Is "OnHand" on Chrome Web Store Safe to Install?
OnHand is a lightweight and elegant browser extension designed to transform your new tab page into a central hub for your favorite websites. Say goodbye to scattered bookmarks and embrace a clean, intuitive way to access your digital world directly from where you start browsing. Crafted with a minimalist aesthetic and leveraging Material Design principles, OnHand offers a seamless and visually pleasing experience. It's built for those who value simplicity, efficiency, and privacy. ✨ Features That Make Browsing Smoother - Effortless Bookmark Management: Add and organize your favorite sites with unparalleled ease. - Tab-Based Grouping: Keep your bookmarks neatly categorized using intuitive groups organized as tabs, decluttering your digital space. - Private Data Control: Your data stays yours. Easily load and save your bookmarks to a local file, ensuring full control without relying on clouds or accounts. - System Theme Sync: Enjoy a comfortable viewing experience with automatic light and dark theme switching that respects your operating system's preferences. OnHand is a free and open-source project, committed to empowering users without hidden costs or data compromises.
Risk Assessment
Analyzed498 security findings detected across all analyzers
Chrome extension requesting 4 permissions
Severity Breakdown
Finding Categories
YARA Rules Matched
11 rules(36 hits)Requested Permissions
4 permissionsAccess and modify data on every website you visit
About This Extension
Detailed Findings
38 totalYARA Rule Matches
11 rulesIndicators of Compromise
Network indicators, suspicious strings, and potential IoCs extracted during analysis
All Indicators · 458
detected Domain: date.now XIOC detected Domain: date.now
extracted_from_files
detected IP: face::bef XIOC detected IP: face::bef
extracted_from_files
detected IP: ::bac XIOC detected IP: ::bac
extracted_from_files
detected IP: e::bef XIOC detected IP: e::bef
extracted_from_files
detected IP: ::bef XIOC detected IP: ::bef
extracted_from_files
detected IP: 4:: XIOC detected IP: 4::
extracted_from_files
detected IP: 3:: XIOC detected IP: 3::
extracted_from_files
detected IP: 7:: XIOC detected IP: 7::
extracted_from_files
detected IP: a::bef XIOC detected IP: a::bef
extracted_from_files
detected IP: d::af XIOC detected IP: d::af
extracted_from_files
detected IP: e:: XIOC detected IP: e::
extracted_from_files
detected IP: ed::af XIOC detected IP: ed::af
extracted_from_files
detected IP: e::af XIOC detected IP: e::af
extracted_from_files
detected IP: ab::bef XIOC detected IP: ab::bef
extracted_from_files
detected Domain: t.constructor.name XIOC detected Domain: t.constructor.name
extracted_from_files
detected Domain: x1.call XIOC detected Domain: x1.call
extracted_from_files
detected Domain: ad.call XIOC detected Domain: ad.call
extracted_from_files
detected Domain: www.apache.org XIOC detected Domain: www.apache.org
extracted_from_files
detected Domain: angular.dev XIOC detected Domain: angular.dev
extracted_from_files
detected IP: ::f XIOC detected IP: ::f
extracted_from_files
detected IP: d:: XIOC detected IP: d::
extracted_from_files
detected Domain: n.gt XIOC detected Domain: n.gt
extracted_from_files
detected Domain: n.lt XIOC detected Domain: n.lt
extracted_from_files
detected Domain: wt.bn XIOC detected Domain: wt.bn
extracted_from_files
detected Domain: zt.bn XIOC detected Domain: zt.bn
extracted_from_files
detected Domain: kt.ar XIOC detected Domain: kt.ar
extracted_from_files
detected Domain: wt.ar XIOC detected Domain: wt.ar
extracted_from_files
detected Domain: zt.ar XIOC detected Domain: zt.ar
extracted_from_files
detected Domain: n.no XIOC detected Domain: n.no
extracted_from_files
detected Domain: o.call XIOC detected Domain: o.call
extracted_from_files
detected Domain: e.call XIOC detected Domain: e.call
extracted_from_files
detected Domain: tostring.call XIOC detected Domain: tostring.call
extracted_from_files
detected Domain: s.search XIOC detected Domain: s.search
extracted_from_files
detected Domain: n.host XIOC detected Domain: n.host
extracted_from_files
detected Domain: object.prototype.tostring.call XIOC detected Domain: object.prototype.tostring.call
extracted_from_files
detected Domain: hotmail.be XIOC detected Domain: hotmail.be
extracted_from_files
detected Domain: hotmail.at XIOC detected Domain: hotmail.at
extracted_from_files
detected Domain: s.cc XIOC detected Domain: s.cc
extracted_from_files
detected Domain: n.case XIOC detected Domain: n.case
extracted_from_files
detected Domain: n.search XIOC detected Domain: n.search
extracted_from_files
detected Domain: hasownproperty.call XIOC detected Domain: hasownproperty.call
extracted_from_files
detected Domain: e.next XIOC detected Domain: e.next
extracted_from_files
detected Domain: hotmail.com.ar XIOC detected Domain: hotmail.com.ar
extracted_from_files
detected Domain: hotmail.co.uk XIOC detected Domain: hotmail.co.uk
extracted_from_files
detected Domain: hotmail.co.th XIOC detected Domain: hotmail.co.th
extracted_from_files
detected Domain: hotmail.co.nz XIOC detected Domain: hotmail.co.nz
extracted_from_files
detected Domain: hotmail.co.il XIOC detected Domain: hotmail.co.il
extracted_from_files
detected Domain: hotmail.cl XIOC detected Domain: hotmail.cl
extracted_from_files
detected Domain: hotmail.ca XIOC detected Domain: hotmail.ca
extracted_from_files
detected Domain: hotmail.com.vn XIOC detected Domain: hotmail.com.vn
extracted_from_files
detected Domain: hotmail.com.tr XIOC detected Domain: hotmail.com.tr
extracted_from_files
detected Domain: hotmail.com.pe XIOC detected Domain: hotmail.com.pe
extracted_from_files
detected Domain: hotmail.com.mx XIOC detected Domain: hotmail.com.mx
extracted_from_files
detected Domain: hotmail.com.gr XIOC detected Domain: hotmail.com.gr
extracted_from_files
detected Domain: hotmail.com.br XIOC detected Domain: hotmail.com.br
extracted_from_files
detected Domain: hotmail.com.au XIOC detected Domain: hotmail.com.au
extracted_from_files
detected Domain: hotmail.id XIOC detected Domain: hotmail.id
extracted_from_files
detected Domain: hotmail.hu XIOC detected Domain: hotmail.hu
extracted_from_files
detected Domain: hotmail.fr XIOC detected Domain: hotmail.fr
extracted_from_files
detected Domain: hotmail.es XIOC detected Domain: hotmail.es
extracted_from_files
detected Domain: hotmail.dk XIOC detected Domain: hotmail.dk
extracted_from_files
detected Domain: hotmail.de XIOC detected Domain: hotmail.de
extracted_from_files
detected Domain: hotmail.cz XIOC detected Domain: hotmail.cz
extracted_from_files
detected Domain: hotmail.my XIOC detected Domain: hotmail.my
extracted_from_files
detected Domain: hotmail.lv XIOC detected Domain: hotmail.lv
extracted_from_files
detected Domain: hotmail.kr XIOC detected Domain: hotmail.kr
extracted_from_files
detected Domain: hotmail.jp XIOC detected Domain: hotmail.jp
extracted_from_files
detected Domain: hotmail.it XIOC detected Domain: hotmail.it
extracted_from_files
detected Domain: hotmail.in XIOC detected Domain: hotmail.in
extracted_from_files
detected Domain: hotmail.ie XIOC detected Domain: hotmail.ie
extracted_from_files
detected Domain: live.co.uk XIOC detected Domain: live.co.uk
extracted_from_files
detected Domain: live.be XIOC detected Domain: live.be
extracted_from_files
detected Domain: hotmail.sk XIOC detected Domain: hotmail.sk
extracted_from_files
detected Domain: hotmail.sg XIOC detected Domain: hotmail.sg
extracted_from_files
detected Domain: hotmail.sa XIOC detected Domain: hotmail.sa
extracted_from_files
detected Domain: hotmail.pt XIOC detected Domain: hotmail.pt
extracted_from_files
detected Domain: hotmail.ph XIOC detected Domain: hotmail.ph
extracted_from_files
detected Domain: live.it XIOC detected Domain: live.it
extracted_from_files
detected Domain: live.fr XIOC detected Domain: live.fr
extracted_from_files
detected Domain: live.eu XIOC detected Domain: live.eu
extracted_from_files
detected Domain: live.es XIOC detected Domain: live.es
extracted_from_files
detected Domain: live.de XIOC detected Domain: live.de
extracted_from_files
detected Domain: live.com.mx XIOC detected Domain: live.com.mx
extracted_from_files
detected Domain: live.com.ar XIOC detected Domain: live.com.ar
extracted_from_files
detected Domain: outlook.co.th XIOC detected Domain: outlook.co.th
extracted_from_files
detected Domain: outlook.co.nz XIOC detected Domain: outlook.co.nz
extracted_from_files
detected Domain: outlook.co.il XIOC detected Domain: outlook.co.il
extracted_from_files
detected Domain: outlook.cl XIOC detected Domain: outlook.cl
extracted_from_files
detected Domain: outlook.be XIOC detected Domain: outlook.be
extracted_from_files
detected Domain: outlook.at XIOC detected Domain: outlook.at
extracted_from_files
detected Domain: live.nl XIOC detected Domain: live.nl
extracted_from_files
detected Domain: outlook.com.vn XIOC detected Domain: outlook.com.vn
extracted_from_files
detected Domain: outlook.com.tr XIOC detected Domain: outlook.com.tr
extracted_from_files
detected Domain: outlook.com.pe XIOC detected Domain: outlook.com.pe
extracted_from_files
detected Domain: outlook.com.gr XIOC detected Domain: outlook.com.gr
extracted_from_files
detected Domain: outlook.com.br XIOC detected Domain: outlook.com.br
extracted_from_files
detected Domain: outlook.com.au XIOC detected Domain: outlook.com.au
extracted_from_files
detected Domain: outlook.com.ar XIOC detected Domain: outlook.com.ar
extracted_from_files
detected Domain: outlook.id XIOC detected Domain: outlook.id
extracted_from_files
detected Domain: outlook.hu XIOC detected Domain: outlook.hu
extracted_from_files
detected Domain: outlook.fr XIOC detected Domain: outlook.fr
extracted_from_files
detected Domain: outlook.es XIOC detected Domain: outlook.es
extracted_from_files
detected Domain: outlook.cz XIOC detected Domain: outlook.cz
extracted_from_files
detected Domain: outlook.de XIOC detected Domain: outlook.de
extracted_from_files
detected Domain: outlook.dk XIOC detected Domain: outlook.dk
extracted_from_files
detected Domain: outlook.my XIOC detected Domain: outlook.my
extracted_from_files
detected Domain: outlook.lv XIOC detected Domain: outlook.lv
extracted_from_files
detected Domain: outlook.kr XIOC detected Domain: outlook.kr
extracted_from_files
detected Domain: outlook.jp XIOC detected Domain: outlook.jp
extracted_from_files
detected Domain: outlook.it XIOC detected Domain: outlook.it
extracted_from_files
detected Domain: outlook.in XIOC detected Domain: outlook.in
extracted_from_files
detected Domain: outlook.ie XIOC detected Domain: outlook.ie
extracted_from_files
detected Domain: rocketmail.com XIOC detected Domain: rocketmail.com
extracted_from_files
detected Domain: passport.com XIOC detected Domain: passport.com
extracted_from_files
detected Domain: outlook.sk XIOC detected Domain: outlook.sk
extracted_from_files
detected Domain: outlook.sg XIOC detected Domain: outlook.sg
extracted_from_files
detected Domain: outlook.sa XIOC detected Domain: outlook.sa
extracted_from_files
detected Domain: outlook.pt XIOC detected Domain: outlook.pt
extracted_from_files
detected Domain: outlook.ph XIOC detected Domain: outlook.ph
extracted_from_files
detected Domain: ymail.com XIOC detected Domain: ymail.com
extracted_from_files
detected Domain: yahoo.it XIOC detected Domain: yahoo.it
extracted_from_files
detected Domain: yahoo.in XIOC detected Domain: yahoo.in
extracted_from_files
detected Domain: yahoo.fr XIOC detected Domain: yahoo.fr
extracted_from_files
detected Domain: yahoo.de XIOC detected Domain: yahoo.de
extracted_from_files
detected Domain: yahoo.co.uk XIOC detected Domain: yahoo.co.uk
extracted_from_files
detected Domain: yahoo.ca XIOC detected Domain: yahoo.ca
extracted_from_files
detected Domain: e.map XIOC detected Domain: e.map
extracted_from_files
detected Domain: error.call XIOC detected Domain: error.call
extracted_from_files
detected Domain: object.is XIOC detected Domain: object.is
extracted_from_files
detected Domain: n.yandex XIOC detected Domain: n.yandex
extracted_from_files
detected Domain: n.yahoo XIOC detected Domain: n.yahoo
extracted_from_files
detected Domain: n.gmail XIOC detected Domain: n.gmail
extracted_from_files
detected Domain: yandex.ua XIOC detected Domain: yandex.ua
extracted_from_files
detected Domain: n.call XIOC detected Domain: n.call
extracted_from_files
detected Domain: t.next XIOC detected Domain: t.next
extracted_from_files
detected Domain: a.call XIOC detected Domain: a.call
extracted_from_files
detected Domain: n.next XIOC detected Domain: n.next
extracted_from_files
detected Domain: p1.call XIOC detected Domain: p1.call
extracted_from_files
detected Domain: this.destination.next XIOC detected Domain: this.destination.next
extracted_from_files
detected Domain: this.name XIOC detected Domain: this.name
extracted_from_files
detected Domain: this.id XIOC detected Domain: this.id
extracted_from_files
detected Domain: this.work XIOC detected Domain: this.work
extracted_from_files
detected Domain: e.now XIOC detected Domain: e.now
extracted_from_files
detected Domain: o.now XIOC detected Domain: o.now
extracted_from_files
detected Domain: super.next XIOC detected Domain: super.next
extracted_from_files
detected Domain: i.call XIOC detected Domain: i.call
extracted_from_files
detected Domain: i.next XIOC detected Domain: i.next
extracted_from_files
detected Domain: e.read XIOC detected Domain: e.read
extracted_from_files
detected Domain: n.id XIOC detected Domain: n.id
extracted_from_files
detected Domain: r.id XIOC detected Domain: r.id
extracted_from_files
detected Domain: za.now XIOC detected Domain: za.now
extracted_from_files
detected Domain: wo.now XIOC detected Domain: wo.now
extracted_from_files
detected Domain: this.now XIOC detected Domain: this.now
extracted_from_files
detected Domain: t.now XIOC detected Domain: t.now
extracted_from_files
detected Domain: l.call XIOC detected Domain: l.call
extracted_from_files
detected Domain: c.call XIOC detected Domain: c.call
extracted_from_files
detected Domain: n.now XIOC detected Domain: n.now
extracted_from_files
detected Domain: r.next XIOC detected Domain: r.next
extracted_from_files
detected Domain: t-e.now XIOC detected Domain: t-e.now
extracted_from_files
detected Domain: o.next XIOC detected Domain: o.next
extracted_from_files
detected Domain: t.call XIOC detected Domain: t.call
extracted_from_files
detected Domain: this.pendingtask.next XIOC detected Domain: this.pendingtask.next
extracted_from_files
detected Domain: n.name XIOC detected Domain: n.name
extracted_from_files
detected Domain: t.data XIOC detected Domain: t.data
extracted_from_files
detected Domain: r.name XIOC detected Domain: r.name
extracted_from_files
detected Domain: t.host XIOC detected Domain: t.host
extracted_from_files
detected Domain: t.name XIOC detected Domain: t.name
extracted_from_files
detected Domain: t.map XIOC detected Domain: t.map
extracted_from_files
detected Domain: i.run XIOC detected Domain: i.run
extracted_from_files
detected Domain: e.run XIOC detected Domain: e.run
extracted_from_files
detected Domain: n.zone XIOC detected Domain: n.zone
extracted_from_files
detected Domain: zone.root.run XIOC detected Domain: zone.root.run
extracted_from_files
detected Domain: outer.run XIOC detected Domain: outer.run
extracted_from_files
detected Domain: inner.run XIOC detected Domain: inner.run
extracted_from_files
detected Domain: l.next XIOC detected Domain: l.next
extracted_from_files
detected Domain: changes.next XIOC detected Domain: changes.next
extracted_from_files
detected Domain: results.map XIOC detected Domain: results.map
extracted_from_files
detected Domain: a.data XIOC detected Domain: a.data
extracted_from_files
detected Domain: u.data XIOC detected Domain: u.data
extracted_from_files
detected Domain: i.data XIOC detected Domain: i.data
extracted_from_files
detected Domain: n.data XIOC detected Domain: n.data
extracted_from_files
detected Domain: i.zone XIOC detected Domain: i.zone
extracted_from_files
detected Domain: i.zone.run XIOC detected Domain: i.zone.run
extracted_from_files
detected Domain: t.read XIOC detected Domain: t.read
extracted_from_files
detected Domain: t.target XIOC detected Domain: t.target
extracted_from_files
detected Domain: s.call XIOC detected Domain: s.call
extracted_from_files
detected Domain: t.id XIOC detected Domain: t.id
extracted_from_files
detected Domain: t.style XIOC detected Domain: t.style
extracted_from_files
detected Domain: o.name XIOC detected Domain: o.name
extracted_from_files
detected Domain: e.id XIOC detected Domain: e.id
extracted_from_files
detected Domain: e.metadata.read XIOC detected Domain: e.metadata.read
extracted_from_files
detected Domain: this.metadata.read XIOC detected Domain: this.metadata.read
extracted_from_files
detected Domain: this.read XIOC detected Domain: this.read
extracted_from_files
detected Domain: t.type.name XIOC detected Domain: t.type.name
extracted_from_files
detected Domain: s.data XIOC detected Domain: s.data
extracted_from_files
detected Domain: o.data XIOC detected Domain: o.data
extracted_from_files
detected Domain: a.read XIOC detected Domain: a.read
extracted_from_files
detected Domain: this.ngzone.run XIOC detected Domain: this.ngzone.run
extracted_from_files
detected Domain: r.data XIOC detected Domain: r.data
extracted_from_files
detected Domain: c.next XIOC detected Domain: c.next
extracted_from_files
detected Domain: t.at XIOC detected Domain: t.at
extracted_from_files
detected Domain: this.aftertick.next XIOC detected Domain: this.aftertick.next
extracted_from_files
detected Domain: this.tracingsnapshot.run XIOC detected Domain: this.tracingsnapshot.run
extracted_from_files
detected Domain: n.style XIOC detected Domain: n.style
extracted_from_files
detected Domain: i.id XIOC detected Domain: i.id
extracted_from_files
detected Domain: n.map XIOC detected Domain: n.map
extracted_from_files
detected Domain: subject.next XIOC detected Domain: subject.next
extracted_from_files
detected Domain: platformlocation.search XIOC detected Domain: platformlocation.search
extracted_from_files
detected Domain: t.search XIOC detected Domain: t.search
extracted_from_files
detected Domain: location.search XIOC detected Domain: location.search
extracted_from_files
detected Domain: gt.style XIOC detected Domain: gt.style
extracted_from_files
detected Domain: e.total XIOC detected Domain: e.total
extracted_from_files
detected Domain: n.total XIOC detected Domain: n.total
extracted_from_files
detected Domain: a.open XIOC detected Domain: a.open
extracted_from_files
detected Domain: i.build XIOC detected Domain: i.build
extracted_from_files
detected Domain: i.map XIOC detected Domain: i.map
extracted_from_files
detected Domain: this.map XIOC detected Domain: this.map
extracted_from_files
detected Domain: destroysubject.next XIOC detected Domain: destroysubject.next
extracted_from_files
detected Domain: stopinputmodalitydetector.next XIOC detected Domain: stopinputmodalitydetector.next
extracted_from_files
detected Domain: e.subject.next XIOC detected Domain: e.subject.next
extracted_from_files
detected Domain: ngzone.run XIOC detected Domain: ngzone.run
extracted_from_files
detected Domain: platform.android XIOC detected Domain: platform.android
extracted_from_files
detected Domain: modality.next XIOC detected Domain: modality.next
extracted_from_files
detected IP: 5:: XIOC detected IP: 5::
extracted_from_files
detected Domain: selecteditem.next XIOC detected Domain: selecteditem.next
extracted_from_files
detected Domain: letterkeystream.next XIOC detected Domain: letterkeystream.next
extracted_from_files
detected Domain: tr.black XIOC detected Domain: tr.black
extracted_from_files
detected Domain: t.black XIOC detected Domain: t.black
extracted_from_files
detected Domain: liveelement.id XIOC detected Domain: liveelement.id
extracted_from_files
detected Domain: window.chrome XIOC detected Domain: window.chrome
extracted_from_files
detected Domain: zone.run XIOC detected Domain: zone.run
extracted_from_files
detected Domain: e.style XIOC detected Domain: e.style
extracted_from_files
detected Domain: document.documentelement.style XIOC detected Domain: document.documentelement.style
extracted_from_files
detected Domain: o.messageelement.id XIOC detected Domain: o.messageelement.id
extracted_from_files
detected Domain: r.messageelement.id XIOC detected Domain: r.messageelement.id
extracted_from_files
detected Domain: pageupanddown.delta XIOC detected Domain: pageupanddown.delta
extracted_from_files
detected Domain: this.tabout.next XIOC detected Domain: this.tabout.next
extracted_from_files
detected Domain: this.change.next XIOC detected Domain: this.change.next
extracted_from_files
detected Domain: elementscrolled.next XIOC detected Domain: elementscrolled.next
extracted_from_files
detected Domain: scrolled.next XIOC detected Domain: scrolled.next
extracted_from_files
detected Domain: y2.map XIOC detected Domain: y2.map
extracted_from_files
detected Domain: n-e.top XIOC detected Domain: n-e.top
extracted_from_files
detected Domain: u.style.top XIOC detected Domain: u.style.top
extracted_from_files
detected Domain: e-r.top XIOC detected Domain: e-r.top
extracted_from_files
detected Domain: r.top XIOC detected Domain: r.top
extracted_from_files
detected Domain: previousscrollposition.top XIOC detected Domain: previousscrollposition.top
extracted_from_files
detected Domain: n.style.top XIOC detected Domain: n.style.top
extracted_from_files
detected Domain: previoushtmlstyles.top XIOC detected Domain: previoushtmlstyles.top
extracted_from_files
detected Domain: o.top XIOC detected Domain: o.top
extracted_from_files
detected Domain: change.next XIOC detected Domain: change.next
extracted_from_files
detected Domain: e.top XIOC detected Domain: e.top
extracted_from_files
detected Domain: destroyed.next XIOC detected Domain: destroyed.next
extracted_from_files
detected Domain: pane.style XIOC detected Domain: pane.style
extracted_from_files
detected Domain: detachments.next XIOC detected Domain: detachments.next
extracted_from_files
detected Domain: attachments.next XIOC detected Domain: attachments.next
extracted_from_files
detected Domain: i.host XIOC detected Domain: i.host
extracted_from_files
detected Domain: keydownevents.next XIOC detected Domain: keydownevents.next
extracted_from_files
detected Domain: t.top XIOC detected Domain: t.top
extracted_from_files
detected Domain: i.top XIOC detected Domain: i.top
extracted_from_files
detected Domain: this.top XIOC detected Domain: this.top
extracted_from_files
detected Domain: scrollables.map XIOC detected Domain: scrollables.map
extracted_from_files
detected Domain: positionchanges.next XIOC detected Domain: positionchanges.next
extracted_from_files
detected Domain: o.top-i.top XIOC detected Domain: o.top-i.top
extracted_from_files
detected Domain: n.top XIOC detected Domain: n.top
extracted_from_files
detected Domain: boundingbox.style XIOC detected Domain: boundingbox.style
extracted_from_files
detected Domain: backdropclick.next XIOC detected Domain: backdropclick.next
extracted_from_files
detected Domain: this.overlayoutsideclick.next XIOC detected Domain: this.overlayoutsideclick.next
extracted_from_files
detected Domain: this.overlaykeydown.next XIOC detected Domain: this.overlaykeydown.next
extracted_from_files
detected Domain: e.open XIOC detected Domain: e.open
extracted_from_files
detected Domain: this.open XIOC detected Domain: this.open
extracted_from_files
detected Domain: u.id XIOC detected Domain: u.id
extracted_from_files
detected Domain: overlayref.hostelement.style XIOC detected Domain: overlayref.hostelement.style
extracted_from_files
detected Domain: overlayref.overlayelement.style XIOC detected Domain: overlayref.overlayelement.style
extracted_from_files
detected Domain: t.open XIOC detected Domain: t.open
extracted_from_files
detected Domain: animationstatechanged.next XIOC detected Domain: animationstatechanged.next
extracted_from_files
detected Domain: e.data XIOC detected Domain: e.data
extracted_from_files
detected Domain: this.afteropened.next XIOC detected Domain: this.afteropened.next
extracted_from_files
detected Domain: config.id XIOC detected Domain: config.id
extracted_from_files
detected Domain: focustrapped.next XIOC detected Domain: focustrapped.next
extracted_from_files
detected Domain: this.positions.map XIOC detected Domain: this.positions.map
extracted_from_files
detected Domain: focused.next XIOC detected Domain: focused.next
extracted_from_files
detected Domain: a.name XIOC detected Domain: a.name
extracted_from_files
detected Domain: bs.map XIOC detected Domain: bs.map
extracted_from_files
detected Domain: dialog.open XIOC detected Domain: dialog.open
extracted_from_files
detected Domain: beforeclosed.next XIOC detected Domain: beforeclosed.next
extracted_from_files
detected Domain: afteropened.next XIOC detected Domain: afteropened.next
extracted_from_files
detected Domain: ym.open XIOC detected Domain: ym.open
extracted_from_files
detected Domain: onenter.next XIOC detected Domain: onenter.next
extracted_from_files
detected Domain: afterdismissed.next XIOC detected Domain: afterdismissed.next
extracted_from_files
detected Domain: onaction.next XIOC detected Domain: onaction.next
extracted_from_files
detected Domain: r.menu XIOC detected Domain: r.menu
extracted_from_files
detected Domain: this.menu XIOC detected Domain: this.menu
extracted_from_files
detected Domain: animationdone.next XIOC detected Domain: animationdone.next
extracted_from_files
detected Domain: hovered.next XIOC detected Domain: hovered.next
extracted_from_files
detected Domain: r.target XIOC detected Domain: r.target
extracted_from_files
detected Domain: stopscrolling.next XIOC detected Domain: stopscrolling.next
extracted_from_files
detected Domain: statechanges.next XIOC detected Domain: statechanges.next
extracted_from_files
detected Domain: i.target XIOC detected Domain: i.target
extracted_from_files
detected Domain: resizesubject.next XIOC detected Domain: resizesubject.next
extracted_from_files
detected Domain: onannounce.next XIOC detected Domain: onannounce.next
extracted_from_files
detected Domain: onexit.next XIOC detected Domain: onexit.next
extracted_from_files
detected Domain: l.id XIOC detected Domain: l.id
extracted_from_files
detected Domain: this.groups.map XIOC detected Domain: this.groups.map
extracted_from_files
detected Domain: this.bookmarks.map XIOC detected Domain: this.bookmarks.map
extracted_from_files
detected Domain: o.click XIOC detected Domain: o.click
extracted_from_files
detected Domain: o.download XIOC detected Domain: o.download
extracted_from_files
detected Domain: tabs.map XIOC detected Domain: tabs.map
extracted_from_files
detected Domain: i.tab XIOC detected Domain: i.tab
extracted_from_files
detected Domain: this.controls.map XIOC detected Domain: this.controls.map
extracted_from_files
detected Domain: this.at XIOC detected Domain: this.at
extracted_from_files
detected Domain: e.name XIOC detected Domain: e.name
extracted_from_files
detected Domain: events.next XIOC detected Domain: events.next
extracted_from_files
detected Domain: snackbar.open XIOC detected Domain: snackbar.open
extracted_from_files
detected Domain: chrome.storage XIOC detected Domain: chrome.storage
extracted_from_files
detected Domain: s.id XIOC detected Domain: s.id
extracted_from_files
detected Domain: errorchildren.map XIOC detected Domain: errorchildren.map
extracted_from_files
detected Domain: a.id XIOC detected Domain: a.id
extracted_from_files
detected Domain: o.id XIOC detected Domain: o.id
extracted_from_files
detected Domain: r.open XIOC detected Domain: r.open
extracted_from_files
detected Domain: control.id XIOC detected Domain: control.id
extracted_from_files
detected Domain: r.group XIOC detected Domain: r.group
extracted_from_files
detected Domain: this.group XIOC detected Domain: this.group
extracted_from_files
detected Domain: i.select XIOC detected Domain: i.select
extracted_from_files
detected Domain: initialized.next XIOC detected Domain: initialized.next
extracted_from_files
detected Domain: this.changed.next XIOC detected Domain: this.changed.next
extracted_from_files
detected Domain: this.select XIOC detected Domain: this.select
extracted_from_files
detected Domain: e.target XIOC detected Domain: e.target
extracted_from_files
detected Domain: this.statechanges.next XIOC detected Domain: this.statechanges.next
extracted_from_files
detected Domain: c.target XIOC detected Domain: c.target
extracted_from_files
detected Domain: keymanager.activeitem.id XIOC detected Domain: keymanager.activeitem.id
extracted_from_files
detected Domain: this.selected.map XIOC detected Domain: this.selected.map
extracted_from_files
detected Domain: this.options.map XIOC detected Domain: this.options.map
extracted_from_files
detected Domain: selectionmodel.select XIOC detected Domain: selectionmodel.select
extracted_from_files
detected Domain: l.select XIOC detected Domain: l.select
extracted_from_files
detected Domain: selectionmodel.selected.map XIOC detected Domain: selectionmodel.selected.map
extracted_from_files
detected Domain: destroy.next XIOC detected Domain: destroy.next
extracted_from_files
detected Domain: formbuilder.group XIOC detected Domain: formbuilder.group
extracted_from_files
detected Domain: t.link XIOC detected Domain: t.link
extracted_from_files
detected URL: https://github.com/yegor-pelykh/OnHand XIOC detected URL: https://github.com/yegor-pelykh/OnHand
extracted_from_files
detected URL: https://clients2.google.com/service/update2/crx XIOC detected URL: https://clients2.google.com/service/update2/crx
extracted_from_files
detected Domain: o.show XIOC detected Domain: o.show
extracted_from_files
detected Domain: this.show XIOC detected Domain: this.show
extracted_from_files
detected Domain: n.top-e.top XIOC detected Domain: n.top-e.top
extracted_from_files
detected Domain: r.style XIOC detected Domain: r.style
extracted_from_files
detected Domain: a.map XIOC detected Domain: a.map
extracted_from_files
detected Domain: this.pointermove.next XIOC detected Domain: this.pointermove.next
extracted_from_files
detected Domain: scroll.next XIOC detected Domain: scroll.next
extracted_from_files
detected Domain: this.pointerup.next XIOC detected Domain: this.pointerup.next
extracted_from_files
detected Domain: c.top XIOC detected Domain: c.top
extracted_from_files
detected Domain: this.dropped.next XIOC detected Domain: this.dropped.next
extracted_from_files
detected Domain: a.style XIOC detected Domain: a.style
extracted_from_files
detected Domain: this.started.next XIOC detected Domain: this.started.next
extracted_from_files
detected Domain: this.ended.next XIOC detected Domain: this.ended.next
extracted_from_files
detected Domain: this.released.next XIOC detected Domain: this.released.next
extracted_from_files
detected Domain: moveevents.next XIOC detected Domain: moveevents.next
extracted_from_files
detected Domain: this.beforestarted.next XIOC detected Domain: this.beforestarted.next
extracted_from_files
detected Domain: rootelement.style XIOC detected Domain: rootelement.style
extracted_from_files
detected Domain: s.top XIOC detected Domain: s.top
extracted_from_files
detected Domain: i.pagey-e.top XIOC detected Domain: i.pagey-e.top
extracted_from_files
detected Domain: o.top-n.top XIOC detected Domain: o.top-n.top
extracted_from_files
detected Domain: a.pagey-o.top-s.top XIOC detected Domain: a.pagey-o.top-s.top
extracted_from_files
detected Domain: this.entered.next XIOC detected Domain: this.entered.next
extracted_from_files
detected Domain: this.exited.next XIOC detected Domain: this.exited.next
extracted_from_files
detected Domain: a.top XIOC detected Domain: a.top
extracted_from_files
detected Domain: e.top-n.top XIOC detected Domain: e.top-n.top
extracted_from_files
detected Domain: e.clientrect.top-i.clientrect.top XIOC detected Domain: e.clientrect.top-i.clientrect.top
extracted_from_files
detected Domain: activedraggables.map XIOC detected Domain: activedraggables.map
extracted_from_files
detected Domain: previousswap.delta XIOC detected Domain: previousswap.delta
extracted_from_files
detected Domain: n.target XIOC detected Domain: n.target
extracted_from_files
detected Domain: r.top-i.top XIOC detected Domain: r.top-i.top
extracted_from_files
detected Domain: r.delta XIOC detected Domain: r.delta
extracted_from_files
detected Domain: this.receivingstopped.next XIOC detected Domain: this.receivingstopped.next
extracted_from_files
detected Domain: this.receivingstarted.next XIOC detected Domain: this.receivingstarted.next
extracted_from_files
detected Domain: container.style XIOC detected Domain: container.style
extracted_from_files
detected Domain: stopscrolltimers.next XIOC detected Domain: stopscrolltimers.next
extracted_from_files
detected Domain: this.sorted.next XIOC detected Domain: this.sorted.next
extracted_from_files
detected Domain: l.top XIOC detected Domain: l.top
extracted_from_files
detected Domain: droplistref.data XIOC detected Domain: droplistref.data
extracted_from_files
detected Domain: i.previouscontainer.data XIOC detected Domain: i.previouscontainer.data
extracted_from_files
detected Domain: i.container.data XIOC detected Domain: i.container.data
extracted_from_files
detected Domain: previewtemplate.data XIOC detected Domain: previewtemplate.data
extracted_from_files
detected Domain: placeholdertemplate.data XIOC detected Domain: placeholdertemplate.data
extracted_from_files
detected Domain: handles.next XIOC detected Domain: handles.next
extracted_from_files
detected Domain: dragref.data XIOC detected Domain: dragref.data
extracted_from_files
detected Domain: o.map XIOC detected Domain: o.map
extracted_from_files
detected Domain: this.data.groups.map XIOC detected Domain: this.data.groups.map
extracted_from_files
detected Domain: this.data.forbiddennames.map XIOC detected Domain: this.data.forbiddennames.map
extracted_from_files
detected Domain: e.group XIOC detected Domain: e.group
extracted_from_files
detected Domain: i.group XIOC detected Domain: i.group
extracted_from_files
detected Domain: window.open XIOC detected Domain: window.open
extracted_from_files
detected Domain: i.item.data XIOC detected Domain: i.item.data
extracted_from_files
detected Domain: յ.pk XIOC detected Domain: յ.pk
extracted_from_files
detected Domain: n.se XIOC detected Domain: n.se
extracted_from_files
detected Domain: ¾8.mz XIOC detected Domain: ¾8.mz
extracted_from_files
detected Domain: 1z.cv XIOC detected Domain: 1z.cv
extracted_from_files
detected Domain: fileinput.nativeelement.click XIOC detected Domain: fileinput.nativeelement.click
extracted_from_files
detected Domain: file.name XIOC detected Domain: file.name
extracted_from_files
detected Domain: i.save XIOC detected Domain: i.save
extracted_from_files
detected Domain: ft.ar XIOC detected Domain: ft.ar
extracted_from_files
detected Domain: ut.ar XIOC detected Domain: ut.ar
extracted_from_files
detected Domain: e.constructor.name XIOC detected Domain: e.constructor.name
extracted_from_files
detected Domain: fa.call XIOC detected Domain: fa.call
extracted_from_files
detected Domain: gy.call XIOC detected Domain: gy.call
extracted_from_files
detected Domain: www.inkscape.org XIOC detected Domain: www.inkscape.org
extracted_from_files
detected Domain: g.vg XIOC detected Domain: g.vg
extracted_from_files
detected Domain: r.call XIOC detected Domain: r.call
extracted_from_files
detected Domain: ea.call XIOC detected Domain: ea.call
extracted_from_files
detected Domain: a.cc XIOC detected Domain: a.cc
extracted_from_files
detected Domain: a.search XIOC detected Domain: a.search
extracted_from_files
detected Domain: ft.bn XIOC detected Domain: ft.bn
extracted_from_files
detected Domain: ut.bn XIOC detected Domain: ut.bn
extracted_from_files
detected Domain: ot.ar XIOC detected Domain: ot.ar
extracted_from_files
detected Domain: r.run XIOC detected Domain: r.run
extracted_from_files
detected Domain: t.run XIOC detected Domain: t.run
extracted_from_files
detected Domain: i.name XIOC detected Domain: i.name
extracted_from_files
detected Domain: e.host XIOC detected Domain: e.host
extracted_from_files
detected Domain: e-t.now XIOC detected Domain: e-t.now
extracted_from_files
detected Domain: to.now XIOC detected Domain: to.now
extracted_from_files
detected Domain: gi.now XIOC detected Domain: gi.now
extracted_from_files
detected Domain: s.read XIOC detected Domain: s.read
extracted_from_files
detected Domain: e.at XIOC detected Domain: e.at
extracted_from_files
detected Domain: t.metadata.read XIOC detected Domain: t.metadata.read
extracted_from_files
detected Domain: e.type.name XIOC detected Domain: e.type.name
extracted_from_files
detected Domain: r.zone.run XIOC detected Domain: r.zone.run
extracted_from_files
detected Domain: d.data XIOC detected Domain: d.data
extracted_from_files
detected Domain: r.zone XIOC detected Domain: r.zone
extracted_from_files
detected Domain: s.next XIOC detected Domain: s.next
extracted_from_files
detected Domain: t.subject.next XIOC detected Domain: t.subject.next
extracted_from_files
detected Domain: c.total XIOC detected Domain: c.total
extracted_from_files
detected Domain: s.open XIOC detected Domain: s.open
extracted_from_files
detected Domain: r.build XIOC detected Domain: r.build
extracted_from_files
detected Domain: r.map XIOC detected Domain: r.map
extracted_from_files
detected Domain: e.search XIOC detected Domain: e.search
extracted_from_files
detected Domain: hf.map XIOC detected Domain: hf.map
extracted_from_files
detected Domain: n-t.top XIOC detected Domain: n-t.top
extracted_from_files
detected Domain: d.style.top XIOC detected Domain: d.style.top
extracted_from_files
detected Domain: t-i.top XIOC detected Domain: t-i.top
extracted_from_files
detected Domain: i.messageelement.id XIOC detected Domain: i.messageelement.id
extracted_from_files
detected Domain: nr.black XIOC detected Domain: nr.black
extracted_from_files
detected Domain: e.black XIOC detected Domain: e.black
extracted_from_files
detected Domain: r.select XIOC detected Domain: r.select
extracted_from_files
detected Domain: d.id XIOC detected Domain: d.id
extracted_from_files
detected Domain: o.top-r.top XIOC detected Domain: o.top-r.top
extracted_from_files
detected Domain: r.host XIOC detected Domain: r.host
extracted_from_files
detected Domain: s.name XIOC detected Domain: s.name
extracted_from_files
detected Domain: mi.map XIOC detected Domain: mi.map
extracted_from_files
detected Domain: i.open XIOC detected Domain: i.open
extracted_from_files
detected URL: https://angular.dev/best-practices/security#preventing-cross-site-scripting-xss XIOC detected URL: https://angular.dev/best-practices/security#preventing-cross-site-scripting-xss
extracted_from_files
detected URL: http://www.apache.org/licenses/LICENSE-2.0 XIOC detected URL: http://www.apache.org/licenses/LICENSE-2.0
extracted_from_files
detected URL: http://www.apache.org/licenses/ XIOC detected URL: http://www.apache.org/licenses/
extracted_from_files
detected URL: https://angular.dev/license XIOC detected URL: https://angular.dev/license
extracted_from_files
detected Domain: chrome.pageaction.show XIOC detected Domain: chrome.pageaction.show
extracted_from_files
detected Domain: e.link XIOC detected Domain: e.link
extracted_from_files
detected Domain: onhide.next XIOC detected Domain: onhide.next
extracted_from_files
detected Domain: i.style XIOC detected Domain: i.style
extracted_from_files
detected IP: ::af XIOC detected IP: ::af
extracted_from_files
detected Domain: a.next XIOC detected Domain: a.next
extracted_from_files
AI Security Report
AI Security Review
Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-27. The review verdict is likely false positive with 82% confidence.
Recommended action: suppress false positive.
Risk context: MEDIUM risk, score 62/100.
Evidence context: threat category none; evidence quality moderate.
This extension exhibits a textbook false-positive pattern in CVEQ's IoC extraction. All 460 medium-severity IoC findings are property access chains misidentified as domains: chrome.storage is a Chrome API reference, this.bookmarks.map and this.groups.map are JavaScript method calls, tabs.map and snackbar.open are property/method access patterns, and onexit.next, l.id, s.id, o.click, o.download, i.tab, this.controls.map follow the same pattern of object.property being parsed as domain names. The XIOC extractor documentation explicitly flags this as a known false-positive source.
The findings_summary shows zero malware signatures, zero malware findings, and zero network findings. The 36 code-smell findings are low-severity and match the documented noise profile (postinstall patterns, credential references, code-quality rules). The 2 obfuscation findings are minimal and could represent legitimate minification or the zero-width Unicode false positive in locale files.
The extension's stated purpose—bookmark management on the New Tab page—aligns with the IoC patterns found (this.bookmarks.map, chrome.storage). These are legitimate APIs for a bookmark manager extension. There is no evidence of browser hijacking, credential theft, proxyware, or any of the high-confidence threat categories.
Counterargument: A skeptic might argue the anonymous developer ([email protected]) and extremely low user count (5 users) indicate a suspicious extension that hasn't been vetted by the community. While these are legitimate concerns for general trust, they do not constitute evidence of malicious behavior. The technical findings show no actual malicious indicators—no suspicious domains, no malware signatures, no network exfiltration patterns. The verdict is based on what the code DOES, not who published it. An anonymous developer publishing a benign bookmark manager is not inherently malicious.
The evidence quality is moderate because we cannot rule out all risk without runtime analysis, but the IoC patterns are definitively false positives based on CVEQ's documented noise sources.
Key Reasons
- All 460 IoC findings are property access chain false positives, not actual domains
- Zero malware signatures and zero network findings
- Extension functionality (bookmark management) matches observed API usage patterns
- Code-smell findings are documented noise sources
False Positive Considerations
- Property access chains misread as domains (chrome.storage, this.bookmarks.map, tabs.map)
- XIOC extractor garbage with 460 false-positive IoCs
- Code-smell findings (36 low-severity) matching known noise patterns
- Zero malware signatures despite high finding count
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace
Ship Xanh copy sản phẩm, nhân bản shop, hiển thị % phí sàn, lượt bán tháng
[email protected]
SVG to AVIF Converter [ShiftShift]
[email protected]
ChromeCompare
[email protected]
CAI Tools
[email protected]
Auto Gmail - ChatGPT AI for email inbox
[email protected]
EC Seller Tools
[email protected]