).filter(function(d){return d instanceof _.Ke});_.$n(_.cg.Ta(),c);return _.Db(b,function(d){return _.ng(d,a.Xd())})};_.Re({service:function(a,b){return mha(a,b)}},!0);
_.mi(_.Rp);
var oha,IA,nha,qha,pha;_.GA=function(a,b){a=_.nb(a);return _.Ma(b.map(function(c){return _.Oa(_.nb(c))}).join(_.Oa(a).toString()))};_.HA=function(a){return _.GA("",a)};oha=function(a){if(!IA.test(a))throw Error("B");if(nha.indexOf(a.toUpperCase())!==-1)throw Error("B");};
_.JA=function(a){for(var b="",c=Object.keys(a),d=0;d<c.length;d++){var e=c[d],f=a[e];if(!IA.test(e))throw Error("B");if(f!==void 0&&f!==null){if(/^on./i.test(e))throw Error("B");pha.indexOf(e.toLowerCase())!==-1&&(f=_.$a(f)?f.toString():_.gb(String(f))||"about:invalid#zClosurez");f=e+'="'+_.nb(String(f))+'"';b+=" "+f}}return b};
_.KA=function(a,b,c){oha(a);var d="<"+a;b&&(d+=_.JA(b));Array.isArray(c)||(c=c===void 0?[]:[c]);qha.indexOf(a.toUpperCase())!==-1?d+=">":(b=_.HA(c.map(function(e){return _.Na(e)?e:_.nb(String(e))})),d+=">"+b.toString()+"</"+a+">");return _.Ma(d)};_.LA=function(a){for(var b=[],c=0;c<arguments.length;c++){var d=arguments[c];if(Array.isArray(d))for(var e=0;e<d.length;e+=8192)for(var f=_.LA.apply(null,_.xa(d,e,e+8192)),g=0;g<f.length;g++)b.push(f[g]);else b.push(d)}return b};
_.MA=function(a,b){b=_.hb(b);b!==void 0&&(a.href=b)};_.NA=function(a,b){var c=c===void 0?0:c;return _.ke(_.Sl(a,b),c)};_.OA=function(a,b,c){this.l=a;this.j=b;this.o=c===void 0?null:c};_.OA.prototype.Bb=function(){return this.l};_.Th.prototype.Rg=_.ca(23,function(a){this.oa=a.replace(_.Es,"_")});_.Af.prototype.Mg=_.ca(6,function(a,b){return new _.OA(this,a,b===void 0?null:b)});
_.Oq.prototype.Mg=_.ca(5,function(){try{if(!this.j)return null;if("response"in this.j)return this.j.response;switch(this.na){case "":case "text":return this.j.responseText;case "arraybuffer":if("mozResponseArrayBuffer"in this.j)return this.j.mozResponseArrayBuffer}return null}catch(a){return null}});IA=/^[a-z][a-z\d-]*$/i;nha="APPLET BASE EMBED IFRAME LINK MATH META OBJECT SCRIPT STYLE SVG TEMPLATE".split(" ");qha="AREA BR COL COMMAND HR IMG INPUT KEYGEN PARAM SOURCE TRACK WBR".split(" ");
pha=["action","formaction","href"];_.PA=function(a,b){var c=c===void 0?0:c;a=a.va;var d=(0,_.Pd)(a),e=_.de(a,d,b);var |
| URL: https://www.google.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://www.google.com |
| URL: https://www.google.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://www.google.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://www.google.com/ Model: Joe Sandbox AI | {
"brands": [
"Google"
]
} |
|
| URL: https://www.google.com/ Model: Joe Sandbox AI | {
"brands": [
"Google"
]
} |
|
| URL: https://google.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://google.com |
| URL: https://www.google.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://www.google.com/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false
} |
 |
| URL: https://www.google.com/ Model: Joe Sandbox AI | {
"brands": [
"Google"
]
} |
|
| URL: https://www.google.com/ Model: Joe Sandbox AI | {
"brands": [
"Google"
]
} |
|
Edit tour
chrome.exe (PID: 6968 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node