| URL: https://workdrive.zohopublic.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://workdrive.zohopublic.com |
| URL: https://workdrive.zohopublic.com/writer/open/p369v... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The script demonstrates some moderate-risk behaviors, such as external data transmission and the use of fallback domains. However, it appears to be primarily focused on initializing an editor and loading necessary CSS and JavaScript files, which is a common and legitimate use case. The script also includes some safeguards, such as checking the app name before loading certain resources. Overall, the script seems to have a legitimate purpose, but it could benefit from further review to ensure that all data transmission and resource loading is necessary and secure."
} |
var EditorInitStart;
var currentAppFingerPrintInfo = null;
async function initEditor(){
EditorInitStart = performance.now();
function initEditorCallback() {
if ( editorProps.isWebLayout && !docProps.content ) {
return;
}
beforeInit();
editor = new Editor();
//EditorEvents.addSubscribers();
editor.setEditorProperty(editorProps);
editor.setDocProperty(docProps);
(typeof Macros != "undefined") && Macros.init();// No I18N
editor.bindEditorErrors();
editor.init(docProps ,true);
}
var viewInfo = editorProps.viewInfo && editorProps.viewInfo.view;
if (viewInfo && viewInfo.CSS) {
var _href = cssCdnZWStaticPath + viewInfo.CSS;
if( editorProps.permissionsInfo.appInfo.NAME == "insight" ){//No I18n
var cssXhr = new XMLHttpRequest();
cssXhr.onreadystatechange = function() {
if (cssXhr.readyState === 4) {
if (cssXhr.status === 200) {
loadCSS(cssXhr.responseText);
}
}
};
var cssReqUrl = window.location.origin + "/" + viewInfo.CSS[0];
cssXhr.open('GET', cssReqUrl, true);
cssXhr.send(null);
} else if( editorProps.permissionsInfo.appInfo.NAME != "screenplay"){//No I18n
loadCSS(_href);
}
}
var appJSArray = [];
// Merge custom/macro js available in app settings. [app level and view level]
if ( editorProps.permissionsInfo.appInfo.MACRO_JS &&
editorProps.permissionsInfo.appInfo.MACRO_JS.length ) {
appJSArray = appJSArray.concat(editorProps.permissionsInfo.appInfo.MACRO_JS);
}
if(editorProps.viewInfo && editorProps.viewInfo.view &&
editorProps.viewInfo.view.MACRO_JS && editorProps.viewInfo.view.MACRO_JS.length){
appJSArray = appJSArray.concat(editorProps.viewInfo.view.MACRO_JS);
}
if(appJSArray.length && editorProps.permissionsInfo.appInfo.NAME != "screenplay" ){
var jsfileIndex=0;
function macroJSCallback(){
jsfileIndex++;
// Once all js are loaded, init the editor
if(jsfileIndex == appJSArray.length){
initEditorCallback();
}
}
for(let idx = 0; idx < appJSArray.length; idx++){
let attr = {
src: cdnZWStaticPath + getFingerPrintFilePath(appJSArray[idx]),
callback: macroJSCallback
}
if( editorProps.permissionsInfo.appInfo.NAME == "insight" ){ //No I18n
var xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
if (xhr.readyState === 4) {
if (xhr.status === 200) {
attr.src = xhr.responseText;
loadJS(attr);
}
}
};
var jsGetPathGetUrl = window.location.origin + "/" + appJSArray[idx];
xhr.open('GET', jsGetPathGetUrl, true);
xhr.send(null);
} else {
loadJS(attr);
}
}
} else if(editorProps.permissionsInfo.appInfo.NAME == "screenplay"){
var currentAppFingerPrintInfo = await getCurrentAppFingerPrintInfo();
var cssPath = currentAppFingerPrintInfo.cssStaticPath + currentAppFingerPrintInfo.fingerPrintObj[ "styles/" + viewInfo.CSS ]; //no i18n
loadCSS( cssPath );
let idx = 0, jsLength = appJSArray.length;
function loadScreenplayJS(){
if ( idx < appJSArray.length ){
let attr = {
src: currentAppFingerPrintInfo.jsStaticPath + currentAppFingerPrintInfo.fingerPrintObj[ editorProps.permissionsInfo.appInfo.MACRO_JS[idx] ],
callback: loadScreenplayJS
}
idx++;
loadJS(attr);
} else if( idx == jsLength) {
initEditorCallback();
}
}
loadScreenplayJS();
}else{
//If no custom/macro js configured in app settings
initEditorCallback();
}
};
function getCurrentAppFingerPrintInfo(){
var xhr = new XMLHttpRequest();
return new Promise(function(resolve, reject){
xhr.onreadystatechange = function() {
if (xhr.readyState === 4) {
if (xhr.status === 200) {
currentAppFingerPrintInfo = JSON.parse( xhr.responseText );
resolve(currentAppFingerPrintInfo);
} else {
reject();
}
}
};
xhr.open('GET', "/"+editorProps.permissionsInfo.appInfo.NAME+"/getFingerPrintInfo" , true);
xhr.send(null);
})
};
|
| URL: https://workdrive.zohopublic.com/writer/open/p369v... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a configuration object for a web application, likely related to analytics or telemetry functionality. While it contains references to various image assets and CSS files, there are no clear indicators of high-risk behaviors such as dynamic code execution, data exfiltration, or malicious redirects. The script seems to be part of a legitimate application and does not exhibit suspicious characteristics."
} |
var fingerPrintCompactJSON = JSON.parse('{"themes":{"zoho":{"images":{"ui-bg_glass_65_ffffff_1x400.png":"e5a8f32e28fd5c27bf0fed33c8a8b9b5","ui-bg_glass_75_dadada_1x400.png":"c12c6510dad3ebfa64c8a30e959a2469","ui-icons_2_256x240.png":"cf4dec0cdc30717f4828acd92995c7a5","ui-bg_inset-soft_95_fef1ec_1x100.png":"61cef242cc2b5e1118607c302b87cbc9","ui-icons_888888_256x240.png":"9c46d7cab43e22a14bad26d2d4806d80","ui-icons_222222_256x240.png":"ebe6b6902a408fbf9cac6379a1477525","ui-icons_454545_256x240.png":"119dd0c2e94ad689de873ef39fd43e6e","ui-bg_glass_75_ffffff_1x400.png":"97b10a98a6ab3ed7c668fe0ca62fd964","ui-bg_glass_75_e6e6e6_1x400.png":"f4254356c2a8c9a383205ef2c4de22c4","ui-icons_cd0a0a_256x240.png":"3e450c2a2c66328d9498e7001ad7197c","ui-bg_highlight-soft_75_cccccc_1x100.png":"72c593d16e998952cd8d798fee33c6f3","ui-bg_flat_0_aaaaaa_40x100.png":"2a44fbdb7360c60122bcf6dcef0387d8","ui-icons_2e83ff_256x240.png":"2b99a5e48d3c3957d03027d36a25e8bb","ui-bg_glass_55_fbf9ee_1x400.png":"f8f4558e0b92ff2cd6136781533902ec"},"jquery-ui-1.8.21.custom.min.css":"78ac035ef5ab74d69940ae5b62b1ebd8","jquery-ui-1.8.21.custom.css":"13cb0e64fc827486796195bac19dbae0"}},"lyte_client":{"dist":{"app.js":"69082916c2dddd437a4b0d2cde63bdbe","theme":{"compiledCSS":{"images":{"sprite_lyte.svg":"bf374e37553e803f86d09f974b94988e"},"blue":{"ltr":{"lyte-ui-adminsettings.css":"67b36ba3bc1813b9539c36d9789e1fb3"}}}},"bower_components":{"lyte_ui_component":{"components":{"bower-min-all.js":"1a221c46cf05c82f0ffb39b404c62844"}},"lyte":{"custom-elements-es5-adapter.js":"a5043c1d0dd16d84558ee6cc2276212e","lyte-es5.min.js":"7fc5584b48814c42d7bdab91e59f892b","polyfill-bundle.js":"41fd1111631f3ef5175d402f57521f68"}}}},"images":{"paint-stroke.png":"7298dab41ce98227c4077b711c94a7c3","spell-checking.png":"cba0918f36168f2006efb135bb71c5a4","offline_1.jpg":"8257810ddc204b4895ab5138981994a6","product-logos-22-2x.png":"48c2026d39f89d8df29e7e46d7f8c551","3.png":"8bb5463cff2bb6b4f2cc15db1aa92f01","play-button.png":"d44b29d82e084d78be1e982bcff02901","writer-icon-crazy-sprite-desktop-2x.png":"9fe022db9c42ac7c0de9a806bace9a9d","writer-icon-crazy-sprite.png":"1060227b416799a76be944c263d5dc91","zannotator__cursor--numbering.cur":"a025be03621bed85ae7263616bb13776","writerlogo-wt.png":"ea33da855b0d7d06e2696ff80c0971a5","saveas-icons-sprite.png":"a4438b797843e6eb1e6b649503c95e6a","unknown-32.png":"65b01d390fb7251437a6feb7ac31883c","settings.png":"3b451bf87636acbfdcc0ae6e2c734470","transparent.gif":"d89746888da2d9510b64a9f031eaecd5","writer-icon-lazy-sprite-2x.png":"a4a56b7ab07848f404da781c580ea5d8","chrome-32.png":"6406f0237db5773cc0df4fd4ae32c5f2","fillable-document-once.gif":"97ac60c2179806c2bd540e57fee003e6","gotomyapps.png":"e373f0285ab68072999d5e46ea6ae01b","multi-people-accessibility.png":"22fa8082b12b998da76c1d9251da2a90","zylkar.png":"c98c01a0c7d718da0ebe0e0a627bcc61","close.png":"b5d3abaacc9a786be0a92c0581a8d684","rocket-with-shadow-reverse.png":"4a321ca94cdb18d2076901fcdf49bf53","server-error-portion2.gif":"8e8a910de89217d7c3f5dd318f2f10fc","writer-icon-crazy-sprite-dark-2x.png":"6ca166d928bf15459806aecc71237e33","1.png":"8152f27becec9bf20b1eacb4f3b82c60","clear.png":"f252fe0690ad1f5aaa704b35d56a3e8f","message.png":"2fc7e71d56430130ab4edcc30be33711","help.png":"1e43f4a2fcb7b8607086aef77690d473","writer-icon-lazy-sprite-desktopapp-dark.png":"479b842a5f8900113ea3ca2fabf91ef2","pdf-filler-once.gif":"fb60f7d4e5ed7ded48080ffb92c75acf","writerlogo-wt-2x.png":"094cc7dc19484a414fa6dcd75321d1e9","product-icons-32.png":"434a52b189c517af3a56ff53eab696fd","18.png":"cb1a93c8ba10ea0ea9a7d352cccef670","onboard-sprite.jpg":"526ec018d35b625dade4dbba18cd2a7a","zannotator-2x.png":"21117d1a43dee6d4949ce5c3337d2978","writer-icon-fast-sprite-dark.png":"5881dc4608d6531eda09d7d4c67d4034","google-photos-logo.jpg":"b155892842fdb594fbab503f4d8b290a","writer-icon-lazy-sprite-pdf-2x.png":"c7d1ae77f59ab4b969d7cfb4d864ac1c","fcomponents-icons-2x.png":"e70ee677d3170d91936df609490608be","pdf-filler.png":"42fa3529855c15caf3 |
| URL: https://workdrive.zohopublic.com/writer/open/p369v... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a benign script that handles some basic functionality, such as redirecting the user if the URL contains a specific hash fragment. It also sets up some global variables and parses a JSON object containing user settings. There are no obvious high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. The script seems to be part of a larger application and is likely performing legitimate tasks."
} |
var isFillableForm = false;
if (location.href.indexOf("#") != -1 && window.location.hash !== '#notify_settings' && !window.location.hash.startsWith('#cid_') && !isFillableForm) {
window.location.href = window.location.href.split('#')[0];
}
window.$ = window.J = jQuery.noConflict();
window.Jdocument = J(document);
window.Jbody = J(document.body);
window.isCachedEditor = false || false;
window.EMAILID_REGEX = new RegExp(/^[\p{L}\p{M}\p{N}_]([\p{L}\p{M}\p{N}_\+\-\.'&]*)@(?=.{4,256}$)(([\p{L}\p{N}\p{M}]+)(([\-_]*[\p{L}\p{N}\p{M}])*)[\.])+[\p{L}\p{M}]{2,22}$/iu);
window.notAllowedIds= (window.isCachedEditor) ? null : {} ;
//Temp variables
var editorProps = JSON.parse("\x7B\x22userInfo\x22\x3A\x7B\x22settings\x22\x3A\x7B\x22autolist\x22\x3A\x221\x22,\x22cloudupload_recent\x22\x3A\x22false\x22,\x22onboard_msg_version\x22\x3A\x220.0\x22,\x22ps\x22\x3A\x22Letter\x22,\x22pw\x22\x3A\x228.5in\x22,\x22language\x22\x3A\x22en\x2DUS\x22,\x22zoomfactor\x22\x3A\x221.0\x22,\x22ht\x22\x3A\x220.5in\x22,\x22AUDIO\x22\x3A\x221\x22,\x22view_width\x22\x3A\x22100\x25\x22,\x22SOUNDPREF\x22\x3A\x22xylo\x22,\x22markdown_enabled\x22\x3Afalse,\x22wq_improperwordchoices\x22\x3A\x22true\x22,\x22view\x22\x3A\x22Page\x20View\x22,\x22mm_initiate_email\x22\x3A\x22true\x22,\x22disabled_tools\x22\x3A0,\x22grammar\x22\x3A\x22true\x22,\x22mb\x22\x3A\x221in\x22,\x22autosmartquotes\x22\x3A0,\x22un\x22\x3A\x22in\x22,\x22mm_remove_blankparas\x22\x3Atrue,\x22hideruler\x22\x3A\x22false\x22,\x22smarttoolbar\x22\x3A\x220\x22,\x22bannerver\x22\x3A\x220.9\x22,\x22pgbrk\x22\x3A\x221\x22,\x22ml\x22\x3A\x221in\x22,\x22comm\x22\x3A\x221\x22,\x22mr\x22\x3A\x221in\x22,\x22mt\x22\x3A\x221in\x22,\x22autoendash\x22\x3A\x22false\x22,\x22wq_informalwriting\x22\x3A\x22false\x22,\x22autocaps_correct\x22\x3A\x220\x22,\x22styleUIInfo\x22\x3A\x7B\x22char\x22\x3A\x7B\x7D,\x22shape\x22\x3A\x7B\x7D,\x22para\x22\x3A\x7B\x22h0\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D,\x22h1\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D,\x22h2\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D,\x22h3\x22\x3A\x7B\x22status\x22\x3A\x22semihidden\x22,\x22showWhenUsed\x22\x3A\x22h2\x22\x7D,\x22h4\x22\x3A\x7B\x22status\x22\x3A\x22semihidden\x22,\x22showWhenUsed\x22\x3A\x22h3\x22\x7D,\x22h5\x22\x3A\x7B\x22status\x22\x3A\x22semihidden\x22,\x22showWhenUsed\x22\x3A\x22h4\x22\x7D,\x22h6\x22\x3A\x7B\x22status\x22\x3A\x22semihidden\x22,\x22showWhenUsed\x22\x3A\x22h5\x22\x7D,\x22h7\x22\x3A\x7B\x22status\x22\x3A\x22semihidden\x22,\x22showWhenUsed\x22\x3A\x22h6\x22\x7D,\x22h8\x22\x3A\x7B\x22status\x22\x3A\x22semihidden\x22,\x22showWhenUsed\x22\x3A\x22h7\x22\x7D,\x22h9\x22\x3A\x7B\x22status\x22\x3A\x22semihidden\x22,\x22showWhenUsed\x22\x3A\x22h8\x22\x7D,\x22h101\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D,\x22h102\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D,\x22h103\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D,\x22h104\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D,\x22h105\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D,\x22h106\x22\x3A\x7B\x22status\x22\x3A\x22visible\x22\x7D\x7D,\x22table\x22\x3A\x7B\x7D\x7D,\x22pageview_type\x22\x3A\x221\x22,\x22styles\x22\x3A\x7B\x22char\x22\x3A\x7B\x22Heading4Char\x22\x3A\x7B\x22ff\x22\x3A\x22zwmajor\x22,\x22fw\x22\x3A\x22bold\x22,\x22fgc\x22\x3A\x22zwdark1\x22,\x22size\x22\x3A\x2214\x22,\x22fs\x22\x3A\x22italic\x22,\x22info\x22\x3A\x7B\x22link\x22\x3A\x7B\x22type\x22\x3A\x22para\x22,\x22id\x22\x3A\x22h4\x22\x7D,\x22basedOn\x22\x3A\x22DefaultParagraphFont\x22\x7D\x7D,\x22Heading9Char\x22\x3A\x7B\x22ff\x22\x3A\x22zwmajor\x22,\x22fw\x22\x3A\x22bold\x22,\x22fgc\x22\x3A\x22zwdark2\x22,\x22size\x22\x3A\x2210.5\x22,\x22fs\x22\x3A\x22italic\x22,\x22info\x22\x3A\x7B\x22link\x22\x3A\x7B\x22type\x22\x3A\x22para\x22,\x22id\x22\x3A\x22h9\x22\x7D,\x22basedOn\x22\x3A\x22DefaultParagraphFont\x22\x7D\x7D,\x22DefaultParagraphFont\x22\x3A\x7B\x22ff\x22\x3A\x22zwminor\x22,\x22size\x22\x3A\x2212\x22,\x22info\x22\x3A\x7B\x7D\x7D,\x22SubtitleChar\x22\x3A\x7B\x22ff\x22\x3A\x22zwminor\x22,\ |
| URL: https://workdrive.zohopublic.com/writer/open/p369v... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The provided JavaScript snippet contains a mix of behaviors that require further review. While it appears to be primarily focused on loading CSS and JavaScript resources, there are some moderate-risk indicators that warrant attention. The script uses external data transmission to load resources from potentially untrusted domains, and it also performs aggressive DOM manipulation by repeatedly altering the document. Additionally, the script attempts to retrieve and apply integrity tokens for the loaded resources, which could be an indicator of security-conscious practices, but the implementation details are not entirely clear. Overall, the script demonstrates some potentially concerning behaviors, but it may also have legitimate use cases, so a medium-risk score is appropriate."
} |
function loadCSS(_href) {
// if any of external urls needs integrity check attrs object will be passed {href, integrity, crossorigin}
// for internal ones, we will add the integrityToken if available
var attrs = {
rel : "stylesheet", //No I18N
type : "text/css" //No I18N
};
if (typeof _href != 'string') {
Object.keys(_href).forEach(function(attribute){
attrs[attribute] = _href[attribute];
});
} else {
var isHeadlessPDF = (window.editorProps && editorProps.isHeadlessPDF) ? true : false;
var isHeadlessHTML = (window.editorProps && editorProps.isHeadlessHTML) ? true : false;
if (!(isHeadlessPDF || isHeadlessHTML)) {
var urlPathArray = _href.split("//")[1].split("/").slice(2).join('/').split('.');
var trimmedUrl = urlPathArray.length === 3 ? urlPathArray.splice(1,1) && urlPathArray.join('.') : urlPathArray.join('.');
var integrityToken = getIntegrityObj(trimmedUrl);
if (integrityToken) {
attrs.integrity = integrityToken;
attrs.crossOrigin = "anonymous";
}
}
attrs.href = _href;
}
if (!attrs.integrity) {
delete attrs.crossOrigin;
}
J(document.createElement(NODE_TYPE.LINK)).attr(attrs).appendTo(document.head);
};
var JS_LODING_TIME = {};
function loadJS(attr){
if (!attr) { return; }
var scriptElem = document.createElement('script');//No I18N
/* if(!(attr.attributes && attr.attributes.integrity))
{
var token = getIntegrityObj(attr.src);
if(!(token.isEmpty()))
{
scriptElem.integrity = token;
}
} */
scriptElem.type = 'text/javascript';//No I18N
if (attr.type != undefined) {
scriptElem.type = attr.type;
}
if (attr.async != undefined) {
scriptElem.async = attr.async;
}
if (attr.defer) {
scriptElem.defer = attr.defer;
}
if (attr.id) {
scriptElem.id = attr.id;
}
if (attr.attributes) {
Object.keys(attr.attributes).forEach(function(key){
scriptElem[key] = attr.attributes[key];
});
}
if (attr.src) {
if ( attr.src.indexOf('writer_min_all') != -1 ) { //No I18N
JS_LODING_TIME['writer_min_all'] = new Date(); //No I18N
} else if ( attr.src.indexOf('writer_lazy_min_all') != -1 ) { //No I18N
JS_LODING_TIME['writer_lazy_min_all'] = new Date(); //No I18N
}
scriptElem.src = attr.src;
var hasIntegrityTokenInAttrs = attr.integrity;
if (hasIntegrityTokenInAttrs) {
scriptElem.integrity = attr.integrity;
scriptElem.crossOrigin = attr.crossOrigin;
} else {
var isHeadlessPDF = (window.editorProps && editorProps.isHeadlessPDF) ? true : false;
var isHeadlessHTML = (window.editorProps && editorProps.isHeadlessHTML) ? true : false;
if (!(isHeadlessPDF || isHeadlessHTML)) {
var urlPathArray = attr.src.split("//")[1].split("/").slice(2).join('/').split('.');
var trimmedUrl = urlPathArray.length === 3 ? urlPathArray.splice(1,1) && urlPathArray.join('.') : urlPathArray.join('.');
var integrityToken = getIntegrityObj(trimmedUrl);
if (integrityToken) {
scriptElem.integrity = integrityToken;
scriptElem.crossOrigin = "anonymous";
}
}
}
}
scriptElem.onreadystatechange = function(){// For IE
if (this.readyState == 'complete' || this.readyState == 'loaded') {
scriptElem.onreadystatechange = null;
if (typeof attr.callback == 'function') { attr.callback(); attr.callback = null; }
}
};
scriptElem.onload = function(){// For others
if (typeof attr.callback == 'function') {
if ( attr.src.indexOf('writer_min_all') != -1 ) { //No I18N
JS_LODING_TIME['writer_min_all'] = (new Date() - JS_LODING_TIME['writer_min_all']) / 1000; //No I18N
} else if ( attr.src.indexOf('writer_lazy_min_all') != -1 ) { //No I18N
JS_LODING_TIME['writer_lazy_min_all'] = (new Date() - JS_LODING_TIME['writer_lazy_min_all']) / 1000; //No I18N
}
attr.callback(); attr.callback = null;
}
};
scriptElem.onerror = function(){// For others
if (typeof attr.failed == 'function') { attr.failed(); attr.failed = null; }
};
document.body.appendChild(scriptElem);
if(window.location.hash){
if(window.location.hash == '#notify_settings' && typeof Settings != 'undefined'){
Settings.showNotificationDialog();
}
}
};
function setCsrfParam(params){
if(csrfParamName) {
params[csrfParamName] = getcsrf();
}
};
function getcsrf()
{
var c |
| URL: https://static.zohocdn.com/writer3/js/security.min... Model: Joe Sandbox AI | ```json
{
"risk_score": 1,
"reasoning": "The script primarily defines utility functions and includes a console warning against self-XSS. It does not exhibit high-risk behaviors such as dynamic code execution or data exfiltration. The use of cookies is present but not in a suspicious context."
} |
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):e.ZSEC=t()}(this,function(){"use strict";function e(e,t,r,n,o,i,a){if(n||!(t in e))return Object.defineProperty&&function(){try{return Object.defineProperty({},"x",{}),1}catch(e){return}}()?(o=!0===o,i=!0===i,a=!0===a,Object.defineProperty(e,t,{value:r,writable:o,configurable:i,enumerable:a})):(e[t]=r,e)}var u,l,c=(c=String.prototype.codePointAt)||function(e){if(null===this)throw new TypeError(" ");var t=String(this),r=t.length,n=e?Number(e):0;if(!((n=window.isNan(n)?0:n)<0||r<=n)){var o=t.charCodeAt(n),e=void 0;return 55296<=o&&o<=56319&&n+1<r&&56320<=(e=t.charCodeAt(n+1))&&e<=57343?1024*(o-55296)+e-56320+65536:o}},m=String.fromCodePoint;m||(u=String.fromCharCode,l=Math.floor,m=function(){for(var e=[],t=arguments.length,r=Array(t),n=0;n<t;n++)r[n]=arguments[n];var o=r.length,i=-1;if(!o)return"";for(var a="";++i<o;){var c=Number(r[i]);if(!isFinite(c)||c<0||1114111<c||l(c)!==c)throw new RangeError("Invalid code point: "+c);c<=65535?e.push(c):(c-=65536,e.push(55296+(c>>10),c%1024+56320)),(i+1===o||16384<e.length)&&(a+=u.apply(void 0,e),e.length=0)}return a});var t=window&&window.ZSEC?window.ZSEC:{version:"5.6.0"};t.defineProperty||(t.defineProperty=e),t["5.6.0"]||(t["5.6.0"]={version:"5.6.0",defineProperty:e});var r=!1,n={log:function(){if(window&&window.console&&window.console.log&&window.navigator&&window.navigator.userAgent&&!r){var e=window.navigator.userAgent.match(/opera|chrome|safari|firefox|msie|trident(?=\/)/i);if(r=!0,e&&e[0].search(/trident|msie/i)<0)return window.console.log("%cSTOP!","color:red;font-size:xx-large;font-weight:bold;"),void window.console.log("%cThis is a browser feature intended for developers. Do not enter or paste code which you don't understand. It may allow attackers to steal your information or impersonate you.\nSee https://en.wikipedia.org/wiki/Self-XSS for more details","font-size:large;");window.console.log("STOP!\nThis is a browser feature intended for developers. Do not enter or paste code which you don't understand. It may allow attackers to steal your information or impersonate you.\nSee https://en.wikipedia.org/wiki/Self-XSS for more details")}}};function B(e,t){if(e instanceof Object)for(var r in e)Object.prototype.hasOwnProperty.call(e,r)&&t(r,e[r])}function F(e,t){var r;(r=Array.prototype.splice).call.apply(r,[e,e.length,0].concat(function(e){if(Array.isArray(e)){for(var t=0,r=Array(e.length);t<e.length;t++)r[t]=e[t];return r}return Array.from(e)}(t)))}function K(e,t){if(!e||e.constructor===Object)return e;for(var r={},n=0;n<e.length;n++){var o=e[n];r[o[t]]=o}return r}function H(e){if(e&&e.constructor===String)return e.toLowerCase();if(e.constructor===Array)for(var t=0;t<e.length;t++)e[t]=H(e[t]);return e}function V(e,t,r,n){if(Array.isArray(e))for(var o=0,i=e.length;o<i;o++)f(e,t,o,r);else for(var a in e)n&&-1!==n.indexOf(a)||f(e,t,a,r);return t}function f(e,t,r,n){var o;n?(o=e[r],Array.isArray(o)?(t[r]||(t[r]=[]),V(o,t[r],n)):o instanceof Object?(t[r]||(t[r]={}),V(o,t[r],n)):t[r]=o):t[r]=e[r]}var o=Array.prototype.indexOf||function(e){if(null==this)throw new TypeError(" ");var t={},r=t.length>>>0;if(0==r)return-1;var n=0;if(0<(arguments.length<=1?0:arguments.length-1)&&(n=Number(arguments.length<=2?void 0:arguments[2]),isNaN(n)?n=0:0!==n&&n!==1/0&&n!==-1/0&&(n=(0<n||-1)*Math.floor(Math.abs(n)))),r<=n)return-1;for(var o=0<=n?n:Math.max(r-Math.abs(n),0);o<r;o++)if(o in t&&t.charAt(o)===e)return o;return-1};function i(e,t,r){var n=2<arguments.length&&void 0!==r?r:{},n=Object.assign({path:"/",SameSite:"lax","max-age":864e7},n);if(encodeURIComponent){var o,i=encodeURIComponent(e)+"="+encodeURIComponent(t);for(o in n){i+="; "+o;var a=n[o];!0!==a&&(i+="="+a)}document.cookie=i}}function a(e,t){i(e,"",{path:1<arguments.length&&void 0!==t?t:"/","max-age":-1})}function d(t){t+="=";var e=document.cookie,r=void 0;return e.split("; ").forEach(function(e){0===(e=decodeU |
| URL: https://static.zohocdn.com/writer3/js/writer_min_a... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a part of a larger web application and does not contain any high-risk indicators. It primarily consists of event management and view-related functionality, which is common in web development. While it uses some legacy APIs like `XDomainRequest`, these are not inherently malicious and can be considered low-risk. Overall, the snippet demonstrates typical web application behavior and does not raise significant security concerns."
} |
var EditorView,DocEventTarget=function(){"use strict";function e(){this.events={}}return extend(e.prototype,{addEventTargetListener:function(e,t,i){this.events[e]={callback:t,context:i}},removeEventTargetListener:function(e){delete this.events[e]},dispatchEventTarget:function(e){if(e&&this.events[e.type]){var t=this.events[e.type];t.callback.call(t.context,e)}}}),e}(),DocEventManager=function(){function e(){this.eventTarget=new DocEventTarget}return extend(e.prototype,{bindTargetEvents:function(e,t,i){this.eventTarget.addEventTargetListener(e,t,i)},unbindTargetEvents:function(e){this.eventTarget.removeEventTargetListener(e)}}),e}(),DocViewSelector=function(){var e=function(e,t){if(this.type==e&&(!t||t(this)))return this;for(var i=this.getChildren(),n=0;n<i.length;n++){var r=i[n].querySelector(e,t);if(r)return r}return null},t=function(e,t){var i=[];this.type!=e||t&&!t(this)||i.push(this);for(var n=this.getChildren(),r=0;r<n.length;r++)i=i.concat(n[r].querySelectorAll(e,t));return i};return function(){return this.querySelector=e,this.querySelectorAll=t,this}}(),DTEventManager=function(e){"use strict";var t=function(t){e.publish(DOCUMENT.LOADING_PROGRESS,t)},i=function(t){e.publish(DOCUMENT.COMMAND_PROGRESS,t)},n=function(){e.publish(DOCUMENT.DOCTREE_DESTROYED)};return{register:function(r,o){e.publish(DOCUMENT.DOCTREE_INITIALIZED,r),o.on(DOCUMENT.LOADING_PROGRESS,t,this),o.on(DOCUMENT.COMMAND_PROGRESS,i,this),o.on(DOCUMENT.DOCTREE_DESTROYED,n,this)},unRegister:function(e){e.off(DOCUMENT.LOADING_PROGRESS,t,this),e.off(DOCUMENT.COMMAND_PROGRESS,i,this),e.off(DOCUMENT.DOCTREE_DESTROYED,n,this)}}}(PubSub),DTViewEventManager=function(e){"use strict";var t=function(t,i,n){e.publish(DTVIEW.SECTION_OP_PROCESSED,t,i,n)};return{register:function(i){e.publish(DOCUMENT.DTVIEWMANAGER_INITIALIZED,i),i.on(DTVIEW.SECTION_OP_PROCESSED,t,this)},unRegister:function(e){e.off(DTVIEW.SECTION_OP_PROCESSED,t,this)}}}(PubSub),DocLayoutEventManager=function(e){"use strict";var t=function(t){switch(t.getSectionType()){case SECTION_TYPES.ENDNOTE:case SECTION_TYPES.FOOTNOTE:e.publish("noteview/added",t)}},i=function(t){switch(t.getSectionType()){case SECTION_TYPES.ENDNOTE:case SECTION_TYPES.FOOTNOTE:e.publish("noteview/removed",t)}},n=function(t){switch(t.getSectionType()){case SECTION_TYPES.ENDNOTE:case SECTION_TYPES.FOOTNOTE:e.publish("noteview/attached",t)}},r=function(t){switch(t.getSectionType()){case SECTION_TYPES.ENDNOTE:case SECTION_TYPES.FOOTNOTE:e.publish("noteview/detached",t)}};function o(t){e.publish(DOCVIEW.LINE_ADDED,t)}function s(t){e.publish(DOCVIEW.LINE_UPDATED,t)}function a(t){e.publish(DOCVIEW.LINE_BEFORE_REMOVE,t)}function l(t){e.publish(DOCVIEW.PAGE_CREATED,t)}function d(t){e.publish(DOCVIEW.PAGE_REMOVED,t)}function c(t){e.publish(DOCVIEW.CURRENT_GROUP_LAYOUT_CHANGED,t)}function u(){e.publish("Document/Pagination/Complete")}function g(t){null==editor.subAction||editor.subAction.state||e.publish("Document/Paginated",t,t.documentLayoutManager.isPagesPendingToPaginate())}function h(t){e.publish(DOCUMENT.MAX_PAGE_WIDTH_UPDATED,t)}function f(t){e.publish(DOCUMENT.LAYOUT_MANAGER_INITIALIZED,t)}function p(){e.publish(DOCUMENT.LAYOUT_MANAGER_BEFOREDESTROYED)}function E(t){var i;switch(t.getType()){case VIEW.PARA:i=DOCVIEW.PARAVIEW_AFTER_CREATE;break;case VIEW.CELL:i=DOCVIEW.CELLVIEW_AFTER_CREATE;break;case VIEW.ROW:i=DOCVIEW.ROWVIEW_AFTER_CREATE;break;case VIEW.TABLE:i=DOCVIEW.TABLEVIEW_AFTER_CREATE;break;case VIEW.HR:i=DOCVIEW.HRVIEW_AFTER_CREATE;break;case VIEW.TOC:i=DOCVIEW.TOCVIEW_AFTER_CREATE;break;default:i=DOCVIEW.VIEW_AFTER_CREATE}e.publish(i,t.getNode())}function T(t){var i;switch(t.getType()){case VIEW.PARA:i=DOCVIEW.PARAVIEW_AFTER_UPDATE;var n=t.getParent();n.getType()===VIEW.CELL&&n.getTable().getNode().containsHeaderRow&&e.publish("Document/Table/HeaderView/Update");break;case VIEW.CELL:i=DOCVIEW.CELLVIEW_AFTER_UPDATE;break;case VIEW.ROW:i=DOCVIEW.ROWVIEW_AFTER_UPDATE;break;case VIEW.TABLE:i=DOCVIEW.TABLEVIEW_AFTER_UPDATE;break;case V |
| URL: https://static.zohocdn.com/writer3/js/anyonewithli... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a part of a larger application and contains mostly benign functionality related to image uploads, user data management, and activity tracking. While there are some indicators of potential data transmission and legacy API usage, the overall context suggests these are likely part of legitimate application functionality rather than malicious intent. The script does not contain any high-risk behaviors like dynamic code execution or suspicious redirects, and the risk can be further reduced by the use of trusted domains and analytics-related functionality."
} |
/*$Id$*/
Macros.getType = function() {
return "anyone"; //No I18N
};
Macros.getImageLibRemoteOptions = function(){
var options = {};
options.uploadURL = ZWNetworkUtils.getUrl('uploadImageFile'); //No i18n
options.enableGadgets = false;
var remoteCustomData = {};
ZWNetworkUtils.setCsrfParam(remoteCustomData);
options.customData = remoteCustomData;
return options;
};
Macros.review = {
addParticipant: function() {
var params = {};
params.time = new Date().getTime();
ZWNetworkUtils.sendAjax({
type: "POST", //No I18n
global: false,
url: ZWNetworkUtils.getNiceUrlPrefix(Macros.getRId() + "/util/addparticipant"), //No i18n
async: true,
data: params,
dataType: 'json', //No i18N
setCsrfParam: true
});
},
getAccessType: function() {
return "anyone"; //no i18n
},
setTcView: function(tcMarkup, successCb, failureCb) {
successCb && successCb(tcMarkup);
}
};
Macros.isShareListAvailable = function() {
return false;
};
Macros.proofing = {
initUserData: function(){
var usersData = editor.doc.getUserData();
var configurations = {};
configurations.ignoreuppercase = true;
configurations.ignoremixedcase = true;
configurations.ignorenumbered = true;
configurations.wordyphrases = true;
configurations.rephrasablesentences = true;
configurations.improperwordchoices = true;
configurations.informalwriting = false;
configurations.noninclusivelanguage = false;
// configurations.cliches = true;
var proofingData = {};
proofingData[ATTR_BODY.PROOFING_SP] = false;
proofingData[ATTR_BODY.PROOFING_GRAMMAR] = true;
proofingData[ATTR_BODY.PROOFING_WQ] = true;
proofingData.configurations = configurations;
if (!usersData[editor.zuid]) {
usersData[editor.zuid] = {}
}
usersData[editor.zuid][ATTR_BODY.PROOFING] = proofingData;
editor.doc.setUserData(usersData);
},
getCache: function(params, successHandler, failureHandler) {
successHandler();
},
ignoreAll: function(params, successHandler, failureHandler) {
successHandler(params.lang, params.words);
},
ignoreSuggestion: function(params, successHandler, failureHandler) {
successHandler(params.lang, params.words);
},
getDictionaryWords: function(lang) {
},
canDetectLanguage: function() {
return false;
},
setProofingData: function(settings, configurations, cb) {
cb && cb.success(settings, configurations);
}
};
Macros.getActivityUrl = function(module, action) {
return editor.base_url+ '/rdoc/activities/' + module + '/' + action; //no i18n
};
Macros.getActivityTrackUrl = function(module) {
return editor.base_url+ '/rdoc/activities/' + module; //no i18n
};
Macros.isGlobalSettingsAvailable = function() {
return false;
};
Macros.canDisplayChangesLink = function(callback) {
return;
};
Macros.getUserColors = function(successCB, failureCB, failureCount) {
return;
};
Macros.canCreateAddFontButton = function(element){
return false;
};
Macros.changeDialog = function() {
editor.sendBugReport();
Z('dashboard-btn').hide(); //No I18N
document.getElementById("repairdocdlg-title").innerHTML = J.i18n("writer.common.ERROR_REPORTED"); //No I18N
document.getElementById("repairdocdlg-msg").innerHTML = J.i18n("writer.common.WRITE_TO_US"); //No I18N
J('.ui-repairdialog').addClass('ui-repairdoc-err-reported-cont');
};
Macros.getAction = function() {
return "publicExport"; //No I18N
};
Macros.getUserModeParams = function(zuid){
var params = {};
params.zuid = zuid;
return params;
};
Macros.getUdsImageUrl = function(imageURLvalue){
return Macros.getImageSrcWithRid(imageURLvalue);
}
|
| URL: https://static.zohocdn.com/writer3/js/writer_stabl... Model: Joe Sandbox AI | {
"risk_score": 3,
"reasoning": "The provided JavaScript snippet appears to be a utility script that sets up some global variables and constants. It does not contain any high-risk indicators like dynamic code execution, data exfiltration, or suspicious redirects. The script seems to be focused on providing common functionality and configuration for a web application, with some legacy practices like the use of `XDomainRequest`. Overall, the risk score is low, as the script does not exhibit any clearly malicious behavior."
} |
var isV8Engine="undefined"==typeof window||"undefined"==typeof navigator,_stopPagination=isV8Engine;if(isV8Engine){var isMetaCollectionDirty=!1;window=this,docsComponentjsSource="",docsComponentjsSourceSRI="",docsComponentcssSource="",pasteHtmlSanitizerJs="",calendarWidgetJS="",extensionCommonCssPath="";var jsCdnZWStaticPath="",getFingerPrintFilePath=function(){return""}}var U=_.noConflict();window.isHeadlessPDF=!(!window.editorProps||!editorProps.isHeadlessPDF),window.isHeadlessHTML=!(!window.editorProps||!editorProps.isHeadlessHTML);for(var CONST=JSON.parse('{"MERGEFIELD":"mergeField","NEXTRECORD":"nextrecord","SKIPRECORD":"skiprecord","TOC_PREV_PARA":"tocBr","TOC_MAIN_DIV":"toc","TOC_REGENERATE":"tocRegenerate","TOC_CLOSE":"tocClose","TOC_SETTINGS":"tocSettings","ZERO_WIDTH_SPACE":"​","ZERO_WIDTH_JOINER":"‍","ZERO_WIDTH_NON_JOINER":"‌","PG_SPLIT_NODE":"pagesplitnode","PG_SPLIT_LAYER":"split-layer","PG_BRK_LAYER":"pagebreaklayer","FN_LAYER":"footnoteslayer","FIELD_TEXT_NODE":"field_text_node","FTR_LAYER":"footerlayer","PRI_PG_FTR":"primarypagefooter","HDR_LAYER":"headerlayer","PRI_PG_HDR":"primarypageheader","MUST_PAGINATE":-1,"STATE_STARTED":0,"HEADER_EVEN":0,"HEADER_PRIMARY":1,"FOOTER_EVEN":2,"FOOTER_PRIMARY":3,"HEADER_FIRST":4,"FOOTER_FIRST":5,"STATE_COMPLETE":1,"PASTE_SOURCEFORMAT":0,"PORTION_END_WITHOUT_TAB":"PORTION_END_WITHOUT_TAB","PASTE_DESTINATIONFORMAT":1,"PASTE_TEXTONLYFORMAT":2,"PASTE_CONTINUELIST":3,"PASTE_ASNEWLIST":4,"PASTE_MERGELIST":5,"PASTE_DONT_MERGELIST":6,"PASTE_CHART":7,"PASTE_SHEET_TABLE":8,"PASTE_SCREENPLAY_PASTE" : 9,"PASTE_MARKDOWN" : 10,"DEFAULT_AUTO_CORRECTS":["(c)","(r)","(tm)","1/4","1/2","3/4","--\x3e","<--","<->","==>","<==","<=>"],"CLEAN_MODE":0,"RICH_EDIT_MODE":1,"REVIEW_MODE":2,"MSG_TYPE_CONFIRM":1,"MSG_TYPE_RELOAD":2,"MSG_TYPE_RELOADCANCEL":3,"MSG_TYPE_YESNO":4,"MSG_TYPE_ALERT":5,"MSG_TYPE_CUSTOM":6,"MSG_TYPE_REPORT":7,"MSG_TYPE_DELETECANCEL":8,"MSG_TYPE_PASTEREPORT":9,"SEVERITY_WARNING":"warning","SEVERITY_ALERT":"alert","SEVERITY_INFO":"info","SEVERITY_ERROR":"error","SEVERITY_SUCCESS":"success","BUTTON_1_CLICKED":1,"BUTTON_2_CLICKED":2,"BUTTON_3_CLICKED":3,"BUTTON_OK_CLICKED":1,"BUTTON_RELOAD_CLICKED":1,"BUTTON_YES_CLICKED":1,"BUTTON_CANCEL_CLICKED":2,"BUTTON_NO_CLICKED":2,"PAGE_BOTTOM_MARGIN_BORDERS":25,"DEFAULT_PAPER":"Letter","DEFAULT_ORIENTATION":"Portrait","MIN_COLUMN_WIDTH":"1.27cm","MIN_CELL_WIDTH":"20px","MIN_PAPER_HEIGHT":"0.1in","MIN_PAPER_WIDTH":"0.5in","MAX_PAPER_SIZE":"22in","MIN_READING_TIME":"2000"}'),FILLABLEFIELD_TYPE=JSON.parse('{"CHECKBOX":"checkbox","CURRENCY":"currency","DATE":"date","EMAIL":"email","NUMBER":"number","PHONE":"phone","PERCENT":"percent","SELECTBOX":"selectbox","SINGLELINE":"singleline","IMAGE":"image","INITIAL":"initial","SIGNATURE":"signature","MULTILINE" : "multiline", "MULTIPLECHOICE": "multiplechoice", "RADIO": "radio","ATTACHMENT":"attachment","FILE_UPLOAD":"fileUpload"}'),FILLABLEFIELD_PROPS=JSON.parse('{"CHECKED_SYMBOL":"","UNCHECKED_SYMBOL":"","DATE_FORMAT":"dd/MM/yyyy, HH:mm", "CIRCLE_SYMBOL":"", "DISC_SYMBOL" : ""}'),COLOR_TYPE=JSON.parse('{"RGB":"rgb","RGBA":"rgba","HEX":"hex","HEX_WITH_ALPHA":"hex_with_alpha"}'),SUPPORTED_SUPPORTED_MIME_TYPES=["application/msword","application/x-tika-msoffice","application/vnd.ms-word","application/msoffice","application/x-msoffice","application/x-tika-ooxml","application/vnd.ms-word.document.macroenabled.12","application/vnd.openxmlformats-officedocument.wordprocessingml.document","application/zip","application/ooxml","application/x-xliff+zip","application/x-ooxml","application/rtf","application/vnd.oasis.opendocument.text","application/pdf","text/plain","text/html","application/xml","application/xhtml+xml","application/x-tex","application/x-latex","application/octet-stream","message/rfc822","application/vnd.openxmlformats-officedocument.wordprocessingml.template","application/vnd.ms-word.document.macroEnabled.12","application/vnd.ms-word.template.macroEnabled.12"],CHAR_TAG_MAPPING=JSON |
| URL: https://static.zohocdn.com/writer3/js/components_m... Model: Joe Sandbox AI | {
"risk_score": 4,
"reasoning": "The provided JavaScript snippet appears to be a utility library for managing and initializing various UI components. While it does not exhibit any clear high-risk behaviors, there are some moderate-risk indicators that warrant further review. The script uses external data transmission to send user data to third-party domains, and it also performs aggressive DOM manipulation by repeatedly altering or clearing the DOM. Additionally, the script uses legacy practices like the `XDomainRequest` API, which poses minor risks. Overall, the script requires further review due to its unclear or overly aggressive behavior, but it does not appear to be inherently malicious."
} |
var ZDOMUtil=function(t){var e=void 0;return{init:function(t){e={div:document.createElement("div")}},clone:function(t){return e[t].cloneNode()}}}(window),ZComponents=function(t){var e=!0,i=navigator.userAgent.toLowerCase(),s=document.createElement("div"),o=document.createTextNode(" ");return{version:"5_2_60",isRTL:!1,selector:"data-ctype",userAgent:i,DOMUtil:t,locale:navigator.language,zIndex:1e3,$document:t(document),$window:t(window),hasHandlebars:!!window.Handlebars,keys:{},localeInfo:{"en-US":{daysAbbreviated:["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],days:["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],months:["January","February","March","April","May","June","July","August","September","October","November","December"],monthsAbbreviated:["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"],firstDayOfWeek:0,dateFormat:{short:"M/d/yyyy",medium:"MMM d, yyyy",long:"MMMM d, yyyy",full:"dddd, MMMM d, yyyy"},timeFormat:{short:"h:mm tt",medium:"h:mm:ss tt",long:"hh:mm:ss tt"},dateTimeFormat:{short:"MMM d, yyyy, hh:mm:ss tt",medium:"MMM d, yyyy, hh:mm:ss tt",long:"dddd, MMMM d, yyyy 'at' h:mm tt",full:"dddd, MMMM d, yyyy 'at' h:mm tt"},numberFormat:{thousandSeparator:",",decimalSeparator:"."},currency:{code:"USD",name:"United States Dollar",symbol:"$"}}},keyCode:{BACKSPACE:8,COMMA:188,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,LEFT:37,NUMPAD_ADD:107,NUMPAD_DECIMAL:110,NUMPAD_DIVIDE:111,NUMPAD_ENTER:108,NUMPAD_MULTIPLY:106,NUMPAD_SUBTRACT:109,PAGE_DOWN:34,PAGE_UP:33,PERIOD:190,RIGHT:39,SPACE:32,TAB:9,UP:38,ALT:18},initDeferredComponents:function(e,i,s){var o=this;setTimeout((function(){t.each(e,(function(e,i){t(i).each((function(i,s){o._initComponent(t(s),e)}))})),s&&s(e)}),i||1e4)},init:function(i,s,o,n){e&&this._init(),n=n||{},i=t(i||"body");var a=o||this.selector,r="["+a+"]",l=n.nodeArray||(document.querySelectorAll?i[0].querySelectorAll(r):t(r,i));if((i[0].attributes[a]||i[0].dataset&&i[0].dataset[a])&&(l=t(i).add(l)),l.length){var h=this;this.eachAsync(l,{delay:n.delay||20,chunkSize:n.chunkSize||500,loop:function(t,e){h._initComponent(e,void 0,o)},end:function(){h._end(i,l,s)}})}else this._end(i,l,s)},destroy:function(e,i,s,o){e=t(e||"body");var n="["+(s=s||this.selector)+"]",a=t(n,e);if(e.is(n)&&(a=t(e).add(a)),a.length){var r=this;this.eachAsync(a,{delay:20,loop:function(e,i){t(i)[i.getAttribute(s)]("destroy")},end:function(){r._end(e,a,i,!0)}})}else this._end(e,a,i,!0)},eachAsync:function(t,e){var i=0,s=t.length,o=e.loop||function(){};(e=e||{}).test=function(){return i<s},e.loop=function(){var e=t[i];return o.call(e,i++,e)},this.whileAsync(e)},whileAsync:function(t){var e=Math.abs(t.delay)||10,i=t.chunkSize?t.chunkSize:isNaN(t.bulk)?500:Math.abs(t.bulk),s=t.test||function(){return!0},o=t.loop||function(){},n=t.end||function(){};!function t(){for(var a=!1,r=new Date;(a=s())&&(o(),!(0===i||new Date-r>i)););a?setTimeout(t,e):n()}()},_initComponent:function(e,i,s){s=s||this.selector,(e=t(e))[i||e.attr(s)]()},_end:function(t,e,i,s){this.$document.trigger(s?"zcomponentdestroyed":"zcomponentinitialized",t),i&&i(e)},clearMetadata:function(e){e&&t(e).removeData("metadata")},_getDataAttributes:function(t,e){for(var i=t.attributes,s=i.length,o=0;o<s;o++){var n=i[o].nodeName,a=""===i[o].nodeValue?"true":i[o].nodeValue;"data"!==n&&(e[n=(n=(n=n.match(/^data-/)?n.replace(/^data-/,""):n).replace(/-([a-zA-Z])/g,this._stringReplace.bind(this))).replace(/(Html|Svg|Hsv|Hsl|Rgb)/gi,this._toUpperCase)]="true"===a||"false"===a?"true"===a:-1!==a.indexOf("{")?ZComponents._getObject(a):a)}return e},_stringReplace:function(t){return t[1].toUpperCase()},_toUpperCase:function(t){return t.toUpperCase()},_getDataSet:function(t,e){var i,s=t.dataset;for(var o in s)s.hasOwnProperty(o)&&(i=s[o],e[o=o.replace(/(Html|Svg|Hsv|Hsl|Rgb)/gi,this._toUpperCase)]="true"===i||"false"===i?"true"===i:-1!==i.indexOf("{")?ZComponents._getObject(i):i);return e},_getOptions:void 0,getMetadata:function(t){return this.getOpti |
| URL: https://static.zohocdn.com/writer3/js/teamdrivemac... Model: Joe Sandbox AI | {
"risk_score": 2,
"reasoning": "The provided JavaScript snippet appears to be a set of utility functions related to a document editor. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or redirects to malicious domains. The functions are primarily focused on providing URLs for upgrading, accessing documents, and checking the document type. While the code uses some legacy practices like string concatenation for URLs, it does not demonstrate any suspicious or malicious behavior. Overall, this script is likely benign and poses a low risk."
} |
/*$Id$*/
/*Macros.createNewFile = function() {
//window.open("https://"+editorProps.urls.teamdriveURL+"/createnew.do?service=zw&parentid=-1"); //No I18N
window.open(window.location.origin+"/writer/new?rid="+ editor.doc.docInfo.RID + "&from=menu"); //No I18N
};*/
Macros.getUpgradeUrl = function() {
return location.protocol+"\\\\"+editorProps.urls.teamdriveURL+"/upgrade"; //No i18n
};
Macros.getDocsUrl = function() {
return "https://"+editorProps.urls.teamdriveURL; //No I18N
};
Macros.isWorkDriveDocument = function(){
return true;
};
Macros.isCropAllowed = function(){
return true;
};
Macros.isFloatAllowed = function() {
return true;
};
|
| URL: https://workdrive.zohopublic.com/writer/open/p369v1c9203e54b114ff78bf68159454d9c26 Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://workdrive.zohopublic.com/writer/open/p369v1c9203e54b114ff78bf68159454d9c26 Model: Joe Sandbox AI | {
"brands": "unknown"
} |
|
| URL: https://workdrive.zohopublic.com/writer/open/p369v1c9203e54b114ff78bf68159454d9c26 Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "CONTRACT DOC FROM MCCORD ENGINEERING, INC",
"prominent_button_name": "VIEW PDF ONLINE",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://workdrive.zohopublic.com/writer/open/p369v1c9203e54b114ff78bf68159454d9c26 Model: Joe Sandbox AI | {
"brands": [
"McCord Engineering, Inc."
]
} |
|
| URL: https://workdrive.zohopublic.com/writer/open/p369v1c9203e54b114ff78bf68159454d9c26 Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "VIEW PDF ONLINE",
"prominent_button_name": "VIEW PDF ONLINE",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://workdrive.zohopublic.com/writer/open/p369v1c9203e54b114ff78bf68159454d9c26 Model: Joe Sandbox AI | {
"brands": [
"McCord Engineering, Inc."
]
} |
|
| URL: https://yolito.xomivarne.ru/uBWuCBti/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://yolito.xomivarne.ru Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": true,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": false,
"brand_spoofing_attempt": false,
"third_party_hosting": true
} |
URL: https://yolito.xomivarne.ru |
| URL: https://yolito.xomivarne.ru/uBWuCBti/ Model: Joe Sandbox AI | {
"contains_trigger_text": false,
"trigger_text": "unknown",
"prominent_button_name": "unknown",
"text_input_field_labels": "unknown",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://yolito.xomivarne.ru/uBWuCBti/ Model: Joe Sandbox AI | {
"brands": [
"Cloudflare"
]
} |
|
| URL: https://yolito.xomivarne.ru/uBWuCBti/ Model: Joe Sandbox AI | {
"brands": [
"Cloudflare"
]
} |
|
| URL: https://login.microsoftonline.com Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://login.microsoftonline.com |
| URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2F Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Sign in",
"prominent_button_name": "Next",
"text_input_field_labels": [
"Email, phone, or Skype"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2F Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2F Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "We couldn't find an account with that username. Try another, or get a new Microsoft account.",
"prominent_button_name": "Next",
"text_input_field_labels": [
"3aseriasnconline.com"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2F Model: Joe Sandbox AI | {
"brands": [
"Microsoft"
]
} |
|
| URL: https://logon.ccc.edu/adfs/ls/?client-request-id=eb137d88-f90e-48c2-821f-7ac7d127dd42&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAhZI9jNt0AMXj5C53F0GbtqgqEzcggShxHP_9kZxUqbnLh50 Model: Joe Sandbox AI | {
"contains_trigger_text": true,
"trigger_text": "Sign in with your City Colleges of Chicago username and password",
"prominent_button_name": "Sign in",
"text_input_field_labels": [
"Username",
"Password"
],
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
} |
 |
| URL: https://logon.ccc.edu Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://logon.ccc.edu |
| URL: https://logon.ccc.edu/adfs/ls/?client-request-id=eb137d88-f90e-48c2-821f-7ac7d127dd42&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAhZI9jNt0AMXj5C53F0GbtqgqEzcggShxHP_9kZxUqbnLh50 Model: Joe Sandbox AI | {
"brands": [
"City Colleges of Chicago"
]
} |
|
| URL: https://logon.ccc.edu/adfs/ls/?client-request-id=eb137d88-f90e-48c2-821f-7ac7d127dd42&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=LoginOptions%3D3%26estsredirect%3d2%26estsrequest%3drQQIARAAhZI9jNt0AMXj5C53F0GbtqgqEzcggShxHP_9kZxUqbnLh50 Model: Joe Sandbox AI | ```json{ "legit_domain": "ccc.edu", "classification": "known", "reasons": [ "The URL 'logon.ccc.edu' is a subdomain of 'ccc.edu', which is the legitimate domain for City Colleges of Chicago.", "City Colleges of Chicago is a known educational institution, and 'ccc.edu' is their official domain.", "The presence of a 'logon' subdomain is typical for login portals and does not inherently indicate phishing.", "The input fields 'Username' and 'Password' are standard for login pages." ], "riskscore": 2} |
URL: logon.ccc.edu
Brands: City Colleges of Chicago
Input Fields: Username, Password |
| URL: https://ccc.edu Model: Joe Sandbox AI | {
"typosquatting": false,
"unusual_query_string": false,
"suspicious_tld": false,
"ip_in_url": false,
"long_subdomain": false,
"malicious_keywords": false,
"encoded_characters": false,
"redirection": false,
"contains_email_address": false,
"known_domain": true,
"brand_spoofing_attempt": false,
"third_party_hosting": false
} |
URL: https://ccc.edu |
Edit tour
chrome.exe (PID: 6268 cmdline: 
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node