Windows Analysis Report
https://url9577.spatialobjects.com/ls/click?upn=u001.4ivVkFS2-2B4Sp-2Bivia16FvZ0teKfwckAWDUNO-2FsqtRchREXEyTglUEhVzVLlqiPt6oyeeJPuBMPPn-2FAJy8GEEGQs1-2BYVSMuO8RcYEmOVkcjI-3DnYq7_5kJ5LjeESMs3fQdMgHqyuvFFc7nFcZjYyI3vr6BFlw-2BbBsOMKGykWhuto9VBBSTEAWm9RK1szoMJSY3w0qEGh2haan1Og8NtlsLY75H85AELmELLmWbs81ik

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": false,
    "brand_spoofing_attempt": false,
    "third_party_hosting": true
}

URL: https://url9577.spatialobjects.com

{
    "risk_score": 3,
    "reasoning": "The provided JavaScript snippet appears to be a configuration object for the Font Awesome kit, which is a legitimate and widely-used library for adding icons to web pages. While the snippet contains some potentially risky indicators, such as the use of external data transmission and fallback domains, the overall context suggests this is likely a benign script used for its intended purpose of loading Font Awesome icons. The risk score is on the lower end of the scale, indicating a low-risk script with some minor implementation concerns."
}

window.FontAwesomeKitConfig = {"id":57472770,"version":"6.5.2","token":"5a87dc598e","method":"css","baseUrl":"https://ka-p.fontawesome.com","license":"pro","asyncLoading":{"enabled":false},"autoA11y":{"enabled":true},"baseUrlKit":"https://kit.fontawesome.com","detectConflictsUntil":null,"iconUploads":{},"minify":{"enabled":true},"v4FontFaceShim":{"enabled":true},"v4shim":{"enabled":true},"v5FontFaceShim":{"enabled":true},"customIconsCssPath":"5a87dc598e/57472770/kit-upload.css","uploadsUrl":"https://kit-uploads.fontawesome.com"};
!function(t){"function"==typeof define&&define.amd?define("kit-loader",t):t()}((function(){"use strict";function t(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function e(e){for(var n=1;n<arguments.length;n++){var o=null!=arguments[n]?arguments[n]:{};n%2?t(Object(o),!0).forEach((function(t){r(e,t,o[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(o)):t(Object(o)).forEach((function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(o,t))}))}return e}function n(t){return(n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function r(t,e,n){return(e=function(t){var e=function(t,e){if("object"!=typeof t||null===t)return t;var n=t[Symbol.toPrimitive];if(void 0!==n){var r=n.call(t,e||"default");if("object"!=typeof r)return r;throw new TypeError("@@toPrimitive must return a primitive value.")}return("string"===e?String:Number)(t)}(t,"string");return"symbol"==typeof e?e:String(e)}(e))in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function o(t,e){return function(t){if(Array.isArray(t))return t}(t)||function(t,e){var n=null==t?null:"undefined"!=typeof Symbol&&t[Symbol.iterator]||t["@@iterator"];if(null!=n){var r,o,i,a,c=[],u=!0,f=!1;try{if(i=(n=n.call(t)).next,0===e){if(Object(n)!==n)return;u=!1}else for(;!(u=(r=i.call(n)).done)&&(c.push(r.value),c.length!==e);u=!0);}catch(t){f=!0,o=t}finally{try{if(!u&&null!=n.return&&(a=n.return(),Object(a)!==a))return}finally{if(f)throw o}}return c}}(t,e)||function(t,e){if(!t)return;if("string"==typeof t)return i(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);"Object"===n&&t.constructor&&(n=t.constructor.name);if("Map"===n||"Set"===n)return Array.from(t);if("Arguments"===n||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))return i(t,e)}(t,e)||function(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}()}function i(t,e){(null==e||e>t.length)&&(e=t.length);for(var n=0,r=new Array(e);n<e;n++)r[n]=t[n];return r}var a="sharp",c=["classic","duotone","sharp"],u=["fak","fa-kit","fakd","fa-kit-duotone"],f=["fa","fas","fa-solid","far","fa-regular","fal","fa-light","fat","fa-thin","fad","fa-duotone","fab","fa-brands","fass","fasr","fasl","fast"];function s(t,e){var n=e&&e.addOn||"",r=e&&e.baseFilename||t.license+n,o=e&&e.minify?".min":"",i=e&&e.fileSuffix||t.method,a=e&&e.subdir||t.method;return t.baseUrl+"/releases/"+("latest"===t.version?"latest":"v".concat(t.version))+"/"+a+"/"+r+o+"."+i}function d(t,e){var n=e||["fa"],r="."+Array.prototype.join.call(n,",."),o=t.querySelectorAll(r);Array.prototype.forEach.call(o,(function(e){var n=e.getAttribute("title");e.setAttribute("aria-hidden","true");var r=!e.nextElementSibling||!e.nextElementSibling.classList.contains("sr-only");if(n&&r){var o=t.createElement("span");o.innerHTML=n,o.classList.add("sr-only"),e.parentNode.insertBefore(o,e.nextSibling)}}))}var l,h=function(){},m="undefined"!=typeof global&&void 0!==global.process&&"function"==typeof global.process.emit,p="undefined"==typeof setImmediate?s

{
    "risk_score": 4,
    "reasoning": "The provided JavaScript code has a mix of low-risk and moderate-risk indicators. While it does not contain any high-risk behaviors like dynamic code execution or data exfiltration, it exhibits some behaviors that require further review. The code interacts with external domains, performs DOM manipulation, and uses legacy APIs like `XDomainRequest`. Additionally, it handles user data and redirects users, which could potentially be abused. However, the overall intent appears to be legitimate, such as handling authentication and providing a forgot password functionality. With some adjustments and additional context, the risk level could be reduced."
}

var messages = [];
var organizationCodes = [];
var imgUrl = '';
var loginMessageTimeout;
var loginTimout;

//home = setRedirectUri();

function getCopyright() {
	const year = new Date().getUTCFullYear();
	return year;
}

function getRedirectProduct() {
	const url = new URL(getRedirectUrl());
	const pathname = url.pathname;
	const pathArray = pathname.split("/");
	return pathArray[1].toUpperCase();
}

function getRedirectHostname() {
	const url = new URL(getRedirectUrl());
	return "https://" + url.hostname;
}

function getUrlParameter(parameter) {
	const url = new URL(window.location.href);
	const redirectUrl = url.searchParams.get(parameter);
	return redirectUrl;
}

function getRedirectUrl() {
	var redirect = getUrlParameter("redirect_uri");
	if(redirect == undefined) {
		redirect = getCookie("redirect_uri");
	}
	if(redirect == undefined || redirect === "") {
		if(window.location.origin.indexOf("qa") > 0) {
			redirect = "https://qa.spatialobjects.com";
		} else {
			redirect = "https://my.spatialobjects.com";
		}
	}
	return redirect;
}

function register() {
	const url = getRedirectHostname() + "/admin/register/";
	window.location.href = url;
}

function forgotPassword() {
	const url = getRedirectHostname() + "/admin/password/forgot?productCode=" + getRedirectProduct();
	window.location.href = url;
}

function setRedirectUri() {
	const queryString = window.location.search;
	const urlParams = new URLSearchParams(queryString);
	var redirectUri = urlParams.get('redirect_uri');

	if(redirectUri != undefined) {
		redirectUri = getCookie("redirect_uri");
	}
	home = redirectUri.replace('sso/login','home');
}

function setAlert(messages) {
	var obj = JSON.parse(messages);


	for(var i = 0; i < obj.payload.length; i++) {

		var message = obj.payload[i].description;
		this.messages.push(message);
		
	}

  isLogout();
	displayMessages();
}

function httpGetAsync(theUrl, callback)
{
    var xmlHttp = new XMLHttpRequest();
    xmlHttp.onreadystatechange = function() { 
        if (xmlHttp.readyState == 4 && xmlHttp.status == 200)
            callback(xmlHttp.responseText);
    }
    xmlHttp.open("GET", theUrl, true); // true for asynchronous 
    xmlHttp.send(null);
}

function addForgotPassword() {

	try {
		const link = getRedirectHostname() + "/admin/password/forgot?productCode=";

		var positionElement = document.getElementsByClassName("login-pf-settings")[0];
		var newElement = document.createElement("div");
		newElement.setAttribute("id", "reset-password");
		newElement.innerHTML = "Forgot your password? Click <a href='" + link + "' onclick='forgotPassword()'' title='Reset Password'>here</a> to reset.";
		positionElement.after(newElement);
	} catch(err) {
		console.log("Unable to add the forgot password link.");
	}
}

function isLogout() {
	if(window.location.href.indexOf("logout")>0) {
		var message = "Your session timed out. You have been redirected to the log in screen.";
		messages.push(message);
	}
}

function displayMessages() {

	try {
		this.imgUrl = document.getElementById("imgPath").innerText;
	} catch(err) {}
	
	refreshMessages();

}

function refreshMessages() {

	var messageContainer = document.getElementById("so-message");
	for(var i = 0; i < this.messages.length; i++) {
		if(i == 0) {
			messageContainer.innerHTML = "<div class='warn'><div><img src='" + this.imgUrl + "/img/warn.png" + "'></div><div>" + messages[i]+ "</div>";
		} else {
			messageContainer.innerHTML += "<div class='warn'><div><img src='" + this.imgUrl + "/img/warn.png" + "'></div><div>" + messages[i]+ "</div>";
		}
		messageContainer.style.display="block";
	}
}


function setCookie(key, value) {
	document.cookie = key +  "=" + value;
}

function getCookie(cname) {
  let name = cname + "=";
  let decodedCookie = decodeURIComponent(document.cookie);
  let ca = decodedCookie.split(';');
  for(let i = 0; i <ca.lengt

{
    "risk_score": 3,
    "reasoning": "The provided JavaScript snippet appears to be a part of the Buefy library, which is a Vue.js UI framework. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or redirects to malicious domains. The code primarily consists of utility functions and module definitions, which are common in legitimate JavaScript libraries. While it uses some legacy practices like `XDomainRequest`, these pose minor risks and are not inherently malicious. Overall, the snippet seems to be part of a legitimate open-source project and does not exhibit suspicious behavior."
}

/*! Buefy v0.9.21 | MIT License | github.com/buefy/buefy */
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e=e||self).Buefy={})}(this,function(e){"use strict";function t(e){return(t="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e})(e)}function i(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function n(e,t){for(var i=0;i<t.length;i++){var n=t[i];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}function a(e,t,i){return t in e?Object.defineProperty(e,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[t]=i,e}function s(e,t){var i=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter(function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable})),i.push.apply(i,n)}return i}function o(e){for(var t=1;t<arguments.length;t++){var i=null!=arguments[t]?arguments[t]:{};t%2?s(Object(i),!0).forEach(function(t){a(e,t,i[t])}):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(i)):s(Object(i)).forEach(function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(i,t))})}return e}function r(e){return(r=Object.setPrototypeOf?Object.getPrototypeOf:function(e){return e.__proto__||Object.getPrototypeOf(e)})(e)}function l(e,t){return(l=Object.setPrototypeOf||function(e,t){return e.__proto__=t,e})(e,t)}function c(e,t,i){return(c=function(){if("undefined"==typeof Reflect||!Reflect.construct)return!1;if(Reflect.construct.sham)return!1;if("function"==typeof Proxy)return!0;try{return Date.prototype.toString.call(Reflect.construct(Date,[],function(){})),!0}catch(e){return!1}}()?Reflect.construct:function(e,t,i){var n=[null];n.push.apply(n,t);var a=new(Function.bind.apply(e,n));return i&&l(a,i.prototype),a}).apply(null,arguments)}function u(e){var t="function"==typeof Map?new Map:void 0;return(u=function(e){if(null===e||(i=e,-1===Function.toString.call(i).indexOf("[native code]")))return e;var i;if("function"!=typeof e)throw new TypeError("Super expression must either be null or a function");if(void 0!==t){if(t.has(e))return t.get(e);t.set(e,n)}function n(){return c(e,arguments,r(this).constructor)}return n.prototype=Object.create(e.prototype,{constructor:{value:n,enumerable:!1,writable:!0,configurable:!0}}),l(n,e)})(e)}function d(e,t){if(null==e)return{};var i,n,a=function(e,t){if(null==e)return{};var i,n,a={},s=Object.keys(e);for(n=0;n<s.length;n++)i=s[n],t.indexOf(i)>=0||(a[i]=e[i]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n<s.length;n++)i=s[n],t.indexOf(i)>=0||Object.prototype.propertyIsEnumerable.call(e,i)&&(a[i]=e[i])}return a}function h(e,t){return!t||"object"!=typeof t&&"function"!=typeof t?function(e){if(void 0===e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return e}(e):t}function f(e,t){return t||(t=e.slice(0)),Object.freeze(Object.defineProperties(e,{raw:{value:Object.freeze(t)}}))}function p(e,t){return v(e)||function(e,t){if(!(Symbol.iterator in Object(e)||"[object Arguments]"===Object.prototype.toString.call(e)))return;var i=[],n=!0,a=!1,s=void 0;try{for(var o,r=e[Symbol.iterator]();!(n=(o=r.next()).done)&&(i.push(o.value),!t||i.length!==t);n=!0);}catch(e){a=!0,s=e}finally{try{n||null==r.return||r.return()}finally{if(a)throw s}}return i}(e,t)||b()}function m(e){return function(e){if(Array.isArray(e)){for(var t=0,i=new Array(e.length);t<e.length;t++)i[t]=e[t];return i}}(e)||g(e)||function(){throw new TypeError("Invalid attempt to spread non-iterable instance")}()}function v(e){if(Array.isArray(e))return e}function g(e){if(Symbol.iterator in Object(e)||"[object Arguments]"===Object.prototype.toString.call(e)

{
  "contains_trigger_text": true,
  "trigger_text": "PIPELINE SAFETY TRAINING",
  "prominent_button_name": "Send Access Code",
  "text_input_field_labels": [
    "Email"
  ],
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false,
  "contains_chinese_text": false,
  "contains_fake_security_alerts": false
}

{
  "brands": [
    "Paradigm"
  ]
}

```json{  "legit_domain": "paradigm.xyz",  "classification": "known",  "reasons": [    "The brand 'Paradigm' is associated with the domain 'paradigm.xyz'.",    "The URL 'auth.spatialobjects.com' does not match the legitimate domain for Paradigm.",    "The domain 'spatialobjects.com' does not have a known association with the brand 'Paradigm'.",    "The use of a subdomain 'auth' is common in phishing attempts to mimic legitimate login pages.",    "The domain 'spatialobjects.com' is not a well-known domain related to Paradigm, increasing suspicion."  ],  "riskscore": 8}
Google indexed: False

{
  "contains_trigger_text": true,
  "trigger_text": "PIPELINE SAFETY TRAINING",
  "prominent_button_name": "Send Access Code",
  "text_input_field_labels": [
    "Email"
  ],
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false,
  "contains_chinese_text": false,
  "contains_fake_security_alerts": false
}

{
  "brands": [
    "Paradigm"
  ]
}

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": false,
    "brand_spoofing_attempt": false,
    "third_party_hosting": false
}

URL: https://spatialobjects.com